Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vir?!

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Daria
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2021 18:47

Vir?!

#1 Příspěvek od Daria »

Ahoj,mám takový problém,stáhla jsem si prohlížeč UC browser,protože jsem si chtěla zahrát jednu hru ve které je potřeba flash player a někdo mi poradil ať si to mám nainstalovat. Jenže od té doby mi nejdou nahrávat některé obrázky z internetu které mi dříve šly.Jako z googlu ano ale třeba některé z nejmenované hry ne. Taky se mi tam zobrazuje možnost Vytvořit QR kód. Zajímavé je že ten samý problém nemám jen na pc ale i na notebooku kde jsem si tenhle program neinstalovala.Zkoušela jsem dát PC do továrního nastavení a pořád to dělá to samé i když se mi zdá že se to možná trošku zlepšilo. Nevíte čím to je a jak to odstranit?

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Vir?!

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Daria
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2021 18:47

Re: Vir?!

#3 Příspěvek od Daria »

Log


No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1405 octets] - [02/03/2021 19:14:29]
AdwCleaner[C00].txt - [1596 octets] - [02/03/2021 19:14:39]
AdwCleaner[S01].txt - [1527 octets] - [02/03/2021 19:15:16]
AdwCleaner[S02].txt - [1588 octets] - [02/03/2021 19:17:47]
AdwCleaner[C02].txt - [1996 octets] - [02/03/2021 19:18:36]
AdwCleaner[S03].txt - [1710 octets] - [02/03/2021 19:20:10]
AdwCleaner[S04].txt - [1771 octets] - [02/03/2021 19:20:31]
AdwCleaner[C04].txt - [2179 octets] - [02/03/2021 19:20:42]
AdwCleaner[S05].txt - [1893 octets] - [02/03/2021 19:21:44]
AdwCleaner[C05].txt - [2301 octets] - [02/03/2021 19:21:55]
AdwCleaner[S06].txt - [2015 octets] - [02/03/2021 19:24:40]
AdwCleaner[C06].txt - [2423 octets] - [02/03/2021 19:24:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S07].txt ##########


snad je to správně

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Vir?!

#4 Příspěvek od Diallix »

Dobre, zatial nic nenaslo.

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Daria
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2021 18:47

Re: Vir?!

#5 Příspěvek od Daria »

1.log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by aviis (administrator) on DESKTOP-3E8JARE (MSI MS-7A74) (02-03-2021 19:39:25)
Running from C:\Users\aviis\Downloads
Loaded Profiles: aviis
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <3>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <28>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9198592 2017-02-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [164608 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\Run: [AVGBrowserAutoLaunch_161CFF863122A9EF489B5D640AB5DDED] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2196032 2021-02-17] (AVG Technologies USA, LLC -> AVG Technologies)
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Uninstall 19.043.0304.0013\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64"
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Uninstall 19.043.0304.0013] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\19.043.0304.0013"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\88.2.8118.184\Installer\chrmstp.exe [2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-03-02] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026AAA4B-0BE6-4B67-ACF6-533D4DE74E02} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> No File <==== ATTENTION
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {071246D9-4E9A-4E99-8ED4-9AB5615A8C8E} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {0CDFC8C3-7F28-4187-81A6-32023099C6C1} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {0FE88213-C8AC-40B5-899A-622477B444B0} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {12EC8A11-F1D7-4539-BFF6-5BD6446A4DB6} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4730624 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {1492B51D-9F50-4189-A97D-433F16408299} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {15E8268D-E33F-45E2-8570-72B03D10E669} - \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance -> No File <==== ATTENTION
Task: {1C530432-F352-4AD1-B70F-1CFE1121AC66} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {212AD843-8017-48F3-8357-B1F0E3BBE297} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-02] (Google LLC -> Google LLC)
Task: {243749D0-3A6E-42B0-9F84-8B7FDE10381E} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> No File <==== ATTENTION
Task: {28CFCFFD-38B0-4687-8AB1-391183D184ED} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {39524FC5-1C7B-4857-A68C-E5D4C34EE8FF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {400BBEEF-A0FB-42DE-894F-162D678CFB09} - \Microsoft\Windows\Windows Defender\Windows Defender Cleanup -> No File <==== ATTENTION
Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION
Task: {4D14EE2E-F8A0-4FED-BBE4-49DC7D28B735} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {51A6620D-EC39-44C9-A60A-09A4100B00CD} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {550F31E8-FE27-4ECB-8726-1DCAEF785CE6} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> No File <==== ATTENTION
Task: {5FEFC0C9-D95E-4741-BA6B-18D044A8FAD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-02] (Google LLC -> Google LLC)
Task: {635A185A-88AD-4B41-9344-B07C284A75E9} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {6CA4B71A-7A1F-4466-9ECA-47B174A718C3} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1822976 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {74123B0B-64A4-48E8-B7B7-7F7931D3C100} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {7A55CE94-1C3C-4512-9C84-23AE8FA1635D} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {7E7280E4-311A-4CE7-A53D-6F8B9219821E} - \Microsoft\Windows\WindowsUpdate\sihboot -> No File <==== ATTENTION
Task: {A811F109-5AC1-4E85-86CF-A4463FFC62FB} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2196032 2021-02-17] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {C2E3991B-0C10-4157-ACAF-CA2F01C9A3EE} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2196032 2021-02-17] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION
Task: {D226C671-4BCA-4B18-B914-5B4EBDB8737F} - \Microsoft\Windows\WindowsUpdate\Automatic App Update -> No File <==== ATTENTION
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {D5090754-EF9C-4015-B3F0-0AF762549C1F} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {D65013A6-8FD3-4F85-9454-2BE708E9D1E9} - \Microsoft\XblGameSave\XblGameSaveTaskLogon -> No File <==== ATTENTION
Task: {ED8F4E46-5B28-455D-A269-F832DED6FA44} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {F00862E2-364B-498F-89F0-32D4170E3816} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {F200B6AE-7AD3-4DF7-B3EB-F1356CA5D011} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {F46C0310-C111-4272-A949-A891EB3D0E9B} - \Microsoft\Windows\Windows Defender\Windows Defender Verification -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3ea85537-bb3e-474b-be10-0f658049647e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\aviis\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-02]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: pirotenf.default
FF ProfilePath: C:\Users\aviis\AppData\Roaming\Mozilla\Firefox\Profiles\pirotenf.default [2021-03-02]
FF ProfilePath: C:\Users\aviis\AppData\Roaming\Mozilla\Firefox\Profiles\6lqtovxf.default-release [2021-03-02]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\aviis\AppData\Roaming\Mozilla\Firefox\Profiles\6lqtovxf.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-03-02]
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default [2021-03-02]
CHR Extension: (Prezentace) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-02]
CHR Extension: (Dokumenty) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-02]
CHR Extension: (Disk Google) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-02]
CHR Extension: (YouTube) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-02]
CHR Extension: (Tabulky) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-02]
CHR Extension: (Gmail) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-02]
CHR Profile: C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-02]
CHR Extension: (Prezentace) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-02]
CHR Extension: (Dokumenty) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-02]
CHR Extension: (Disk Google) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-02]
CHR Extension: (YouTube) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-02]
CHR Extension: (Tabulky) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-02]
CHR Extension: (Gmail) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\aviis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-02]
CHR Profile: C:\Users\aviis\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-02]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [622184 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [353024 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7926328 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\88.2.8118.184\elevation_service.exe [1456408 2021-02-17] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109464 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [162392 2021-03-02] (SurfRight B.V. -> SurfRight B.V.)
S2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51208 2017-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 ahcix64s; C:\WINDOWS\System32\drivers\ahcix64s.sys [293720 2017-02-28] (Promise Technology, Inc. -> Advanced Micro Devices, Inc)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2021-03-02] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35792 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [208176 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [357400 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [249368 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [98840 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16832 2021-03-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41424 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175368 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [521472 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107920 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83496 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [850248 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [465800 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215464 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327104 2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 IFCoEMP; C:\WINDOWS\System32\drivers\ifM63x64.sys [483184 2013-11-26] (Intel Corporation -> Intel(R) Corporation)
S3 IFCoES; C:\WINDOWS\System32\drivers\IFP63X64.sys [165232 2013-11-26] (Intel Corporation -> Intel(R) Corporation)
S0 IFCoEVB; C:\WINDOWS\System32\drivers\ifp63x64.sys [165232 2013-11-26] (Intel Corporation -> Intel(R) Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-02 19:43 - 2021-03-02 19:43 - 002527040 _____ (Wiper Software, UAB) C:\Users\aviis\Downloads\WiperSoft-installer.exe
2021-03-02 19:43 - 2021-03-02 19:43 - 000000818 _____ C:\Users\aviis\Desktop\WiperSoft.lnk
2021-03-02 19:43 - 2021-03-02 19:43 - 000000000 ____D C:\Users\aviis\AppData\Roaming\WiperSoft
2021-03-02 19:43 - 2021-03-02 19:43 - 000000000 ____D C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\WiperSoft
2021-03-02 19:39 - 2021-03-02 19:39 - 000021880 _____ C:\Users\aviis\Downloads\Shortcut.txt
2021-03-02 19:38 - 2021-03-02 19:39 - 000015496 _____ C:\Users\aviis\Downloads\Addition.txt
2021-03-02 19:36 - 2021-03-02 19:36 - 002301440 _____ (Farbar) C:\Users\aviis\Downloads\FRST64 (1).exe
2021-03-02 19:33 - 2021-03-02 19:40 - 000020497 _____ C:\Users\aviis\Downloads\FRST.txt
2021-03-02 19:32 - 2021-03-02 19:39 - 000000000 ____D C:\FRST
2021-03-02 19:32 - 2021-03-02 19:32 - 002301440 _____ (Farbar) C:\Users\aviis\Downloads\FRST64.exe
2021-03-02 19:26 - 2021-03-02 19:26 - 000002326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-02 19:25 - 2021-03-02 19:25 - 001304160 _____ (Google LLC) C:\Users\aviis\Downloads\ChromeSetup(1).exe
2021-03-02 19:25 - 2021-03-02 19:25 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-02 19:25 - 2021-03-02 19:25 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-02 19:25 - 2021-03-02 19:25 - 000000000 ____D C:\Program Files\Google
2021-03-02 19:17 - 2021-03-02 19:13 - 008463216 _____ (Malwarebytes) C:\Users\aviis\Desktop\adwcleaner_8.1.exe
2021-03-02 19:13 - 2021-03-02 19:14 - 000000000 ____D C:\AdwCleaner
2021-03-02 19:13 - 2021-03-02 19:13 - 008463216 _____ (Malwarebytes) C:\Users\aviis\Downloads\adwcleaner_8.1.exe
2021-03-02 19:12 - 2021-03-02 19:12 - 000055248 ____N (AVG Technologies) C:\WINDOWS\system32\Drivers\rm.sys
2021-03-02 18:59 - 2021-03-02 18:59 - 000000000 ____D C:\Users\aviis\AppData\Local\mbam
2021-03-02 18:58 - 2021-03-02 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2021-03-02 18:58 - 2021-03-02 18:58 - 000000000 ____D C:\Program Files\HitmanPro
2021-03-02 18:57 - 2021-03-02 19:06 - 000000000 ____D C:\ProgramData\HitmanPro
2021-03-02 18:57 - 2021-03-02 18:57 - 011431000 _____ (SurfRight B.V.) C:\Users\aviis\Downloads\hitmanpro_x64.exe
2021-03-02 18:57 - 2021-03-02 18:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-02 18:57 - 2021-03-02 18:57 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-02 18:56 - 2021-03-02 18:56 - 002086424 _____ (Malwarebytes) C:\Users\aviis\Downloads\MBSetup-076886.076886-Consumer.exe
2021-03-02 18:55 - 2021-03-02 19:42 - 000962647 _____ C:\WINDOWS\ZAM.krnl.trace
2021-03-02 18:55 - 2021-03-02 18:55 - 012795472 _____ (Zemana Ltd. ) C:\Users\aviis\Downloads\AntiMalware_Setup.exe
2021-03-02 18:55 - 2021-03-02 18:55 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2021-03-02 18:55 - 2021-03-02 18:55 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2021-03-02 18:55 - 2021-03-02 18:55 - 000000000 ____D C:\Users\aviis\AppData\Local\Zemana
2021-03-02 18:55 - 2021-03-02 18:55 - 000000000 ____D C:\Users\aviis\AppData\Local\AMSDK
2021-03-02 18:55 - 2021-03-02 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-03-02 18:55 - 2021-03-02 18:55 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-03-02 18:24 - 2021-03-02 19:25 - 000000000 ____D C:\Users\aviis\AppData\LocalLow\Mozilla
2021-03-02 18:24 - 2021-03-02 19:25 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-02 18:24 - 2021-03-02 18:24 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-02 18:24 - 2021-03-02 18:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-02 18:24 - 2021-03-02 18:24 - 000000000 ____D C:\Users\aviis\AppData\Roaming\Mozilla
2021-03-02 18:24 - 2021-03-02 18:24 - 000000000 ____D C:\Users\aviis\AppData\Local\Mozilla
2021-03-02 18:24 - 2021-03-02 18:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-02 18:24 - 2021-03-02 18:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-02 18:23 - 2021-03-02 18:24 - 000333048 _____ (Mozilla) C:\Users\aviis\Downloads\Firefox Installer.exe
2021-03-02 18:23 - 2021-03-02 18:23 - 000237436 _____ C:\Users\aviis\Downloads\_. - Howrse.html
2021-03-02 18:23 - 2021-03-02 18:23 - 000000000 ____D C:\Users\aviis\Downloads\_. - Howrse_files
2021-03-02 18:08 - 2021-03-02 18:08 - 000003826 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2021-03-02 18:08 - 2021-03-02 18:08 - 000003242 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2021-03-02 18:08 - 2021-03-02 18:08 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2021-03-02 18:08 - 2021-03-02 18:08 - 000000000 ____D C:\Users\aviis\AppData\Local\AVG
2021-03-02 18:07 - 2021-03-02 18:07 - 000003468 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2021-03-02 18:07 - 2021-03-02 18:07 - 000003344 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2021-03-02 18:07 - 2021-03-02 18:07 - 000000000 ____D C:\Users\aviis\AppData\Local\Comms
2021-03-02 18:07 - 2021-03-02 18:07 - 000000000 ____D C:\Program Files (x86)\AVG
2021-03-02 18:05 - 2021-03-02 18:05 - 000002078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2021-03-02 18:05 - 2021-03-02 18:05 - 000000000 ____D C:\Users\aviis\AppData\Roaming\AVG
2021-03-02 18:05 - 2021-03-02 18:05 - 000000000 ____D C:\Users\aviis\AppData\Local\CEF
2021-03-02 18:04 - 2021-03-02 18:04 - 000850248 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000521472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000465800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000357400 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-03-02 18:04 - 2021-03-02 18:04 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000249368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000215464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000208176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000175368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000107920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000098840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000083496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000041424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000035792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000016832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2021-03-02 18:04 - 2021-03-02 18:04 - 000003992 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-03-02 18:04 - 2021-03-02 18:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-03-02 18:04 - 2021-03-02 18:04 - 000000000 ____D C:\Program Files\Common Files\AVG
2021-03-02 18:03 - 2021-03-02 18:35 - 000000000 ____D C:\ProgramData\AVG
2021-03-02 18:03 - 2021-03-02 18:03 - 000259344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\aviis\Downloads\avg_antivirus_free_setup.exe
2021-03-02 18:03 - 2021-03-02 18:03 - 000000000 ____D C:\Program Files\AVG
2021-03-02 17:56 - 2021-03-02 17:56 - 000000000 ____D C:\Users\aviis\AppData\Local\cache
2021-03-02 17:51 - 2021-03-02 19:25 - 000000000 ____D C:\Program Files (x86)\Google
2021-03-02 17:51 - 2021-03-02 18:08 - 000000000 ____D C:\Users\aviis\AppData\Local\PlaceholderTileLogoFolder
2021-03-02 17:51 - 2021-03-02 17:53 - 000000000 ____D C:\Users\aviis\AppData\Local\Google
2021-03-02 17:51 - 2021-03-02 17:52 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-257203389-2905516272-4236083312-1001
2021-03-02 17:51 - 2021-03-02 17:52 - 000000000 ___RD C:\Users\aviis\OneDrive
2021-03-02 17:51 - 2021-03-02 17:51 - 001304160 _____ (Google LLC) C:\Users\aviis\Downloads\ChromeSetup.exe
2021-03-02 17:51 - 2021-03-02 17:51 - 000000000 ____D C:\ProgramData\Propagation
2021-03-02 17:51 - 2021-03-02 17:51 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-03-02 17:49 - 2021-03-02 18:24 - 000000000 ____D C:\Users\aviis\AppData\Local\D3DSCache
2021-03-02 17:49 - 2021-03-02 18:11 - 000000000 ____D C:\Users\aviis\AppData\Local\Packages
2021-03-02 17:49 - 2021-03-02 18:10 - 000000000 ____D C:\ProgramData\Packages
2021-03-02 17:49 - 2021-03-02 17:56 - 000000000 ____D C:\Users\aviis\AppData\Local\AMD
2021-03-02 17:49 - 2021-03-02 17:49 - 000000000 ___RD C:\Users\aviis\3D Objects
2021-03-02 17:49 - 2021-03-02 17:49 - 000000000 ____D C:\Users\aviis\AppData\Roaming\Adobe
2021-03-02 17:49 - 2021-03-02 17:49 - 000000000 ____D C:\Users\aviis\AppData\LocalLow\AMD
2021-03-02 17:49 - 2021-03-02 17:49 - 000000000 ____D C:\Users\aviis\AppData\Local\VirtualStore
2021-03-02 17:49 - 2021-03-02 17:49 - 000000000 ____D C:\Users\aviis\AppData\Local\Publishers
2021-03-02 17:49 - 2021-03-02 17:49 - 000000000 ____D C:\Users\aviis\AppData\Local\ConnectedDevicesPlatform
2021-03-02 17:48 - 2021-03-02 17:52 - 000002368 _____ C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-02 17:48 - 2021-03-02 17:51 - 000000000 ____D C:\Users\aviis
2021-03-02 17:48 - 2021-03-02 17:48 - 000000020 ___SH C:\Users\aviis\ntuser.ini
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Šablony
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Soubory cookie
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Poslední
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Okolní tiskárny
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Okolní síť
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Nabídka Start
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Dokumenty
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Documents\Obrázky
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Documents\Hudba
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Documents\Filmy
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\Data aplikací
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-03-02 17:48 - 2021-03-02 17:48 - 000000000 _SHDL C:\Users\aviis\AppData\Local\Data aplikací
2021-03-02 17:47 - 2021-03-02 17:47 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Šablony
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Poslední
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\Default User
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Users\All Users
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\ProgramData\Šablony
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\ProgramData\Plocha
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-03-02 17:45 - 2021-03-02 17:45 - 000000000 _SHDL C:\Documents and Settings
2021-03-02 17:44 - 2021-03-02 17:44 - 000022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-03-02 17:44 - 2021-03-02 17:44 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-03-02 17:38 - 2021-03-02 17:38 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-02 17:38 - 2021-03-02 17:38 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-02 17:37 - 2021-03-02 17:37 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-02 17:37 - 2021-03-02 17:37 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-02 17:31 - 2021-03-02 17:39 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-02 17:31 - 2021-03-02 17:31 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-03-02 17:31 - 2021-03-02 17:31 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-03-02 17:31 - 2021-03-02 17:31 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2021-03-02 17:31 - 2021-03-02 17:31 - 000000000 ____D C:\WINDOWS\system32\DAX3
2021-03-02 17:31 - 2021-03-02 17:31 - 000000000 ____D C:\WINDOWS\system32\DAX2
2021-03-02 17:31 - 2021-03-02 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2021-03-02 17:31 - 2021-03-02 17:31 - 000000000 ____D C:\ProgramData\Audyssey Labs
2021-03-02 17:30 - 2021-03-02 17:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-03-02 17:30 - 2021-03-02 17:31 - 000000000 ____D C:\Program Files\AMD
2021-03-02 17:30 - 2021-03-02 17:30 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-03-02 17:30 - 2021-03-02 17:30 - 000000000 ____D C:\Program Files\Realtek
2021-03-02 17:30 - 2021-03-02 17:30 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2021-03-02 17:29 - 2021-03-02 17:29 - 000000000 ____D C:\WINDOWS\tbaseregistry
2021-03-02 17:28 - 2021-03-02 17:42 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-02 17:28 - 2021-03-02 17:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-02 17:28 - 2021-03-02 17:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-02 17:28 - 2021-03-02 17:28 - 000258960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-02 17:28 - 2021-03-02 17:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-02 17:28 - 2021-03-02 17:28 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-03-02 17:18 - 2021-03-02 17:45 - 000000000 ____D C:\WINDOWS\Panther
2021-03-02 17:12 - 2021-03-02 17:45 - 000000000 ____D C:\Windows.old
2021-03-02 17:06 - 2021-03-02 17:06 - 000000000 ____D C:\WINDOWS\AMDTAs
2021-03-02 17:02 - 2021-03-02 17:02 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-02 17:02 - 2021-03-02 17:02 - 000000000 ____D C:\WINDOWS\Setup
2021-03-02 17:01 - 2021-03-02 17:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-03-02 17:01 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\OCR
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\addins
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\ProgramData\ssh
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\Program Files\MSBuild
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-02 17:01 - 2021-03-02 17:01 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-02 17:00 - 2021-03-02 17:47 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-02 17:00 - 2021-03-02 17:47 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-02 17:00 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-03-02 17:00 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-03-02 17:00 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-03-02 17:00 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-03-02 17:00 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-03-02 17:00 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-03-02 17:00 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-03-02 17:00 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-03-02 17:00 - 2021-03-02 17:00 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2021-03-02 17:00 - 2021-03-02 17:00 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2021-03-02 17:00 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2021-03-02 17:00 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2021-03-02 17:00 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2021-03-02 17:00 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\system32\cs
2021-03-02 17:00 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\system32\0409
2021-03-02 17:00 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\DigitalLocker
2021-03-02 16:57 - 2021-03-02 19:42 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-02 16:57 - 2021-03-02 19:29 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-02 16:57 - 2021-03-02 19:24 - 000000000 ____D C:\WINDOWS\Registration
2021-03-02 16:57 - 2021-03-02 18:56 - 000000000 ___RD C:\Program Files (x86)
2021-03-02 16:57 - 2021-03-02 18:11 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-02 16:57 - 2021-03-02 18:11 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-02 16:57 - 2021-03-02 18:09 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-02 16:57 - 2021-03-02 18:06 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-02 16:57 - 2021-03-02 17:49 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-02 16:57 - 2021-03-02 17:48 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-02 16:57 - 2021-03-02 17:46 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-02 16:57 - 2021-03-02 17:45 - 000000000 ____D C:\Program Files\Windows NT
2021-03-02 16:57 - 2021-03-02 17:41 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-02 16:57 - 2021-03-02 17:41 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-02 16:57 - 2021-03-02 17:41 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-02 16:57 - 2021-03-02 17:41 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-02 16:57 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-02 16:57 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-02 16:57 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\system32\spool
2021-03-02 16:57 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\Resources
2021-03-02 16:57 - 2021-03-02 17:41 - 000000000 ____D C:\WINDOWS\Help
2021-03-02 16:57 - 2021-03-02 17:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-02 16:57 - 2021-03-02 17:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-02 16:57 - 2021-03-02 17:30 - 000000000 ____D C:\WINDOWS\appcompat
2021-03-02 16:57 - 2021-03-02 17:16 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-02 16:57 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-03-02 16:57 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-02 16:57 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-02 16:57 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-03-02 16:57 - 2021-03-02 17:01 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\WINDOWS\IME
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\Program Files (x86)\Windows NT
2021-03-02 16:57 - 2021-03-02 17:00 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 __RSD C:\WINDOWS\Media
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\Web
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\WaaS
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\Vss
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\tracing
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\TAPI
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SystemApps
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\winevt
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\ti-et
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\ta-in
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\si-lk
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\ras
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\my-mm
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\IME
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\ias
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\DriverState
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\am-et
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\System
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SKB
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\schemas
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\SchCache
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\security
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\rescache
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\PLA
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\Performance
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\InputMethod
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\IdentityCRL
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\Globalization
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\Cursors
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\Containers
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\Branding
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\ProgramData\USOShared
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\Program Files\Windows Security
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\Program Files\Windows Portable Devices
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\Program Files\Common Files\Services
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-03-02 16:57 - 2021-03-02 16:57 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-03-02 16:57 - 2021-03-02 16:55 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2021-03-02 16:57 - 2021-03-02 16:55 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2021-03-02 16:57 - 2021-03-02 16:55 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-03-02 16:57 - 2021-03-02 16:55 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2021-03-02 16:57 - 2021-03-02 16:55 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2021-03-02 16:57 - 2021-03-02 16:55 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2021-03-02 16:57 - 2021-03-02 16:55 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2021-03-02 16:57 - 2021-03-02 16:55 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2021-03-02 16:57 - 2021-03-02 16:55 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2021-03-02 16:56 - 2021-03-02 19:33 - 000000000 ____D C:\WINDOWS\INF
2021-03-02 16:51 - 2021-03-02 18:04 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-02 16:47 - 2021-03-02 18:04 - 000000000 ____D C:\WINDOWS\servicing
2021-03-02 16:47 - 2021-03-02 17:59 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-02 16:47 - 2021-03-02 17:41 - 073662464 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-03-02 16:47 - 2021-03-02 17:41 - 025165824 _____ C:\WINDOWS\system32\config\SYSTEM
2021-03-02 16:47 - 2021-03-02 17:41 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2021-03-02 16:47 - 2021-03-02 17:41 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-02 16:47 - 2021-03-02 17:41 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2021-03-02 16:47 - 2021-03-02 17:41 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2021-03-02 16:47 - 2021-03-02 16:57 - 000000000 ____D C:\WINDOWS\system32\SMI
2021-03-02 16:33 - 2021-03-02 17:19 - 000000000 ___HD C:\$SysReset
2021-02-14 19:26 - 2021-02-14 19:26 - 002755584 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-14 19:26 - 2021-02-14 19:26 - 002755584 ____N (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-14 19:26 - 2021-02-14 19:26 - 001314112 ____N (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-14 19:26 - 2021-02-14 19:26 - 000010892 ____N C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-14 19:24 - 2021-02-14 19:24 - 000231232 ____N C:\WINDOWS\system32\containerdevicemanagement.dll
2021-01-17 10:20 - 2021-01-17 10:20 - 000581120 ____N (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-17 10:20 - 2021-01-17 10:20 - 000499200 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-17 10:20 - 2021-01-17 10:20 - 000234496 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-17 10:20 - 2021-01-17 10:20 - 000135168 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-17 10:20 - 2021-01-17 10:20 - 000095744 ____N C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-17 10:20 - 2021-01-17 10:20 - 000067584 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-17 10:19 - 2021-01-17 10:19 - 000575488 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-17 10:19 - 2021-01-17 10:19 - 000469504 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-17 10:19 - 2021-01-17 10:19 - 000304128 ____N (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-17 10:19 - 2021-01-17 10:19 - 000170496 ____N (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-17 10:19 - 2021-01-17 10:19 - 000084992 ____N (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-17 10:19 - 2021-01-17 10:19 - 000072704 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-17 10:19 - 2021-01-17 10:19 - 000053760 ____N C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-17 10:18 - 2021-01-17 10:18 - 000729600 ____N (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-17 10:18 - 2021-01-17 10:18 - 000595968 ____N (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-17 10:18 - 2021-01-17 10:18 - 000446976 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-17 10:18 - 2021-01-17 10:18 - 000178688 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-17 10:18 - 2021-01-17 10:18 - 000087552 ____N (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-17 10:18 - 2021-01-17 10:18 - 000067072 ____N C:\WINDOWS\system32\BWContextHandler.dll
2021-01-17 10:17 - 2021-01-17 10:17 - 001333760 ____N C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-17 10:17 - 2021-01-17 10:17 - 000455680 ____N C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-17 10:17 - 2021-01-17 10:17 - 000235520 ____N C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-17 10:16 - 2021-01-17 10:16 - 001162240 ____N C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-17 10:16 - 2021-01-17 10:16 - 000422912 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-17 10:16 - 2021-01-17 10:16 - 000330752 ____N C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-17 10:16 - 2021-01-17 10:16 - 000182272 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-17 10:15 - 2021-01-17 10:15 - 002254336 ____N C:\WINDOWS\system32\dwmscene.dll
2021-01-17 10:15 - 2021-01-17 10:15 - 000544768 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-17 10:15 - 2021-01-17 10:15 - 000238592 ____N (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-17 10:15 - 2021-01-17 10:15 - 000190976 ____N C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-17 10:15 - 2021-01-17 10:15 - 000152064 ____N C:\WINDOWS\system32\EoAExperiences.exe
2021-01-17 10:14 - 2021-01-17 10:14 - 002260992 ____N C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-17 10:14 - 2021-01-17 10:14 - 000643072 ____N C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-17 10:14 - 2021-01-17 10:14 - 000306688 ____N C:\WINDOWS\system32\HeatCore.dll
2021-01-17 10:13 - 2021-01-17 10:13 - 000243200 ____N (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-17 10:13 - 2021-01-17 10:13 - 000165888 ____N C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-17 10:12 - 2021-01-17 10:12 - 000562688 ____N (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-17 10:12 - 2021-01-17 10:12 - 000455168 ____N C:\WINDOWS\system32\ssdm.dll
2021-01-17 10:12 - 2021-01-17 10:12 - 000074240 ____N C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-16 21:05 - 2020-10-29 13:39 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-16 21:05 - 2020-10-29 13:39 - 001593456 _____ (AMD) C:\WINDOWS\system32\coinst_20.10.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-16 21:05 - 2020-10-29 13:39 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-16 21:05 - 2020-10-29 13:39 - 001085360 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 001085360 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000760432 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-01-16 21:05 - 2020-10-29 13:39 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-01-16 21:05 - 2020-10-29 13:39 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2021-01-16 21:05 - 2020-10-29 13:39 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2021-01-16 21:05 - 2020-10-29 13:39 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-01-16 21:05 - 2020-10-29 13:39 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 064809072 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 053684848 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 004630640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 004141168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 001774192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-01-16 21:05 - 2020-10-29 13:38 - 000198312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000182392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000167400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000158648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-01-16 21:05 - 2020-10-29 13:38 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-01-16 21:05 - 2020-10-29 13:37 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-01-16 21:05 - 2020-10-29 13:37 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-01-16 21:05 - 2020-10-29 13:37 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-01-16 21:05 - 2020-10-29 12:29 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-01-16 21:05 - 2020-10-29 12:29 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-01-16 21:05 - 2020-10-29 12:29 - 000544256 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-01-16 21:05 - 2020-10-29 12:29 - 000544256 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-01-16 21:05 - 2020-10-29 12:29 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2021-01-16 21:05 - 2020-10-29 12:29 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2021-01-16 21:05 - 2020-10-29 12:29 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2021-01-16 21:05 - 2020-10-29 12:29 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2021-01-16 21:05 - 2020-10-29 12:29 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2021-01-16 21:05 - 2020-10-29 12:29 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2021-01-16 21:05 - 2020-10-29 12:29 - 000125488 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-01-16 21:05 - 2020-10-29 12:29 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2021-01-16 21:05 - 2020-10-29 12:29 - 000069770 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-01-16 21:04 - 2020-10-29 13:38 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-01-16 21:04 - 2020-10-29 13:38 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-01-16 21:04 - 2020-10-29 13:37 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-01-16 21:04 - 2020-10-29 13:37 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-12-12 10:37 - 2020-12-12 10:37 - 000266240 ____N C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-12 10:37 - 2020-12-12 10:37 - 000100864 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-12 10:37 - 2020-12-12 10:37 - 000039936 ____N (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-12 10:36 - 2020-12-12 10:36 - 001822272 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-12 10:36 - 2020-12-12 10:36 - 001393496 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-12 10:36 - 2020-12-12 10:36 - 000363520 ____N C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-12 10:36 - 2020-12-12 10:36 - 000287232 ____N C:\WINDOWS\system32\CoreMas.dll
2020-12-12 10:36 - 2020-12-12 10:36 - 000240640 ____N C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-12 10:36 - 2020-12-12 10:36 - 000102912 ____N (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-12 10:36 - 2020-12-12 10:36 - 000089088 ____N C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-12 10:36 - 2020-12-12 10:36 - 000073216 ____N C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-12 10:36 - 2020-12-12 10:36 - 000060928 ____N C:\WINDOWS\system32\runexehelper.exe
2020-12-12 10:36 - 2020-12-12 10:36 - 000048640 ____N (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-12 10:36 - 2020-12-12 10:36 - 000013312 ____N C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-12 10:36 - 2020-12-12 10:36 - 000010752 ____N C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-12 10:36 - 2020-12-12 10:36 - 000001370 ____N C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-02 17:58 - 2017-03-03 17:35 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-03-02 17:44 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-02 17:41 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-03-02 17:41 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-03-02 17:39 - 2017-03-03 17:33 - 000000000 ____D C:\ProgramData\Intel
2021-03-02 17:39 - 2017-03-03 17:33 - 000000000 ____D C:\Program Files (x86)\Intel
2021-03-02 17:39 - 2017-03-03 16:45 - 000000000 ____D C:\Program Files\Intel
2021-03-02 17:39 - 2017-03-03 16:45 - 000000000 ____D C:\Intel
2021-03-02 16:55 - 2020-09-13 08:50 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2021-03-02 16:54 - 2019-12-07 10:10 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll

==================== SigCheckExt =========================

2021-03-02 19:36 - 2021-03-02 19:36 - 002301440 _____ (Farbar) C:\Users\aviis\Downloads\FRST64 (1).exe
2021-03-02 19:32 - 2021-03-02 19:32 - 002301440 _____ (Farbar) C:\Users\aviis\Downloads\FRST64.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{0df0bee7-8cea-11e7-89b3-309c2343db05}
timeout 2

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {1a285d96-7b72-11eb-9cd6-dbd80e2bacd3}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0

Firmware Application (101fffff)
-------------------------------
identifier {0df0bee7-8cea-11e7-89b3-309c2343db05}
description Hard Drive

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {df7775d1-e176-11ea-bf0b-e715bb3ef744}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {1a285d96-7b72-11eb-9cd6-dbd80e2bacd3}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {df7775d1-e176-11ea-bf0b-e715bb3ef744}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{df7775d2-e176-11ea-bf0b-e715bb3ef744}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{df7775d2-e176-11ea-bf0b-e715bb3ef744}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {1a285d96-7b72-11eb-9cd6-dbd80e2bacd3}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {df7775d1-e176-11ea-bf0b-e715bb3ef744}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Local

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {df7775d2-e176-11ea-bf0b-e715bb3ef744}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== End of FRST.txt ========================

2.Log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by aviis (02-03-2021 19:44:18)
Running from C:\Users\aviis\Downloads
Windows 10 Home Version 20H2 19042.804 (X64) (2021-03-02 16:45:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-257203389-2905516272-4236083312-500 - Administrator - Disabled)
aviis (S-1-5-21-257203389-2905516272-4236083312-1001 - Administrator - Enabled) => C:\Users\aviis
DefaultAccount (S-1-5-21-257203389-2905516272-4236083312-503 - Limited - Disabled)
Guest (S-1-5-21-257203389-2905516272-4236083312-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-257203389-2905516272-4236083312-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Settings (HKLM\...\WUCCCApp) (Version: 2020.0821.1329.24282 - Advanced Micro Devices, Inc.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.1.3164 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 88.2.8118.184 - AVG Technologies)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.20.314 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.67 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft OneDrive (HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0 - Mozilla)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8059 - Realtek Semiconductor Corp.)
WiperSoft 1.1.1157.64 (HKLM\...\{AB1C8C91-4D8E-4C28-80E7-FD135FB90515}}_is1) (Version: 1.1.1157.64 - WiperSoft)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-02] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0 [2021-03-02] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-03-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2021-03-02 19:24 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A72EB8CF-E972-4D83-B152-892AA3D67CD3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/02/2021 07:29:42 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/02/2021 05:46:33 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80004005, file:///C:\[ab4a2271-fa2e-44ac-a005-468fed266755]\Users\>.

Error: (03/02/2021 05:46:33 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80004005, file:///C:\[ab4a2271-fa2e-44ac-a005-468fed266755]\ProgramData\Microsoft\Windows\Start Menu\>.

Error: (03/02/2021 05:32:43 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (03/02/2021 05:31:08 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Program Files\AMD\WU-CCC2\ccc2_install\VC17RTx64\vcredist_x64.exe Files\AMD\WU-CCC2\ccc2_install\VC17RTx64\vcredist_x64.exe" /q /norestart; Popis = Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429; Chyba = 0x80042318).

Error: (03/02/2021 05:31:08 PM) (Source: VSS) (EventID: 12347) (User: )
Description: Varování služby Stínová kopie svazku: Byla zjištěna vnitřní nekonzistence při
pokusu o kontaktování nástrojů po zápis služby stínové kopie svazku. Nástroji
pro zápis do registru se nepodařilo odpovědět na dotaz ze služby VSS. Zkontrolujte, zda služba událostí a služba Stínová kopie svazku správně fungují
a vyhledejte všechny další události v protokolu událostí aplikace.


Operace:
Shromažďování dat modulu pro zápis
Spouštění asynchronní operace

Kontext:
Kontext spuštění: Requestor
Aktuální stav: GatherWriterMetadata


System errors:
=============
Error: (03/02/2021 07:24:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Systémová aplikace modelu COM+ byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/02/2021 07:22:36 PM) (Source: DCOM) (EventID: 10028) (User: NT AUTHORITY)
Description: Služba DCOM nemohla komunikovat s počítačem WIN-P0M2GNLEVQ0 pomocí žádného z nakonfigurovaných protokolů; požadováno na základě identifikátoru PID 4f8 (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) při aktivaci identifikátoru CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.

Error: (03/02/2021 07:21:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Systémová aplikace modelu COM+ byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/02/2021 07:20:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Systémová aplikace modelu COM+ byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/02/2021 07:18:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CredentialEnrollmentManagerUserSvc_163a14 byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (03/02/2021 07:18:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Systémová aplikace modelu COM+ byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/02/2021 07:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba CredentialEnrollmentManagerUserSvc_163a14 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (03/02/2021 07:14:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===============
Date: 2021-03-02 19:45:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.50 07/21/2017
Motherboard: MSI B250M PRO-VD (MS-7A74)
Processor: Intel(R) Pentium(R) CPU G4600 @ 3.60GHz
Percentage of memory in use: 72%
Total physical RAM: 8157.21 MB
Available physical RAM: 2227.79 MB
Total Virtual: 10077.21 MB
Available Virtual: 2676.48 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.52 GB) (Free:897.62 GB) NTFS

\\?\Volume{8bebd947-10c2-4eb0-bde0-8206a9a3f611}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.44 GB) NTFS
\\?\Volume{d9d1fcb3-545d-4d56-aef5-0f56c9354b55}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5AC7C457)

Partition: GPT.

==================== End of Addition.txt =======================


3.log
Users shortcut scan result (x64) Version: 28-02-2021
Ran by aviis (02-03-2021 19:45:43)
Running from C:\Users\aviis\Downloads
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk -> C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware\Zemana AntiMalware.lnk -> C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe (Zemana Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\HitmanPro.lnk -> C:\Program Files\HitmanPro\HitmanPro.exe (SurfRight B.V.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk -> C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\Links\Desktop.lnk -> C:\Users\aviis\Desktop ()
Shortcut: C:\Users\aviis\Links\Downloads.lnk -> C:\Users\aviis\Downloads ()
Shortcut: C:\Users\aviis\Desktop\WiperSoft.lnk -> C:\Program Files\WiperSoft\WiperSoft.exe (Wiper Software, UAB)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\WiperSoft\WiperSoft.lnk -> C:\program files\WiperSoft\WiperSoft.exe (Wiper Software, UAB)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\aviis\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\SendTo\Přenos souborů pomocí rozhraní Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\aviis\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk -> C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies) -> --check-run=src=tile
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Remove HitmanPro 3.8.lnk -> C:\Program Files\HitmanPro\HitmanPro.exe (SurfRight B.V.) -> /uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\WiperSoft\WiperSoft Uninstall.lnk -> C:\program files\WiperSoft\WiperSoft-inst.exe (Wiper Software, UAB) -> /lng=en /remove=install.dat
ShortcutWithArgument: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\aviis\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\aviis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AVG Secure Browser.lnk -> C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies) -> --check-run=src=quicklaunch
ShortcutWithArgument: C:\Users\aviis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG Secure Browser.lnk -> C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies) -> --check-run=src=taskbar
ShortcutWithArgument: C:\Users\aviis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\aviis\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\Users\aviis\Favorites\Lenovo\Lenovo Support.url -> URL: hxxp://support.lenovo.com/
InternetURL: C:\Users\aviis\Favorites\Lenovo\Lenovo.url -> URL: hxxp://www.lenovo.com/

==================== End of Shortcut.txt =============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vir?!

#6 Příspěvek od Rudy »

Omluva za vstup. 2Daria: Proč dáváte žádost o řešení virového problému do hardwarové sekce? Zde se řeší problémy s hardwarem.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Daria
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2021 18:47

Re: Vir?!

#7 Příspěvek od Daria »

Protože jsem tu nová a nevím kde se to má dávat

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vir?!

#8 Příspěvek od Rudy »

Vysvětlím. Hardware je elektronika PC, která nemůže být virem napadena. Vir může napadnout pouze software, tj data v PC uložena, zejména operační systém, případně aplikace. Proto jsem se zeptal, proč jste dala žádost o odvirování právě sem. Přesouvám váš topic do správné sekce (řešení problémů, logy).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Vir?!

#9 Příspěvek od Diallix »

Ja som si zlu sekciu nevsimol, dik Rudy za vstup.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Uninstall 19.043.0304.0013\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64"
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Uninstall 19.043.0304.0013] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\19.043.0304.0013"
Task: {026AAA4B-0BE6-4B67-ACF6-533D4DE74E02} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> No File <==== ATTENTION
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {0CDFC8C3-7F28-4187-81A6-32023099C6C1} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {0FE88213-C8AC-40B5-899A-622477B444B0} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {15E8268D-E33F-45E2-8570-72B03D10E669} - \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance -> No File <==== ATTENTION
Task: {212AD843-8017-48F3-8357-B1F0E3BBE297} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-02] (Google LLC -> Google LLC)
Task: {243749D0-3A6E-42B0-9F84-8B7FDE10381E} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> No File <==== ATTENTION
Task: {28CFCFFD-38B0-4687-8AB1-391183D184ED} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {400BBEEF-A0FB-42DE-894F-162D678CFB09} - \Microsoft\Windows\Windows Defender\Windows Defender Cleanup -> No File <==== ATTENTION
Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION
Task: {550F31E8-FE27-4ECB-8726-1DCAEF785CE6} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> No File <==== ATTENTION
Task: {5FEFC0C9-D95E-4741-BA6B-18D044A8FAD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-02] (Google LLC -> Google LLC)
Task: {635A185A-88AD-4B41-9344-B07C284A75E9} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {7A55CE94-1C3C-4512-9C84-23AE8FA1635D} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {7E7280E4-311A-4CE7-A53D-6F8B9219821E} - \Microsoft\Windows\WindowsUpdate\sihboot -> No File <==== ATTENTION
Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION
Task: {D226C671-4BCA-4B18-B914-5B4EBDB8737F} - \Microsoft\Windows\WindowsUpdate\Automatic App Update -> No File <==== ATTENTION
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {D5090754-EF9C-4015-B3F0-0AF762549C1F} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {D65013A6-8FD3-4F85-9454-2BE708E9D1E9} - \Microsoft\XblGameSave\XblGameSaveTaskLogon -> No File <==== ATTENTION
Task: {ED8F4E46-5B28-455D-A269-F832DED6FA44} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {F200B6AE-7AD3-4DF7-B3EB-F1356CA5D011} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {F46C0310-C111-4272-A949-A891EB3D0E9B} - \Microsoft\Windows\Windows Defender\Windows Defender Verification -> No File <==== ATTENTION
2021-03-02 19:25 - 2021-03-02 19:25 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-02 19:25 - 2021-03-02 19:25 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Daria
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2021 18:47

Re: Vir?!

#10 Příspěvek od Daria »

Tady je ten log


Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by aviis (03-03-2021 09:56:20) Run:1
Running from C:\Users\aviis\Desktop\FRST
Loaded Profiles: aviis
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Uninstall 19.043.0304.0013\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64"
HKU\S-1-5-21-257203389-2905516272-4236083312-1001\...\RunOnce: [Uninstall 19.043.0304.0013] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\aviis\AppData\Local\Microsoft\OneDrive\19.043.0304.0013"
Task: {026AAA4B-0BE6-4B67-ACF6-533D4DE74E02} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> No File <==== ATTENTION
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {0CDFC8C3-7F28-4187-81A6-32023099C6C1} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {0FE88213-C8AC-40B5-899A-622477B444B0} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {15E8268D-E33F-45E2-8570-72B03D10E669} - \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance -> No File <==== ATTENTION
Task: {212AD843-8017-48F3-8357-B1F0E3BBE297} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-02] (Google LLC -> Google LLC)
Task: {243749D0-3A6E-42B0-9F84-8B7FDE10381E} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> No File <==== ATTENTION
Task: {28CFCFFD-38B0-4687-8AB1-391183D184ED} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {400BBEEF-A0FB-42DE-894F-162D678CFB09} - \Microsoft\Windows\Windows Defender\Windows Defender Cleanup -> No File <==== ATTENTION
Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION
Task: {550F31E8-FE27-4ECB-8726-1DCAEF785CE6} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> No File <==== ATTENTION
Task: {5FEFC0C9-D95E-4741-BA6B-18D044A8FAD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-02] (Google LLC -> Google LLC)
Task: {635A185A-88AD-4B41-9344-B07C284A75E9} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {7A55CE94-1C3C-4512-9C84-23AE8FA1635D} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {7E7280E4-311A-4CE7-A53D-6F8B9219821E} - \Microsoft\Windows\WindowsUpdate\sihboot -> No File <==== ATTENTION
Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION
Task: {D226C671-4BCA-4B18-B914-5B4EBDB8737F} - \Microsoft\Windows\WindowsUpdate\Automatic App Update -> No File <==== ATTENTION
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {D5090754-EF9C-4015-B3F0-0AF762549C1F} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {D65013A6-8FD3-4F85-9454-2BE708E9D1E9} - \Microsoft\XblGameSave\XblGameSaveTaskLogon -> No File <==== ATTENTION
Task: {ED8F4E46-5B28-455D-A269-F832DED6FA44} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {F200B6AE-7AD3-4DF7-B3EB-F1356CA5D011} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {F46C0310-C111-4272-A949-A891EB3D0E9B} - \Microsoft\Windows\Windows Defender\Windows Defender Verification -> No File <==== ATTENTION
2021-03-02 19:25 - 2021-03-02 19:25 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-02 19:25 - 2021-03-02 19:25 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
*****************

"HKU\S-1-5-21-257203389-2905516272-4236083312-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found
"HKU\S-1-5-21-257203389-2905516272-4236083312-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => not found
"HKU\S-1-5-21-257203389-2905516272-4236083312-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 19.043.0304.0013\amd64" => not found
"HKU\S-1-5-21-257203389-2905516272-4236083312-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 19.043.0304.0013" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{026AAA4B-0BE6-4B67-ACF6-533D4DE74E02}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{026AAA4B-0BE6-4B67-ACF6-533D4DE74E02}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03896D04-23AB-4F74-A27D-B1B71EE41E2C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03896D04-23AB-4F74-A27D-B1B71EE41E2C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CDFC8C3-7F28-4187-81A6-32023099C6C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CDFC8C3-7F28-4187-81A6-32023099C6C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FE88213-C8AC-40B5-899A-622477B444B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FE88213-C8AC-40B5-899A-622477B444B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15E8268D-E33F-45E2-8570-72B03D10E669}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15E8268D-E33F-45E2-8570-72B03D10E669}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{212AD843-8017-48F3-8357-B1F0E3BBE297}" => not found
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{243749D0-3A6E-42B0-9F84-8B7FDE10381E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{243749D0-3A6E-42B0-9F84-8B7FDE10381E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28CFCFFD-38B0-4687-8AB1-391183D184ED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28CFCFFD-38B0-4687-8AB1-391183D184ED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Maintenance Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{400BBEEF-A0FB-42DE-894F-162D678CFB09}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{400BBEEF-A0FB-42DE-894F-162D678CFB09}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4520E8A9-AF06-4122-859B-E4B655B29B36}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4520E8A9-AF06-4122-859B-E4B655B29B36}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\SmartScreenSpecific" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{550F31E8-FE27-4ECB-8726-1DCAEF785CE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{550F31E8-FE27-4ECB-8726-1DCAEF785CE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FEFC0C9-D95E-4741-BA6B-18D044A8FAD0}" => not found
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{635A185A-88AD-4B41-9344-B07C284A75E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{635A185A-88AD-4B41-9344-B07C284A75E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\sih" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A55CE94-1C3C-4512-9C84-23AE8FA1635D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A55CE94-1C3C-4512-9C84-23AE8FA1635D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Policy Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7E7280E4-311A-4CE7-A53D-6F8B9219821E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E7280E4-311A-4CE7-A53D-6F8B9219821E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\sihboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Plug and Play\Plug and Play Cleanup" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D226C671-4BCA-4B18-B914-5B4EBDB8737F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D226C671-4BCA-4B18-B914-5B4EBDB8737F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\Automatic App Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D394BE25-2E16-45D4-AAB2-3E8861A09351}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D394BE25-2E16-45D4-AAB2-3E8861A09351}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5090754-EF9C-4015-B3F0-0AF762549C1F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5090754-EF9C-4015-B3F0-0AF762549C1F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D65013A6-8FD3-4F85-9454-2BE708E9D1E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D65013A6-8FD3-4F85-9454-2BE708E9D1E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\XblGameSave\XblGameSaveTaskLogon" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED8F4E46-5B28-455D-A269-F832DED6FA44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED8F4E46-5B28-455D-A269-F832DED6FA44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackupTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F200B6AE-7AD3-4DF7-B3EB-F1356CA5D011}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F200B6AE-7AD3-4DF7-B3EB-F1356CA5D011}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F46C0310-C111-4272-A949-A891EB3D0E9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F46C0310-C111-4272-A949-A891EB3D0E9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Verification" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9482802 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 10818045 B
Edge => 0 B
Chrome => 11808001 B
Firefox => 10095982 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
aviis => 105973575 B

RecycleBin => 0 B
EmptyTemp: => 147.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:56:27 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Vir?!

#11 Příspěvek od Diallix »

Ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Daria
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2021 18:47

Re: Vir?!

#12 Příspěvek od Daria »

Pořád stejně ale asi to nechám tak,jinak normálně funguje a snad v ohrožení nejsem.Většina obrázků mi stejně jde stahovat.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Vir?!

#13 Příspěvek od Diallix »


Spusťte postupně tyto utility:

1. Stahnete Zoek.exe www.diallix.net/other/zoek.rar a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Vir?!

#14 Příspěvek od Diallix »

Temu zamykam.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět