Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu děkuji

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Kontrola logu děkuji

#1 Příspěvek od kemgura07 »

Nejdou nainstalovat 2 aktualizace Win."V zařízení chybí důležité opravy zabezpečení a kvality"
Nastavím "Výchozí aplikace" a po restartu je to pryč...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kengura at 2021-03-17 11:27:23
Microsoft Windows 10 Pro
System drive C: has 388 GB (78%) free of 494 GB
Total RAM: 3839 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:27:30, on 17.03.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Kengura.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O2 - BHO: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Bitdefender Anti-tracker - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AfVpnService - AnchorFree Inc. - C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\system32\amdfendrsr.exe (file missing)
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender Protected Service (BDProtSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: služba Bitdefender Vpn (BdVpnService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_387c654 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\89.0.4389.82\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10271 bytes

======Listing Processes======









C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
"C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdshieldsrv_config.json"
"C:\Windows\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\amdfendrsr.exe
"C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdauxsrv_config.json"
"C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe" "service"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation

C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe" --action=run-server --rwppid
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe"

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo


C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s seclogon


C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\Bitdefender Agent\DiscoverySrv.exe"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21021.117.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.860_none_e73d0c67262f5c28\TiWorker.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x584
"C:\Users\Kengura\Pictures\RSITx64.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wisvc

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK

=========Mozilla firefox=========

ProfilePath - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"bdwtwe@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
"bdtbe@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb}]
Bitdefender Trackers Blocking - C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-01-25 146848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-01-25 688664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15 222088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2018-07-18 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb}]
Bitdefender Trackers Blocking - C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-01-25 123448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-01-25 629912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15 156560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2018-07-18 1744672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-01-25 688664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-01-25 629912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BdVpnApp"=C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [2020-12-07 224376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-03-05 32726088]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableAutomaticRestartSignOn"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave5"=wdmaud.drv
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave6"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.inf - install -
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2021-03-17 11:27:23 ----D---- C:\rsit
2021-03-16 13:34:34 ----D---- C:\WINDOWS\Panther
2021-03-11 16:54:08 ----D---- C:\Program Files\Mozilla Firefox
2021-03-11 15:48:35 ----D---- C:\WINDOWS\AppReadiness
2021-03-11 13:30:09 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2021-03-11 13:30:06 ----A---- C:\WINDOWS\system32\poqexec.exe
2021-03-11 13:28:12 ----D---- C:\WINDOWS\CbsTemp
2021-03-10 14:57:45 ----D---- C:\Program Files (x86)\Calibre2
2021-03-10 10:22:12 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2021-03-06 15:34:39 ----D---- C:\ProgramData\AnchorFree_Inc
2021-03-06 15:34:27 ----D---- C:\ProgramData\Bitdefender VPN
2021-03-06 15:34:00 ----A---- C:\WINDOWS\system32\drivers\tap0901.sys
2021-03-06 15:31:54 ----D---- C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2021-03-06 15:31:10 ----D---- C:\ProgramData\Gemma
2021-03-06 15:31:09 ----D---- C:\ProgramData\Atc
2021-03-06 15:28:43 ----D---- C:\WINDOWS\system32\elambkup
2021-03-06 15:28:43 ----A---- C:\WINDOWS\system32\drivers\bdelam.sys
2021-03-06 15:28:41 ----D---- C:\ProgramData\BDLogging
2021-03-06 15:28:01 ----A---- C:\WINDOWS\system32\drivers\gemma.sys
2021-03-06 15:27:56 ----A---- C:\WINDOWS\system32\drivers\bdprivmon.sys
2021-03-06 15:27:55 ----A---- C:\WINDOWS\system32\drivers\bddci.sys
2021-03-06 15:27:55 ----A---- C:\WINDOWS\system32\drivers\atc.sys
2021-03-06 15:26:03 ----D---- C:\Users\Kengura\AppData\Roaming\Bitdefender
2021-03-06 15:25:53 ----A---- C:\WINDOWS\system32\drivers\ignis.sys
2021-03-06 15:25:49 ----A---- C:\WINDOWS\system32\drivers\gzflt.sys
2021-03-06 15:25:47 ----D---- C:\Program Files\Bitdefender
2021-03-06 15:25:47 ----A---- C:\WINDOWS\system32\drivers\trufos.sys
2021-03-06 15:25:08 ----D---- C:\Program Files\Common Files\Bitdefender
2021-03-06 15:22:20 ----D---- C:\Program Files\Bitdefender Agent
2021-03-06 12:10:51 ----D---- C:\AdwCleaner
2021-02-26 20:58:43 ----D---- C:\Users\Kengura\AppData\Roaming\calibre
2021-02-25 19:44:46 ----D---- C:\Program Files (x86)\NSIS Uninstall Information
2021-02-25 19:34:05 ----D---- C:\ProgramData\install_backup
2021-02-20 13:05:40 ----D---- C:\WINDOWS\system32\Logs
2021-02-20 13:05:40 ----D---- C:\Program Files\Microsoft Update Health Tools
2021-02-20 13:05:40 ----A---- C:\WINDOWS\system32\sedplugins.dll
2021-02-20 13:05:40 ----A---- C:\WINDOWS\system32\QualityUpdateAssistant.dll

======List of files/folders modified in the last 1 month======

2021-03-17 11:27:27 ----D---- C:\Program Files\trend micro
2021-03-17 11:26:19 ----D---- C:\WINDOWS\Temp
2021-03-17 11:25:32 ----D---- C:\WINDOWS\Prefetch
2021-03-17 11:25:30 ----D---- C:\Program Files\CCleaner
2021-03-17 11:25:14 ----D---- C:\WINDOWS\system32\sru
2021-03-17 11:24:33 ----D---- C:\ProgramData\NVIDIA
2021-03-16 20:28:21 ----D---- C:\WINDOWS\system32\drivers\etc
2021-03-16 20:17:47 ----D---- C:\ProgramData\Mozilla
2021-03-16 20:15:07 ----D---- C:\WINDOWS\system32\config
2021-03-16 20:05:51 ----D---- C:\WINDOWS\WinSxS
2021-03-16 19:58:16 ----D---- C:\WINDOWS\system32\SleepStudy
2021-03-16 17:18:42 ----SHD---- C:\System Volume Information
2021-03-16 16:14:16 ----RD---- C:\WINDOWS\Microsoft.NET
2021-03-16 15:18:49 ----D---- C:\Windows
2021-03-16 14:54:12 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-03-16 14:51:56 ----ASH---- C:\DumpStack.log.tmp
2021-03-16 13:34:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-15 18:31:46 ----D---- C:\WINDOWS\SoftwareDistribution
2021-03-15 17:13:16 ----D---- C:\WINDOWS\INF
2021-03-14 17:35:15 ----D---- C:\FFOutput
2021-03-13 15:06:06 ----D---- C:\WINDOWS\Logs
2021-03-13 11:44:10 ----SHD---- C:\WINDOWS\Installer
2021-03-13 11:43:07 ----D---- C:\WINDOWS\SysWOW64
2021-03-13 11:42:47 ----D---- C:\WINDOWS\system32\Tasks
2021-03-12 11:24:16 ----D---- C:\Program Files
2021-03-11 16:11:43 ----D---- C:\WINDOWS\debug
2021-03-11 16:05:48 ----HD---- C:\Program Files\WindowsApps
2021-03-11 13:48:44 ----D---- C:\WINDOWS\system32\catroot2
2021-03-11 13:31:42 ----D---- C:\WINDOWS\System32
2021-03-10 14:57:45 ----RD---- C:\Program Files (x86)
2021-03-10 14:08:47 ----D---- C:\WINDOWS\system32\wbem
2021-03-10 14:06:49 ----D---- C:\Program Files (x86)\Internet Explorer
2021-03-10 14:06:47 ----D---- C:\WINDOWS\IdentityCRL
2021-03-10 14:06:47 ----D---- C:\WINDOWS\DiagTrack
2021-03-10 14:06:47 ----D---- C:\WINDOWS\Cursors
2021-03-10 14:06:47 ----D---- C:\WINDOWS\bcastdvr
2021-03-10 14:06:46 ----RSD---- C:\WINDOWS\Media
2021-03-10 14:06:46 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-03-10 14:06:46 ----D---- C:\WINDOWS\L2Schemas
2021-03-10 14:06:45 ----SD---- C:\WINDOWS\system32\AppV
2021-03-10 14:06:45 ----D---- C:\WINDOWS\system32\appraiser
2021-03-10 14:06:45 ----D---- C:\WINDOWS\ShellExperiences
2021-03-10 14:06:45 ----D---- C:\WINDOWS\ShellComponents
2021-03-10 14:06:45 ----D---- C:\WINDOWS\Provisioning
2021-03-10 14:06:45 ----D---- C:\WINDOWS\PolicyDefinitions
2021-03-10 14:06:44 ----SD---- C:\WINDOWS\system32\F12
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\MailContactsCalendarSync
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\Keywords
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\icsxml
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\ias
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\drivers\en-US
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\drivers
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\Dism
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\DDFs
2021-03-10 14:06:44 ----D---- C:\WINDOWS\system32\Com
2021-03-10 14:06:43 ----D---- C:\WINDOWS\system32\MSDRM
2021-03-10 14:06:43 ----D---- C:\WINDOWS\system32\migration
2021-03-10 14:06:42 ----SD---- C:\WINDOWS\system32\UNP
2021-03-10 14:06:42 ----SD---- C:\WINDOWS\system32\Nui
2021-03-10 14:06:42 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2021-03-10 14:06:42 ----D---- C:\WINDOWS\system32\setup
2021-03-10 14:06:42 ----D---- C:\WINDOWS\system32\ras
2021-03-10 14:06:42 ----D---- C:\WINDOWS\system32\PerceptionSimulation
2021-03-10 14:06:42 ----D---- C:\WINDOWS\system32\oobe
2021-03-10 14:06:41 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2021-03-10 14:06:34 ----D---- C:\WINDOWS\SystemResources
2021-03-10 14:06:32 ----SD---- C:\WINDOWS\SYSWOW64\Nui
2021-03-10 14:06:32 ----SD---- C:\WINDOWS\SYSWOW64\F12
2021-03-10 14:06:32 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2021-03-10 14:06:32 ----D---- C:\WINDOWS\SYSWOW64\setup
2021-03-10 14:06:32 ----D---- C:\WINDOWS\SYSWOW64\ras
2021-03-10 14:06:32 ----D---- C:\WINDOWS\SYSWOW64\MSDRM
2021-03-10 14:06:32 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-03-10 14:06:32 ----D---- C:\WINDOWS\SYSWOW64\MailContactsCalendarSync
2021-03-10 14:06:32 ----D---- C:\WINDOWS\SYSWOW64\Keywords
2021-03-10 14:06:32 ----D---- C:\WINDOWS\SYSWOW64\InstallShield
2021-03-10 14:06:32 ----D---- C:\WINDOWS\SYSWOW64\Dism
2021-03-10 14:06:32 ----D---- C:\WINDOWS\SYSWOW64\Com
2021-03-10 14:06:31 ----D---- C:\WINDOWS\SYSWOW64\wbem
2021-03-10 14:06:28 ----D---- C:\WINDOWS\Tasks
2021-03-10 13:56:02 ----D---- C:\WINDOWS\registration
2021-03-10 10:20:17 ----D---- C:\WINDOWS\system32\MRT
2021-03-10 10:11:23 ----AC---- C:\WINDOWS\system32\MRT.exe
2021-03-10 10:10:03 ----D---- C:\ProgramData\Microsoft Help
2021-03-10 10:08:23 ----RSD---- C:\WINDOWS\assembly
2021-03-09 17:44:25 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-09 17:19:13 ----D---- C:\WINDOWS\system32\Sysprep
2021-03-09 12:29:07 ----D---- C:\WINDOWS\system32\en-US
2021-03-09 12:29:07 ----D---- C:\WINDOWS\system32\cs-CZ
2021-03-09 12:29:06 ----D---- C:\WINDOWS\system32\LogFiles
2021-03-09 12:29:06 ----D---- C:\Program Files\Internet Explorer
2021-03-06 16:30:18 ----D---- C:\ProgramData\Bitdefender
2021-03-06 15:34:39 ----HD---- C:\ProgramData
2021-03-06 15:34:05 ----D---- C:\WINDOWS\system32\DriverStore
2021-03-06 15:25:08 ----D---- C:\Program Files\Common Files
2021-03-06 15:08:41 ----D---- C:\WINDOWS\system32\drivers\wd
2021-03-06 15:07:21 ----D---- C:\ProgramData\Avast Software
2021-03-06 15:07:16 ----SHD---- C:\Recovery
2021-03-06 15:05:01 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2021-03-03 15:03:24 ----D---- C:\ProgramData\NVIDIA Corporation
2021-03-02 19:39:02 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2021-03-02 19:38:20 ----D---- C:\Program Files\NVIDIA Corporation
2021-02-27 13:49:37 ----D---- C:\Program Files\Calibre2
2021-02-26 12:46:42 ----D---- C:\Users\Kengura\AppData\Roaming\CyberLink
2021-02-25 19:47:03 ----D---- C:\ProgramData\CLSK
2021-02-25 19:46:15 ----D---- C:\WINDOWS\system32\drivers\CLFCL5.20
2021-02-25 19:44:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2021-02-25 19:34:57 ----D---- C:\Program Files\CyberLink
2021-02-25 19:27:09 ----D---- C:\ProgramData\install_clap
2021-02-25 19:26:59 ----HD---- C:\ProgramData\CyberLink
2021-02-21 15:49:32 ----D---- C:\ProgramData\AVG
2021-02-20 12:57:50 ----SHD---- C:\$RECYCLE.BIN

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 bdprivmon;bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [2020-01-17 46056]
R0 Gemma;Gemma; C:\WINDOWS\system32\DRIVERS\gemma.sys [2020-11-20 481936]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2020-09-03 195232]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-12-07 57360]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2020-09-12 293176]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-09-12 41984]
R1 atc;atc; C:\WINDOWS\system32\DRIVERS\atc.sys [2020-12-01 2638328]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2019-12-07 91136]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2018-09-04 141512]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2018-09-04 109864]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2017-06-07 138296]
R2 BdDci;BdDci Service; C:\WINDOWS\system32\DRIVERS\bddci.sys [2020-11-03 802968]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-12-01 149320]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-12-09 491520]
R2 CLFCL5.20;@oem7.inf,%ServiceName%;CyberLink FCL Service 5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [2020-03-20 46952]
R2 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2020-10-07 185312]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-08 53248]
R3 amdfendr;@oem18.inf,%AMDFENDR_svcdesc%;AMD Crash Defender Driver; C:\WINDOWS\system32\DRIVERS\amdfendr.sys [2020-06-11 70576]
R3 AMDXE;@oem17.inf,%AMDXE.SVCDESC%;AMD Link Controller Emulation; C:\WINDOWS\System32\drivers\amdxe.sys [2020-06-04 61032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-18 4496600]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-12 322376]
R3 NVHDA;@oem10.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-11-14 12905016]
R3 NvModuleTracker;@oem20.inf,%ServiceName%;NvModuleTracker; C:\WINDOWS\System32\drivers\NvModuleTracker.sys [2020-03-04 50592]
R3 nvvad_WaveExtensible;@oem12.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2020-03-06 69840]
R3 nvvhci;@oem21.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456]
R3 rt640x64;@oem2.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-01-23 888064]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2019-03-21 22960]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2018-09-04 15872]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2018-09-04 188824]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2018-09-11 152688]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2020-10-08 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2019-12-07 138272]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2019-12-07 174608]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2019-12-07 154936]
S3 aswTap;@oem22.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2021-01-13 53904]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-12-01 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-12 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-12-01 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-12-01 1554944]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-12-01 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-12-01 95048]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-08 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2020-09-12 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2020-12-01 213504]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2020-11-13 104760]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD Crash Defender Service;AMD Crash Defender Service; C:\WINDOWS\system32\amdfendrsr.exe [2020-06-11 486320]
R2 BDAuxSrv;Bitdefender Auxiliary Service; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [2020-10-02 803576]
R2 BDProtSrv;Bitdefender Protected Service; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [2020-10-02 803576]
R2 bdredline;Bitdefender RedLine Service; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2018-03-22 2195344]
R2 BdVpnService;služba Bitdefender Vpn ; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [2020-12-07 250392]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 CDPUserSvc_387c654;Connected Devices Platform User Service_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2021-01-11 874472]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-11-14 932728]
R2 OneSyncSvc_387c654;Sync Host_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2021-01-29 1358248]
R3 AfVpnService;AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [2020-11-02 197624]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 cbdhsvc_387c654;Clipboard User Service_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2020-12-01 988064]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AarSvc_387c654;Agent Activation Runtime_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-01-26 169672]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BcastDVRUserService_387c654;GameDVR and Broadcast User Service_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BluetoothUserService_387c654;Bluetooth User Support Service_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 CaptureService_387c654;CaptureService_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 ConsentUxUserSvc_387c654;ConsentUX_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-08 385240]
S3 CredentialEnrollmentManagerUserSvc_387c654;CredentialEnrollmentManagerUserSvc_387c654; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-08 385240]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DeviceAssociationBrokerSvc_387c654;DeviceAssociationBroker_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicePickerUserSvc_387c654;DevicePicker_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicesFlowUserSvc_387c654;DevicesFlow_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-09-12 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 FvSvc;NVIDIA FrameView SDK service; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [2020-12-16 410424]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\89.0.4389.82\elevation_service.exe [2021-03-05 1509480]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-12-17 155592]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-12-17 155592]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MessagingService_387c654;MessagingService_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2021-03-11 242160]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 189640]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2020-09-12 105984]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PimIndexMaintenanceSvc_387c654;Contact Data_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PrintWorkflowUserSvc_387c654;PrintWorkflow_387c654; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2020-12-01 5197552]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-12-07 1263104]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2020-09-12 756552]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu děkuji

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Aka chybova hlaska sa zobrazuje pri pokuse nainstalovat tie aktualizacie?

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Spustit skenovani a pockaj na dokoncenie
  • V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
  • V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
  • Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Kontrola logu děkuji

#3 Příspěvek od kemgura07 »

V zařízení chybí důležité komponenty ochrany a kvality.-Hláška na neinstalovanou aktualizaci...
Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-18-2021
# Duration: 00:00:05
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1404 octets] - [06/03/2021 12:11:45]
AdwCleaner[S01].txt - [1465 octets] - [16/03/2021 15:10:56]
AdwCleaner[S02].txt - [1526 octets] - [18/03/2021 11:16:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu děkuji

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Kontrola logu děkuji

#5 Příspěvek od kemgura07 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by Kengura (18-03-2021 17:48:02)
Running from C:\Users\Kengura\Pictures
Windows 10 Pro Version 20H2 19042.685 (X64) (2020-09-12 12:33:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3670144830-1670747954-2962517199-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3670144830-1670747954-2962517199-503 - Limited - Disabled)
Guest (S-1-5-21-3670144830-1670747954-2962517199-501 - Limited - Disabled)
Kengura (S-1-5-21-3670144830-1670747954-2962517199-1002 - Administrator - Enabled) => C:\Users\Kengura
WDAGUtilityAccount (S-1-5-21-3670144830-1670747954-2962517199-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.181 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 25.0.14.58 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.0.1.25 - Bitdefender)
calibre (HKLM-x32\...\{1E82C046-151D-4210-AF70-B3B8FA2F6B56}) (Version: 5.13.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{137F31B3-C353-4812-8EE6-BF00BBB173B9}) (Version: 5.12.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CyberLink PowerDVD 20 (HKLM-x32\...\{E5B8E5C5-4C42-407B-A2BC-BAC724D1F43F}) (Version: 20.0.1519.62 - CyberLink Corp.)
FormatFactory 5.6.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.6.5.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29512933 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29512933 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.33 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
TiMoC (HKLM-x32\...\TiMoC1.1) (Version: 1.1 - Oblivion CZ team)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinTools.net Premium version 20.7 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 20.7 - WinTools Software Engineering, Ltd.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-10] (Microsoft Corporation) [MS Ad]
PDF Viewer and Reader -> C:\Program Files\WindowsApps\22450.PDFViewerandReader_1.3.2.0_x64__0aqw1zw0x2snt [2021-03-10] (韵华软件) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-09-12 13:17 - 2016-11-14 10:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-3670144830-1670747954-2962517199-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3670144830-1670747954-2962517199-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-01-25] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-01-25] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-01-25] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-01-25] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-01-25] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-01-25] (Bitdefender SRL -> Bitdefender)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2021-03-18 17:03 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Calibre2\;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Control Panel\Desktop\\Wallpaper -> E:\Foto\Pozadí plochy.bmp
DNS Servers: 212.96.160.6 - 212.96.161.7
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8C3070C3-6238-4ECE-85C2-372C00BEAB7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8D9F6756-0DFA-4B22-9146-2EE5434841F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1F7BFEEC-0436-47F7-B9D1-F19AA88F4388}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97BCBBC4-2075-4B99-AB4E-4FD106FD6F1F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3887C08-37A5-46B1-9430-25C843EB2D7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{140A41F6-B602-44EF-8FAB-0E64D3A96CED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F85B926F-E03D-4D90-B2A3-9E164EA2AAE8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{05E3D3B1-BC59-4A49-BE1A-1AB248ACD9A3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{722FF6B0-04DF-40D1-A782-4E53E97A8477}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{028CE70F-5D23-4E6C-8CA1-BD4A5E6D088C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DEB7742-6118-41AD-A80B-A834116128E0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6AB84F71-02E7-4474-B9B8-94E839BFA7EF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AA4A3C49-38D3-4CC7-85DF-B548486260A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BDB18E74-377B-481B-9EDC-21DE62C1841A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CBE2BAD3-C5C8-4C63-948D-78BBE7EAFB46}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{9CACF243-3600-491E-9AE8-C20D94527D5C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{616D17AF-E40A-40EB-A6FD-2542891D3245}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5188F5E-07F8-433C-9DFD-B9C1A44885DB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C4578A91-8E63-4EF2-9900-1EB24A06229E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AED6DEE-6757-4C50-BC8B-6020A4B4710C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9085EEB5-8762-490A-9A64-0C77E1BCB66B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{33371334-535E-4F72-9C85-693FE36F2697}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{19004CDC-DA8C-4584-9D00-E49745A6D11D}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C2E3A30C-F968-4A58-A0C7-92DD30AC7092}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\ShareModule32\Kernel\DMS\CLMSServerPDVD20.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{02EC325C-F1B4-4AA0-9B20-353C119A70AF}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\PowerDVD20Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{8B687FF5-FEFA-4509-B9D8-BD0BBD741440}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{8F365BA9-9859-46C7-A251-FCA431DB604E}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D0993A6B-C1AA-4A2D-9BE2-B9C58C31C1C7}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{7260AA83-307C-4BAC-9704-8B6FB9B4D1B1}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Common\dynamic_transcode.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{FBCE52A5-22DD-4DF0-99D7-08CACF8C8B90}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1E3B0397-EE3E-47A1-AE84-F28CB494643F}] => (Allow) LPort=31300
FirewallRules: [{A3260237-0ED1-4951-A863-0B58E6FDD2C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6EF2F4F5-985B-43AD-9F02-07B7F2681069}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{114D2756-9D72-4EEE-B3E0-D2773B2B4C0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AAE25BAE-A24E-477D-9303-A5E38A9A6575}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A0761842-7DAF-4D58-90EA-EE9B8E9DBF31}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{82AB74DB-77B4-4A15-97C4-D9E4CE060B6C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

08-03-2021 15:04:17 Windows Modules Installer
08-03-2021 16:22:08 Windows Modules Installer
09-03-2021 11:05:31 Windows Modules Installer
09-03-2021 16:55:18 Operace obnovení
10-03-2021 10:20:27 Windows Modules Installer
10-03-2021 10:23:00 Windows Modules Installer
10-03-2021 11:31:26 Windows Modules Installer
10-03-2021 11:56:33 Windows Modules Installer
10-03-2021 12:43:02 Windows Modules Installer
10-03-2021 13:44:51 Operace obnovení
10-03-2021 14:17:36 Windows Modules Installer
11-03-2021 13:28:17 Windows Modules Installer
11-03-2021 13:47:54 Windows Modules Installer
13-03-2021 15:07:07 Windows Modules Installer
16-03-2021 12:03:26 Windows Modules Installer
16-03-2021 13:55:25 Windows Modules Installer
16-03-2021 15:27:12 Windows Modules Installer
16-03-2021 16:33:33 Windows Modules Installer
16-03-2021 17:17:59 Windows Modules Installer
17-03-2021 12:11:31 Windows Modules Installer
17-03-2021 15:07:28 Windows Modules Installer
17-03-2021 15:55:18 Windows Modules Installer
17-03-2021 20:08:59 Windows Modules Installer
18-03-2021 14:48:32 Installed Fritz 17 64-bit
18-03-2021 15:21:29 Removed Fritz 17 64-bit
18-03-2021 17:16:44 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/18/2021 04:03:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wwahost.exe, verze: 10.0.19041.488, časové razítko: 0x64bdb2d5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0x8000ffff
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x1d40
Čas spuštění chybující aplikace: 0x01d71c07e8cf125f
Cesta k chybující aplikaci: C:\WINDOWS\system32\wwahost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 106549f6-84bd-4f7d-be04-30a07ebe1582
Úplný název chybujícího balíčku: Microsoft.Windows.CloudExperienceHost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (03/18/2021 03:25:30 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3670144830-1670747954-2962517199-1002}/>.

Error: (03/18/2021 03:11:42 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-956HS9G)
Description: Aplikaci nebo službu NVIDIA LocalSystem Container nelze restartovat.

Error: (03/18/2021 02:54:05 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-956HS9G)
Description: Aplikaci nebo službu NVIDIA LocalSystem Container nelze ukončit.

Error: (03/17/2021 05:54:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wwahost.exe, verze: 10.0.19041.488, časové razítko: 0x64bdb2d5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0x8000ffff
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x2d28
Čas spuštění chybující aplikace: 0x01d71b4e1fe952c8
Cesta k chybující aplikaci: C:\WINDOWS\system32\wwahost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 0473ecee-ab71-4d1b-aec2-2b0867dde097
Úplný název chybujícího balíčku: Microsoft.Windows.CloudExperienceHost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (03/17/2021 03:07:01 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3670144830-1670747954-2962517199-1002}/>.

Error: (03/17/2021 12:43:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.610, časové razítko: 0x99a6a1df
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x27bfa5f0
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000045f86
ID chybujícího procesu: 0x2f9c
Čas spuštění chybující aplikace: 0x01d71b1e3bddb218
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 24071e75-14ab-4876-8bea-5ef4683fb7bf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/16/2021 03:08:00 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3670144830-1670747954-2962517199-1002}/>.


System errors:
=============
Error: (03/18/2021 11:17:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restart the service.

Error: (03/18/2021 11:17:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AfVpnService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/18/2021 11:17:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba služba Bitdefender Vpn byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/18/2021 11:17:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ProductAgentService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/18/2021 11:17:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD Crash Defender Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/18/2021 11:17:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/17/2021 08:44:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-956HS9G)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2021 08:43:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073712): 2021-03 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5000802).


Windows Defender:
================
Date: 2021-03-06 15:26:11
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.CAB
Závažnost: Severe
Kategorie: Trojan
Cesta: file:_E:\Instal\CyberLink PowerDVD Ultra 20.0.1519.62\CZ.exe
Původ detekce: Local machine
Typ detekce: FastPath
Zdroj detekce: Real-Time Protection
Uživatel: DESKTOP-956HS9G\Kengura
Název procesu: C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-25-F22203BA-99F0-4F14-BBCF-8681F1C61B53\bdpretraining.exe
Verze bezpečnostních informací: AV: 1.331.2515.0, AS: 1.331.2515.0, NIS: 1.331.2515.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2020-12-19 13:33:30
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/DriverPack
Závažnost: Low
Kategorie: Potentially Unwanted Software
Cesta: file:_C:\Users\Kengura\Desktop\DriverPack-17-Online.exe
Původ detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
Uživatel: DESKTOP-956HS9G\Kengura
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.658.0, AS: 1.329.658.0, NIS: 1.329.658.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-17 16:07:35
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/AskToolbar
Závažnost: Low
Kategorie: Potentially Unwanted Software
Cesta: file:_E:\Instal\The_KMPlayer_1435.exe
Původ detekce: Local machine
Typ detekce: FastPath
Zdroj detekce: Real-Time Protection
Uživatel: DESKTOP-956HS9G\Kengura
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.551.0, AS: 1.329.551.0, NIS: 1.329.551.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-17 16:01:45
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/FusionCore
Závažnost: Low
Kategorie: Potentially Unwanted Software
Cesta: file:_E:\Instal\FFSetup4.10.5.0.exe
Původ detekce: Local machine
Typ detekce: FastPath
Zdroj detekce: System
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.545.0, AS: 1.329.545.0, NIS: 1.329.545.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-17 13:17:10
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {FBC3A124-3EEA-4F95-BAB6-631EBE6250D7}
Typ prohledávání: Antimalware
Parametry prohledávání: Full Scan
Uživatel: DESKTOP-956HS9G\Kengura

Date: 2021-03-06 15:06:09
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.722.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

Date: 2021-01-19 14:18:25
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.329.2468.0
Předchozí verze bezpečnostních informací: 1.329.722.0
Zdroj aktualizace: User
Typ bezpečnostních informací: AntiSpyware
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.17700.4
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80509004
Popis chyby: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2021-01-19 14:18:25
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.329.2468.0
Předchozí verze bezpečnostních informací: 1.329.722.0
Zdroj aktualizace: User
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.17700.4
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80509004
Popis chyby: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2020-12-17 10:36:25
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Current
Kód chyby: 0x80070003
Popis chyby: The system cannot find the path specified.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2020-11-11 12:57:02
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.323.46.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17400.5
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2021-03-18 10:40:09
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. P1.30 08/23/2013
Motherboard: ASRock 960GC-GS FX
Processor: AMD Athlon(tm) Dual Core Processor 4850e
Percentage of memory in use: 92%
Total physical RAM: 3839.23 MB
Available physical RAM: 269.46 MB
Total Virtual: 7679.23 MB
Available Virtual: 3336.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:482.8 GB) (Free:380.83 GB) NTFS
Drive d: (PHILIPS UFD) (Removable) (Total:7.28 GB) (Free:0.52 GB) NTFS
Drive e: (Data) (Fixed) (Total:448.11 GB) (Free:201.33 GB) NTFS

\\?\Volume{0e265546-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
\\?\Volume{0e265546-0000-0000-0000-80b978000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0E265546)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=482.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=512 MB) - (Type=27)
Partition 4: (Not Active) - (Size=448.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 7.3 GB) (Disk ID: 0E62F8E5)
Partition 1: (Not Active) - (Size=7.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-03-2021
Ran by Kengura (administrator) on DESKTOP-956HS9G (18-03-2021 17:37:03)
Running from C:\Users\Kengura\Pictures
Loaded Profiles: Kengura
Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.860_none_e73d0c67262f5c28\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1062020D-A447-4943-AC93-F78B93C4813D} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {1CF0C4B8-86CF-4752-96F2-423A4FB7052A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {262D7277-24FA-43AE-A2F1-66AD09B587F0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4147F182-6619-4204-A71A-83D78BEF1D8B} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
Task: {44F8E930-2648-43A1-9A62-281C54C0737D} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Task: {50C26E6D-EBB8-4845-8633-08574D5DE046} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [959440 2021-01-25] (Bitdefender SRL -> Bitdefender)
Task: {5CD761CA-3348-45CF-B8DA-5D5F59FA8BC7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5FD61B37-957C-4CC9-8A65-E666418D631D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6266C81F-134A-46FF-A38F-9A8BCF5E0FEA} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe
Task: {783263B1-011F-4A28-A4D1-251005E8040E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AA1FC6E-A4F5-4FC6-8F89-D65ABBAAE299} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81F4D0A7-8D48-4CED-ADE5-4A889D6DD950} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {866F4485-02D3-47FA-BCBA-76974B317EA0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C21A6D6-EC80-4F13-AEA2-D5B771472AF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {9C76FABB-9C35-49BF-BF62-4BB07AFC924A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9D835467-DA8B-4384-A16E-F1D0E35AF77F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A32F19D6-96D7-4AF5-8D1C-A427091128C4} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe
Task: {CF9B0475-0849-44A4-BAB2-20F9597A119D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3670144830-1670747954-2962517199-500 => C:\Users\Kengura\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D05A1EA8-6F2E-4E2E-BBB0-C87D09E247D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6D8724D-5187-4704-8972-BFD4C5B92324} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7933354-0A0B-4623-8D2D-4F94FCB338BF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED44F595-27F6-4966-BC9F-307599FBD363} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {EDBAD345-59B1-4A11-9956-0AF795C132EA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {EFC04A37-ACCE-4688-B34D-11DCA3CB3A91} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: {F0147604-54B0-4D3A-AABC-CA08E3368002} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA6FD697-CF62-4A54-A604-6362A7B6769D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-20] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.160.6 212.96.161.7
Tcpip\..\Interfaces\{0558911c-e938-4e06-831d-693e5531d832}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{adf0c0f2-0c58-455c-a3d5-cd2ef4d4bb55}: [DhcpNameServer] 212.96.160.6 212.96.161.7

Edge:
=======
DownloadDir: C:\Users\Kengura\Downloads
Edge DefaultProfile: Default
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: jmsljlgl.default
FF ProfilePath: C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\jmsljlgl.default [2021-03-18]
FF Homepage: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:newtab
FF Extension: (Facebook Container) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\jmsljlgl.default\Extensions\@contain-facebook.xpi [2020-09-23]
FF ProfilePath: C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 [2021-03-18]
FF Homepage: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> hxxps://forum24.os.tc; hxxps://aukro.cz; hxxps://www.reflex.cz
FF Extension: (Facebook Container) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751\Extensions\@contain-facebook.xpi [2020-11-11]
FF Extension: (Bitdefender Anti-tracker) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751\Extensions\bdtbe@bitdefender.com.xpi [2021-03-13] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2020-07-16] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-09-17] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-01-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-03-06] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-03-06] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default [2021-03-18]
CHR Notifications: Default -> hxxps://fastshare.cz; hxxps://www.fastshare.cz; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://www.centrum.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91082G91461&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Bitdefender Wallet) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-03-06]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-03-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-05]
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-13]
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-13]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

Opera:
=======
OPR Profile: C:\Users\Kengura\AppData\Roaming\Opera Software\Opera Stable [2021-01-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [197624 2020-11-02] (Pango Inc. -> AnchorFree Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-10-02] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-10-02] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [250392 2020-12-07] (Bitdefender SRL -> Bitdefender)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410424 2020-12-16] (NVIDIA Corporation -> NVIDIA)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [171272 2021-01-25] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-10-02] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-01-13] (AVAST Software s.r.o. -> The OpenVPN Project)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2638328 2020-12-01] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802968 2020-11-03] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2020-01-17] (Bitdefender SRL -> © Bitdefender SRL)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 CLFCL5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [46952 2020-03-20] (CyberLink Corp. -> CyberLink Corp.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [141512 2018-09-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
S1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188824 2018-09-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-09-04] (ESET, spol. s r.o. -> ESET)
S1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-09-11] () [File not signed]
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [481936 2020-11-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [195232 2020-09-03] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [640760 2020-06-09] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-18 17:36 - 2021-03-18 17:38 - 000000000 ____D C:\FRST
2021-03-18 17:11 - 2021-03-18 17:14 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2021-03-18 17:11 - 2021-03-18 17:14 - 000000719 _____ C:\Users\Kengura\Desktop\Windows 10 Update Assistant.lnk
2021-03-18 17:11 - 2021-03-18 17:11 - 000000000 ____D C:\Windows10Upgrade
2021-03-18 15:11 - 2021-03-18 15:17 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\ChessBase
2021-03-18 15:11 - 2021-03-18 15:11 - 000000000 ____D C:\Users\Kengura\Documents\ChessBase
2021-03-18 15:09 - 2021-03-18 15:23 - 000000000 ____D C:\ProgramData\ChessBase
2021-03-18 15:09 - 2021-03-18 15:23 - 000000000 ____D C:\Program Files\ChessBase
2021-03-18 15:09 - 2021-03-18 15:22 - 000000000 ____D C:\Program Files\Common Files\ChessBase
2021-03-17 20:08 - 2021-03-18 17:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-17 18:35 - 2021-03-17 18:35 - 000000110 ____H C:\Users\Kengura\Downloads\161335266_5492577924100513_329805279106039292_n.jpg.uid-zps
2021-03-17 17:53 - 2021-03-17 17:53 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-17 11:27 - 2021-03-17 11:27 - 000000000 ____D C:\rsit
2021-03-16 20:42 - 2021-03-16 20:42 - 000000000 ____D C:\Users\Kengura\AppData\Local\calibre-parallel
2021-03-12 11:24 - 2021-03-12 11:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-11 21:32 - 2021-03-11 21:32 - 000000110 ____H C:\Users\Kengura\Downloads\159268739_5470539252971047_7522755143013008539_n.jpg.uid-zps
2021-03-11 16:54 - 2021-03-16 13:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-10 14:57 - 2021-03-10 14:57 - 000001029 _____ C:\ProgramData\Desktop\calibre - E-book management.lnk
2021-03-10 14:57 - 2021-03-10 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-03-10 14:57 - 2021-03-10 14:57 - 000000000 ____D C:\Program Files (x86)\Calibre2
2021-03-06 15:34 - 2021-03-06 15:34 - 000196924 _____ C:\ProgramData\vpn.1615041236.bdinstall.v2.bin
2021-03-06 15:34 - 2021-03-06 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2021-03-06 15:34 - 2021-03-06 15:34 - 000000000 ____D C:\ProgramData\Bitdefender VPN
2021-03-06 15:34 - 2021-03-06 15:34 - 000000000 ____D C:\ProgramData\AnchorFree_Inc
2021-03-06 15:34 - 2020-02-20 13:02 - 000047920 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2021-03-06 15:32 - 2021-03-06 15:32 - 000773768 _____ C:\ProgramData\cl.1615040716.bdinstall.v2.bin
2021-03-06 15:32 - 2021-03-06 15:32 - 000102392 _____ C:\ProgramData\cl.kit.1615040707.bdinstall.v2.bin
2021-03-06 15:32 - 2021-03-06 15:32 - 000003420 _____ C:\WINDOWS\system32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2021-03-06 15:31 - 2021-03-06 15:31 - 000000000 ____D C:\ProgramData\Gemma
2021-03-06 15:31 - 2021-03-06 15:31 - 000000000 ____D C:\ProgramData\Atc
2021-03-06 15:31 - 2021-03-06 15:31 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2021-03-06 15:30 - 2021-03-06 15:30 - 000088132 _____ C:\ProgramData\agent.update.1615040988.bdinstall.v2.bin
2021-03-06 15:29 - 2021-03-06 15:34 - 000002155 _____ C:\ProgramData\Desktop\Bitdefender VPN.lnk
2021-03-06 15:29 - 2021-03-06 15:29 - 000002302 _____ C:\ProgramData\Desktop\Bitdefender.lnk
2021-03-06 15:28 - 2021-03-06 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2021-03-06 15:28 - 2021-03-06 15:28 - 000000000 ____D C:\WINDOWS\system32\elambkup
2021-03-06 15:28 - 2021-03-06 15:28 - 000000000 ____D C:\ProgramData\BDLogging
2021-03-06 15:28 - 2020-11-20 11:20 - 000481936 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2021-03-06 15:28 - 2019-03-21 00:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2021-03-06 15:27 - 2020-12-01 15:26 - 002638328 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2021-03-06 15:27 - 2020-11-03 16:17 - 000802968 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2021-03-06 15:27 - 2020-01-17 02:03 - 000046056 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2021-03-06 15:26 - 2021-03-06 15:26 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\Bitdefender
2021-03-06 15:25 - 2021-03-06 15:33 - 000000000 ____D C:\Program Files\Bitdefender
2021-03-06 15:25 - 2021-03-06 15:25 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2021-03-06 15:25 - 2020-10-07 10:30 - 000185312 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2021-03-06 15:25 - 2020-09-03 04:20 - 000195232 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2021-03-06 15:25 - 2020-06-09 16:13 - 000640760 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2021-03-06 15:24 - 2021-03-06 15:24 - 000003802 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2021-03-06 15:22 - 2021-03-06 15:30 - 000000000 ____D C:\Program Files\Bitdefender Agent
2021-03-06 15:22 - 2021-03-06 15:22 - 000118968 _____ C:\ProgramData\agent.1615040539.bdinstall.v2.bin
2021-03-06 14:43 - 2021-03-06 14:43 - 013568464 _____ C:\Users\Kengura\Downloads\bitdefender_windows_50bc4721-dc64-4b74-821c-80419b03d225.exe
2021-03-06 12:50 - 2021-03-06 12:55 - 000000000 ____D C:\Users\Kengura\AppData\Local\ElevatedDiagnostics
2021-03-06 12:10 - 2021-03-06 12:11 - 000000000 ____D C:\AdwCleaner
2021-03-05 20:53 - 2021-03-05 20:53 - 000000110 ____H C:\Users\Kengura\Downloads\156921133_10218544291535353_7935026497429005118_o.jpg.uid-zps
2021-02-26 20:58 - 2021-03-15 17:03 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\calibre
2021-02-25 19:44 - 2021-02-25 19:44 - 000002076 _____ C:\ProgramData\Desktop\CyberLink PowerDVD 20.lnk
2021-02-25 19:44 - 2021-02-25 19:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 20
2021-02-25 19:44 - 2021-02-25 19:44 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2021-02-25 19:34 - 2021-02-25 19:34 - 000000000 ____D C:\ProgramData\install_backup
2021-02-23 15:55 - 2021-02-23 15:55 - 008463216 _____ (Malwarebytes) C:\Users\Kengura\Desktop\adwcleaner_8.1.exe
2021-02-20 13:05 - 2021-02-20 13:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-18 17:45 - 2020-08-28 14:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-18 17:44 - 2020-08-28 14:48 - 000000000 ____D C:\Users\Kengura\AppData\LocalLow\Mozilla
2021-03-18 17:23 - 2021-01-21 14:29 - 000000000 ____D C:\Users\Kengura\AppData\Local\D3DSCache
2021-03-18 16:33 - 2020-09-12 13:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-18 16:19 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-18 16:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-18 16:07 - 2020-11-12 12:22 - 000000000 ____D C:\Program Files\CCleaner
2021-03-18 16:07 - 2020-08-28 14:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-18 16:04 - 2020-08-29 10:13 - 000000000 ____D C:\Users\Kengura\AppData\Local\CrashDumps
2021-03-18 16:03 - 2020-12-15 18:15 - 000381272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-18 16:03 - 2020-09-12 13:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-18 16:03 - 2020-09-12 13:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-18 15:27 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-17 17:07 - 2020-12-17 17:50 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-17 17:07 - 2020-12-17 17:50 - 000002166 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-17 11:27 - 2020-10-05 13:04 - 000000000 ____D C:\Program Files\trend micro
2021-03-16 20:46 - 2020-08-28 15:55 - 000000000 ____D C:\Users\Kengura\Knihovna Calibre
2021-03-16 19:11 - 2020-09-12 12:13 - 000000000 ____D C:\Users\Kengura
2021-03-16 13:35 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-16 13:34 - 2020-08-28 14:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-15 17:03 - 2020-08-28 15:57 - 000000000 ____D C:\Users\Kengura\AppData\Local\calibre-cache
2021-03-14 17:35 - 2020-09-13 14:07 - 000000000 ____D C:\FFOutput
2021-03-13 11:43 - 2020-09-30 19:21 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-13 11:42 - 2020-09-27 19:01 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-12 11:24 - 2020-08-28 14:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-11 16:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-10 15:04 - 2021-02-15 19:01 - 000000000 ____D C:\Users\Kengura\AppData\Local\cache
2021-03-10 14:06 - 2019-12-07 10:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-10 14:06 - 2019-12-07 10:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2021-03-10 14:06 - 2019-12-07 10:52 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ras
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ias
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IdentityCRL
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Cursors
2021-03-10 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-10 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-03-10 10:20 - 2020-09-01 15:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 10:11 - 2020-09-01 15:02 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-10 10:08 - 2020-11-02 21:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-03-09 17:44 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-09 17:19 - 2020-09-27 15:39 - 000000000 ____D C:\ProgramData\Documents\Cyberlink
2021-03-09 17:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-07 19:54 - 2021-02-14 13:27 - 000000000 ____D C:\Users\Kengura\AppData\Local\FTMod
2021-03-06 16:30 - 2020-11-11 13:05 - 000000000 ____D C:\ProgramData\Bitdefender
2021-03-06 15:08 - 2019-11-16 00:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-06 15:07 - 2020-09-02 18:30 - 000000000 ____D C:\ProgramData\Avast Software
2021-03-06 15:05 - 2020-08-28 14:55 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-03-06 15:00 - 2020-11-12 12:22 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-03 15:03 - 2020-08-28 14:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-03-02 19:39 - 2020-11-05 18:01 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:39 - 2020-11-05 18:01 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:39 - 2020-08-28 14:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-03-02 19:38 - 2020-11-05 18:00 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:38 - 2020-11-05 18:00 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:38 - 2020-11-05 18:00 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:38 - 2020-11-05 18:00 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:38 - 2020-11-05 18:00 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:38 - 2020-11-05 18:00 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:38 - 2020-11-05 18:00 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:38 - 2020-11-05 18:00 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-02 19:38 - 2020-08-28 14:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-27 13:49 - 2021-01-22 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2021-02-27 13:49 - 2021-01-22 17:35 - 000000000 ____D C:\Program Files\Calibre2
2021-02-26 12:46 - 2020-09-01 16:09 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\CyberLink
2021-02-25 19:49 - 2020-09-01 15:59 - 000000000 ____D C:\Users\Kengura\Documents\CyberLink
2021-02-25 19:47 - 2020-09-01 15:06 - 000000000 ____D C:\ProgramData\CLSK
2021-02-25 19:46 - 2020-09-12 12:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.20
2021-02-25 19:44 - 2020-09-01 15:11 - 000000000 ____D C:\Users\Kengura\AppData\Local\CyberLink
2021-02-25 19:44 - 2020-08-29 10:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-25 19:34 - 2021-02-07 13:26 - 000000000 ____D C:\Program Files\CyberLink
2021-02-25 19:27 - 2020-09-01 15:06 - 000000000 ____D C:\ProgramData\install_clap
2021-02-25 19:26 - 2020-09-01 15:06 - 000000000 ___HD C:\ProgramData\CyberLink
2021-02-21 15:50 - 2020-08-28 14:09 - 000000000 ____D C:\Users\Kengura\AppData\Local\Packages
2021-02-21 15:49 - 2020-09-12 13:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-02-21 15:49 - 2020-08-28 19:33 - 000000000 ____D C:\ProgramData\AVG
2021-02-18 15:24 - 2020-11-28 12:36 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-02-18 15:24 - 2020-11-28 12:35 - 000003396 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2021-02-18 15:24 - 2020-11-28 12:35 - 000003172 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2021-02-18 15:24 - 2020-11-28 12:35 - 000003088 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2021-02-18 15:24 - 2020-11-28 12:35 - 000002606 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2021-02-18 15:24 - 2020-11-14 18:11 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC

==================== Files in the root of some directories ========

2021-01-07 17:05 - 2021-01-07 17:05 - 000000017 _____ () C:\Users\Kengura\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu děkuji

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start::
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    Task: {1062020D-A447-4943-AC93-F78B93C4813D} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
    Task: {4147F182-6619-4204-A71A-83D78BEF1D8B} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
    Task: {6266C81F-134A-46FF-A38F-9A8BCF5E0FEA} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe
    Task: {A32F19D6-96D7-4AF5-8D1C-A427091128C4} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe
    Task: {ED44F595-27F6-4966-BC9F-307599FBD363} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
    Task: {EFC04A37-ACCE-4688-B34D-11DCA3CB3A91} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
    2021-03-17 11:27 - 2021-03-17 11:27 - 000000000 ____D C:\rsit
    2021-03-17 11:27 - 2020-10-05 13:04 - 000000000 ____D C:\Program Files\trend micro
    2021-02-21 15:49 - 2020-09-12 13:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
    2021-02-21 15:49 - 2020-08-28 19:33 - 000000000 ____D C:\ProgramData\AVG
    2021-02-18 15:24 - 2020-11-28 12:35 - 000003396 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
    2021-02-18 15:24 - 2020-11-28 12:35 - 000003172 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
    2021-02-18 15:24 - 2020-11-28 12:35 - 000003088 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
    2021-02-18 15:24 - 2020-11-28 12:35 - 000002606 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
    AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
    FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
    
    Hosts:
    EmptyTemp:
    End::
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah skopiruj a vloz do dalsej odpovede
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Kontrola logu děkuji

#7 Příspěvek od kemgura07 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Kengura (21-03-2021 11:54:53) Run:1
Running from C:\Users\Kengura\Pictures
Loaded Profiles: Kengura
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Task: {1062020D-A447-4943-AC93-F78B93C4813D} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {4147F182-6619-4204-A71A-83D78BEF1D8B} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
Task: {6266C81F-134A-46FF-A38F-9A8BCF5E0FEA} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe
Task: {A32F19D6-96D7-4AF5-8D1C-A427091128C4} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe
Task: {ED44F595-27F6-4966-BC9F-307599FBD363} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {EFC04A37-ACCE-4688-B34D-11DCA3CB3A91} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
2021-03-17 11:27 - 2021-03-17 11:27 - 000000000 ____D C:\rsit
2021-03-17 11:27 - 2020-10-05 13:04 - 000000000 ____D C:\Program Files\trend micro
2021-02-21 15:49 - 2020-09-12 13:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-02-21 15:49 - 2020-08-28 19:33 - 000000000 ____D C:\ProgramData\AVG
2021-02-18 15:24 - 2020-11-28 12:35 - 000003396 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2021-02-18 15:24 - 2020-11-28 12:35 - 000003172 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2021-02-18 15:24 - 2020-11-28 12:35 - 000003088 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2021-02-18 15:24 - 2020-11-28 12:35 - 000002606 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
Hosts:
EmptyTemp:

*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 5
Average :
Sum : 8467042
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1062020D-A447-4943-AC93-F78B93C4813D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1062020D-A447-4943-AC93-F78B93C4813D}" => removed successfully
C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4147F182-6619-4204-A71A-83D78BEF1D8B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4147F182-6619-4204-A71A-83D78BEF1D8B}" => removed successfully
C:\WINDOWS\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6266C81F-134A-46FF-A38F-9A8BCF5E0FEA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6266C81F-134A-46FF-A38F-9A8BCF5E0FEA}" => removed successfully
C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG Secure Browser Heartbeat Task (Logon)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A32F19D6-96D7-4AF5-8D1C-A427091128C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A32F19D6-96D7-4AF5-8D1C-A427091128C4}" => removed successfully
C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG Secure Browser Heartbeat Task (Hourly)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED44F595-27F6-4966-BC9F-307599FBD363}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED44F595-27F6-4966-BC9F-307599FBD363}" => removed successfully
C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EFC04A37-ACCE-4688-B34D-11DCA3CB3A91}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFC04A37-ACCE-4688-B34D-11DCA3CB3A91}" => removed successfully
C:\WINDOWS\System32\Tasks\Antivirus Emergency Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Antivirus Emergency Update" => removed successfully
"C:\rsit" => not found
C:\Program Files\trend micro => moved successfully
C:\WINDOWS\system32\Tasks\AVG => moved successfully
C:\ProgramData\AVG => moved successfully
"C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore" => not found
"C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)" => not found
"C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)" => not found
"AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}" => removed successfully
"FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25274648 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1110016 B
Edge => 45581 B
Chrome => 831663 B
Firefox => 30071322 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Kengura => 3523492 B

RecycleBin => 113052 B
EmptyTemp: => 68.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:57:30 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu děkuji

#8 Příspěvek od Conder »

:arrow: Odporucam precistit zvysky po odinstalovanom AVG cez tento nastroj: https://support.avg.com/SupportArticleV ... tType=home

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
  • Po dokonceni skopiruj a spusti druhy prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
  • Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Kontrola logu děkuji

#9 Příspěvek od kemgura07 »

"SDC" šrotoval do 100%.Ale u ostatních příkazů se po povolení přístupu aplikace, objevil černý čtverec a hned zmizel.Samozřejmě to žádný log nevydalo...
Naposledy upravil(a) kemgura07 dne 23 bře 2021 17:53, celkem upraveno 1 x.

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Kontrola logu děkuji

#10 Příspěvek od kemgura07 »

Skenovalo se to až do "scannow" .Ukázal se na vteřinu černý čverec a zmizel Konec.Ať jsem to spustil jako správce nebo normál

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu děkuji

#11 Příspěvek od Conder »

Nerozumiem, aky cierny stvorec? V tomto pripade sa automaticky neotvori log. Potom, ako prve 2 prikazy skoncia (v prikazovom riadku bude zobrazeny priebeh v percentach, ktory pri 100% skonci), spusti este treti prikaz, ktorym sa na plochu ulozia 2 logy (sfcdetails.txt a dism.txt).
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Kontrola logu děkuji

#12 Příspěvek od kemgura07 »

Zkopíruji to do příkazového řádku spustím jako správce.A teď už se neděje vůbec nic.Předtím na okamžik černý čverec.???

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu děkuji

#13 Příspěvek od Conder »

Vedel by si poslat screenshot (snimku obrazovky) ako to vyzera po spusteni toho prikazu? Screenshot vytvoris klavesou Print Screen, otvoris program Malovani, kliknes na Prilepit a potom na Orezat, a ulozis obrazok. Potom ho nahraj napr. na imgur.com a posli odkaz.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Kontrola logu děkuji

#14 Příspěvek od kemgura07 »

Nezlobte se na mně ,ale tohle je nad mé intelektuální schopnosti.Jediným úspěchem je,že jsem našel klávesu PrtScn.Zkouel jsem zkopírovat pomocí CTR + C a Ctr + V,ale platí vanitas vanitatum et omnia vanitas... Po spuštění příkazu se vše ztratí a zůstane prázdný monitor.Procesor nešrotuje,nic se neděje.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu děkuji

#15 Příspěvek od Conder »

Tak najst klavesu PrtScn je prvy krok :D Skusim napisat teda jednoduchsi postup cez stranku ctrlv.sk.

Skus najprv znovu spustit tie prikazy v prikazovom riadku podla tohto mojho prispevku - https://forum.viry.cz/viewtopic.php?p=1540577#p1540577

Ak sa to opat nepodari, tak skus urobit screenshot nasledovne:
Stlac tu klavesu PrtScn
Vo webovom prehliadaci otvor stranku https://ctrlv.sk/
Stlac Ctrl+V
Po chvili sa nad obrazkom objavi odkaz, ktory sem skopiruj a posli
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět