Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka - 20.12.2021

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Sauryy
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 28 lis 2018 14:02

Preventivka - 20.12.2021

#1 Příspěvek od Sauryy »

Dobrý večer/ráno, omlouvám se, že otravuju tak brzy nad ránem, ale mám pocit že můj počítač je nějaký zpomalený, byl asi před měsícem a půl reinstalován, byl bych rád kdyby si někdo z vás udělal na mě čas :) přál bych si aby si někdo z vás vzal moje logy na starost :) Ale můj osobní dojem je ten že PC je čistý, jen jde o opotřebované komponenty, Děkuji moc!
V příloze zasílám RSIT & FRST v souborech .zip
RSIT & FRST.zip
(45.45 KiB) Staženo 46 x

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka - 20.12.2021

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Sauryy
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 28 lis 2018 14:02

Re: Preventivka - 20.12.2021

#3 Příspěvek od Sauryy »

Ahoj zasílám log z Adw

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-20-2021
# Duration: 00:00:00
# OS:       Windows 10 Pro
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1405 octets] - [20/12/2021 10:08:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka - 20.12.2021

#4 Příspěvek od Diallix »

Toto poznáte? : C:\Program Files (x86)\MSI\Gaming APP

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\Bonjour
C:\Program Files\Bonjour

HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\MountPoints2: {62ef4bfd-51fe-11ec-b0f4-d8cb8ac65195} - "K:\setup.exe" 
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
S1 hjpjfeno; \??\C:\Windows\system32\drivers\hjpjfeno.sys [X]
FirewallRules: [{7480F160-E5DE-4939-BFC2-01735ED1C553}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34E2CBEE-8E5E-4B3B-BD80-8B76E14D0C05}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9560E345-767F-407B-B504-6182B3D699FA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DCD9EF00-D6D3-43E3-A4A5-488E516AF425}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Sauryy
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 28 lis 2018 14:02

Re: Preventivka - 20.12.2021

#5 Příspěvek od Sauryy »

Ahoj, MSI gaming app znám, kde se tam objevilo ten Bonjour? Co to vůbec je zač? :D
zasílám LOG
- Pak by mě zajímalo co je tohle?: HKLM\System\CurrentControlSet\Services\hjpjfeno => removed successfully
Moc děkuji!

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-12-2021
Ran by Sauryy (21-12-2021 17:35:24) Run:1
Running from C:\Users\Sauryy\Desktop
Loaded Profiles: Sauryy
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\Bonjour
C:\Program Files\Bonjour

HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\MountPoints2: {62ef4bfd-51fe-11ec-b0f4-d8cb8ac65195} - "K:\setup.exe" 
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
S1 hjpjfeno; \??\C:\Windows\system32\drivers\hjpjfeno.sys [X]
FirewallRules: [{7480F160-E5DE-4939-BFC2-01735ED1C553}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34E2CBEE-8E5E-4B3B-BD80-8B76E14D0C05}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9560E345-767F-407B-B504-6182B3D699FA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DCD9EF00-D6D3-43E3-A4A5-488E516AF425}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

EmptyTemp:

*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
C:\Program Files (x86)\Bonjour => moved successfully
C:\Program Files\Bonjour => moved successfully
HKU\S-1-5-21-1652363995-871311659-1305774100-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62ef4bfd-51fe-11ec-b0f4-d8cb8ac65195} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}" => removed successfully
HKLM\System\CurrentControlSet\Services\hjpjfeno => removed successfully
hjpjfeno => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7480F160-E5DE-4939-BFC2-01735ED1C553}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{34E2CBEE-8E5E-4B3B-BD80-8B76E14D0C05}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9560E345-767F-407B-B504-6182B3D699FA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DCD9EF00-D6D3-43E3-A4A5-488E516AF425}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 131059123 B
Java, Flash, Steam htmlcache => 106809799 B
Windows/system/drivers => 8158917 B
Edge => 0 B
Firefox => 0 B
Opera => 385844513 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 197572 B
NetworkService => 231066 B
Sauryy => 199201917 B

RecycleBin => 1192025126 B
EmptyTemp: => 1.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:35:42 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka - 20.12.2021

#6 Příspěvek od Diallix »

Je to niečo, čo v pc nemá čo robiť.

Možem poprosiť o nové logy - FRST + ADDITION.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Sauryy
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 28 lis 2018 14:02

Re: Preventivka - 20.12.2021

#7 Příspěvek od Sauryy »

Logy:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Ran by Sauryy (administrator) on DESKTOP-40L3838 (MSI MS-7979) (24-12-2021 13:45:42)
Running from C:\Users\Sauryy\Desktop
Loaded Profiles: Sauryy
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1415 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(AltStore LLC) [File not signed] C:\Program Files (x86)\AltServer\AltServer.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\ASUS Echelon Laser Gaming Mouse\mousehid.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\ASUS Echelon Laser Gaming Mouse\trayicon.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_c28b7f61e3210448\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5292bbfbf575e2d2\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Sauryy\AppData\Local\Programs\Opera\82.0.4227.33\opera_autoupdate.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Sauryy\AppData\Local\Programs\Opera\launcher.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SIA AVB Disc Soft -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(SIA AVB Disc Soft -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-09-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [ASUS_Echelon] => C:\Program Files (x86)\ASUS\ASUS Echelon Laser Gaming Mouse\mousehid.exe [301568 2013-10-24] (ASUS) [File not signed]
HKLM-x32\...\Run: [USB_Speed_Up] => C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe [2394040 2017-02-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26327864 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe [1266864 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835768 2017-09-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Run: [btweb] => "C:\Users\Sauryy\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED (No File)
HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Run: [AltServer] => C:\Program Files (x86)\AltServer\AltServer.exe [1743360 2021-10-26] (AltStore LLC) [File not signed]
HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Run: [Opera Browser Assistant] => C:\Users\Sauryy\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Run: [DAEMON Tools Ultra Automount] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [580768 2021-11-30] (SIA AVB Disc Soft -> Disc Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2021-10-22]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1772F9A2-E59B-439D-BAD2-24210617547F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
Task: {1D208B94-9A32-4BE3-8B28-2E17300A9E70} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-11-21] (Avast Software s.r.o. -> Avast Software)
Task: {2DE48FBF-35EF-4B6A-B444-7B2D1D073477} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {350947E6-4E8A-4E79-AEC1-5FC2604A31D6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {3F785CFF-A36B-44F2-AD4A-5CD95FD6CB77} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3354296 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {48293FA9-35C9-4402-A984-EA4DDE703193} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4A7573B6-25D4-4413-BB91-F31CB68C1E2D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4F3E1229-E577-45A1-8D5D-51910C6E7201} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {53A871B4-B833-42CC-BEEA-4783CFFB2E79} - System32\Tasks\Opera scheduled Autoupdate 1633196649 => C:\Users\Sauryy\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software)
Task: {55701E97-29F0-4F85-82AD-2E0F39D51E8A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {5B7695B4-CD04-41F9-A307-C42FA8F5A7C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D017F4C-F7DB-4F84-A19B-6BD970A05FF9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E1968D1-8EA4-489D-AF45-272B51DBE32E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {92DFBC9A-3C55-4DEF-B464-BC8C40FAD87C} - System32\Tasks\Vypnout => shutdown /s
Task: {955C25EC-B66B-4148-8BE0-5CF021431424} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FC636CE-6668-4A64-B183-FE3767236050} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B8D963C3-46D2-4DB9-9B4A-7573F381FF1B} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {BF219E51-49C8-4A33-8718-3F4BFE1F6756} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {C1C75D47-63F2-4D27-BE7A-18BC035CFF50} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [31904 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {CAFB20EB-87A3-4143-B239-6A999F3A9AEB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D0171C3F-16C6-4CDA-BE02-D0B30A27CD34} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1A4BFD5-1616-42DE-A817-B59B32799D2E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E137312F-8B2E-47FB-9748-2F23CD1EB326} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3417D9E-0D32-4E5C-88C9-0D2313C9FA16} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E8D22C9A-ECAD-4871-A2CC-E520031A16E5} - System32\Tasks\Opera scheduled assistant Autoupdate 1633196653 => C:\Users\Sauryy\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Sauryy\AppData\Local\Programs\Opera\assistant" $(Arg0)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File 
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll => No File 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1b6d943d-5bed-4ed9-8960-852c2466b308}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4fec241f-0ac4-4fef-851d-b67a6fd3bc7a}: [DhcpNameServer] 192.168.0.1

Edge: 
=======
Edge Profile: C:\Users\Sauryy\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-24]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

Opera: 
=======
OPR Profile: C:\Users\Sauryy\AppData\Roaming\Opera Software\Opera Stable [2021-12-24]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Sauryy\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-23]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Sauryy\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-11-21] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [7493280 2021-11-30] (SIA AVB Disc Soft -> Disc Soft Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [46776 2018-09-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2027192 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2108600 2017-09-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2347704 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4054200 2017-09-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2247352 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2489016 2017-09-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIREGISTER_MR; C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe [2019504 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [4848312 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [113336 2017-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2210104 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183472 2020-03-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 Rockstar Service; D:\Hry\Launcher\RockstarService.exe [2332976 2021-10-26] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5292bbfbf575e2d2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5292bbfbf575e2d2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36784 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [223176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369216 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [252992 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [100416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [21936 2021-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [186280 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [540056 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108912 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83976 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [853800 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [545176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215432 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318760 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [153088 2021-08-10] (Microsoft Corporation) [File not signed]
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [42256 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [63704 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\Windows\System32\drivers\hw_quusbmdm.sys [223232 2016-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\Windows\System32\drivers\hw_cdcacm.sys [126592 2016-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\Windows\System32\drivers\hw_usbdev.sys [116864 2016-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [26824 2020-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NTIOLib_CC_DDR; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 qcfilter; C:\Windows\System32\drivers\qcusbfilter.sys [40448 2014-05-23] (USBHostDriver(Test003) -> QUALCOMM Incorporated)
S3 qcusbser; C:\Windows\System32\drivers\qcusbser.sys [243712 2014-05-23] (USBHostDriver(Test003) -> QUALCOMM Incorporated)
S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2021-11-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435424 2021-11-09] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\System32\drivers\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-24 13:45 - 2021-12-24 13:46 - 000028758 _____ C:\Users\Sauryy\Desktop\FRST.txt
2021-12-24 01:14 - 2021-12-24 01:14 - 000000878 _____ C:\Users\Sauryy\Desktop\Microsoft Flight Simulator.lnk
2021-12-23 20:31 - 2021-12-23 20:31 - 000000000 ____D C:\Users\Sauryy\AppData\LocalLow\StanislawDev
2021-12-23 20:30 - 2021-12-23 20:30 - 000000849 _____ C:\Users\Sauryy\Desktop\Crypto Mining Simulator S.G.F.lnk
2021-12-23 20:30 - 2021-12-23 20:30 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crypto Mining Simulator v1.0.4 - [S.G.F Repack]
2021-12-23 20:27 - 2021-12-23 20:27 - 000000000 ____D C:\Users\Sauryy\Downloads\Crypto.Mining.Simulator.v1.0.4 - [S.G.F Repack]
2021-12-23 20:26 - 2021-12-23 20:26 - 000390570 _____ C:\Users\Sauryy\Downloads\[SkT]Microsoft_Flight_Simulator_(v_1.12.13.0_Update_10)_(2020).torrent
2021-12-23 20:25 - 2021-12-23 20:25 - 000016479 _____ C:\Users\Sauryy\Downloads\[SkT]Crypto.Mining.Simulator.v1.0.4_-_[S.G.F_Repack].torrent
2021-12-23 20:25 - 2021-12-23 20:25 - 000000000 ____D C:\Users\Sauryy\AppData\LocalLow\uTorrent
2021-12-22 20:26 - 2021-12-22 20:26 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-22 20:26 - 2021-12-22 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-22 20:25 - 2021-12-22 20:25 - 013052899 ____R C:\Users\Sauryy\Downloads\WinRar-x64-602.zip
2021-12-22 20:25 - 2021-12-22 20:25 - 000004454 _____ C:\Users\Sauryy\Downloads\[SkT]WinRAR_v.6.02_Final_Official_(2021)_(CZ_SK).torrent
2021-12-21 18:56 - 2021-12-21 18:56 - 000000000 ____D C:\Users\Sauryy\Downloads\Wormgineers
2021-12-21 18:55 - 2021-12-21 18:55 - 000122915 _____ C:\Users\Sauryy\Downloads\Wormgineers.torrent
2021-12-21 17:39 - 2021-12-21 17:41 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\WinHost
2021-12-21 17:39 - 2021-12-21 17:41 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\UnoHost
2021-12-21 17:39 - 2021-12-21 17:39 - 000000012 _____ C:\ProgramData\krosqm.txt
2021-12-21 17:39 - 2021-12-21 17:39 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\EnoDiag
2021-12-21 17:33 - 2021-12-21 17:33 - 000000000 ___HD C:\$AV_ASW
2021-12-21 17:32 - 2021-12-21 17:35 - 2923390163 _____ C:\Users\Sauryy\Downloads\BeamNG.drive.v0.24.0.1.zip
2021-12-20 22:09 - 2021-12-20 22:09 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-12-20 22:09 - 2021-12-20 22:09 - 000215432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-12-20 22:09 - 2021-12-20 22:09 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2021-12-20 10:08 - 2021-12-20 10:08 - 000000000 ____D C:\AdwCleaner
2021-12-20 10:07 - 2021-12-20 10:07 - 008540344 _____ (Malwarebytes) C:\Users\Sauryy\Desktop\adwcleaner_8.3.1.exe
2021-12-20 01:11 - 2021-12-20 01:11 - 000000000 ____D C:\rsit
2021-12-20 01:11 - 2021-12-20 01:11 - 000000000 ____D C:\Program Files (x86)\trend micro
2021-12-20 01:08 - 2021-12-24 13:45 - 000000000 ____D C:\FRST
2021-12-20 01:07 - 2021-12-20 01:07 - 000339991 _____ C:\Users\Sauryy\Desktop\RSIT.exe
2021-12-20 01:04 - 2021-12-20 01:04 - 002311168 _____ (Farbar) C:\Users\Sauryy\Desktop\FRST64.exe
2021-12-19 23:57 - 2021-12-19 23:57 - 000000000 ____D C:\Users\Sauryy\Documents\BeamNG
2021-12-19 23:28 - 2021-12-22 20:27 - 000000000 ____D C:\Users\Sauryy\AppData\Local\BeamNG.drive
2021-12-19 23:05 - 2021-12-19 23:05 - 000028132 _____ C:\Users\Sauryy\Downloads\[SkT]BeamNG.drive_v0.24.0.1.torrent
2021-12-19 23:02 - 2021-12-19 23:02 - 000002232 _____ C:\Windows\Burnout(TM) Paradise The Ultimate Box Patch Log.txt
2021-12-19 22:58 - 2021-12-19 22:58 - 000000000 ____D C:\Users\Sauryy\AppData\Local\Criterion Games
2021-12-19 22:57 - 2021-12-19 22:57 - 000013277 _____ C:\Users\Sauryy\Downloads\[SkT]DAEMON_Tools_Ultra_5.7.0.1284_CZ_2019_Final!.torrent
2021-12-19 14:01 - 2021-12-19 14:01 - 000015817 _____ C:\Users\Sauryy\Downloads\[SkT]Burnout_Paradise__The_Ultimate_Box_(RELOADED)(EN_CZ)(2008).torrent
2021-12-16 16:53 - 2021-12-16 16:53 - 000000000 ____D C:\Windows\SystemTemp
2021-12-15 18:02 - 2021-12-15 18:02 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-12-15 18:02 - 2021-12-15 18:02 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\Notepad++
2021-12-15 18:02 - 2021-12-15 18:02 - 000000000 ____D C:\Program Files\Notepad++
2021-12-15 17:56 - 2021-12-15 17:56 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-15 17:56 - 2021-12-15 17:56 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-15 17:56 - 2021-12-15 17:56 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-12-15 17:56 - 2021-12-15 17:56 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-15 17:50 - 2021-12-15 17:50 - 000000000 ___HD C:\$WinREAgent
2021-12-12 19:19 - 2021-12-23 00:40 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1652363995-871311659-1305774100-1001
2021-12-12 15:58 - 2021-12-12 15:58 - 089915600 _____ C:\Users\Sauryy\Downloads\Navigate Intermediate B1+ Coursebook ( PDFDrive ).pdf
2021-12-12 15:53 - 2021-12-12 15:53 - 089872615 _____ C:\Users\Sauryy\Downloads\pdfcoffee.com_oxford-navigate-b1-intermediate-coursebook-pdf-free.pdf
2021-12-12 13:49 - 2021-12-12 13:49 - 000000000 ____D C:\Users\Public\Documents\Team17
2021-12-12 13:49 - 2021-12-12 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms W.M.D. [GOG.com]
2021-12-12 13:39 - 2021-12-24 01:26 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\uTorrent
2021-12-12 13:39 - 2021-12-12 13:39 - 000000000 ____D C:\Users\Sauryy\AppData\Local\UT008
2021-12-12 13:18 - 2021-12-12 13:18 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Codemasters
2021-12-11 16:18 - 2021-12-11 16:18 - 000000000 ____D C:\Users\Sauryy\Documents\League of Legends
2021-12-11 16:06 - 2021-12-11 16:06 - 000872812 _____ C:\Users\Sauryy\Downloads\video-1639232842.mp4
2021-12-11 15:19 - 2021-12-12 22:55 - 000000000 ____D C:\ProgramData\Riot Games
2021-12-11 15:19 - 2021-12-11 16:18 - 000000000 ____D C:\Users\Sauryy\AppData\Local\Riot Games
2021-12-11 15:19 - 2021-12-11 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-12-11 15:19 - 2021-12-11 15:19 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-11-30 18:08 - 2021-11-30 18:08 - 000063704 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtultrausbbus.sys
2021-11-30 18:08 - 2021-11-30 18:08 - 000042256 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtultrascsibus.sys
2021-11-30 18:08 - 2021-11-30 18:08 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\DAEMON Tools Ultra
2021-11-30 18:08 - 2021-11-30 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Ultra
2021-11-30 18:08 - 2021-11-30 18:08 - 000000000 ____D C:\Program Files\DAEMON Tools Ultra
2021-11-27 12:45 - 2021-11-16 19:36 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2021-11-27 12:38 - 2021-11-27 12:38 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\Steam
2021-11-27 12:36 - 2021-11-27 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Company of Heroes 2 Master Collection
2021-11-27 11:17 - 2021-11-27 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms Armageddon - New Edition CZ
2021-11-27 11:17 - 2021-11-27 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms Armageddon - New Edition
2021-11-27 11:07 - 2021-11-27 11:07 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vzum
2021-11-27 11:07 - 2021-11-27 11:07 - 000000000 ____D C:\ProgramData\Knapcode.TorSharp
2021-11-27 11:06 - 2021-12-12 13:03 - 000000000 ____D C:\Users\Sauryy\AppData\Local\Deployment
2021-11-27 11:06 - 2021-11-27 11:06 - 000000000 ____D C:\Users\Sauryy\AppData\Local\Apps\2.0
2021-11-26 20:42 - 2021-11-26 21:26 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\WeMod
2021-11-26 20:42 - 2021-11-26 20:42 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2021-11-26 20:42 - 2021-11-26 20:42 - 000000000 ____D C:\Users\Sauryy\AppData\Local\WeMod
2021-11-26 20:42 - 2021-11-26 20:42 - 000000000 ____D C:\Users\Sauryy\AppData\Local\SquirrelTemp
2021-11-25 19:32 - 2021-11-25 19:32 - 000000112 ___SH C:\bootTel.dat
2021-11-25 15:32 - 2021-11-25 16:32 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\TeamViewer
2021-11-25 15:32 - 2021-11-25 15:32 - 000000000 ____D C:\Users\Sauryy\AppData\Local\TeamViewer

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-24 13:45 - 2021-10-02 16:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-24 13:44 - 2021-10-02 18:48 - 000000000 ____D C:\Program Files (x86)\Steam
2021-12-24 13:43 - 2021-11-21 23:29 - 000000000 ____D C:\ProgramData\Avast Software
2021-12-24 13:43 - 2021-10-02 18:08 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-24 13:43 - 2021-10-02 18:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-24 13:43 - 2021-10-02 18:08 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-24 01:26 - 2021-10-02 16:42 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-24 01:14 - 2021-10-22 21:31 - 000000000 ____D C:\Windows\SysWOW64\directx
2021-12-24 00:53 - 2021-10-03 14:25 - 000000000 ____D C:\Users\Sauryy\AppData\Local\BitTorrentHelper
2021-12-24 00:36 - 2021-11-04 20:54 - 000003428 _____ C:\Windows\system32\Tasks\Vypnout
2021-12-23 22:35 - 2021-10-02 18:08 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-23 20:06 - 2021-10-02 18:15 - 001693136 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-23 20:06 - 2021-10-02 16:48 - 000716726 _____ C:\Windows\system32\perfh005.dat
2021-12-23 20:06 - 2021-10-02 16:48 - 000144904 _____ C:\Windows\system32\perfc005.dat
2021-12-23 20:06 - 2021-10-02 16:45 - 000000000 ____D C:\Windows\INF
2021-12-23 20:05 - 2021-10-18 17:04 - 000011794 _____ C:\Users\Sauryy\Downloads\Podklad pro Mzdu - Martinů - Prosinec.xlsx
2021-12-23 00:40 - 2021-10-22 19:15 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-23 00:40 - 2021-10-22 19:15 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-23 00:40 - 2021-10-22 19:15 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-23 00:40 - 2021-10-22 19:15 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-23 00:40 - 2021-10-22 19:15 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-23 00:40 - 2021-10-22 19:15 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-23 00:40 - 2021-10-22 19:15 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-23 00:40 - 2021-10-22 19:15 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-23 00:40 - 2021-10-22 19:15 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-23 00:40 - 2021-10-22 19:10 - 000002404 _____ C:\Windows\system32\Tasks\MSI_Toast_Server
2021-12-23 00:40 - 2021-10-22 19:10 - 000002280 _____ C:\Windows\system32\Tasks\MSIGH_Host
2021-12-23 00:40 - 2021-10-22 19:10 - 000002148 _____ C:\Windows\system32\Tasks\MSISW_Host
2021-12-23 00:40 - 2021-10-02 18:44 - 000003774 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1633196653
2021-12-23 00:40 - 2021-10-02 18:44 - 000003518 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1633196649
2021-12-23 00:40 - 2021-10-02 18:43 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1652363995-871311659-1305774100-1001
2021-12-23 00:40 - 2021-10-02 18:11 - 000003220 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2021-12-23 00:40 - 2021-10-02 18:08 - 000003512 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-23 00:40 - 2021-10-02 18:08 - 000003288 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-23 00:36 - 2021-10-02 18:41 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-12-23 00:34 - 2021-10-02 18:48 - 000000000 ____D C:\Program Files\WinRAR
2021-12-22 20:54 - 2021-10-22 21:31 - 000000000 ____D C:\Users\Sauryy\AppData\Local\CrashDumps
2021-12-22 20:33 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\AppReadiness
2021-12-21 13:54 - 2021-10-03 14:32 - 000000000 ____D C:\Users\Sauryy\Desktop\Hry
2021-12-21 13:35 - 2021-10-02 16:46 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-20 22:09 - 2021-11-21 23:30 - 000853800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000545176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000540056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000369216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000318760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000252992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000223176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000186280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000108912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000100416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000083976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000042416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000036784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-12-20 22:09 - 2021-11-21 23:30 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-12-20 22:09 - 2021-10-02 16:46 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-12-20 01:26 - 2021-10-02 18:41 - 000000000 ____D C:\Users\Sauryy
2021-12-20 00:31 - 2021-10-02 18:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-12-20 00:31 - 2021-10-02 18:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-12-20 00:31 - 2021-10-02 18:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-20 00:08 - 2021-10-02 18:41 - 000000000 ____D C:\Users\Sauryy\AppData\Local\D3DSCache
2021-12-19 13:50 - 2021-10-02 18:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-19 10:50 - 2021-10-16 15:23 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-17 21:06 - 2021-10-02 18:44 - 000001408 _____ C:\Users\Sauryy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-12-16 16:54 - 2021-10-02 18:08 - 000483984 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\SystemResources
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\system32\setup
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\system32\oobe
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\system32\lv-LV
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\system32\lt-LT
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\system32\et-EE
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\system32\es-MX
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\Provisioning
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\bcastdvr
2021-12-16 16:53 - 2021-10-02 16:46 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-15 20:35 - 2021-10-03 14:32 - 000000000 ____D C:\Users\Sauryy\Desktop\Programy
2021-12-15 17:58 - 2021-10-02 16:42 - 000000000 ____D C:\Windows\CbsTemp
2021-12-15 17:49 - 2021-10-04 18:42 - 000000000 ____D C:\Windows\system32\MRT
2021-12-15 17:48 - 2021-10-04 18:42 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-13 17:07 - 2021-10-02 16:46 - 000000000 ____D C:\Windows\ServiceState
2021-12-12 19:19 - 2021-10-02 18:41 - 000002380 _____ C:\Users\Sauryy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-12 13:38 - 2021-10-03 14:25 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\BitTorrent Web
2021-12-12 13:18 - 2021-11-20 19:41 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2021-12-10 20:31 - 2021-10-03 14:25 - 000001888 _____ C:\Users\Sauryy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitTorrent Web.lnk
2021-12-08 08:19 - 2021-10-22 19:15 - 002851840 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2021-12-08 08:19 - 2021-10-22 19:15 - 002197504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2021-12-08 08:19 - 2021-10-22 19:15 - 001294024 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2021-11-30 18:08 - 2021-10-03 14:30 - 000000000 ____D C:\Users\Sauryy\AppData\Local\Disc_Soft_Ltd
2021-11-30 18:08 - 2021-10-03 14:28 - 000000000 ____D C:\Users\Sauryy\AppData\Roaming\Disc-Soft
2021-11-30 18:08 - 2021-10-03 14:27 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-11-27 22:02 - 2021-10-22 19:22 - 000000000 ____D C:\Users\Sauryy\Desktop\MSI
2021-11-27 12:38 - 2021-10-21 20:58 - 000000000 ____D C:\Users\Sauryy\Documents\My Games
2021-11-27 11:20 - 2021-10-02 18:41 - 000000000 ____D C:\Users\Sauryy\AppData\Local\VirtualStore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
- ADITTION -

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2021
Ran by Sauryy (24-12-2021 13:46:47)
Running from C:\Users\Sauryy\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1415 (X64) (2021-10-02 17:11:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1652363995-871311659-1305774100-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1652363995-871311659-1305774100-503 - Limited - Disabled)
Guest (S-1-5-21-1652363995-871311659-1305774100-501 - Limited - Disabled)
Sauryy (S-1-5-21-1652363995-871311659-1305774100-1001 - Administrator - Enabled) => C:\Users\Sauryy
WDAGUtilityAccount (S-1-5-21-1652363995-871311659-1305774100-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_3) (Version: 21.0.3 - Adobe Systems Incorporated)
Age of Mythology - Epic Mod II (HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Age of Mythology - Epic Mod II) (Version:  - )
Age of Mythology Extended Edition Tale of the Dragon (HKLM-x32\...\Age of Mythology Extended Edition Tale of the Dragon_is1) (Version:  - )
AltServer (HKLM-x32\...\{02C6BC9F-DB8B-4D6B-B991-B965D4193107}) (Version: 1.4.7 - Riley Testut)
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Echelon Laser  Gaming Mouse (HKLM-x32\...\{683C749D-B99A-4F27-9528-98F535A31393}}_is1) (Version:  - )
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
AxySnake version 1.07 (HKLM-x32\...\AxySnake_is1) (Version:  - )
Banished (HKLM-x32\...\1207660783_is1) (Version: 1.0.7 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Company of Heroes 2 Master Collection (HKLM-x32\...\Company of Heroes 2 Master Collection_is1) (Version:  - )
CPUID CPU-Z MSI 1.96 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.96 - CPUID, Inc.)
Crypto Mining Simulator v1.0.4 - [S.G.F Repack] (HKLM-x32\...\Crypto Mining Simulator v1.0.4 - [S.G.F Repack]) (Version: 1.0.4 - Studio Group Fantom)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 6.1.0.1753 - Disc Soft Ltd)
Dynamic Application Loader Host Interface Service (HKLM\...\{103151D4-261C-480E-8A1A-AFCCB2AEFFBC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version:  - )
Cheat Engine 7.3 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2033.15.0.1769 - Intel Corporation)
iTunes (HKLM\...\{4C2F1221-6FDE-439E-8561-F7770ED95EC1}) (Version: 12.12.1.1 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
League of Legends (HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Flight Simulator v.1.12.13.0 Update 10 (HKLM-x32\...\Microsoft Flight Simulator_is1) (Version:  - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Volume - en-us) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 2.0.0.56 - MSI)
MSI Display Kit(x64) (HKLM\...\{5A8E3E72-D260-4DB3-BCE3-AF47C364F275}) (Version: 0.0.2.2 - MSI) Hidden
MSI Display Kit(x64) (HKLM-x32\...\Installshield_{5A8E3E72-D260-4DB3-BCE3-AF47C364F275}) (Version: 0.0.2.2 - MICRO-STAR INT'L,.LTD.)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.15 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.98 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.74 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.43 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.29 - MSI)
MSI USB Speed Up (HKLM-x32\...\{79D5FA63-7003-4398-B882-C70ED18778D1}_is1) (Version: 1.0.0.11 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.21 - MSI)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.9.3 - Notepad++ Team)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.92 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 496.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22045 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12527.22045 - Microsoft Corporation) Hidden
Opera Stable 82.0.4227.33 (HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\Opera 82.0.4227.33) (Version: 82.0.4227.33 - Opera Software)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.45.416 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Santa Claus in Trouble (HKLM-x32\...\Santa Claus in Trouble) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.3.6.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.6.1 - SteelSeries ApS)
VEGAS Pro 15.0 (HKLM\...\{E0F91FB0-7FC4-11E7-B8E9-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vzum (HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\6cfa0c5674100ff8) (Version: 1.0.0.42 - Vzum)
Warcraft III - Complete Edition verze 1.26a (HKLM-x32\...\{52FD4969-2C1C-4F9C-A71B-C6F04777FFAA}_is1) (Version: 1.26a - )
Warcraft III Reforged By Franz PC (HKLM-x32\...\Warcraft III Reforged By Franz PC_is1) (Version: 1.0 - Blizzard Entertainment)
WeMod (HKU\S-1-5-21-1652363995-871311659-1305774100-1001\...\WeMod) (Version: 7.1.22 - WeMod)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Worms 4 Totální nářez (HKLM-x32\...\InstallShield_{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}) (Version: 1.00.000 - Název společnosti:)
Worms Armageddon - New Edition CZ (HKLM-x32\...\Worms Armageddon - New Edition CZ) (Version:  - )
Worms Reloaded - Game of the Year Edition (HKLM-x32\...\Worms Reloaded - Game of the Year Edition_is1) (Version:  - )
Worms W.M.D. (HKLM-x32\...\1448620034_is1) (Version: 2.0.0.2 - GOG.com)
Worms W.M.D. All Stars Pack (HKLM-x32\...\2041366294_is1) (Version: 2.0.0.2 - GOG.com)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-17] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-22] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0 [2021-12-10] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-12-08] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\dtshl64.dll [2021-11-30] (SIA AVB Disc Soft -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\dtshl64.dll [2021-11-30] (SIA AVB Disc Soft -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5292bbfbf575e2d2\nvshext.dll [2021-10-07] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-04 11:30 - 2019-09-04 11:30 - 000041984 _____ () [File not signed] C:\Program Files (x86)\AltServer\boost_date_time-vc142-mt-x32-1_70.dll
2019-09-04 11:17 - 2019-09-04 11:17 - 000132608 _____ () [File not signed] C:\Program Files (x86)\AltServer\brotlicommon.dll
2019-09-04 11:17 - 2019-09-04 11:17 - 000044032 _____ () [File not signed] C:\Program Files (x86)\AltServer\brotlidec.dll
2019-09-04 11:17 - 2019-09-04 11:17 - 002841088 _____ () [File not signed] C:\Program Files (x86)\AltServer\brotlienc.dll
2019-09-04 11:32 - 2019-09-04 11:32 - 001496064 _____ () [File not signed] C:\Program Files (x86)\AltServer\cpprest_2_10.dll
2021-10-26 09:40 - 2021-10-26 09:40 - 000152064 _____ () [File not signed] C:\Program Files (x86)\AltServer\imobiledevice.dll
2021-10-26 09:41 - 2021-10-26 09:41 - 000183296 _____ () [File not signed] C:\Program Files (x86)\AltServer\ldid.dll
2021-10-26 09:40 - 2021-10-26 09:40 - 000056320 _____ () [File not signed] C:\Program Files (x86)\AltServer\plist.dll
2021-10-26 09:40 - 2021-10-26 09:40 - 000032256 _____ () [File not signed] C:\Program Files (x86)\AltServer\usbmuxd.dll
2019-09-04 11:17 - 2019-09-04 11:17 - 000073216 _____ () [File not signed] C:\Program Files (x86)\AltServer\zlib1.dll
2021-10-20 18:31 - 2013-06-20 16:54 - 000061952 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS Echelon Laser Gaming Mouse\HidDevice.dll
2021-10-22 19:10 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\Gaming APP\LEDControl.dll
2021-10-22 19:10 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2021-10-02 18:50 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-10-02 18:50 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-02 18:50 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-10-22 19:10 - 2015-06-23 15:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2019-07-08 19:10 - 2019-07-08 19:10 - 000079360 _____ (GnuWin32 <hxxp://gnuwin32.sourceforge.net>) [File not signed] C:\Program Files (x86)\AltServer\regex2.dll
2021-10-20 18:31 - 2013-07-26 16:21 - 000143360 _____ (Holtek) [File not signed] C:\Program Files (x86)\ASUS\ASUS Echelon Laser Gaming Mouse\HIDApi.dll
2021-10-02 18:50 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2018-11-22 15:48 - 2018-11-22 15:48 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AltServer\LIBEAY32.dll
2018-11-22 15:48 - 2018-11-22 15:48 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AltServer\SSLEAY32.dll
2019-05-28 21:35 - 2019-05-28 21:35 - 002507264 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\AltServer\libcrypto-1_1.dll
2021-10-22 19:10 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\SDKDLL.dll
2019-12-11 13:21 - 2019-12-11 13:21 - 001930240 _____ (winsparkle.org) [File not signed] C:\Program Files (x86)\AltServer\WinSparkle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-10-02 16:46 - 2021-10-02 16:45 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1652363995-871311659-1305774100-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sauryy\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Free-download-PlayStation-logo-Play-Station-Play-Station-2-.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D09E7114-BE8A-4B90-A855-89AD0E89C117}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{00365463-3E44-44A5-AA2E-FFAA942BFA62}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8917DB86-D966-4C68-8602-78823047625D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{ABC7A15B-61EB-4D18-8C3B-009C4D30B185}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3BB0259F-385D-4E28-8407-E7D77AA94DE4}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{61B0AC20-6E72-4575-A635-F86ED7253060}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7A25FA22-F206-4298-B8C4-F2508EA615E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42FA1192-5265-4A76-9FA8-DA797FADA299}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9793904-1798-40F2-AC1A-F908F87FD733}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2DD566B0-2713-443D-A94A-31EBF8B189CF}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{3913FCE0-F6C8-4396-A09B-A465CF8949A2}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{5FAB555C-D2B1-465F-9D57-090C712EF9C7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DB2BBB4B-D01F-4F5F-814F-A5D9AA66077A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{1578EAA9-7BFF-4127-B762-ADB50620BD80}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [UDP Query User{901F944F-0B49-40BC-AB93-A56FAD6DEF6B}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [TCP Query User{1F125411-2363-4559-A7DA-43B870384F21}D:\hry\worms armageddon cz\wa.exe] => (Block) D:\hry\worms armageddon cz\wa.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [UDP Query User{1051C031-2005-49AA-AB4D-AEFF08CBB7A5}D:\hry\worms armageddon cz\wa.exe] => (Block) D:\hry\worms armageddon cz\wa.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [TCP Query User{5FC572B4-667F-48CF-9AEB-98D7C97FDD7C}D:\games\company of heroes 2 master collection\reliccoh2.exe] => (Block) D:\games\company of heroes 2 master collection\reliccoh2.exe (Relic Entertainment, Inc. -> Relic Entertainment Inc.)
FirewallRules: [UDP Query User{3F28604F-0E36-4740-B4EB-359BCE5F0D68}D:\games\company of heroes 2 master collection\reliccoh2.exe] => (Block) D:\games\company of heroes 2 master collection\reliccoh2.exe (Relic Entertainment, Inc. -> Relic Entertainment Inc.)
FirewallRules: [{DF5E5ED8-C7EA-4F9D-ADB0-BCB656CAF2A6}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (SIA AVB Disc Soft -> Disc Soft Ltd)
FirewallRules: [{29A4AC40-79BA-474D-AAD5-E9DF9CBA916B}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (SIA AVB Disc Soft -> Disc Soft Ltd)
FirewallRules: [{B2C242F3-6074-4D2B-9932-BF41499AB4A0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DBC1340C-DA41-447E-90C6-208AFEA13099}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FEC0DEF4-AF83-4C36-BD2B-1396D581413A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6E52B745-4A8A-4C85-B6E5-111286227D31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E2F36A13-30DB-48B6-B4A8-156EAC67047C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BE537E2-2075-4550-972B-4DCB1308B47B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5C8215EB-CFE2-4BD6-90CE-A534D4BC14EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D3C32DEC-1AC7-4FFC-B9BC-66D907416435}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0D2C9130-D3A8-49C3-80F8-C368CE3602A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8302D532-2D04-4010-AC43-15307A49150D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{D5099A8D-99D8-4F7A-82F9-48EB4BC72D02}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe => No File
FirewallRules: [UDP Query User{7B2A1550-2570-466A-B641-97B27236E4A4}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe => No File
FirewallRules: [TCP Query User{18315C77-89F9-44B4-966A-3503861B5608}D:\hry\w4\worms 4 mayhem.exe] => (Block) D:\hry\w4\worms 4 mayhem.exe (Team 17 Ltd) [File not signed]
FirewallRules: [UDP Query User{7BF9C78A-D64B-4ADF-8034-767EF6622F08}D:\hry\w4\worms 4 mayhem.exe] => (Block) D:\hry\w4\worms 4 mayhem.exe (Team 17 Ltd) [File not signed]
FirewallRules: [{81771C8C-032A-42CE-8ACF-9A8ACE67C183}] => (Allow) C:\Users\Sauryy\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D1BE80FF-B5C5-4014-ABBF-91F33400E702}] => (Allow) C:\Users\Sauryy\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{829FAC58-22DA-4584-BD10-DB7F351526CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FECC22D8-9B69-44B5-BBCB-09C3B317E8DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C57EB637-9421-4E05-B22C-D4089C35059C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F43C631-37ED-4D71-9331-822452FE7F61}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4D810AD7-07A6-4918-8931-D7B798B1B622}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{1147E9F4-D27D-4283-AD98-567DD290CFF0}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{BDF6D95E-94E6-4EA2-96DA-CA68F59CF267}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{BA446622-62D3-4154-B0AA-DD12F422CDEE}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{C50A8954-EB42-48DC-9CBE-88C956996D89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{127681F9-E4B1-4202-9C1C-756B4F36A692}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2FDD1FB6-E88B-4D33-82D2-4DC1088F2736}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{90D13AD5-FBA6-4297-96EA-B8D8591D0F00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{688F59A6-8F5F-4834-B41A-E44BEC1C900D}D:\hry\beamng.drive.v0.24.0.1\beamng.drive v0.24.0.1\bin64\beamng.drive.x64.exe] => (Block) D:\hry\beamng.drive.v0.24.0.1\beamng.drive v0.24.0.1\bin64\beamng.drive.x64.exe (BeamNG GmbH -> BeamNG GmbH)
FirewallRules: [UDP Query User{D33EC075-7278-49B7-BB00-3C275FDF87C8}D:\hry\beamng.drive.v0.24.0.1\beamng.drive v0.24.0.1\bin64\beamng.drive.x64.exe] => (Block) D:\hry\beamng.drive.v0.24.0.1\beamng.drive v0.24.0.1\bin64\beamng.drive.x64.exe (BeamNG GmbH -> BeamNG GmbH)
FirewallRules: [TCP Query User{17DC4C88-C0E2-4A9E-8B55-A00ADA45BE7C}C:\users\sauryy\appdata\local\programs\opera\opera.exe] => (Block) C:\users\sauryy\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{9221C6A7-9EC5-47C1-B25F-1EDBE8F9233C}C:\users\sauryy\appdata\local\programs\opera\opera.exe] => (Block) C:\users\sauryy\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{2C7D1212-7619-40C0-A829-619AF59AA99A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5AD5BEE6-8477-4B97-884A-DD130E06FA93}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.15 GB) (Free:39.18 GB) (36%)

==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/24/2021 01:44:00 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).

Error: (12/22/2021 08:54:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: BeamNG.drive.exe, verze: 0.24.0.1, časové razítko: 0x61a96d08
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1288, časové razítko: 0x027db076
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6c43
ID chybujícího procesu: 0x37c4
Čas spuštění chybující aplikace: 0x01d7f769e9b25ca7
Cesta k chybující aplikaci: D:\Hry\BeamNG.drive.v0.24.0.1\BeamNG.drive v0.24.0.1\BeamNG.drive.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 19b13b45-89d2-4d88-91a3-fd97be1865d0
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (12/22/2021 08:18:31 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).

Error: (12/22/2021 03:12:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Worms W.M.D.exe, verze: 0.0.0.0, časové razítko: 0x57bb001a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x4f48b530
ID chybujícího procesu: 0x15c0
Čas spuštění chybující aplikace: 0x01d7f73d87a0e06a
Cesta k chybující aplikaci: D:\Hry\Worms W.M.D\Worms W.M.D.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6d118315-b31d-47cb-854b-e9ffadabc4bf
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (12/22/2021 03:12:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Worms W.M.D.exe, verze: 0.0.0.0, časové razítko: 0x57bb001a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x15c0
Čas spuštění chybující aplikace: 0x01d7f73d87a0e06a
Cesta k chybující aplikaci: D:\Hry\Worms W.M.D\Worms W.M.D.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 902e03c7-fb4a-4c13-a703-367302c34da9
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (12/21/2021 05:37:17 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).

Error: (12/20/2021 04:06:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/20/2021 12:57:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: BeamNG.drive.exe, verze: 0.24.0.1, časové razítko: 0x61a96d08
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1288, časové razítko: 0x027db076
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6c43
ID chybujícího procesu: 0x2388
Čas spuštění chybující aplikace: 0x01d7f52f9c65c084
Cesta k chybující aplikaci: D:\Hry\BeamNG.drive.v0.24.0.1\BeamNG.drive v0.24.0.1\BeamNG.drive.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 655938ad-3dab-4672-a30a-d2c06f84f9bd
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/24/2021 01:43:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bonjour Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (12/23/2021 07:59:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bonjour Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (12/23/2021 07:59:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:55:09, ‎23.‎12.‎2021) bylo neočekávané.

Error: (12/23/2021 07:59:44 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (12/23/2021 01:55:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bonjour Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (12/23/2021 01:55:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (0:34:21, ‎23.‎12.‎2021) bylo neočekávané.

Error: (12/23/2021 01:55:03 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (12/23/2021 12:34:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bonjour Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2021-11-21 17:44:01
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Aicat.A!ml&threatid=2147771510&enterprise=0
Název: HackTool:Win32/Aicat.A!ml
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_D:\Hry\Worms Reloaded - GOTY\steam_api.dll
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.353.1365.0, AS: 1.353.1365.0, NIS: 1.353.1365.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-20 18:59:47
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CCE897B6-7D71-4124-9E3A-B453BFF51451}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-19 20:17:12
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9B97330A-C6A2-4346-88D9-288D9356CC1D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-18 19:27:47
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AD2D7BD8-8F4F-449B-BC7A-B2468E9909E2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-17 17:41:18
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B2BD1295-BFFA-4CD3-97C6-89B21B4B4697}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-12-24 13:45:23
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-12-24 13:44:27
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-12-24 13:43:51
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 1.00 09/16/2015
Motherboard: MSI B150M Night Elf (MS-7979)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 23%
Total physical RAM: 16342.69 MB
Available physical RAM: 12464.43 MB
Total Virtual: 18774.69 MB
Available Virtual: 14230.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.15 GB) (Free:39.18 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:366.59 GB) NTFS
Drive i: (Milionar) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS

\\?\Volume{f7c271f1-2c1a-426b-a842-67ac4c371790}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{10fa7faa-0a5e-4679-9903-380a79e057a5}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{dd7ddfcc-d718-4f35-a933-5899696a3449}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{6d4b97f3-6ab9-4715-af92-58b04ce79af6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Sauryy
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 28 lis 2018 14:02

Re: Preventivka - 20.12.2021

#8 Příspěvek od Sauryy »

Dobrý večer, mám brát věc za vyřešenou? Dlouho jste se neozval, nechci vás uhánět

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka - 20.12.2021

#9 Příspěvek od Diallix »

Dobrý deň.

Ospravedlňujem sa, ale mal som toho hodne.

Dočistenie:

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Sauryy
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 28 lis 2018 14:02

Re: Preventivka - 20.12.2021

#10 Příspěvek od Sauryy »

Dobrý den, v pořádku, chápu to, zasílám vám LOG

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-01-2022
Ran by Sauryy (20-01-2022 18:02:13) Run:2
Running from C:\Users\Sauryy\Desktop
Loaded Profiles: Sauryy
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]

EmptyTemp:
*****************

HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\Bonjour Service => removed successfully
Bonjour Service => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43404472 B
Java, Flash, Steam htmlcache => 144619975 B
Windows/system/drivers => 6357590 B
Edge => 0 B
Firefox => 0 B
Opera => 44748270 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 104924 B
NetworkService => 104924 B
Sauryy => 83899154 B

RecycleBin => 8446 B
EmptyTemp: => 309.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:02:48 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka - 20.12.2021

#11 Příspěvek od Diallix »

Ako je na tom počítač?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět