File: C:\Program Files\Common Files\System\symsrv.dll
File: C:\Users\mewtw_000\AppData\Roaming\Telegram Desktop\Telegram.exe
AppInit_DLLs-x32: C:\PROGRA~1\COMMON~1\System\symsrv.dll => C:\Program Files\Common Files\System\symsrv.dll [69337 2020-12-07] (Microsoft Corporation) [File not signed] <==== ATTENTION
HKLM\Software\...\AppCompatFlags\InstalledSDB\{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb
Startup: C:\Users\mewtw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2019-09-12]
ShortcutTarget: Telegram.lnk -> C:\Users\mewtw_000\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B3B4C3AB-B484-40BE-A758-8436FA4D026F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DA2C2E8F-FE2A-49EC-A6FC-85BFA6699877} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
FF user.js: detected! => C:\Users\mewtw_000\AppData\Roaming\Mozilla\Firefox\Profiles\ig34uzeg.default\user.js [2020-11-12]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
C:\Program Files (x86)\Outbyte
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot: