Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
chenny
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 06 zář 2007 09:50

Prosím o kontrolu logu

#1 Příspěvek od chenny »

Hezký den, prosila bych o kontrolu logu, nejde zapnout zabezpečení windows, Defender jako by ani nebyl v pc :(

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by IRENA-PC (administrator) on IRENA-PC (05-03-2021 08:57:33)
Running from C:\Users\IRENA-PC\Desktop
Loaded Profiles: IRENA-PC
Platform: Windows 10 Pro Version 20H2 19042.844 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-01-28] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-02-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-03-04] (Google LLC -> Google LLC)
Startup: C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2021-03-05]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (No File)
Startup: C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-11-14]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2019-10-05]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1882D01A-1238-48A7-98E5-0A132D50C3CA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-03-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {21567792-F593-4A2B-A8B0-FD12215C4505} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [19999848 2021-02-04] (Goversoft LLC -> Goversoft LLC)
Task: {34EDBC21-FC93-4443-A5B6-912CF8FD6D1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
Task: {4CB8A5A1-E837-468B-AE16-C594753EAC31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BABCDAA-9BC6-4EF1-97CA-B64ED3F3022B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
Task: {814313D7-11C2-4EF2-A031-26EF3BE0C7A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {87D9290F-3525-4C2A-BBCB-0D49A626C8EE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A04AC8DE-49A0-49FC-8C62-201A6869B886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B361FB97-6933-4F4C-ACD7-F6F2A55A5075} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA91164F-496B-4BC2-92A8-FFFA0C65DFAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB806155-3D2A-4177-A203-0FD110F04427} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4FC8779-698F-4176-95A0-5286A8AEA159} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 09 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [67072 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [67072 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3ca49153-5896-4467-b2d9-205cc451433b}: [DhcpNameServer] 192.168.0.1 1.1.1.1
Tcpip\..\Interfaces\{6275ca9c-c816-47f0-8729-a3236c979e44}: [DhcpNameServer] 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\IRENA-PC\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\IRENA-PC\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: woy2c7nl.default-1506939824614
FF ProfilePath: C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 [2021-03-05]
FF Homepage: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> hxxps://sktorrent.os.tc; hxxps://kryptomagazin.cz
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Disabled: {672e9d7d-f917-49e9-a2cb-eeae9a7cd1af}
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Enabled: google@search.mozilla.org
FF Extension: (HLS Video Download) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\@hls.video.download.xpi [2021-01-05]
FF Extension: (Download with Ant Download Manager) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\antffw@antdownloadmanager.com.xpi [2021-02-04]
FF Extension: (Avast Online Security) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\wrc@avast.com.xpi [2021-02-18]
FF Extension: (Video Downloader for FireFox) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{672e9d7d-f917-49e9-a2cb-eeae9a7cd1af}.xpi [2021-01-05]
FF Extension: (KITVideofy) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{6c09ef97-fbbc-4dc1-bc9a-777b216f1303}.xpi [2021-01-05]
FF Extension: (Plná Peněženka Lištička Lite) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{85d8e8cc-273a-4845-a75b-4b44377c703c}.xpi [2021-01-13]
FF Extension: (Video DownloadHelper) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-16]
FF Extension: (Greasemonkey) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-02-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default [2021-03-05]
CHR DownloadDir: D:\Filmy\Seriály\Telenovely
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/","hxxp://www.google.cz/","hxxps://www.google.com ... oogle.com/"
CHR Extension: (Easy Auto Refresh) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2021-03-05]
CHR Extension: (HLS Downloader) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apomkbibleomoihlhhdbeghnfioffbej [2021-02-04]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-08]
CHR Extension: (YouTube) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-30]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2020-04-19]
CHR Extension: (YouTube Music) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2021-03-05]
CHR Extension: (Image Downloader) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2019-01-27]
CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2017-01-30]
CHR Extension: (YouTube) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\egjdagpondeapnnockkjcocjdkfkffnb [2021-03-05]
CHR Extension: (Google Translate) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiogdnnnljjlfjgkifccooilblmjflkm [2021-02-27]
CHR Extension: (Přehrávání | SledovaniTV.cz) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gccmmlklnkpaihbmbpcdknammjmmdocb [2021-03-05]
CHR Extension: (Video downloader - CoCoCut) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gddbgllpilhpnjpkdbopahnpealaklle [2021-02-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-03-05]
CHR Extension: (Video DownloadHelper) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-05]
CHR Extension: (Live Stream Downloader) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\looepbdllpjgdmkpdcdffhdbmpbcfekj [2021-02-23]
CHR Extension: (Hangouts Google) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (SS TV Remote) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\npciacphlpgklgcjgiamnmfjipjdkacf [2020-03-23]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2021-03-05]
CHR Extension: (Gmail) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-05]
CHR Profile: C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-20]
CHR Extension: (d8yI+Hf7rX) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\flolbpainfebnmecbjhlffonapejhgom [2021-02-27]
CHR Profile: C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-20]
CHR Extension: (d8yI+Hf7rX) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\flolbpainfebnmecbjhlffonapejhgom [2021-02-27]
CHR HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Brave:
=======
BRA Profile: C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-04]
BRA Extension: (McAfee® WebAdvisor) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-02-09]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-02-09]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-02-23]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-02-09]
BRA Extension: (PDF Viewer) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-02-09]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2019-02-23]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-02-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-03-04] (Microsoft Windows -> Microsoft Corporation)
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [147264 2021-01-05] (eVenture Limited -> eVenture Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-04] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 e2eVAWdm; C:\WINDOWS\System32\drivers\VAud_WDM.sys [112696 2017-07-12] (ARTRAY CO., LTD. -> e2eSoft)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-03-04] (Malwarebytes Corporation -> Malwarebytes)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [95744 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 jakstaVA; C:\WINDOWS\System32\drivers\jaksta_va.sys [103816 2020-04-02] (Jaksta Technologies Pty Ltd -> e2eSoft)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
R3 nuviocir; C:\WINDOWS\system32\DRIVERS\nuviocir_x64.sys [40464 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-01-29] (WireGuard LLC -> WireGuard LLC)
U4 npcap_wifi; no ImagePath
U4 npf_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-05 08:57 - 2021-03-05 08:58 - 000022414 _____ C:\Users\IRENA-PC\Desktop\FRST.txt
2021-03-05 08:57 - 2021-03-05 08:57 - 000000000 ____D C:\Users\IRENA-PC\Desktop\FRST-OlderVersion
2021-03-05 08:55 - 2021-03-05 08:55 - 000000552 _____ C:\Users\IRENA-PC\Documents\cc_20210305_085547.reg
2021-03-05 08:53 - 2021-03-05 08:53 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-03-05 08:53 - 2021-03-05 08:53 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-03-05 08:53 - 2021-03-05 08:53 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-03-05 08:53 - 2021-03-05 08:53 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-03-05 08:53 - 2021-03-05 08:53 - 000000000 ____D C:\Users\IRENA-PC\AppData\LocalLow\IGDump
2021-03-05 08:52 - 2021-03-05 08:52 - 000008628 _____ C:\Users\IRENA-PC\Documents\cc_20210305_085207.reg
2021-03-05 08:49 - 2021-03-05 08:49 - 000000000 ____D C:\ProgramData\TotalAV
2021-03-05 08:48 - 2021-03-05 08:49 - 000000000 ____D C:\Program Files (x86)\TotalAV
2021-03-04 22:02 - 2021-03-04 22:02 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-04 22:02 - 2021-03-04 22:02 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-04 22:02 - 2021-03-04 22:02 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-04 22:02 - 2021-03-04 22:02 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-04 22:02 - 2021-03-04 22:02 - 000011002 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-04 22:01 - 2021-03-04 22:01 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-04 22:01 - 2021-03-04 22:01 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-04 21:19 - 2021-03-04 21:19 - 000000000 ____D C:\Users\IRENA-PC\Downloads\windows 10 fix.reg-20210304T201839Z-001
2021-03-04 21:18 - 2021-03-04 21:18 - 000001283 _____ C:\Users\IRENA-PC\Downloads\windows 10 fix.reg-20210304T201839Z-001.zip
2021-03-04 21:05 - 2021-03-04 21:05 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\ElevatedDiagnostics
2021-03-04 20:17 - 2021-03-05 08:17 - 000000000 ____D C:\Program Files (x86)\Outbyte
2021-03-04 19:23 - 2021-03-05 08:17 - 000000000 ____D C:\ProgramData\Outbyte
2021-03-04 19:20 - 2021-03-04 19:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-04 18:28 - 2021-03-04 18:28 - 000002248 _____ C:\Users\IRENA-PC\Documents\cc_20210304_182805.reg
2021-03-04 18:24 - 2021-03-04 18:24 - 000037460 _____ C:\Users\IRENA-PC\Documents\cc_20210304_182419.reg
2021-03-04 18:17 - 2021-03-04 18:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-03-04 18:06 - 2021-03-04 18:26 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-04 18:06 - 2021-03-04 18:06 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-04 18:05 - 2021-03-04 18:05 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-03-04 18:05 - 2021-03-04 18:05 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-04 18:04 - 2021-03-04 18:04 - 002084016 _____ (Malwarebytes) C:\Users\IRENA-PC\Downloads\MBSetup.exe
2021-03-04 17:57 - 2021-03-04 17:57 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Hide.me
2021-03-04 10:56 - 2021-03-04 10:56 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-04 10:54 - 2021-03-04 18:25 - 000000000 ____D C:\WINDOWS\pss
2021-03-03 09:26 - 2021-03-03 09:27 - 000000000 ____D C:\AdwCleaner
2021-03-02 07:49 - 2021-03-03 08:35 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-27 12:46 - 2021-02-27 12:46 - 000000000 ____D C:\Users\IRENA-PC\Documents\Apowersoft
2021-02-27 09:02 - 2021-02-27 09:02 - 000172860 _____ C:\Users\IRENA-PC\AppData\LocalLow\screen.jpeg
2021-02-27 09:02 - 2021-02-27 09:02 - 000000765 _____ C:\Users\IRENA-PC\AppData\LocalLow\machineinfo.txt
2021-02-27 09:02 - 2021-02-27 09:02 - 000000000 ____D C:\Microsoft Vision
2021-02-27 09:02 - 2021-02-25 15:33 - 000032768 _____ C:\Users\IRENA-PC\AppData\LocalLow\B2yBpRoCof
2021-02-27 09:02 - 2021-02-04 17:32 - 000020480 _____ C:\Users\IRENA-PC\AppData\LocalLow\4kr4CYIt7j
2021-02-27 09:02 - 2021-01-28 11:23 - 000108544 _____ C:\Users\IRENA-PC\AppData\LocalLow\rCpV8waZwl
2021-02-27 09:02 - 2021-01-28 11:23 - 000108544 _____ C:\Users\IRENA-PC\AppData\LocalLow\ogWWU484LM
2021-02-27 09:02 - 2020-12-24 15:19 - 000040960 _____ C:\Users\IRENA-PC\AppData\LocalLow\zGrjIyDITw
2021-02-27 09:02 - 2019-02-14 20:28 - 000516096 _____ C:\Users\IRENA-PC\AppData\LocalLow\qhcAQPjDDg
2021-02-27 09:02 - 2019-02-14 20:28 - 000073728 _____ C:\Users\IRENA-PC\AppData\LocalLow\OdQjUNyB3q
2021-02-27 09:02 - 2019-02-14 20:28 - 000073728 _____ C:\Users\IRENA-PC\AppData\LocalLow\eHwbcVTD4m
2021-02-27 09:01 - 2021-02-27 09:01 - 000000000 ____D C:\Users\IRENA-PC\AppData\LocalLow\Wallets
2021-02-27 09:01 - 2021-02-27 09:01 - 000000000 ____D C:\ProgramData\JA5E54QHG1VKTTOGAOZU08F8J
2021-02-27 09:01 - 2021-02-27 09:00 - 000524288 _____ C:\Users\IRENA-PC\AppData\LocalLow\IDCdJOyapn
2021-02-27 09:00 - 2021-02-27 09:26 - 000000000 ____D C:\Program Files (x86)\DTS
2021-02-27 09:00 - 2021-02-27 09:01 - 000358825 _____ C:\ProgramData\64513.64513
2021-02-27 09:00 - 2021-02-27 09:00 - 001564823 _____ C:\ProgramData\7592
2021-02-27 08:18 - 2021-03-04 17:55 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Screen Recorder 21
2021-02-27 08:18 - 2021-02-27 08:18 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\CrashRpt
2021-02-27 08:17 - 2021-03-04 17:55 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Movavi Screen Recorder 21
2021-02-27 08:17 - 2021-02-27 08:17 - 000004958 _____ C:\ProgramData\xnugqooy.ugm
2021-02-24 18:50 - 2021-02-28 19:31 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Bigasoft Video Downloader Pro
2021-02-24 18:50 - 2021-02-24 18:50 - 000000000 ____D C:\Users\IRENA-PC\Documents\Bigasoft Video Downloader Pro
2021-02-24 18:50 - 2021-02-24 18:50 - 000000000 ____D C:\Program Files (x86)\Bigasoft
2021-02-11 17:35 - 2021-03-04 19:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-10 23:08 - 2021-03-05 08:11 - 000433944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-10 10:35 - 2021-02-10 10:35 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 10:35 - 2021-02-10 10:35 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-05 15:11 - 2021-02-05 15:11 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 15:11 - 2021-02-05 15:11 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-05 08:58 - 2021-01-13 14:04 - 000000000 ____D C:\FRST
2021-03-05 08:57 - 2021-01-13 14:00 - 002301440 _____ (Farbar) C:\Users\IRENA-PC\Desktop\FRST64.exe
2021-03-05 08:57 - 2020-08-19 19:15 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-05 08:57 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-05 08:57 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-05 08:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-05 08:52 - 2020-08-19 19:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-05 08:52 - 2020-08-19 19:06 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-05 08:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-05 08:52 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-05 08:52 - 2018-12-26 18:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-05 08:50 - 2017-08-17 07:20 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\CrashDumps
2021-03-05 08:22 - 2021-01-29 08:39 - 000000000 ____D C:\Program Files (x86)\hide.me VPN
2021-03-05 08:22 - 2020-09-06 10:11 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\PrivaZer
2021-03-05 08:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-05 08:13 - 2019-02-05 07:34 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-05 08:13 - 2017-01-30 08:45 - 000000000 ____D C:\Users\IRENA-PC\AppData\LocalLow\Mozilla
2021-03-05 08:10 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-05 08:09 - 2020-08-19 19:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-05 04:50 - 2020-08-19 19:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 04:50 - 2020-08-19 19:19 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-04 23:18 - 2020-03-23 13:20 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-04 22:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-04 21:43 - 2021-01-23 21:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-04 21:32 - 2020-06-04 19:19 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-04 21:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-03-04 19:50 - 2017-01-30 08:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-04 19:20 - 2017-01-30 08:44 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-04 18:08 - 2017-01-30 09:49 - 000000000 ____D C:\uTorrent
2021-03-04 18:05 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-04 18:04 - 2020-08-19 19:19 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-04 18:04 - 2017-02-04 16:14 - 000000000 ____D C:\Torrents
2021-03-04 18:03 - 2020-12-15 18:05 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-04 18:01 - 2020-08-19 19:19 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3708313529-2431682257-2596704864-1001
2021-03-04 18:01 - 2020-08-19 19:07 - 000002412 _____ C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-04 18:01 - 2017-01-29 20:11 - 000000000 ___RD C:\Users\IRENA-PC\OneDrive
2021-03-04 17:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-04 17:56 - 2020-08-19 19:07 - 000000000 ____D C:\Users\IRENA-PC
2021-03-04 17:56 - 2019-03-15 19:37 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avidemux 2.7 VC++ 64bits
2021-03-04 17:56 - 2019-03-15 19:37 - 000000000 ____D C:\Program Files\Avidemux 2.7 VC++ 64bits
2021-03-04 17:56 - 2018-11-20 09:06 - 000000000 ____D C:\Program Files\Avidemux 2.7 - 64 bits
2021-03-04 17:55 - 2021-01-29 15:18 - 000000000 ____D C:\Program Files (x86)\MultiDoge-0.1.7
2021-03-04 17:55 - 2021-01-29 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2021-03-04 17:55 - 2021-01-03 08:36 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2021-03-04 17:55 - 2021-01-03 08:36 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\exodus
2021-03-04 17:55 - 2020-12-20 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2021-03-04 17:55 - 2020-12-20 15:39 - 000000000 ____D C:\Program Files\Subtitle Edit
2021-03-04 17:55 - 2020-05-02 17:27 - 000000000 ____D C:\Program Files (x86)\Admiral Markets MT4
2021-03-04 17:55 - 2018-11-20 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits)
2021-03-04 17:55 - 2018-06-14 10:05 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\JDownloader 2.0
2021-03-04 17:55 - 2017-07-05 17:16 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\vlc
2021-03-04 17:55 - 2017-04-27 15:39 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Ulozto File Manager
2021-03-04 17:55 - 2017-02-01 11:07 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Greenshot
2021-03-04 17:55 - 2017-01-30 12:39 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Rainmeter
2021-03-04 17:52 - 2021-01-03 08:36 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Exodus
2021-03-04 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-03-04 17:52 - 2018-02-16 13:35 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Authy Desktop
2021-03-04 17:52 - 2017-01-30 08:45 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Mozilla
2021-03-04 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-03-04 17:43 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-04 10:54 - 2020-06-30 17:37 - 000002296 ____H C:\Users\IRENA-PC\Documents\Default.rdp
2021-03-03 09:29 - 2017-02-01 11:07 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Greenshot
2021-03-02 08:56 - 2018-10-14 17:50 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\avidemux
2021-03-01 17:17 - 2019-04-16 19:31 - 000017080 _____ C:\Users\IRENA-PC\Documents\web hlavní stránka.txt
2021-02-28 15:35 - 2019-01-02 09:37 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\HandBrake
2021-02-27 17:37 - 2019-03-19 10:59 - 000000000 ____D C:\Users\IRENA-PC\Downloads\Ulozto
2021-02-27 08:18 - 2018-11-16 17:27 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Movavi
2021-02-21 14:33 - 2017-03-10 18:17 - 000044452 _____ C:\Users\IRENA-PC\Documents\klikačky.txt
2021-02-14 08:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-14 08:24 - 2019-01-19 22:33 - 000031846 _____ C:\Users\IRENA-PC\Documents\web.txt
2021-02-11 23:20 - 2018-02-27 08:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-10 23:09 - 2020-11-12 04:45 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Notepad
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 23:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 10:24 - 2017-01-29 22:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 10:20 - 2017-01-29 22:43 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 16:49 - 2021-01-03 08:36 - 000002280 _____ C:\Users\IRENA-PC\Desktop\Exodus.lnk
2021-02-05 20:04 - 2021-01-23 21:23 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2021-01-23 21:23 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-04 19:06 - 2021-01-09 08:12 - 000000000 ____D C:\Program Files (x86)\PrivaZer

==================== Files in the root of some directories ========

2019-01-25 08:47 - 2019-02-04 08:42 - 000012386 _____ () C:\Users\IRENA-PC\AppData\Roaming\downloads.json

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by IRENA-PC (05-03-2021 09:00:09)
Running from C:\Users\IRENA-PC\Desktop
Windows 10 Pro Version 20H2 19042.844 (X64) (2020-08-19 18:19:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3708313529-2431682257-2596704864-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3708313529-2431682257-2596704864-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3708313529-2431682257-2596704864-1000 - Limited - Disabled)
Guest (S-1-5-21-3708313529-2431682257-2596704864-501 - Limited - Disabled)
IRENA-PC (S-1-5-21-3708313529-2431682257-2596704864-1001 - Administrator - Enabled) => C:\Users\IRENA-PC
WDAGUtilityAccount (S-1-5-21-3708313529-2431682257-2596704864-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Authy Desktop (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\authy) (Version: 1.8.3 - Twilio Inc.)
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{3598910c-c7d9-450b-bfde-5a8d49dabd30}) (Version: 2.7.3 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{8cbf4d89-2ce8-4178-8bb4-1600f5e69e65}) (Version: 2.7.3 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{b859fd90-1d56-4013-8e47-a727a65ae7a3}) (Version: 2.7.3 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{c28b1ebe-2fed-4e19-a347-e0629e5cf6f5}) (Version: 2.7.2 - Mean)
Bighits4U Viewer 3.6 (HKLM-x32\...\{ACC1EF6D-F9C2-4B5E-BA01-25F3F9E57B68}) (Version: 3.6.0 - BigHits4U) Hidden
Bighits4U Viewer 3.6 (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\Bighits4U Viewer 3.6 3.6.0) (Version: 3.6.0 - BigHits4U)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Exodus (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\exodus) (Version: 21.1.29 - Exodus Movement Inc)
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Free MP3 Cutter 1.01 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: - PolySoft Solutions)
Free Netflix Download version 5.0.16.1204 (HKLM-x32\...\Free Netflix Download_is1) (Version: 5.0.16.1204 - FreeGrabApp Ltd)
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.3 - ghost-mouse.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla)
Mp3tag v2.97 (HKLM-x32\...\Mp3tag) (Version: 2.97 - Florian Heidenreich)
MultiDoge 0.1.7 (HKLM-x32\...\MultiDoge 0.1.7) (Version: 0.1.7 - )
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 4.0.18.0 - Goversoft LLC)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3.1 r3321 - Rainmeter)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RoboForex - MetaTrader 4 (HKLM-x32\...\RoboForex - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Subtitle Edit 3.5.18 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.18.1 - Nikse)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1254 - SUPERAntiSpyware.com)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Telegram Desktop version 2.5.1 (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.1 - Telegram FZ-LLC)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TotalAV (HKLM-x32\...\TotalAV) (Version: 5.14.15 - TotalAV) <==== ATTENTION
Tweetz Desktop verze 0.11.0 (HKLM-x32\...\{FE1B7E2D-6E96-4D39-B39F-62CA62D11A79}_is1) (Version: 0.11.0 - Mike Ward)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ulož.to FileManager 2.82 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.82 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Web Launch Recorder (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\WebLaunchRecorder) (Version: 2.0 - )
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Packages:
=========
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_4.32.10.0_x86__q7m17pa7q8kj0 [2021-03-04] (Deezer SA)
Easy WOL (Wake on LAN) -> C:\Program Files\WindowsApps\1460ArunasAdomaitis.EasyWOLWakeonLAN_1.1.1.0_x64__fzh5k4x0zh00p [2021-03-04] (Arunas Adomaitis)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2021-03-04] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.37.4392.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation) [Startup Task]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Studios)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-03-04] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2021-03-04] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [7680 2009-12-17] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-10-12 11:29 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2019-10-12 11:29 - 2016-10-08 16:03 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2019-10-12 11:29 - 2016-10-08 16:04 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\IRENA-PC:.repos [2466270]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads\desktop (New).ini:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\Translator_2016.03\WebIE.dll [2019-01-28] () [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\Translator_2016.03\WebIE.dll [2019-01-28] () [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2021-01-20 20:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2019-11-30 16:39 - 2019-11-30 16:44 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\StartupApproved\StartupFolder: => "IQTray.lnk"
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\StartupApproved\Run: => "Microsoft Software Essentials"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{793400D7-7C54-425B-9BD7-60F988299959}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D34719B9-E1F9-42F6-BA3A-AA6AF2D45F2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2F9D3059-4454-4A07-BEE5-D6684A9BC8B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{033BC72C-1DEC-4D1D-87CB-14942A26DDDB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ADECB0C0-D817-4AFC-AB5F-3E7FDA043DFE}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CC710CB0-69B1-4D2B-9AAE-B86204635A9F}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DE047D0E-57E7-42E5-852F-33C6129D3B85}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{0AAFD932-9B41-400A-B798-B7F6A5298120}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{0FFA7186-061D-43D7-922F-73C9FE27F461}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{D7909A0E-59A3-44AA-AD21-357E7A504E90}C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{60724E25-F8FD-44AA-9BC9-A2ADC8EC3C89}C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{C9001568-7E61-4092-92AC-A2A34F885F7B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E0915DD-85DC-4816-9616-A952C0C0C79C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1AB3D34D-2096-4639-A6F4-DB0021276C1B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A8D7038-61CD-44CF-88BD-3B4A6221113F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E0C9F16-EE9A-44B8-9451-7D5FB88A5D9D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB36692E-B7B2-42BD-BC9B-B5B9C427A112}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2E494270-3352-4EE4-9BEB-DFDABEB0B492}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{CE8260C1-93C7-47AF-97D4-687806A341AB}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{41A0FD6F-32C7-4629-843F-F84BD1CF7F57}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{F7DDB9BD-EF26-4906-BD31-A72205B5AFBB}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{2996E712-43FC-4FF8-8202-BA352CC77FF9}C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [UDP Query User{E5D79571-6F5B-47A0-BB49-86E0BBEFF6CD}C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [{CA592CA4-BCFB-4B95-9DD9-523494768967}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

04-03-2021 21:26:35 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Qualcomm Atheros AR9287 Wireless Network Adapter
Description: Qualcomm Atheros AR9287 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/05/2021 01:27:25 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/04/2021 08:44:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na IR10_2004_All_One_DVD (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:44:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HDD Záloha (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:44:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:36:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na IR10_2004_All_One_DVD (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:36:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HDD Záloha (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:36:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: regsvr32.exe, verze: 10.0.19041.1, časové razítko: 0xc2fd4602
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc0000602
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x1268
Čas spuštění chybující aplikace: 0x01d71129d89ae889
Cesta k chybující aplikaci: C:\WINDOWS\system32\regsvr32.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f3046b05-69be-4f56-8b03-58ab39f9400d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/05/2021 08:55:02 AM) (Source: DCOM) (EventID: 10000) (User: IRENA-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/05/2021 08:50:47 AM) (Source: DCOM) (EventID: 10000) (User: IRENA-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/04/2021 09:41:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/04/2021 09:39:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Update byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (03/04/2021 09:38:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/04/2021 09:36:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Update byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (03/04/2021 08:11:09 PM) (Source: Virtual Disk Service) (EventID: 1) (User: )
Description: Neočekávaná chyba. Kód chyby: 5@02000028

Error: (03/04/2021 08:11:09 PM) (Source: Virtual Disk Service) (EventID: 1) (User: )
Description: Neočekávaná chyba. Kód chyby: 5@02000028


Windows Defender:
================
Date: 2021-02-25 20:06:34
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Ymacco.AA6B
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\Filmy\Seriály\Telenovely\Bigasoft Video Pro 3.23.2.7675 Multilingual\file.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.1802.0, AS: 1.331.1802.0, NIS: 1.331.1802.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-25 10:39:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DAB5F033-0E7F-42BA-9428-7C2E5D1D6CC9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-24 18:43:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\IRENA-PC\Dropbox\My PC (IRENA-PC)\Downloads\Bigasoft.Video.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\Bigasoft.Video.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\b-vd359a\file.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: IRENA-PC\IRENA-PC
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.331.1663.0, AS: 1.331.1663.0, NIS: 1.331.1663.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-24 15:05:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3813D534-EEDE-4878-8D0F-C2E9E540668E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-23 15:12:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F28121F5-E2C0-440E-8420-CDB40D469BE7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-14 08:55:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.932.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-02-14 08:35:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.932.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-02-11 16:31:01
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2021-02-11 16:20:02
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P1.30 05/25/2010
Motherboard: ASRock HM55-HT
Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 62%
Total physical RAM: 3767.05 MB
Available physical RAM: 1408.04 MB
Total Virtual: 5943.05 MB
Available Virtual: 3439.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:62.9 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:465.76 GB) (Free:217.65 GB) NTFS
Drive e: (HDD Záloha) (Fixed) (Total:465.76 GB) (Free:61.41 GB) NTFS
Drive g: (IR10_2004_All_One_DVD) (Removable) (Total:29.29 GB) (Free:24.74 GB) NTFS
Drive h: (UEFI_NTFS) (Removable) (Total:0 GB) (Free:0 GB) FAT

\\?\Volume{89fed6d2-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{89fed6d2-0000-0000-0000-a0d21b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 89FED6D2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=509 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B5BDF682)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: DD2566A6)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Protective MBR) (Size: 29.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Zdravím!

Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

chenny
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 06 zář 2007 09:50

Re: Prosím o kontrolu logu

#3 Příspěvek od chenny »

Tady je log

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-05-2021
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 10
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted BS Player Customized Web Search
Deleted MyStart Search
Deleted MyStart Search
Deleted Search the web (Babylon)
Deleted Search the web (Babylon)
Deleted WebSearch
Deleted default-search.net
Deleted default-search.net
Deleted default-search.net
Deleted default-search.net

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


AdwCleaner[S00].txt - [2270 octets] - [05/03/2021 10:41:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

chenny
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 06 zář 2007 09:50

Re: Prosím o kontrolu logu

#5 Příspěvek od chenny »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by IRENA-PC (administrator) on IRENA-PC (05-03-2021 14:24:36)
Running from C:\Users\IRENA-PC\Desktop
Loaded Profiles: IRENA-PC
Platform: Windows 10 Pro Version 20H2 19042.844 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-01-28] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-02-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-03-04] (Google LLC -> Google LLC)
Startup: C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2021-03-05]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (No File)
Startup: C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-11-14]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2019-10-05]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1882D01A-1238-48A7-98E5-0A132D50C3CA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-03-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {21567792-F593-4A2B-A8B0-FD12215C4505} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [19999848 2021-02-04] (Goversoft LLC -> Goversoft LLC)
Task: {34EDBC21-FC93-4443-A5B6-912CF8FD6D1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
Task: {4CB8A5A1-E837-468B-AE16-C594753EAC31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BABCDAA-9BC6-4EF1-97CA-B64ED3F3022B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
Task: {814313D7-11C2-4EF2-A031-26EF3BE0C7A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {87D9290F-3525-4C2A-BBCB-0D49A626C8EE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A04AC8DE-49A0-49FC-8C62-201A6869B886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B361FB97-6933-4F4C-ACD7-F6F2A55A5075} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA91164F-496B-4BC2-92A8-FFFA0C65DFAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB806155-3D2A-4177-A203-0FD110F04427} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4FC8779-698F-4176-95A0-5286A8AEA159} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 09 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [67072 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [67072 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3ca49153-5896-4467-b2d9-205cc451433b}: [DhcpNameServer] 192.168.0.1 1.1.1.1
Tcpip\..\Interfaces\{6275ca9c-c816-47f0-8729-a3236c979e44}: [DhcpNameServer] 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\IRENA-PC\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\IRENA-PC\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: woy2c7nl.default-1506939824614
FF ProfilePath: C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 [2021-03-05]
FF Homepage: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> hxxps://sktorrent.os.tc; hxxps://kryptomagazin.cz
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Disabled: {672e9d7d-f917-49e9-a2cb-eeae9a7cd1af}
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Enabled: google@search.mozilla.org
FF Extension: (HLS Video Download) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\@hls.video.download.xpi [2021-01-05]
FF Extension: (Download with Ant Download Manager) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\antffw@antdownloadmanager.com.xpi [2021-02-04]
FF Extension: (Avast Online Security) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\wrc@avast.com.xpi [2021-02-18]
FF Extension: (Video Downloader for FireFox) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{672e9d7d-f917-49e9-a2cb-eeae9a7cd1af}.xpi [2021-01-05]
FF Extension: (KITVideofy) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{6c09ef97-fbbc-4dc1-bc9a-777b216f1303}.xpi [2021-01-05]
FF Extension: (Plná Peněženka Lištička Lite) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{85d8e8cc-273a-4845-a75b-4b44377c703c}.xpi [2021-01-13]
FF Extension: (Video DownloadHelper) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-16]
FF Extension: (Greasemonkey) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-02-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default [2021-03-05]
CHR DownloadDir: D:\Filmy\Seriály\Telenovely
CHR Notifications: Default -> hxxps://app.expertoption.com; hxxps://app.plus500.com; hxxps://calendar.google.com; hxxps://findmedia.biz; hxxps://ganesha.goodly.pro; hxxps://gofesm.com; hxxps://kryptomagazin.sk; hxxps://my.jdownloader.org; hxxps://prokliky.cz; hxxps://solvena.ru; hxxps://thestreetlottery.com; hxxps://trading11.com; hxxps://watch-video.net; hxxps://www.facebook.com; hxxps://www.nej-ceny.cz; hxxps://www.netflix.com; hxxps://www.publish0x.com; hxxps://www.youtube.com; hxxps://zignaly.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/","hxxp://www.google.cz/","hxxps://www.google.com ... oogle.com/"
CHR Extension: (Easy Auto Refresh) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2021-03-05]
CHR Extension: (HLS Downloader) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apomkbibleomoihlhhdbeghnfioffbej [2021-02-04]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-08]
CHR Extension: (YouTube) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-30]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2020-04-19]
CHR Extension: (YouTube Music) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2021-03-05]
CHR Extension: (Image Downloader) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2019-01-27]
CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2017-01-30]
CHR Extension: (YouTube) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\egjdagpondeapnnockkjcocjdkfkffnb [2021-03-05]
CHR Extension: (Google Translate) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiogdnnnljjlfjgkifccooilblmjflkm [2021-02-27]
CHR Extension: (Přehrávání | SledovaniTV.cz) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gccmmlklnkpaihbmbpcdknammjmmdocb [2021-03-05]
CHR Extension: (Video downloader - CoCoCut) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gddbgllpilhpnjpkdbopahnpealaklle [2021-02-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-03-05]
CHR Extension: (Video DownloadHelper) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-05]
CHR Extension: (Live Stream Downloader) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\looepbdllpjgdmkpdcdffhdbmpbcfekj [2021-02-23]
CHR Extension: (Hangouts Google) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (SS TV Remote) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\npciacphlpgklgcjgiamnmfjipjdkacf [2020-03-23]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2021-03-05]
CHR Extension: (Gmail) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-05]
CHR Profile: C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-20]
CHR Extension: (d8yI+Hf7rX) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\flolbpainfebnmecbjhlffonapejhgom [2021-02-27]
CHR Profile: C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-20]
CHR Extension: (d8yI+Hf7rX) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\flolbpainfebnmecbjhlffonapejhgom [2021-02-27]
CHR HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Brave:
=======
BRA Profile: C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-04]
BRA Extension: (McAfee® WebAdvisor) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-02-09]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-02-09]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-02-23]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-02-09]
BRA Extension: (PDF Viewer) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-02-09]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2019-02-23]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-02-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-03-04] (Microsoft Windows -> Microsoft Corporation)
S2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [147264 2021-01-05] (eVenture Limited -> eVenture Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-04] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 e2eVAWdm; C:\WINDOWS\System32\drivers\VAud_WDM.sys [112696 2017-07-12] (ARTRAY CO., LTD. -> e2eSoft)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-03-04] (Malwarebytes Corporation -> Malwarebytes)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [95744 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 jakstaVA; C:\WINDOWS\System32\drivers\jaksta_va.sys [103816 2020-04-02] (Jaksta Technologies Pty Ltd -> e2eSoft)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
R3 nuviocir; C:\WINDOWS\system32\DRIVERS\nuviocir_x64.sys [40464 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-01-29] (WireGuard LLC -> WireGuard LLC)
U4 npcap_wifi; no ImagePath
U4 npf_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-05 14:24 - 2021-03-05 14:25 - 000022450 _____ C:\Users\IRENA-PC\Desktop\FRST.txt
2021-03-05 10:41 - 2021-03-05 10:41 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-03-05 10:40 - 2021-03-05 10:40 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-03-05 10:40 - 2021-03-05 10:40 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-03-05 10:22 - 2021-03-05 10:19 - 008463216 _____ (Malwarebytes) C:\Users\IRENA-PC\Desktop\adwcleaner_8.1.exe
2021-03-05 08:55 - 2021-03-05 08:55 - 000000552 _____ C:\Users\IRENA-PC\Documents\cc_20210305_085547.reg
2021-03-05 08:53 - 2021-03-05 08:53 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-03-05 08:52 - 2021-03-05 08:52 - 000008628 _____ C:\Users\IRENA-PC\Documents\cc_20210305_085207.reg
2021-03-04 22:02 - 2021-03-04 22:02 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-04 22:02 - 2021-03-04 22:02 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-04 22:02 - 2021-03-04 22:02 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-04 22:02 - 2021-03-04 22:02 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-04 22:02 - 2021-03-04 22:02 - 000011002 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-04 22:01 - 2021-03-04 22:01 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-04 22:01 - 2021-03-04 22:01 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-04 21:19 - 2021-03-04 21:19 - 000000000 ____D C:\Users\IRENA-PC\Downloads\windows 10 fix.reg-20210304T201839Z-001
2021-03-04 21:18 - 2021-03-04 21:18 - 000001283 _____ C:\Users\IRENA-PC\Downloads\windows 10 fix.reg-20210304T201839Z-001.zip
2021-03-04 21:05 - 2021-03-04 21:05 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\ElevatedDiagnostics
2021-03-04 19:20 - 2021-03-04 19:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-04 18:28 - 2021-03-04 18:28 - 000002248 _____ C:\Users\IRENA-PC\Documents\cc_20210304_182805.reg
2021-03-04 18:24 - 2021-03-04 18:24 - 000037460 _____ C:\Users\IRENA-PC\Documents\cc_20210304_182419.reg
2021-03-04 18:17 - 2021-03-04 18:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-03-04 18:06 - 2021-03-04 18:26 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-04 18:06 - 2021-03-04 18:06 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-04 18:05 - 2021-03-04 18:05 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-03-04 18:05 - 2021-03-04 18:05 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-04 18:04 - 2021-03-04 18:04 - 002084016 _____ (Malwarebytes) C:\Users\IRENA-PC\Downloads\MBSetup.exe
2021-03-04 17:57 - 2021-03-04 17:57 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Hide.me
2021-03-04 10:56 - 2021-03-04 10:56 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-04 10:54 - 2021-03-04 18:25 - 000000000 ____D C:\WINDOWS\pss
2021-03-03 09:26 - 2021-03-03 09:27 - 000000000 ____D C:\AdwCleaner
2021-03-02 07:49 - 2021-03-03 08:35 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-27 12:46 - 2021-02-27 12:46 - 000000000 ____D C:\Users\IRENA-PC\Documents\Apowersoft
2021-02-27 09:02 - 2021-02-27 09:02 - 000172860 _____ C:\Users\IRENA-PC\AppData\LocalLow\screen.jpeg
2021-02-27 09:02 - 2021-02-27 09:02 - 000000765 _____ C:\Users\IRENA-PC\AppData\LocalLow\machineinfo.txt
2021-02-27 09:02 - 2021-02-27 09:02 - 000000000 ____D C:\Microsoft Vision
2021-02-27 09:02 - 2021-02-25 15:33 - 000032768 _____ C:\Users\IRENA-PC\AppData\LocalLow\B2yBpRoCof
2021-02-27 09:02 - 2021-02-04 17:32 - 000020480 _____ C:\Users\IRENA-PC\AppData\LocalLow\4kr4CYIt7j
2021-02-27 09:02 - 2021-01-28 11:23 - 000108544 _____ C:\Users\IRENA-PC\AppData\LocalLow\rCpV8waZwl
2021-02-27 09:02 - 2021-01-28 11:23 - 000108544 _____ C:\Users\IRENA-PC\AppData\LocalLow\ogWWU484LM
2021-02-27 09:02 - 2020-12-24 15:19 - 000040960 _____ C:\Users\IRENA-PC\AppData\LocalLow\zGrjIyDITw
2021-02-27 09:02 - 2019-02-14 20:28 - 000516096 _____ C:\Users\IRENA-PC\AppData\LocalLow\qhcAQPjDDg
2021-02-27 09:02 - 2019-02-14 20:28 - 000073728 _____ C:\Users\IRENA-PC\AppData\LocalLow\OdQjUNyB3q
2021-02-27 09:02 - 2019-02-14 20:28 - 000073728 _____ C:\Users\IRENA-PC\AppData\LocalLow\eHwbcVTD4m
2021-02-27 09:01 - 2021-02-27 09:01 - 000000000 ____D C:\Users\IRENA-PC\AppData\LocalLow\Wallets
2021-02-27 09:01 - 2021-02-27 09:01 - 000000000 ____D C:\ProgramData\JA5E54QHG1VKTTOGAOZU08F8J
2021-02-27 09:01 - 2021-02-27 09:00 - 000524288 _____ C:\Users\IRENA-PC\AppData\LocalLow\IDCdJOyapn
2021-02-27 09:00 - 2021-02-27 09:26 - 000000000 ____D C:\Program Files (x86)\DTS
2021-02-27 09:00 - 2021-02-27 09:01 - 000358825 _____ C:\ProgramData\64513.64513
2021-02-27 09:00 - 2021-02-27 09:00 - 001564823 _____ C:\ProgramData\7592
2021-02-27 08:18 - 2021-03-04 17:55 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Screen Recorder 21
2021-02-27 08:18 - 2021-02-27 08:18 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\CrashRpt
2021-02-27 08:17 - 2021-03-04 17:55 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Movavi Screen Recorder 21
2021-02-27 08:17 - 2021-02-27 08:17 - 000004958 _____ C:\ProgramData\xnugqooy.ugm
2021-02-24 18:50 - 2021-02-28 19:31 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Bigasoft Video Downloader Pro
2021-02-24 18:50 - 2021-02-24 18:50 - 000000000 ____D C:\Users\IRENA-PC\Documents\Bigasoft Video Downloader Pro
2021-02-24 18:50 - 2021-02-24 18:50 - 000000000 ____D C:\Program Files (x86)\Bigasoft
2021-02-11 17:35 - 2021-03-04 19:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-10 23:08 - 2021-03-05 08:11 - 000433944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-10 10:35 - 2021-02-10 10:35 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 10:35 - 2021-02-10 10:35 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-05 15:11 - 2021-02-05 15:11 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 15:11 - 2021-02-05 15:11 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-05 14:25 - 2021-01-13 14:04 - 000000000 ____D C:\FRST
2021-03-05 14:11 - 2020-08-19 19:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-05 10:46 - 2020-08-19 19:15 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-05 10:46 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-05 10:46 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-05 10:46 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-05 10:40 - 2020-08-19 19:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-05 10:40 - 2020-08-19 19:06 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-05 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-05 10:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-05 10:40 - 2018-12-26 18:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-05 10:39 - 2020-06-30 17:37 - 000002296 ____H C:\Users\IRENA-PC\Documents\Default.rdp
2021-03-05 08:57 - 2021-01-13 14:00 - 002301440 _____ (Farbar) C:\Users\IRENA-PC\Desktop\FRST64.exe
2021-03-05 08:50 - 2017-08-17 07:20 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\CrashDumps
2021-03-05 08:22 - 2021-01-29 08:39 - 000000000 ____D C:\Program Files (x86)\hide.me VPN
2021-03-05 08:22 - 2020-09-06 10:11 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\PrivaZer
2021-03-05 08:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-05 08:13 - 2019-02-05 07:34 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-05 08:13 - 2017-01-30 08:45 - 000000000 ____D C:\Users\IRENA-PC\AppData\LocalLow\Mozilla
2021-03-05 08:10 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-05 04:50 - 2020-08-19 19:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 04:50 - 2020-08-19 19:19 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-04 23:18 - 2020-03-23 13:20 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-04 22:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-04 21:43 - 2021-01-23 21:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-04 21:32 - 2020-06-04 19:19 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-04 21:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-03-04 19:50 - 2017-01-30 08:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-04 19:20 - 2017-01-30 08:44 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-04 18:08 - 2017-01-30 09:49 - 000000000 ____D C:\uTorrent
2021-03-04 18:05 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-04 18:04 - 2020-08-19 19:19 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-04 18:04 - 2017-02-04 16:14 - 000000000 ____D C:\Torrents
2021-03-04 18:03 - 2020-12-15 18:05 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-04 18:01 - 2020-08-19 19:19 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3708313529-2431682257-2596704864-1001
2021-03-04 18:01 - 2020-08-19 19:07 - 000002412 _____ C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-04 18:01 - 2017-01-29 20:11 - 000000000 ___RD C:\Users\IRENA-PC\OneDrive
2021-03-04 17:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-04 17:56 - 2020-08-19 19:07 - 000000000 ____D C:\Users\IRENA-PC
2021-03-04 17:56 - 2019-03-15 19:37 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avidemux 2.7 VC++ 64bits
2021-03-04 17:56 - 2019-03-15 19:37 - 000000000 ____D C:\Program Files\Avidemux 2.7 VC++ 64bits
2021-03-04 17:56 - 2018-11-20 09:06 - 000000000 ____D C:\Program Files\Avidemux 2.7 - 64 bits
2021-03-04 17:55 - 2021-01-29 15:18 - 000000000 ____D C:\Program Files (x86)\MultiDoge-0.1.7
2021-03-04 17:55 - 2021-01-29 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2021-03-04 17:55 - 2021-01-03 08:36 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2021-03-04 17:55 - 2021-01-03 08:36 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\exodus
2021-03-04 17:55 - 2020-12-20 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2021-03-04 17:55 - 2020-12-20 15:39 - 000000000 ____D C:\Program Files\Subtitle Edit
2021-03-04 17:55 - 2020-05-02 17:27 - 000000000 ____D C:\Program Files (x86)\Admiral Markets MT4
2021-03-04 17:55 - 2018-11-20 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits)
2021-03-04 17:55 - 2018-06-14 10:05 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\JDownloader 2.0
2021-03-04 17:55 - 2017-07-05 17:16 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\vlc
2021-03-04 17:55 - 2017-04-27 15:39 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Ulozto File Manager
2021-03-04 17:55 - 2017-02-01 11:07 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Greenshot
2021-03-04 17:55 - 2017-01-30 12:39 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Rainmeter
2021-03-04 17:52 - 2021-01-03 08:36 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Exodus
2021-03-04 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-03-04 17:52 - 2018-02-16 13:35 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Authy Desktop
2021-03-04 17:52 - 2017-01-30 08:45 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Mozilla
2021-03-04 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-03-04 17:43 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-03 09:29 - 2017-02-01 11:07 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Greenshot
2021-03-02 08:56 - 2018-10-14 17:50 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\avidemux
2021-03-01 17:17 - 2019-04-16 19:31 - 000017080 _____ C:\Users\IRENA-PC\Documents\web hlavní stránka.txt
2021-02-28 15:35 - 2019-01-02 09:37 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\HandBrake
2021-02-27 17:37 - 2019-03-19 10:59 - 000000000 ____D C:\Users\IRENA-PC\Downloads\Ulozto
2021-02-27 08:18 - 2018-11-16 17:27 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Movavi
2021-02-21 14:33 - 2017-03-10 18:17 - 000044452 _____ C:\Users\IRENA-PC\Documents\klikačky.txt
2021-02-14 08:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-14 08:24 - 2019-01-19 22:33 - 000031846 _____ C:\Users\IRENA-PC\Documents\web.txt
2021-02-11 23:20 - 2018-02-27 08:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-10 23:09 - 2020-11-12 04:45 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Notepad
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 23:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 10:24 - 2017-01-29 22:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 10:20 - 2017-01-29 22:43 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 16:49 - 2021-01-03 08:36 - 000002280 _____ C:\Users\IRENA-PC\Desktop\Exodus.lnk
2021-02-05 20:04 - 2021-01-23 21:23 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2021-01-23 21:23 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-04 19:06 - 2021-01-09 08:12 - 000000000 ____D C:\Program Files (x86)\PrivaZer

==================== Files in the root of some directories ========

2019-01-25 08:47 - 2019-02-04 08:42 - 000012386 _____ () C:\Users\IRENA-PC\AppData\Roaming\downloads.json

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

chenny
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 06 zář 2007 09:50

Re: Prosím o kontrolu logu

#6 Příspěvek od chenny »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by IRENA-PC (05-03-2021 14:27:05)
Running from C:\Users\IRENA-PC\Desktop
Windows 10 Pro Version 20H2 19042.844 (X64) (2020-08-19 18:19:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3708313529-2431682257-2596704864-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3708313529-2431682257-2596704864-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3708313529-2431682257-2596704864-1000 - Limited - Disabled)
Guest (S-1-5-21-3708313529-2431682257-2596704864-501 - Limited - Disabled)
IRENA-PC (S-1-5-21-3708313529-2431682257-2596704864-1001 - Administrator - Enabled) => C:\Users\IRENA-PC
WDAGUtilityAccount (S-1-5-21-3708313529-2431682257-2596704864-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Authy Desktop (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\authy) (Version: 1.8.3 - Twilio Inc.)
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{3598910c-c7d9-450b-bfde-5a8d49dabd30}) (Version: 2.7.3 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{8cbf4d89-2ce8-4178-8bb4-1600f5e69e65}) (Version: 2.7.3 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{b859fd90-1d56-4013-8e47-a727a65ae7a3}) (Version: 2.7.3 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{c28b1ebe-2fed-4e19-a347-e0629e5cf6f5}) (Version: 2.7.2 - Mean)
Bighits4U Viewer 3.6 (HKLM-x32\...\{ACC1EF6D-F9C2-4B5E-BA01-25F3F9E57B68}) (Version: 3.6.0 - BigHits4U) Hidden
Bighits4U Viewer 3.6 (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\Bighits4U Viewer 3.6 3.6.0) (Version: 3.6.0 - BigHits4U)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Exodus (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\exodus) (Version: 21.1.29 - Exodus Movement Inc)
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Free MP3 Cutter 1.01 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: - PolySoft Solutions)
Free Netflix Download version 5.0.16.1204 (HKLM-x32\...\Free Netflix Download_is1) (Version: 5.0.16.1204 - FreeGrabApp Ltd)
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.3 - ghost-mouse.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla)
Mp3tag v2.97 (HKLM-x32\...\Mp3tag) (Version: 2.97 - Florian Heidenreich)
MultiDoge 0.1.7 (HKLM-x32\...\MultiDoge 0.1.7) (Version: 0.1.7 - )
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 4.0.18.0 - Goversoft LLC)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3.1 r3321 - Rainmeter)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RoboForex - MetaTrader 4 (HKLM-x32\...\RoboForex - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Subtitle Edit 3.5.18 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.18.1 - Nikse)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1254 - SUPERAntiSpyware.com)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Telegram Desktop version 2.5.1 (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.1 - Telegram FZ-LLC)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Tweetz Desktop verze 0.11.0 (HKLM-x32\...\{FE1B7E2D-6E96-4D39-B39F-62CA62D11A79}_is1) (Version: 0.11.0 - Mike Ward)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ulož.to FileManager 2.82 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.82 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Web Launch Recorder (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\WebLaunchRecorder) (Version: 2.0 - )
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Packages:
=========
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_4.32.10.0_x86__q7m17pa7q8kj0 [2021-03-04] (Deezer SA)
Easy WOL (Wake on LAN) -> C:\Program Files\WindowsApps\1460ArunasAdomaitis.EasyWOLWakeonLAN_1.1.1.0_x64__fzh5k4x0zh00p [2021-03-04] (Arunas Adomaitis)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2021-03-04] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.37.4392.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation) [Startup Task]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Studios)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-03-04] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2021-03-04] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [7680 2009-12-17] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-02-28 17:03 - 2019-02-28 17:03 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2017-01-30 09:21 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\IRENA-PC:.repos [2466270]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads\desktop (New).ini:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\Translator_2016.03\WebIE.dll [2019-01-28] () [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\Translator_2016.03\WebIE.dll [2019-01-28] () [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2021-01-20 20:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2019-11-30 16:39 - 2019-11-30 16:44 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\StartupApproved\StartupFolder: => "IQTray.lnk"
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\StartupApproved\Run: => "Microsoft Software Essentials"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{793400D7-7C54-425B-9BD7-60F988299959}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D34719B9-E1F9-42F6-BA3A-AA6AF2D45F2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2F9D3059-4454-4A07-BEE5-D6684A9BC8B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{033BC72C-1DEC-4D1D-87CB-14942A26DDDB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ADECB0C0-D817-4AFC-AB5F-3E7FDA043DFE}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CC710CB0-69B1-4D2B-9AAE-B86204635A9F}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DE047D0E-57E7-42E5-852F-33C6129D3B85}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{0AAFD932-9B41-400A-B798-B7F6A5298120}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{0FFA7186-061D-43D7-922F-73C9FE27F461}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{D7909A0E-59A3-44AA-AD21-357E7A504E90}C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{60724E25-F8FD-44AA-9BC9-A2ADC8EC3C89}C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{C9001568-7E61-4092-92AC-A2A34F885F7B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E0915DD-85DC-4816-9616-A952C0C0C79C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1AB3D34D-2096-4639-A6F4-DB0021276C1B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A8D7038-61CD-44CF-88BD-3B4A6221113F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E0C9F16-EE9A-44B8-9451-7D5FB88A5D9D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB36692E-B7B2-42BD-BC9B-B5B9C427A112}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2E494270-3352-4EE4-9BEB-DFDABEB0B492}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{CE8260C1-93C7-47AF-97D4-687806A341AB}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{41A0FD6F-32C7-4629-843F-F84BD1CF7F57}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{F7DDB9BD-EF26-4906-BD31-A72205B5AFBB}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{2996E712-43FC-4FF8-8202-BA352CC77FF9}C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [UDP Query User{E5D79571-6F5B-47A0-BB49-86E0BBEFF6CD}C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [{CA592CA4-BCFB-4B95-9DD9-523494768967}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

04-03-2021 21:26:35 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Qualcomm Atheros AR9287 Wireless Network Adapter
Description: Qualcomm Atheros AR9287 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/05/2021 01:27:25 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/04/2021 08:44:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na IR10_2004_All_One_DVD (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:44:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HDD Záloha (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:44:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:36:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na IR10_2004_All_One_DVD (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:36:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HDD Záloha (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:36:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/04/2021 08:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: regsvr32.exe, verze: 10.0.19041.1, časové razítko: 0xc2fd4602
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc0000602
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x1268
Čas spuštění chybující aplikace: 0x01d71129d89ae889
Cesta k chybující aplikaci: C:\WINDOWS\system32\regsvr32.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f3046b05-69be-4f56-8b03-58ab39f9400d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/05/2021 10:42:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/05/2021 10:42:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba hide.me VPN Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/05/2021 10:42:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba VIA Karaoke digital mixer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/05/2021 10:42:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/05/2021 10:26:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/05/2021 10:26:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba hide.me VPN Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/05/2021 10:26:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba VIA Karaoke digital mixer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/05/2021 10:26:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-02-25 20:06:34
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Ymacco.AA6B
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\Filmy\Seriály\Telenovely\Bigasoft Video Pro 3.23.2.7675 Multilingual\file.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.1802.0, AS: 1.331.1802.0, NIS: 1.331.1802.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-25 10:39:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DAB5F033-0E7F-42BA-9428-7C2E5D1D6CC9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-24 18:43:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\IRENA-PC\Dropbox\My PC (IRENA-PC)\Downloads\Bigasoft.Video.Downloader.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\Bigasoft.Video.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\b-vd359a\file.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: IRENA-PC\IRENA-PC
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.331.1663.0, AS: 1.331.1663.0, NIS: 1.331.1663.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-24 15:05:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3813D534-EEDE-4878-8D0F-C2E9E540668E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-23 15:12:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F28121F5-E2C0-440E-8420-CDB40D469BE7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-14 08:55:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.932.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-02-14 08:35:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.932.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-02-11 16:31:01
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2021-02-11 16:20:02
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P1.30 05/25/2010
Motherboard: ASRock HM55-HT
Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 73%
Total physical RAM: 3767.05 MB
Available physical RAM: 1001.82 MB
Total Virtual: 5943.05 MB
Available Virtual: 2682.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:62.08 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:465.76 GB) (Free:217.64 GB) NTFS
Drive e: (HDD Záloha) (Fixed) (Total:465.76 GB) (Free:61.41 GB) NTFS
Drive g: (IR10_2004_All_One_DVD) (Removable) (Total:29.29 GB) (Free:24.74 GB) NTFS
Drive h: (UEFI_NTFS) (Removable) (Total:0 GB) (Free:0 GB) FAT

\\?\Volume{89fed6d2-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{89fed6d2-0000-0000-0000-a0d21b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 89FED6D2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=509 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B5BDF682)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: DD2566A6)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Protective MBR) (Size: 29.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#7 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
AlternateDataStreams: C:\Users\IRENA-PC:.repos [2466270]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads\desktop (New).ini:com.dropbox.attrs [54]
D:\Filmy\Seriály\Telenovely\Bigasoft Video Pro 3.23.2.7675 Multilingual\file.exe
C:\Users\IRENA-PC\Dropbox\My PC (IRENA-PC)\Downloads\Bigasoft.Video.Downloader.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\Bigasoft.Video.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\b-vd359a\file.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (No File)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {34EDBC21-FC93-4443-A5B6-912CF8FD6D1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
Task: {6BABCDAA-9BC6-4EF1-97CA-B64ED3F3022B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
U4 npcap_wifi; no ImagePath
U4 npf_wifi; no ImagePath
C:\ProgramData\JA5E54QHG1VKTTOGAOZU08F8J
C:\Users\IRENA-PC\AppData\LocalLow\B2yBpRoCof
C:\Users\IRENA-PC\AppData\LocalLow\4kr4CYIt7j
C:\Users\IRENA-PC\AppData\LocalLow\rCpV8waZwl
C:\Users\IRENA-PC\AppData\LocalLow\ogWWU484LM
C:\Users\IRENA-PC\AppData\LocalLow\zGrjIyDITw
C:\Users\IRENA-PC\AppData\LocalLow\qhcAQPjDDg
C:\Users\IRENA-PC\AppData\LocalLow\OdQjUNyB3q
C:\Users\IRENA-PC\AppData\LocalLow\eHwbcVTD4m
C:\ProgramData\64513.64513
C:\ProgramData\7592
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

chenny
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 06 zář 2007 09:50

Re: Prosím o kontrolu logu

#8 Příspěvek od chenny »

Tady je log, změna nenastala žádná.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by IRENA-PC (05-03-2021 15:08:04) Run:2
Running from C:\Users\IRENA-PC\Desktop
Loaded Profiles: IRENA-PC
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
AlternateDataStreams: C:\Users\IRENA-PC:.repos [2466270]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads\desktop (New).ini:com.dropbox.attrs [54]
D:\Filmy\Seriály\Telenovely\Bigasoft Video Pro 3.23.2.7675 Multilingual\file.exe
C:\Users\IRENA-PC\Dropbox\My PC (IRENA-PC)\Downloads\Bigasoft.Video.Downloader.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\Bigasoft.Video.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\b-vd359a\file.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (No File)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {34EDBC21-FC93-4443-A5B6-912CF8FD6D1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
Task: {6BABCDAA-9BC6-4EF1-97CA-B64ED3F3022B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
U4 npcap_wifi; no ImagePath
U4 npf_wifi; no ImagePath
C:\ProgramData\JA5E54QHG1VKTTOGAOZU08F8J
C:\Users\IRENA-PC\AppData\LocalLow\B2yBpRoCof
C:\Users\IRENA-PC\AppData\LocalLow\4kr4CYIt7j
C:\Users\IRENA-PC\AppData\LocalLow\rCpV8waZwl
C:\Users\IRENA-PC\AppData\LocalLow\ogWWU484LM
C:\Users\IRENA-PC\AppData\LocalLow\zGrjIyDITw
C:\Users\IRENA-PC\AppData\LocalLow\qhcAQPjDDg
C:\Users\IRENA-PC\AppData\LocalLow\OdQjUNyB3q
C:\Users\IRENA-PC\AppData\LocalLow\eHwbcVTD4m
C:\ProgramData\64513.64513
C:\ProgramData\7592
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\IRENA-PC => ":.repos" ADS removed successfully
C:\Users\IRENA-PC\Downloads => ":com.dropbox.attrs" ADS could not remove.
C:\Users\IRENA-PC\Downloads\desktop (New).ini => ":com.dropbox.attrs" ADS could not remove.
"D:\Filmy\Seriály\Telenovely\Bigasoft Video Pro 3.23.2.7675 Multilingual\file.exe" => not found
"C:\Users\IRENA-PC\Dropbox\My PC (IRENA-PC)\Downloads\Bigasoft.Video.Downloader.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\Bigasoft.Video.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\b-vd359a\file.exe" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"C:\Program Files (x86)\hide.me VPN\Hide.me.exe" => not found
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34EDBC21-FC93-4443-A5B6-912CF8FD6D1B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34EDBC21-FC93-4443-A5B6-912CF8FD6D1B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6BABCDAA-9BC6-4EF1-97CA-B64ED3F3022B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BABCDAA-9BC6-4EF1-97CA-B64ED3F3022B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
HKLM\System\CurrentControlSet\Services\npf_wifi => removed successfully
npf_wifi => service removed successfully
C:\ProgramData\JA5E54QHG1VKTTOGAOZU08F8J => moved successfully
C:\Users\IRENA-PC\AppData\LocalLow\B2yBpRoCof => moved successfully
C:\Users\IRENA-PC\AppData\LocalLow\4kr4CYIt7j => moved successfully
C:\Users\IRENA-PC\AppData\LocalLow\rCpV8waZwl => moved successfully
C:\Users\IRENA-PC\AppData\LocalLow\ogWWU484LM => moved successfully
C:\Users\IRENA-PC\AppData\LocalLow\zGrjIyDITw => moved successfully
C:\Users\IRENA-PC\AppData\LocalLow\qhcAQPjDDg => moved successfully
C:\Users\IRENA-PC\AppData\LocalLow\OdQjUNyB3q => moved successfully
C:\Users\IRENA-PC\AppData\LocalLow\eHwbcVTD4m => moved successfully
C:\ProgramData\64513.64513 => moved successfully
C:\ProgramData\7592 => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11638715 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 69729586 B
Edge => 0 B
Chrome => 96040400 B
Brave => 0 B
Firefox => 24450731 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
IRENA-PC => 28656376 B

RecycleBin => 2454263 B
EmptyTemp: => 232.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:08:21 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#9 Příspěvek od Rudy »

Podle logu je windef zapnutý. Pokud máte problém zkuste obnovu systému k datu, kdy korektně fungoval. Problém malware to asi není.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

chenny
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 06 zář 2007 09:50

Re: Prosím o kontrolu logu

#10 Příspěvek od chenny »

Obnovu systému jsem provedla než jsem sem psala, ale nepomohlo to. Ok, tak děkuji.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#11 Příspěvek od Rudy »

Ještě můžete zkusit opravu WindowsRepair: https://www.slunecnice.cz/sw/windows-repair/ . Před započetím opravy doporučuji provést zálohu vašich dat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět