Dobrý den dnes mi přišel mail o tom že se mi nějaký hacker dostal do emailu a vyhrožoval rozesláním mých osobních údajů, videí a fotek. Uvedl i mé heslo které sedělo. Můžete mi s tímto pomoct? Pro začátek posílám log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-10-2022
Ran by Hajcu (administrator) on PEJLOS-V-LEVAČC (ATComputers ALZA) (15-10-2022 14:19:55)
Running from C:\Users\Hajcu\Downloads
Loaded Profiles: Hajcu
Platform: Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) Language: Czech (Czechia) -> English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\LGHUB\lghub_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Users\Hajcu\AppData\Local\Medal\app-4.1754.0\Medal.exe ->) (Ferox Games B.V. -> ) C:\Users\Hajcu\AppData\Local\Medal\app-4.1754.0\resources\app\Medal.exe
(C:\Users\Hajcu\AppData\Local\Medal\app-4.1754.0\resources\app\Medal.exe ->) (Ferox Games B.V. -> Ferox Games B.V.) C:\Users\Hajcu\AppData\Local\Medal\recorder-3.570.0\MedalEncoder.exe
(C:\Users\Hajcu\AppData\Local\Medal\recorder-3.570.0\MedalEncoder.exe ->) () [File not signed] C:\Users\Hajcu\AppData\Local\Medal\recorder-3.570.0\DLLs\crashpad_handler.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(explorer.exe ->) (Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Ferox Games B.V. -> Medal B.V.) C:\Users\Hajcu\AppData\Local\Medal\app-4.1754.0\Medal.exe <7>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_47917a79b8c7fd22\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\SaferWeb\rsDNSClientSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\SaferWeb\rsDNSResolver.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\SaferWeb\rsDNSSvc.exe
(services.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(services.exe ->) (systempulsetoolinc -> systempulsetool inc) [File not signed] [File is in use] C:\Program Files (x86)\CityVelvetCAY\CityVelvetCAY.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.549981c3f5f10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212192 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Mail Maintenance Service] => C:\Users\Hajcu\AppData\Local\GDB Local Manager\GDB Local Manager\thunderbird.exe [360872 2022-08-22] (Mozilla Corporation -> Mozilla Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Discord] => C:\Users\Hajcu\AppData\Local\Discord\Update.exe [1522176 2022-06-08] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-08] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [MicrosoftEdgeAutoLaunch_7FC4EE61796241643C5FE7BF34A69442] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [FACEIT] => C:\Users\Hajcu\AppData\Local\FACEIT\update.exe [2278576 2022-08-26] (FACE IT LIMITED -> )
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Medal] => C:\Users\Hajcu\AppData\Local\Medal\update.exe [1974152 2022-08-26] (Ferox Games B.V. -> )
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-09-22] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7417224 2022-07-27] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Hajcu\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-09-18] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Viewndow] => C:\Users\Hajcu\AppData\Local\Programs\Viewndow\Viewndow.exe (No File)
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-10-03] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3090330430-2335327913-281000883-1005\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-10-03] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3090330430-2335327913-281000883-1005\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-10-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03FF24D0-2305-4EB7-9C70-55F06AD47662} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {061636A7-FE57-4B65-830C-2255FFD9CD56} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0F14F7D0-9EA4-4F00-B132-2C1EF8B2A1C1} - System32\Tasks\GoogleUpdateTaskMachineCore{FB457668-986C-470F-AF6A-DC0480F71AE0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-08-26] (Google LLC -> Google LLC)
Task: {10005931-AE9F-40E1-B7DF-87356EA5FC30} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {12B1D839-A3F8-455D-80A7-8C8087ACF21F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {378114BC-2E22-482F-A11F-B4936C23A14E} - System32\Tasks\GoogleUpdateTaskMachineUA{E9C5C509-1EF3-4CD2-9C37-B780CFBBEF40} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-08-26] (Google LLC -> Google LLC)
Task: {5139B230-45D2-414D-BADB-3391AF78C2A2} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4946144 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
Task: {596B38EA-37FF-4153-9F80-43FF0397BF44} - System32\Tasks\Opera scheduled Autoupdate 1663085662 => C:\Users\Hajcu\AppData\Local\Programs\Opera\launcher.exe [2534856 2022-10-06] (Opera Norway AS -> Opera Software)
Task: {78E5817A-3277-45A7-85C5-DB4D35DF615A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-10-15] (Avast Software s.r.o. -> Avast Software)
Task: {840D2A17-7EE1-4E7C-BA94-82383BF90A22} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8A5128E6-FFEF-4156-B16A-2AF95575B26A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A17912D6-8005-4D68-9E7D-F8EE01F8EDA0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-09-22] (Overwolf Ltd -> Overwolf LTD)
Task: {A1CF6038-A576-452A-8B81-A7F9BA35EA6B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CF5A70B6-F4AD-4DCC-9C67-BE8A723EFF8C} - System32\Tasks\Common\Mail Maintenance Service => C:\Users\Hajcu\AppData\Local\GDB Local Manager\GDB Local Manager\thunderbird.exe [360872 2022-08-22] (Mozilla Corporation -> Mozilla Corporation)
Task: {D3A74148-3B24-4528-9EEB-5E478145BF61} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D62BC066-3E22-48FF-8BD5-D11139323236} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{67e6e96c-cc7d-4f1f-a513-524824f307e7}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\Hajcu\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-10]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
Chrome:
=======
CHR Profile: C:\Users\Hajcu\AppData\Local\Google\Chrome\User Data\Default [2022-10-15]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Hajcu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-09-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Hajcu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hajcu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
OPR Profile: C:\Users\Hajcu\AppData\Roaming\Opera Software\Opera Stable [2022-10-15]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Hajcu\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-09-13]
OPR Extension: (Opera Crypto Wallet) - C:\Users\Hajcu\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-09-13]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Hajcu\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-09-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"CityVelvetCAY" => service was unlocked. <==== ATTENTION
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8513552 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592608 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592096 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-18] (BattlEye Innovations e.K. -> )
R2 CityVelvetCAY; C:\Program Files (x86)\CityVelvetCAY\CityVelvetCAY.exe [4006968 2022-09-12] (systempulsetoolinc -> systempulsetool inc) [File not signed] [File is in use]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2022-08-26] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [25217416 2022-09-25] (FACE IT LIMITED -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10078976 2022-10-03] (Logitech Inc -> Logitech, Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [822688 2022-09-28] (McAfee, LLC -> McAfee, LLC)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-09-22] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032040 2022-09-27] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-09-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300552 2022-10-05] (Razer USA Ltd. -> Razer Inc.)
R2 rsDNSClientSvc; C:\Program Files\SaferWeb\rsDNSClientSvc.exe [743040 2022-09-28] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsDNSResolver; C:\Program Files\SaferWeb\rsDNSResolver.exe [10939008 2022-09-28] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsDNSSvc; C:\Program Files\SaferWeb\rsDNSSvc.exe [335488 2022-09-28] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10420944 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [131792 2022-08-26] (Skutta, Kristjan -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_47917a79b8c7fd22\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_47917a79b8c7fd22\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42296 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [558536 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-10-15] (Avast Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-07-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-07-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [16477768 2022-09-25] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-10-03] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-10-03] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-10-03] (Logitech Inc -> Logitech)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 rsDwf; C:\WINDOWS\system32\DRIVERS\rsDwf.sys [54144 2022-09-28] (Reason CyberSecurity Inc. -> Reason CyberSecurity Inc.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0216; C:\WINDOWS\System32\drivers\RzDev_0216.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 ssbthid; C:\WINDOWS\System32\drivers\ssbthid.sys [44688 2021-12-07] (SteelSeries ApS -> SteelSeries ApS)
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [47784 2021-12-07] (SteelSeries ApS -> SteelSeries ApS)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [43424 2022-05-03] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8736232 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-26] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455968 2022-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-14] (Microsoft Windows -> Microsoft Corporation)
U3 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-15 14:19 - 2022-10-15 14:20 - 000026892 _____ C:\Users\Hajcu\Downloads\FRST.txt
2022-10-15 14:18 - 2022-10-15 14:20 - 000000000 ____D C:\FRST
2022-10-15 14:18 - 2022-10-15 14:18 - 002373120 _____ (Farbar) C:\Users\Hajcu\Downloads\FRST64.exe
2022-10-15 14:14 - 2022-10-15 14:14 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-10-15 14:14 - 2022-10-15 14:14 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\Avast Software
2022-10-15 14:14 - 2022-10-15 14:14 - 000000000 ____D C:\Users\Hajcu\AppData\Local\Avast Software
2022-10-15 14:13 - 2022-10-15 14:14 - 000000000 ____D C:\ProgramData\Avast Software
2022-10-15 14:13 - 2022-10-15 14:13 - 000862960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000671712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000558536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000327904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000276496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-10-15 14:13 - 2022-10-15 14:13 - 000258496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000238128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000221976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000114488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000105920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000090000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000048488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000042296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-10-15 14:13 - 2022-10-15 14:13 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-15 14:13 - 2022-10-15 14:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-15 14:13 - 2022-10-15 14:13 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-10-15 14:13 - 2022-10-15 14:13 - 000000000 ____D C:\Program Files\Avast Software
2022-10-15 14:12 - 2022-10-15 14:12 - 000268488 _____ (AVAST Software) C:\Users\Hajcu\Downloads\avast_free_antivirus_setup_online.exe
2022-10-14 23:21 - 2022-03-17 01:32 - 000061384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvrtxvad64v.sys
2022-10-14 23:21 - 2022-03-17 01:30 - 000184784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrtxaudcap64v.dll
2022-10-14 23:21 - 2022-03-17 01:29 - 000160712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvrtxaudcap32v.dll
2022-10-14 23:20 - 2022-10-14 23:20 - 049748168 _____ (NVIDIA Corporation) C:\Users\Hajcu\Downloads\nvidia_broadcast_v1.3.5.4.exe
2022-10-12 19:46 - 2022-10-12 19:46 - 000004986 _____ C:\Users\Hajcu\Downloads\s1mple.zip
2022-10-12 18:04 - 2022-10-12 18:04 - 000000000 ____D C:\Users\Hajcu\AppData\Local\AWSToolkit
2022-10-12 17:56 - 2022-10-12 17:57 - 000000000 ____D C:\Users\Hajcu\AppData\Local\Razer
2022-10-12 17:55 - 2022-10-15 13:28 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-10-12 17:55 - 2022-10-12 17:55 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2022-10-12 17:55 - 2022-10-12 17:55 - 000000000 ____D C:\Program Files\Razer
2022-10-12 17:49 - 2022-10-12 17:49 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3090330430-2335327913-281000883-1005_0
2022-10-12 14:29 - 2022-10-12 14:29 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 14:29 - 2022-10-12 14:29 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 14:29 - 2022-10-12 14:29 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 14:29 - 2022-10-12 14:29 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-12 14:29 - 2022-10-12 14:29 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-12 14:28 - 2022-10-12 14:28 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 14:28 - 2022-10-12 14:28 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-12 14:25 - 2022-10-12 14:25 - 000000000 ___HD C:\$WinREAgent
2022-10-10 17:47 - 2022-10-10 17:47 - 036185363 _____ C:\Users\Hajcu\Downloads\výukový plakát dějepis - Hájek.pdf
2022-10-08 12:18 - 2022-10-08 12:18 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\Comms
2022-10-08 11:50 - 2022-10-08 11:50 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Roaming\NVIDIA
2022-10-08 11:50 - 2022-10-08 11:50 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Roaming\EasyAntiCheat
2022-10-08 11:50 - 2022-10-08 11:50 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\PlaceholderTileLogoFolder
2022-10-08 11:50 - 2022-10-08 11:50 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\FortniteGame
2022-10-08 11:50 - 2022-10-08 11:50 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\CrashReportClient
2022-10-08 11:49 - 2022-10-08 11:49 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\OverWolf
2022-10-08 11:48 - 2022-10-08 11:49 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\Steam
2022-10-08 11:47 - 2022-10-12 17:49 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Roaming\LGHUB
2022-10-08 11:47 - 2022-10-12 17:49 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\LGHUB
2022-10-08 11:47 - 2022-10-08 11:50 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\UnrealEngine
2022-10-08 11:47 - 2022-10-08 11:49 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\D3DSCache
2022-10-08 11:47 - 2022-10-08 11:47 - 041477376 _____ (Logitech, Inc.) C:\Users\hajcu_6zbczjy\Downloads\lghub_installer.exe
2022-10-08 11:47 - 2022-10-08 11:47 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\UnrealEngineLauncher
2022-10-08 11:47 - 2022-10-08 11:47 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\EpicGamesLauncher
2022-10-08 11:45 - 2022-10-12 17:49 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3090330430-2335327913-281000883-1005
2022-10-08 11:45 - 2022-10-12 17:49 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3090330430-2335327913-281000883-1005
2022-10-08 11:45 - 2022-10-12 17:49 - 000000000 ___RD C:\Users\hajcu_6zbczjy\OneDrive
2022-10-08 11:45 - 2022-10-08 11:45 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\DBG
2022-10-08 11:45 - 2022-10-08 11:45 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\CEF
2022-10-08 11:44 - 2022-10-13 17:22 - 000000000 ____D C:\Users\hajcu_6zbczjy
2022-10-08 11:44 - 2022-10-12 17:49 - 000002401 _____ C:\Users\hajcu_6zbczjy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-08 11:44 - 2022-10-12 17:49 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\ConnectedDevicesPlatform
2022-10-08 11:44 - 2022-10-08 12:00 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\Packages
2022-10-08 11:44 - 2022-10-08 11:50 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\NVIDIA Corporation
2022-10-08 11:44 - 2022-10-08 11:48 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\Google
2022-10-08 11:44 - 2022-10-08 11:44 - 000000020 ___SH C:\Users\hajcu_6zbczjy\ntuser.ini
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\Soubory cookie
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\Šablony
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\Poslední
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\Okolní tiskárny
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\Okolní síť
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\Nabídka Start
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\Dokumenty
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\Data aplikací
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 _SHDL C:\Users\hajcu_6zbczjy\AppData\Local\Data aplikací
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 ___RD C:\Users\hajcu_6zbczjy\3D Objects
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Roaming\Adobe
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\VirtualStore
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\Publishers
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 ____D C:\Users\hajcu_6zbczjy\AppData\Local\NVIDIA
2022-10-08 11:44 - 2022-10-08 11:44 - 000000000 ____D C:\Users\hajcu_6zbczjy\ansel
2022-10-08 10:54 - 2022-10-08 10:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-10-08 10:53 - 2022-10-08 10:53 - 000027056 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_408670220940516.dll
2022-10-03 20:39 - 2022-10-03 20:39 - 130792008 _____ (NVIDIA Corporation) C:\Users\Hajcu\Downloads\GeForce_Experience_v3.26.0.131.exe
2022-10-03 15:34 - 2022-10-15 14:02 - 000000000 ____D C:\Users\Hajcu\AppData\Local\LGHUB
2022-10-03 15:34 - 2022-10-15 14:01 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\LGHUB
2022-10-03 15:34 - 2022-10-03 15:34 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2022-10-03 15:34 - 2022-10-03 15:34 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2022-10-03 15:34 - 2022-10-03 15:34 - 000032080 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2022-10-03 15:34 - 2022-10-03 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-10-03 15:34 - 2022-10-03 15:34 - 000000000 ____D C:\ProgramData\Logishrd
2022-10-03 15:34 - 2022-10-03 15:34 - 000000000 ____D C:\Program Files\Logitech
2022-10-03 15:34 - 2022-10-03 15:34 - 000000000 ____D C:\Program Files\LGHUB
2022-10-03 15:33 - 2022-10-03 15:34 - 000000000 ____D C:\ProgramData\LGHUB
2022-10-03 15:33 - 2022-10-03 15:33 - 041477376 _____ (Logitech, Inc.) C:\Users\Hajcu\Downloads\lghub_installer.exe
2022-09-28 19:38 - 2022-09-28 19:38 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\Sun
2022-09-28 13:35 - 2022-09-28 13:35 - 000262950 _____ C:\Users\Hajcu\Downloads\CSGO V4.2.zip
2022-09-28 13:34 - 2022-09-28 13:34 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-09-28 13:26 - 2022-10-03 14:46 - 000000000 ____D C:\Program Files\7-Zip
2022-09-28 13:26 - 2022-09-28 13:26 - 000000000 ____D C:\Users\Hajcu\AppData\Local\Gh
2022-09-28 13:25 - 2022-10-03 14:46 - 000000000 ____D C:\ProgramData\AVG
2022-09-28 13:25 - 2022-09-28 13:25 - 000000000 _____ C:\WINDOWS\StitcDrown.INI
2022-09-28 13:24 - 2022-09-28 13:24 - 000000000 ____D C:\Program Files (x86)\CityVelvetCAY
2022-09-28 13:23 - 2022-10-15 14:06 - 000000000 ____D C:\ProgramData\SaferWebService
2022-09-28 13:23 - 2022-10-15 13:52 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\SaferWeb
2022-09-28 13:23 - 2022-09-28 13:23 - 000054144 _____ (Reason CyberSecurity Inc.) C:\WINDOWS\system32\Drivers\rsDwf.sys
2022-09-28 13:23 - 2022-09-28 13:23 - 000001175 _____ C:\Users\Hajcu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Safer Web.lnk
2022-09-28 13:23 - 2022-09-28 13:23 - 000000000 ____D C:\ProgramData\SaferWebBackup
2022-09-28 13:23 - 2022-09-28 13:23 - 000000000 ____D C:\Program Files\SaferWeb
2022-09-28 13:23 - 2022-09-28 13:23 - 000000000 ____D C:\Program Files (x86)\WendnaturalvkvTool
2022-09-28 13:22 - 2022-10-07 21:23 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-09-28 13:22 - 2022-09-28 13:22 - 000000000 ____D C:\Program Files\McAfee
2022-09-28 13:21 - 2022-09-28 13:22 - 000000000 ____D C:\ProgramData\McAfee
2022-09-19 07:44 - 2022-09-19 07:44 - 000319400 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2022-09-19 07:41 - 2022-09-19 07:41 - 000265640 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
2022-09-18 11:41 - 2022-09-18 11:41 - 000257001 _____ C:\Users\Hajcu\Downloads\Hájek Meine Stadt.pdf
2022-09-18 11:26 - 2022-09-18 11:26 - 000002364 _____ C:\Users\Hajcu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-09-18 11:26 - 2022-09-18 11:26 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\Teams
2022-09-18 11:25 - 2022-09-18 11:25 - 001441088 _____ C:\Users\Hajcu\Downloads\TeamsSetup_c_w_ (1).exe
2022-09-17 14:38 - 2022-09-17 14:38 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-17 14:38 - 2022-09-17 14:38 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-15 14:19 - 2022-08-26 16:58 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\Medal
2022-10-15 14:13 - 2022-08-26 12:29 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-15 14:10 - 2022-08-26 11:54 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-15 14:01 - 2022-08-26 11:34 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-15 14:01 - 2022-07-22 21:08 - 000000000 ____D C:\Medal
2022-10-15 13:51 - 2022-08-26 12:29 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-15 13:34 - 2022-08-26 12:30 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2022-10-15 13:34 - 2022-08-26 12:30 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2022-10-15 13:34 - 2022-08-26 12:28 - 000000000 ____D C:\WINDOWS\INF
2022-10-15 13:34 - 2022-08-26 11:38 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-15 13:30 - 2022-09-03 13:06 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-10-15 13:29 - 2021-11-08 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-10-15 13:27 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-15 13:27 - 2022-08-26 12:25 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-10-15 13:27 - 2022-08-26 11:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-15 13:27 - 2021-11-07 23:26 - 000000000 ____D C:\Users\Hajcu\OneDrive\Dokumenty\Medal
2022-10-15 13:27 - 2021-11-07 23:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-15 13:26 - 2022-08-26 11:46 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\discord
2022-10-15 13:26 - 2022-08-26 11:44 - 000000000 ____D C:\ProgramData\Riot Games
2022-10-15 13:20 - 2022-08-26 11:46 - 000000000 ____D C:\Users\Hajcu\AppData\Local\Discord
2022-10-15 13:18 - 2022-08-26 11:34 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-15 13:18 - 2022-08-26 11:34 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-14 23:21 - 2022-08-28 11:52 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-14 23:21 - 2022-08-28 11:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-14 23:21 - 2022-08-26 11:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-14 23:13 - 2022-08-26 11:46 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-14 22:57 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-14 22:51 - 2022-08-26 12:29 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-14 22:51 - 2022-08-26 11:45 - 000000000 ____D C:\Users\Hajcu\AppData\Local\PlaceholderTileLogoFolder
2022-10-14 22:51 - 2022-08-26 11:43 - 000000000 ____D C:\Users\Hajcu\AppData\Local\Packages
2022-10-14 13:56 - 2022-08-26 11:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-13 21:37 - 2022-08-27 10:54 - 000000000 ____D C:\Users\Hajcu\AppData\Local\Overwolf
2022-10-13 17:20 - 2022-08-26 11:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-12 22:03 - 2022-08-26 11:35 - 000000000 ____D C:\Users\Hajcu
2022-10-12 19:15 - 2022-08-26 11:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-12 18:03 - 2022-08-26 11:34 - 000000000 ____D C:\ProgramData\Razer
2022-10-12 17:59 - 2022-08-26 11:48 - 000000000 ____D C:\Users\Hajcu\AppData\Local\D3DSCache
2022-10-12 17:55 - 2022-08-26 12:31 - 000000000 ____D C:\Program Files (x86)\Razer
2022-10-12 17:54 - 2022-08-26 12:38 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-12 15:34 - 2022-08-26 11:34 - 000258960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-12 15:33 - 2022-08-26 12:29 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-12 15:33 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-12 15:33 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-12 15:33 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 15:33 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-12 15:33 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-12 15:33 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-12 15:33 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-12 15:33 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 14:30 - 2022-08-26 12:29 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-12 14:30 - 2022-08-26 12:29 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 14:30 - 2022-08-26 12:26 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-12 14:28 - 2022-08-26 11:39 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-12 14:25 - 2022-08-28 14:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 14:24 - 2022-08-28 14:18 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-12 11:48 - 2021-11-07 23:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-11 15:54 - 2022-09-13 18:14 - 000004210 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1663085662
2022-10-11 15:54 - 2022-09-13 18:14 - 000001405 _____ C:\Users\Hajcu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-10-11 15:52 - 2022-08-26 11:45 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3090330430-2335327913-281000883-1001
2022-10-11 15:52 - 2022-08-26 11:45 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3090330430-2335327913-281000883-1001
2022-10-11 15:52 - 2022-08-26 11:35 - 000002379 _____ C:\Users\Hajcu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-08 12:00 - 2022-08-26 12:29 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-08 11:45 - 2021-11-07 23:26 - 000000000 ___HD C:\OneDriveTemp
2022-10-08 11:44 - 2021-11-07 23:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-10-07 21:23 - 2022-08-28 14:18 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-10-07 21:23 - 2022-08-26 13:51 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2022-10-07 20:49 - 2021-11-07 23:25 - 000000000 ___RD C:\Users\Hajcu\OneDrive
2022-10-06 19:12 - 2022-08-26 12:05 - 000000892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk
2022-10-06 16:44 - 2019-12-07 11:10 - 000002349 ____S C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2022-10-04 18:18 - 2022-08-26 15:48 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\EasyAntiCheat
2022-10-04 13:44 - 2022-08-26 12:39 - 000000000 ____D C:\Users\Hajcu\AppData\Local\log
2022-10-03 20:46 - 2022-08-26 12:25 - 000000000 ____D C:\WINDOWS\servicing
2022-10-03 20:41 - 2022-08-26 13:53 - 000000000 ____D C:\Users\Hajcu\AppData\Local\NVIDIA Corporation
2022-10-03 20:40 - 2022-08-28 11:52 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-03 20:40 - 2022-08-28 11:52 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-03 20:40 - 2022-08-28 11:52 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-03 20:40 - 2022-08-28 11:52 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-03 20:40 - 2022-08-28 11:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-03 20:40 - 2022-08-28 11:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-03 20:40 - 2022-08-28 11:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-03 20:40 - 2022-08-28 11:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-03 20:40 - 2022-08-28 11:52 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-03 14:44 - 2022-08-27 10:55 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-10-02 13:35 - 2022-08-26 12:00 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\FACEIT
2022-10-02 11:12 - 2022-08-26 12:05 - 000000000 ____D C:\Program Files\FACEIT AC
2022-09-29 14:08 - 2022-06-18 17:43 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-09-28 20:42 - 2021-12-23 16:15 - 000000000 ____D C:\Users\Hajcu\OneDrive\Dokumenty\Euro Truck Simulator 2
2022-09-28 19:44 - 2022-09-13 18:14 - 000000000 ____D C:\Program Files\Java
2022-09-28 19:44 - 2021-11-09 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-09-28 19:38 - 2022-09-13 18:15 - 000195280 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-09-28 13:40 - 2022-08-26 11:43 - 000000000 ____D C:\ProgramData\Packages
2022-09-28 13:34 - 2022-09-01 16:09 - 000000000 ____D C:\Users\Hajcu\AppData\Local\CrashDumps
2022-09-25 11:49 - 2022-08-26 12:05 - 016477768 _____ C:\WINDOWS\system32\Drivers\FACEIT.sys
2022-09-22 18:33 - 2022-08-26 16:59 - 000000000 ____D C:\Users\Hajcu\AppData\Local\Ferox_Games_B.V
2022-09-22 18:33 - 2022-08-26 16:58 - 000000000 ____D C:\Users\Hajcu\AppData\Local\Medal
2022-09-18 17:06 - 2022-08-26 13:51 - 000000000 ____D C:\Users\Hajcu\AppData\Local\UnrealEngine
2022-09-18 11:27 - 2022-08-26 11:43 - 000000000 ____D C:\Users\Hajcu\AppData\Local\ConnectedDevicesPlatform
2022-09-18 11:26 - 2022-08-26 11:46 - 000000000 ____D C:\Users\Hajcu\AppData\Local\SquirrelTemp
2022-09-17 22:53 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-17 22:53 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-17 22:53 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-17 22:53 - 2022-08-26 12:29 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-17 15:33 - 2022-09-13 18:14 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\.minecraft
2022-09-17 15:29 - 2022-09-13 18:14 - 000000000 ____D C:\Users\Hajcu\AppData\Roaming\.tlauncher
==================== Files in the root of some directories ========
2022-09-13 16:10 - 2022-09-13 16:10 - 025140744 _____ (Sysprogs) C:\Users\Hajcu\AppData\Roaming\GDBLocaManager-Setup.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
ahoj,
1. zmen si v PC hesla, ak si tak este neurobil
2. citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
3. prescanuj PC s MBAM
1. zmen si v PC hesla, ak si tak este neurobil
2. citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Viewndow] => C:\Users\Hajcu\AppData\Local\Programs\Viewndow\Viewndow.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt3. prescanuj PC s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kontrola logu
Přidávám fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by hajcu (17-10-2022 15:51:16) Run:1
Running from C:\
Loaded Profiles: hajcus23 & hajcu
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Viewndow] => C:\Users\Hajcu\AppData\Local\Programs\Viewndow\Viewndow.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-3090330430-2335327913-281000883-1001\Software\Microsoft\Windows\CurrentVersion\Run" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13675864 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 40 B
Edge => 0 B
Chrome => 42670422 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 514 B
LocalService => 10646 B
NetworkService => 10646 B
hajcu_6zbczjy => 497445 B
hajcu => 42936861 B
RecycleBin => 6902 B
EmptyTemp: => 95.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:51:32 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by hajcu (17-10-2022 15:51:16) Run:1
Running from C:\
Loaded Profiles: hajcus23 & hajcu
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3090330430-2335327913-281000883-1001\...\Run: [Viewndow] => C:\Users\Hajcu\AppData\Local\Programs\Viewndow\Viewndow.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-3090330430-2335327913-281000883-1001\Software\Microsoft\Windows\CurrentVersion\Run" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13675864 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 40 B
Edge => 0 B
Chrome => 42670422 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 514 B
LocalService => 10646 B
NetworkService => 10646 B
hajcu_6zbczjy => 497445 B
hajcu => 42936861 B
RecycleBin => 6902 B
EmptyTemp: => 95.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:51:32 ====
Re: Kontrola logu
Vysledky MBAM 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kontrola logu
Tenhle výsledek je staršího a data a dneska to nenašlo nic
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 10/15/22
Scan Time: 2:33 PM
Log File: 8cc87b82-4c85-11ed-a83e-a8a1592763bf.json
-Software Information-
Version: 4.5.15.215
Components Version: 1.0.1784
Update Package Version: 1.0.61089
License: Trial
-System Information-
OS: Windows 10 (Build 19044.2130)
CPU: x64
File System: NTFS
User: pejlos-v-levačce\Hajcu
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 308513
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 1 min, 9 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 1
PUP.Optional.BundleInstaller, C:\USERS\HAJCU\DOWNLOADS\UTORRENT.EXE, Quarantined, 497, 1081967, 1.0.61089, , ame, , 68A70EF9D99E94926E7231E00E136890, F72EE83436CB1F82366BFAAFB14A4C0CB99826C02166FC0BD21FB6E7EB5190C6
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 10/15/22
Scan Time: 2:33 PM
Log File: 8cc87b82-4c85-11ed-a83e-a8a1592763bf.json
-Software Information-
Version: 4.5.15.215
Components Version: 1.0.1784
Update Package Version: 1.0.61089
License: Trial
-System Information-
OS: Windows 10 (Build 19044.2130)
CPU: x64
File System: NTFS
User: pejlos-v-levačce\Hajcu
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 308513
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 1 min, 9 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 1
PUP.Optional.BundleInstaller, C:\USERS\HAJCU\DOWNLOADS\UTORRENT.EXE, Quarantined, 497, 1081967, 1.0.61089, , ame, , 68A70EF9D99E94926E7231E00E136890, F72EE83436CB1F82366BFAAFB14A4C0CB99826C02166FC0BD21FB6E7EB5190C6
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Re: Kontrola logu
Je tedy možné že už je ten špionážní vir pryč?
Re: Kontrola logu
Je to mozne, ostal tam len zaznam po viewndow.exe - ten uz ktosi-cosi zmazal. 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kontrola logu
Dobře takže tímto je všechno vyřešeno nebo by se dalo ještě něco prověřit?
Re: Kontrola logu
Preventivne mozes prescanovat s Avptool - KVRT
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kontrola logu
Scan nic nenašel takže si myslím že super. Díky za pomoc!
Re: Kontrola logu
Rado sa stalo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?