Nedá sa mi nič spustiť, všetko blokované a všade koncovka lezp. PC prepol do zakladného režimu.
Viete mi poradiť čo mám robiť? Ďakujem.
Podarilo sa mi spustiť FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2020
Ran by PC (administrator) on DESKTOP-CUHD9KK (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (25-04-2020 00:47:29)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1809 17763.805 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\Run: [SysHelper] => C:\Users\PC\AppData\Local\9e93a227-aded-44a7-9787-9c8ced027929\B290.tmp.exe [784896 2020-04-24] (Access Denied) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37888 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-24] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2019-03-03]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [File not signed]
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.ini.lnk [2020-03-19]
ShortcutTarget: Google.ini.lnk -> C:\Users\PC\AppData\Google.js (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jaardiaw.lnk [2020-04-24]
ShortcutAndArgument: jaardiaw.lnk -> C:\Windows\System32\cmd.exe => /c start "" "C:\Users\PC\AppData\Roaming\Microsoft\Windows\jaardiaw\cejrbbbg.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01E70923-2B95-4955-BA0B-71200DE18CC6} - \Opera scheduled Autoupdate 711520318 -> No File <==== ATTENTION
Task: {06FC6085-2E5D-4656-ACE2-32F44A190D3E} - \EOSv3 Scheduler onTime -> No File <==== ATTENTION
Task: {08A25493-9DAF-4A8D-81F6-593087013F65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe [470952 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {0902AD6C-76A6-4E90-BD77-15FB607E003F} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {1515E966-7FF0-4003-AEDC-3805E098ADA1} - \Adobe Flash Player NPAPI Notifier -> No File <==== ATTENTION
Task: {1592A801-82D8-4091-ACE0-2FED4B2C4D5B} - \EOSv3 Scheduler onLogOn -> No File <==== ATTENTION
Task: {1BAC54FD-D360-482C-8648-40698BCA7EE1} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6562168 2016-09-08] (Nero AG -> Nero AG)
Task: {1FC31668-4BAD-4E28-8271-9B630FA0F51C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe [470952 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4783522E-4979-43D0-B1B1-4CB1FF8F7EA0} - \AMDInstallUEP -> No File <==== ATTENTION
Task: {4B40EA8D-A7AF-4C6D-9FA7-2BE972C87FF2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {508DBA5D-1C8D-4392-B81D-84D6C8175562} - \Opera scheduled assistant Autoupdate 1582762724 -> No File <==== ATTENTION
Task: {541A8380-0CF9-444D-A5E2-2019A9BFFC37} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {54D59D9B-C9B4-42D9-B0E1-6EB953795C1B} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {5885E06A-F6FE-4207-BE2D-B43AAE33C843} - \Time Trigger Task -> No File <==== ATTENTION
Task: {65781D4D-1E04-471E-A0A8-EADD85BAA494} - \StartDVR -> No File <==== ATTENTION
Task: {7BBC3BE0-40BA-4EA6-A5F6-8ACC03C20AE6} - \{1ABD41D0-0BF0-E01C-705B-27257D6C7EB3} -> No File <==== ATTENTION
Task: {7E6D3919-E9E4-4888-97AB-50452D924E4B} - \AMD ThankingURL -> No File <==== ATTENTION
Task: {83F012FC-DAD6-47E8-8116-C0E31F1FD301} - \Opera scheduled Autoupdate 1549279223 -> No File <==== ATTENTION
Task: {8E00CACB-69A0-4427-8B13-C958F34C32CD} - System32\Tasks\synhelper\{19EE27F2-43A7-AE60-5C14-1DC53B58CC6E} => C:\Users\PC\AppData\Roaming\19EE27~1\SYNHEL~1.EXE <==== ATTENTION
Task: {92B6A7B6-E52C-46A4-A64A-BF62D57964B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe [470952 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A19994D2-F57C-4D43-BB9F-F66A264816BC} - \StartCN -> No File <==== ATTENTION
Task: {B32A1DAD-299D-4304-A190-E7596E3EAAEF} - \Avast Emergency Update -> No File <==== ATTENTION
Task: {CE3726C1-278C-4C37-A141-5004FD8C8373} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {D92BEEB8-1B61-4A71-AD2B-B9926FA81DF3} - \AMDLinkUpdate -> No File <==== ATTENTION
Task: {D95E4599-1CE7-4339-AD28-3656F850F1E4} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\PC\AppData\Roaming\\systemdiag\\sysinfo.exe [66560 2017-03-12] () [File not signed] <==== ATTENTION
Task: {DAFE6B52-5778-4D7A-99BF-376AB59E9922} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe [470952 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F03CCFB9-8B04-4834-9A5A-D26C8C207C4A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {F2B64E06-CABA-43FF-86E7-DBFF49A487AC} - \ModifyLinkUpdate -> No File <==== ATTENTION
Task: {F3741818-85CF-4C9D-8B3C-4B125FDF2BF2} - \StartCNBM -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{04340e76-ac87-4a42-a76b-965159d69b56}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4be2033d-b1df-4be2-a167-76a212fccdaf}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7fba59c5-df63-4d01-97b8-230fd16c20d4}: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{f90f368c-4581-478e-aebc-f28088acd8bb}: [DhcpNameServer] 217.23.254.124 217.23.254.125
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll [2011-06-18] (IE Download Helper) [File not signed]
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll [2011-06-18] (IE Download Helper) [File not signed]
Handler: WSKVAllmytubechrome - No CLSID Value
Edge:
======
DownloadDir: C:\Users\PC\Downloads
FireFox:
========
FF DefaultProfile: 7l48g1zn.default
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\wy164l5b.default-release-1575430855046 [2020-04-25]
FF Notifications: Mozilla\Firefox\Profiles\wy164l5b.default-release-1575430855046 -> hxxps://www.instagram.com; hxxps://vk.com
FF Extension: (Google Translator for Firefox) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\wy164l5b.default-release-1575430855046\Extensions\translator@zoli.bod.xpi [2019-12-04]
FF Extension: (Video DownloadHelper) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\wy164l5b.default-release-1575430855046\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-31]
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\7l48g1zn.default [2020-04-24]
FF Notifications: Mozilla\Firefox\Profiles\7l48g1zn.default -> hxxps://mail-notification.info; hxxps://www.facebook.com
FF Extension: (AdvBlocker Lite blokovač reklamy) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\7l48g1zn.default\Extensions\adv-lite-1.0.1@blocker.xpi [2019-05-06]
FF Extension: (SaveFrom.net helper) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\7l48g1zn.default\Extensions\helper@savefrom.net.xpi [2019-11-16]
FF Extension: (Video DownloadHelper) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\7l48g1zn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-09]
FF Extension: (No Name) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\7l48g1zn.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\7l48g1zn.default\extensions\sko-extension@firma.seznam.cz [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{A3D769E6-007E-485F-B2AC-CD7838DD4B20}.xpi [2019-11-08] [not signed]
FF HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-12-09] [Legacy]
FF HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\PC\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\PC\AppData\Roaming\IDM\idmmzcc5 [2020-04-21] [Legacy] [not signed]
FF HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-14] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-29] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-29] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2020-04-25]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-24]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-24]
CHR HKU\S-1-5-21-3825040074-1848257447-117141455-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-3825040074-1848257447-117141455-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [moihledlmchhofenpacbhphnbnpakgmo]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-12-18]
Opera:
=======
OPR Notifications: hxxps://en.savefrom.net; hxxps://hqq.tv; hxxps://mail-notification.info; hxxps://sauwoaptain.com; hxxps://spisiakoviny.eu; hxxps://vk.com; hxxps://www.bigbuy.eu; hxxps://www.facebook.com; hxxps://www.freefilm.to
OPR Extension: (Adblocker for Youtube™) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\ehjcblokmiepgmmbmkmkgnacjcbekcbl [2019-11-08]
OPR Extension: (Speed Translate) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\jggobmlojchhlngdhmmdghgganciigof [2019-12-04]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2019-09-03]
OPR Extension: (SaveFrom.net helper) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2020-04-24]
OPR Extension: (Bookmarks Import & Export) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\omhcddilnfoiiplehpjihipcocdplljn [2019-11-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0348309.inf_amd64_da0b285cf0c5a651\B348293\atiesrxx.exe [509352 2019-11-04] (Advanced Micro Devices, Inc. -> AMD)
S2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-11-01] (AMD) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8352184 2019-02-07] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [97776 2018-03-27] (INTERNET PROJECT LLC -> Freemake)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2018-03-27] (Ellora Assets Corp.) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2014-05-23] (Wireless) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [51696 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Avira.ServiceHost; "C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe" [X]
S2 ClickToRunSvc; "C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service [X]
S3 ose64; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0348309.inf_amd64_da0b285cf0c5a651\B348293\atikmdag.sys [60670888 2019-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0348309.inf_amd64_da0b285cf0c5a651\B348293\atikmpag.sys [598440 2019-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S2 AODDriver4.3.0; C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
S1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-05-19] (AVAST Software s.r.o. -> AVAST Software)
S3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 DigiartyVirtualCDBus; C:\WINDOWS\System32\drivers\DigiartyVirtualCDBus.sys [276256 2019-11-10] (Digiarty, Inc. -> Digiarty Software, Inc.)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-02-04] (Martin Malik - REALiX -> REALiX(tm))
R1 JSWPSLWF; C:\WINDOWS\system32\DRIVERS\jswpslwfx.sys [26624 2014-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-02-24] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1139848 2019-02-05] (Realtek Semiconductor Corp. -> Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8206848 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [333792 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-25 00:40 - 2020-04-25 00:44 - 018350080 _____ C:\WINDOWS\system32\C_32770.NLS
2020-04-25 00:39 - 2020-04-25 00:43 - 018350080 ____N C:\WINDOWS\system32\config\SYSTEM
2020-04-25 00:37 - 2020-04-25 00:38 - 001980016 ____C (Malwarebytes) C:\Users\PC\Downloads\MBSetup.exe
2020-04-25 00:26 - 2020-04-25 00:27 - 000061914 ____C C:\Users\PC\Desktop\Addition.txt
2020-04-25 00:23 - 2020-04-25 00:49 - 000023004 ____C C:\Users\PC\Desktop\FRST.txt
2020-04-25 00:20 - 2020-04-25 00:20 - 002282496 ____C (Farbar) C:\Users\PC\Desktop\FRST64.exe
2020-04-24 23:51 - 2020-04-25 00:05 - 000000000 ____D C:\Program Files\trend micro
2020-04-24 23:51 - 2020-04-24 23:51 - 000000000 ____D C:\rsit
2020-04-24 23:50 - 2020-04-24 23:51 - 001222144 ____C C:\Users\PC\Desktop\RSITx64.exe
2020-04-24 23:32 - 2020-04-24 23:36 - 000000000 ___DC C:\ProgramData\TEMP
2020-04-24 23:20 - 2020-04-24 23:20 - 000388608 ____C (Trend Micro Inc.) C:\Users\PC\Desktop\HijackThis.exe
2020-04-24 23:13 - 2020-04-24 23:13 - 000068424 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2020-04-24 22:45 - 2020-04-24 22:45 - 000000000 ____D C:\WINDOWS\pss
2020-04-24 22:38 - 2020-04-24 22:43 - 000000000 ____D C:\sh5ldr
2020-04-24 22:38 - 2020-04-24 22:38 - 000001055 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-04-24 22:38 - 2020-04-24 22:38 - 000000000 ___DC C:\ProgramData\EnigmaSoft Limited
2020-04-24 22:38 - 2020-04-24 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-04-24 22:38 - 2020-04-24 22:38 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-04-24 22:34 - 2020-04-24 22:43 - 006455854 ____C C:\Users\PC\Downloads\SpyHunter-Installer.exe.lezp
2020-04-24 22:18 - 2020-04-25 00:12 - 000000000 ___DC C:\Users\PC\AppData\Local\9e93a227-aded-44a7-9787-9c8ced027929
2020-04-24 22:08 - 2020-04-24 22:08 - 000001116 ____C C:\Users\PC\_readme.txt
2020-04-24 22:07 - 2020-04-24 22:10 - 000000000 ___DC C:\Users\PC\AppData\Roaming\wik0rj04sil
2020-04-24 22:07 - 2020-04-24 22:08 - 000000000 ____D C:\Program Files\K6HGF5G4M7
2020-04-24 22:07 - 2020-04-24 22:07 - 000000000 ___DC C:\Users\PC\AppData\Local\4a99b151-9fb3-43fc-be15-723444579ff9
2020-04-24 22:06 - 2020-04-24 22:06 - 001246160 ____C (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000440120 ____C (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000334288 ____C (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000144848 ____C (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000137168 ____C (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000083784 ____C (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000000559 ____C C:\Users\PC\AppData\Local\bowsakkdestx.txt
2020-04-24 22:06 - 2020-04-24 22:06 - 000000049 ____C C:\Users\PC\AppData\Local\script.ps1
2020-04-24 22:06 - 2020-04-24 22:06 - 000000000 ___DC C:\Users\PC\AppData\Local\70295ff5-85b0-4bea-a71e-e1adaac6a9ae
2020-04-24 22:06 - 2020-04-24 22:06 - 000000000 ___DC C:\ProgramData\1FNGR8TNJGWN229V8BV7DKKDJ
2020-04-24 22:06 - 2020-04-24 22:06 - 000000000 ____D C:\SystemID
2020-04-24 22:05 - 2020-04-24 22:10 - 000000000 ___DC C:\Users\PC\AppData\Roaming\spyvio1ad4z
2020-04-24 22:05 - 2020-04-24 22:08 - 000000000 ____D C:\Program Files (x86)\OI
2020-04-24 22:05 - 2020-04-24 22:06 - 000607232 _____ C:\WINDOWS\system32\JU5W6tSk29.exe
2020-04-24 22:05 - 2020-04-24 22:06 - 000000000 ____D C:\Program Files\2HGKOU9R05
2020-04-24 22:05 - 2020-04-24 22:05 - 006527376 ____N C:\WINDOWS\system32\Drivers\Wdf06747.sys
2020-04-24 22:05 - 2020-04-24 22:05 - 000000000 ___DC C:\Users\PC\AppData\Local\c9be20e8-bb55-4cb9-bcfd-ddbc5e05e6a4
2020-04-24 22:05 - 2020-04-24 22:05 - 000000000 ____D C:\WINDOWS\SysWOW64\ecqhffhy
2020-04-24 22:05 - 2020-04-24 22:05 - 000000000 ____D C:\Program Files (x86)\Seed Trade
2020-04-24 22:04 - 2020-04-24 22:12 - 000000000 ___DC C:\Users\PC\AppData\Local\inetinfoservice
2020-04-22 02:12 - 2020-04-24 22:33 - 000159540 ____C C:\Users\PC\Downloads\markiza.jpg.lezp
2020-04-22 02:10 - 2020-04-24 22:33 - 000273167 ____C C:\Users\PC\Downloads\Matelko.jpg.lezp
2020-04-21 23:15 - 2020-04-24 22:33 - 000000000 ___DC C:\Users\PC\Documents\TMPGEnc Video Mastering Works 7
2020-04-21 23:10 - 2020-04-24 22:33 - 000000000 ___DC C:\Users\PC\Desktop\TMPGEnc Video Mastering Works 7.0.15.17
2020-04-21 23:10 - 2020-04-24 22:04 - 000000000 ___DC C:\Users\PC\AppData\Roaming\SystemDiag
2020-04-21 23:06 - 2020-04-21 23:06 - 000000000 ____D C:\Program Files\Pegasys Inc
2020-04-21 18:40 - 2020-04-21 18:51 - 628370805 _____ C:\WINDOWS\MEMORY.DMP
2020-04-20 23:00 - 2020-04-24 22:33 - 000052271 ____C C:\Users\PC\Downloads\orban.jpg.lezp
2020-04-20 14:51 - 2020-04-24 22:33 - 000077272 ____C C:\Users\PC\Downloads\aria bella1.jpg.lezp
2020-04-20 11:18 - 2020-04-24 22:33 - 001224598 ____C C:\Users\PC\Downloads\flashplayer32au_ha_install.exe.lezp
2020-04-19 05:23 - 2020-04-24 22:33 - 000016956 ____C C:\Users\PC\Downloads\20571226.jpg.lezp
2020-04-19 05:17 - 2020-04-24 22:33 - 000069886 ____C C:\Users\PC\Downloads\Anastasia-Shcheglova-nude-6.jpg.lezp
2020-04-18 23:11 - 2020-04-24 22:33 - 000025066 ____C C:\Users\PC\Downloads\plán.jpg.lezp
2020-04-13 23:21 - 2020-04-24 22:33 - 000084159 ____C C:\Users\PC\Downloads\Anastasia Shcheglova.jpg.lezp
2020-04-13 20:43 - 2020-04-13 20:53 - 373510789 ___RC C:\Users\PC\Desktop\Britney S.mp4
2020-04-13 01:22 - 2020-04-24 22:33 - 000066355 ____C C:\Users\PC\Downloads\Gulag.jpg.lezp
2020-04-12 00:51 - 2020-04-24 22:33 - 000020389 ____C C:\Users\PC\Downloads\92762546_2940023296065456_1332934583393452032_n.jpg.lezp
2020-04-12 00:26 - 2020-04-24 22:33 - 000052926 ____C C:\Users\PC\Downloads\92281532_3156575411039874_634582852503076864_n.jpg.lezp
2020-04-11 23:58 - 2020-04-24 22:33 - 000054228 ____C C:\Users\PC\Downloads\93118614_2751544641567426_8872392214278307840_n.jpg.lezp
2020-04-11 23:48 - 2020-04-24 22:33 - 000048201 ____C C:\Users\PC\Downloads\90751573_2583138338598543_3878598958573944832_n.jpg.lezp
2020-04-10 15:29 - 2020-04-24 22:33 - 084475580 ____C C:\Users\PC\Downloads\krasne baby.mp4.lezp
2020-04-10 04:31 - 2020-04-10 04:31 - 000000000 ____D C:\Users\Start Menu\Xvid
2020-04-10 04:31 - 2020-04-10 04:31 - 000000000 ____D C:\Program Files (x86)\Xvid
2020-04-10 04:31 - 2019-12-28 16:23 - 000710144 _____ C:\WINDOWS\system32\xvidcore.dll
2020-04-10 04:31 - 2019-12-28 16:23 - 000251392 _____ C:\WINDOWS\system32\xvidvfw.dll
2020-04-10 04:31 - 2019-12-28 16:23 - 000172032 _____ C:\WINDOWS\system32\xvid.ax
2020-04-10 04:31 - 2019-12-28 16:22 - 000636416 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2020-04-10 04:31 - 2019-12-28 16:22 - 000235520 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2020-04-10 04:31 - 2019-12-28 16:22 - 000148480 _____ C:\WINDOWS\SysWOW64\xvid.ax
2020-04-10 03:07 - 2020-04-24 22:33 - 000229811 ____C C:\Users\PC\Downloads\Rihanna2.jpg.lezp
2020-04-10 03:06 - 2020-04-24 22:33 - 000178598 ____C C:\Users\PC\Downloads\Rihanna1.jpg.lezp
2020-04-10 00:17 - 2020-04-24 22:33 - 013657042 ____C C:\Users\PC\Downloads\Čaputová.mp4.lezp
2020-04-07 23:16 - 2020-04-07 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2020-04-07 23:16 - 2020-04-07 23:16 - 000000000 ____D C:\Program Files (x86)\ffdshow
2020-04-07 23:16 - 2015-09-13 12:38 - 000127488 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2020-04-06 15:31 - 2020-04-06 15:31 - 000000000 ___DC C:\Users\PC\Documents\FXHOME
2020-04-06 15:31 - 2020-04-06 15:31 - 000000000 ___DC C:\Users\PC\AppData\Local\FXHOME Helper
2020-04-06 15:30 - 2020-04-06 15:31 - 000000000 ___DC C:\Users\PC\AppData\Local\HitFilm Express Activation
2020-04-06 15:30 - 2020-04-06 15:30 - 000000000 ___DC C:\Users\PC\AppData\Roaming\AMD
2020-04-06 15:30 - 2020-04-06 15:30 - 000000000 ___DC C:\Users\PC\AppData\Local\FXHOME
2020-04-06 15:30 - 2020-04-06 15:30 - 000000000 ___DC C:\ProgramData\FXHOME
2020-04-06 15:30 - 2020-04-06 15:30 - 000000000 ___DC C:\ProgramData\BorisFX
2020-04-06 15:30 - 2020-04-06 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitFilm Express
2020-04-06 15:30 - 2020-04-06 15:30 - 000000000 ____D C:\Program Files\FXHOME
2020-04-06 15:30 - 2020-04-06 15:30 - 000000000 ____D C:\Program Files\Common Files\OFX
2020-04-06 15:30 - 2020-04-06 15:30 - 000000000 ____D C:\Program Files\BorisFX
2020-04-06 15:07 - 2020-04-06 15:07 - 000003600 _____ C:\Users\PC\Desktop\Wondershare Filmora9.exe – odkaz.lnk
2020-04-06 14:56 - 2020-04-06 14:56 - 000001188 _____ C:\Users\Public\Desktop\Wondershare Filmora9.lnk
2020-04-06 14:56 - 2020-04-06 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-04-06 14:55 - 2020-04-24 22:33 - 000000000 ___DC C:\Users\PC\Documents\Wondershare Filmora 9
2020-04-06 14:55 - 2020-04-06 17:18 - 000000000 ___DC C:\ProgramData\Wondershare Filmora
2020-04-06 14:55 - 2020-04-06 14:55 - 000000000 ____D C:\Program Files\Wondershare
2020-04-06 14:50 - 2020-04-06 14:50 - 000001018 ____C C:\Users\PC\Desktop\shotcut.exe – odkaz.lnk
2020-04-06 14:43 - 2020-04-06 14:43 - 000000000 ___DC C:\Users\PC\AppData\Local\Meltytech
2020-04-06 14:42 - 2020-04-06 14:42 - 000001711 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk
2020-04-06 14:42 - 2020-04-06 14:42 - 000000000 ____D C:\Program Files\Shotcut
2020-04-06 01:59 - 2020-04-24 22:33 - 000052381 ____C C:\Users\PC\Downloads\92037973_3177423758937243_2459926803498663936_n.jpg.lezp
2020-04-05 23:35 - 2020-04-05 23:35 - 000000000 ___DC C:\Users\PC\AppData\Local\Nero_AG
2020-04-05 23:14 - 2020-04-07 23:09 - 000000000 ____D C:\Program Files\K-Lite Codec Pack x64
2020-04-05 23:11 - 2020-04-24 22:33 - 014136509 ____C C:\Users\PC\Downloads\k-lite-codec-pack_6.4.264-bit.exe.lezp
2020-04-05 23:01 - 2020-04-05 23:01 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-04-05 22:53 - 2020-04-05 22:53 - 000000000 ___DC C:\Users\PC\Downloads\mpc_toolbar_Gem_Black_by_Xyteton
2020-04-05 22:52 - 2020-04-05 23:07 - 000001745 ____C C:\Users\PC\Desktop\MPC-HC x64.lnk
2020-04-05 22:52 - 2020-04-05 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2020-04-05 22:52 - 2020-04-05 23:07 - 000000000 ____D C:\Program Files\MPC-HC
2020-04-04 23:43 - 2020-04-24 22:33 - 127139589 ____C C:\Users\PC\Downloads\SUPERSTAR 07 Hošťálková.mp4.lezp
2020-04-04 21:51 - 2020-04-24 22:33 - 000106242 ____C C:\Users\PC\Downloads\91583106_2798869843493940_5907932059170504704_o.jpg.lezp
2020-04-04 03:12 - 2020-04-24 22:33 - 000138042 ____C C:\Users\PC\Downloads\91582469_590999784822760_1064224240896573440_o.jpg.lezp
2020-04-04 01:37 - 2020-04-24 22:33 - 000020692 ____C C:\Users\PC\Downloads\Pedro.jpg.lezp
2020-04-03 02:41 - 2020-04-24 22:33 - 000147513 ____C C:\Users\PC\Downloads\Saková.jpg.lezp
2020-04-01 22:39 - 2020-04-24 22:33 - 000061611 ____C C:\Users\PC\Downloads\91221914_3676184422454071_6809234068677328896_n.jpg.lezp
2020-04-01 18:27 - 2020-04-06 16:21 - 000000000 ___DC C:\Users\PC\Downloads\Baby
2020-04-01 09:52 - 2020-04-24 22:33 - 002977352 ____C C:\Users\PC\Desktop\Shaved-Cute-Pretty-Delicious-Brunette-Missy-with-Plump-Pussy-from-AmourAngels-Wearing-Pink-Minidress-2.jpg.lezp
2020-04-01 09:52 - 2020-04-24 22:33 - 000464012 ____C C:\Users\PC\Desktop\tumblr_nalvr2IUNB1rwcwi6o1_500.gif.lezp
2020-04-01 09:52 - 2020-04-24 22:33 - 000454954 ____C C:\Users\PC\Desktop\top2.gif.lezp
2020-04-01 09:52 - 2020-04-24 22:33 - 000421443 ____C C:\Users\PC\Desktop\tumblr_mtauvxJKUv1sh4jg7o1_500.png.lezp
2020-04-01 09:52 - 2020-04-24 22:33 - 000172012 ____C C:\Users\PC\Desktop\Sexy_pussy_lip_Natalie_Portman_nude_ass_xxx_butt_photo.jpg.lezp
2020-04-01 09:52 - 2020-04-24 22:33 - 000142024 ____C C:\Users\PC\Desktop\transport2.jpg.lezp
2020-04-01 09:49 - 2020-04-24 22:33 - 000023285 ____C C:\Users\PC\Desktop\prcka1.jpg.lezp
2020-04-01 09:48 - 2020-04-24 22:33 - 000372680 ____C C:\Users\PC\Desktop\IeXwfnT.jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000596396 ____C C:\Users\PC\Desktop\cassidy-cole01 (Kopírovat).jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000525564 ____C C:\Users\PC\Desktop\cassidy-cole02 (Kopírovat).jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000523872 ____C C:\Users\PC\Desktop\destiny_moody_6.jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000519753 ____C C:\Users\PC\Desktop\destiny_moody_11.jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000378402 ____C C:\Users\PC\Desktop\Claire Forlani Naked Pics 08.jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000168917 ____C C:\Users\PC\Desktop\Claire Forlani Naked Pics 06.jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000167590 ____C C:\Users\PC\Desktop\Belicia2.jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000151264 ____C C:\Users\PC\Desktop\Claire Forlani Naked Pics 07.jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000134721 ____C C:\Users\PC\Desktop\Belicia1.jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000087357 ____C C:\Users\PC\Desktop\CxXPA.jpg.lezp
2020-04-01 09:47 - 2020-04-24 22:33 - 000064711 ____C C:\Users\PC\Desktop\Claire Forlani Nude Pictures 04.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000084680 ____C C:\Users\PC\Desktop\160823-140646-480x837-S.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000059488 ____C C:\Users\PC\Desktop\161006-110419-633x839-S.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000054946 ____C C:\Users\PC\Desktop\170119-024611-601x761-S.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000051379 ____C C:\Users\PC\Desktop\160919-095349-479x599-S.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000042199 ____C C:\Users\PC\Desktop\160919-095931-480x599-S.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000036992 ____C C:\Users\PC\Desktop\161110-024400-415x755-S.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000031915 ____C C:\Users\PC\Desktop\160923-220952-480x369-S.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000030809 ____C C:\Users\PC\Desktop\170225-224924-538x727-S.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000027915 ____C C:\Users\PC\Desktop\160827-121521-271x589-S.jpg.lezp
2020-04-01 09:44 - 2020-04-24 22:33 - 000020599 ____C C:\Users\PC\Desktop\160714-231555-477x293-S.jpg.lezp
2020-03-31 14:25 - 2020-04-24 22:33 - 001002032 ____C C:\Users\PC\Desktop\VID_20170516_100248.mp4_snapshot_00.41.315.jpg.lezp
2020-03-31 14:12 - 2020-04-24 22:33 - 000417523 ____C C:\Users\PC\Desktop\intímne zostrihy.jpg.lezp
2020-03-31 02:04 - 2020-04-24 22:33 - 000041849 ____C C:\Users\PC\Downloads\91890913_10216406920631408_4223562605710540800_n.jpg.lezp
2020-03-31 01:59 - 2020-04-24 22:33 - 000044021 ____C C:\Users\PC\Downloads\91320112_2638010839855784_3346414779311849472_n.jpg.lezp
2020-03-31 01:53 - 2020-04-24 22:33 - 000067944 ____C C:\Users\PC\Downloads\91372013_2660221697421265_2713571633376788480_n.jpg.lezp
2020-03-31 01:50 - 2020-04-24 22:33 - 003195667 ____C C:\Users\PC\Downloads\Ruská hymna v ITA.mp4.lezp
2020-03-31 01:47 - 2020-04-24 22:33 - 000113975 ____C C:\Users\PC\Downloads\91238289_667544317432926_622642766110785536_o.jpg.lezp
2020-03-31 01:31 - 2020-04-24 22:33 - 000044397 ____C C:\Users\PC\Downloads\74789170_10205831421301369_5015181707507138560_n.jpg.lezp
2020-03-31 01:30 - 2020-04-24 22:33 - 000098747 ____C C:\Users\PC\Downloads\90781534_10206455144774066_3492245493289844736_n.jpg.lezp
2020-03-31 01:30 - 2020-04-24 22:33 - 000066842 ____C C:\Users\PC\Downloads\90323956_10206408053556815_2004884308501725184_n.jpg.lezp
2020-03-31 01:20 - 2020-04-24 22:33 - 010114343 ____C C:\Users\PC\Downloads\sranda video.mp4.lezp
2020-03-31 00:08 - 2020-04-24 22:33 - 000169736 ____C C:\Users\PC\Downloads\70065.jpg.lezp
2020-03-31 00:06 - 2020-04-24 22:33 - 002210954 ____C C:\Users\PC\Downloads\na coronu.mp4.lezp
2020-03-30 23:37 - 2020-04-24 22:33 - 000031032 ____C C:\Users\PC\Downloads\90652245_3031032930370702_3722122300569419776_o.jpg.lezp
2020-03-28 02:51 - 2020-04-24 22:33 - 000162204 ____C C:\Users\PC\Downloads\90846185_10216455899455524_6157041064281636864_o.jpg.lezp
2020-03-28 02:50 - 2020-04-24 22:33 - 000206377 ____C C:\Users\PC\Downloads\90780065_629851747849215_2877683197045374976_o.jpg.lezp
2020-03-28 02:49 - 2020-04-24 22:33 - 000091232 ____C C:\Users\PC\Downloads\90755514_629851334515923_5424553118006247424_n.jpg.lezp
2020-03-28 02:48 - 2020-04-24 22:33 - 000092047 ____C C:\Users\PC\Downloads\90995442_629846704516386_2363032697783189504_o.jpg.lezp
2020-03-28 02:48 - 2020-04-24 22:33 - 000066926 ____C C:\Users\PC\Downloads\90958527_629846477849742_2377320387529670656_n.jpg.lezp
2020-03-28 00:07 - 2020-04-24 22:33 - 000137780 ____C C:\Users\PC\Downloads\90790479_219265932646813_7796386951103250432_n.jpg.lezp
2020-03-28 00:06 - 2020-04-24 22:33 - 000112729 ____C C:\Users\PC\Downloads\90964626_219266375980102_7851181357886603264_o.jpg.lezp
2020-03-28 00:05 - 2020-04-24 22:33 - 000096335 ____C C:\Users\PC\Downloads\90794068_219426449297428_1573410437951651840_o.jpg.lezp
2020-03-27 23:21 - 2020-04-24 22:33 - 000070077 ____C C:\Users\PC\Downloads\90338611_3101854669826195_3501752820011368448_n.jpg.lezp
2020-03-26 22:08 - 2020-04-24 22:33 - 000203848 ____C C:\Users\PC\Downloads\502797706_vo3922Copy_123_390lo.jpg.lezp
2020-03-26 02:50 - 2020-04-24 22:33 - 000276874 ____C C:\Users\PC\Downloads\90823220_1566154300215090_5774255647373656064_o.jpg.lezp
2020-03-26 02:46 - 2020-04-24 22:33 - 000052360 ____C C:\Users\PC\Downloads\Taliansko EU.jpg.lezp
2020-03-26 02:10 - 2020-04-24 22:33 - 000035815 ____C C:\Users\PC\Downloads\90683307_3001486339873686_8280928071763099648_n.jpg.lezp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-25 00:48 - 2020-03-25 01:21 - 000000000 ____D C:\FRST
2020-04-25 00:44 - 2019-05-19 19:43 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-04-25 00:43 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-25 00:39 - 2019-02-14 10:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-25 00:39 - 2019-02-05 20:28 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-04-25 00:39 - 2018-09-15 08:09 - 018087936 _____ C:\WINDOWS\system32\config\BCD00000000
2020-04-25 00:26 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-25 00:13 - 2019-02-14 11:41 - 000000000 ___DC C:\Users\PC\AppData\LocalLow\Mozilla
2020-04-24 23:53 - 2020-02-28 11:36 - 000000000 ___DC C:\Users\PC\Downloads\rpc444
2020-04-24 23:01 - 2019-02-04 13:06 - 000000000 ___DC C:\Users\PC\AppData\Local\Packages
2020-04-24 23:01 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-24 23:00 - 2019-02-04 13:22 - 000000000 ____D C:\Program Files\Microsoft Office
2020-04-24 23:00 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-04-24 22:38 - 2019-02-04 13:06 - 000000000 ___DC C:\Users\PC\AppData\Local\VirtualStore
2020-04-24 22:34 - 2020-03-19 11:18 - 000000000 ___DC C:\Users\PC\AppData\LocalLow\JN3by345by53432y
2020-04-24 22:34 - 2020-03-10 21:09 - 000000000 ___DC C:\Users\PC\AppData\LocalLow\cr6im03b56g32r
2020-04-24 22:33 - 2020-03-25 20:28 - 000090609 ____C C:\Users\PC\Downloads\90965363_225617391966217_3007249767521583104_o.jpg.lezp
2020-04-24 22:33 - 2020-03-25 20:27 - 000093010 ____C C:\Users\PC\Downloads\91051147_225618165299473_7183388877653016576_o.jpg.lezp
2020-04-24 22:33 - 2020-03-25 19:16 - 000061229 ____C C:\Users\PC\Downloads\90668828_2418732665007055_712606564137041920_n.jpg.lezp
2020-04-24 22:33 - 2020-03-25 18:22 - 000685827 ____C C:\Users\PC\Downloads\japonky.jpg.lezp
2020-04-24 22:33 - 2020-03-24 01:32 - 004281523 ____C C:\Users\PC\Downloads\Pomník_Suvorov.jpg.lezp
2020-04-24 22:33 - 2020-03-24 01:18 - 000173154 ____C C:\Users\PC\Downloads\ruská pomoc.jpg.lezp
2020-04-24 22:33 - 2020-03-23 23:49 - 000060435 ____C C:\Users\PC\Downloads\poliaci nepovolili prelet.jpg.lezp
2020-04-24 22:33 - 2020-03-23 23:34 - 000102778 ____C C:\Users\PC\Downloads\90249859_10206979421640731_7873879233548779520_o.jpg.lezp
2020-04-24 22:33 - 2020-03-23 00:36 - 005682941 ____C C:\Users\PC\Downloads\putin Italii.mp4.lezp
2020-04-24 22:33 - 2020-03-22 23:38 - 000046368 ____C C:\Users\PC\Downloads\90629387_257388445274410_6666940943167389696_n.jpg.lezp
2020-04-24 22:33 - 2020-03-22 23:11 - 029453243 ____C C:\Users\PC\Downloads\mačky.mp4.lezp
2020-04-24 22:33 - 2020-03-22 05:04 - 000113091 ____C C:\Users\PC\Downloads\90346550_302871460686985_4105147140429316096_o.jpg.lezp
2020-04-24 22:33 - 2020-03-22 04:33 - 004733345 ____C C:\Users\PC\Downloads\Hitler o korone na SK.mp4.lezp
2020-04-24 22:33 - 2020-03-21 00:53 - 000000000 ___DC C:\Users\PC\Downloads\FormatFactory2020_03_20
2020-04-24 22:33 - 2020-03-20 20:42 - 000054984 ____C C:\Users\PC\Downloads\89824893_1465153856986681_8071285276321775616_n.jpg.lezp
2020-04-24 22:33 - 2020-03-19 06:44 - 012744966 ____C C:\Users\PC\Downloads\kontrola porodnosti.mp4.lezp
2020-04-24 22:33 - 2020-03-19 06:42 - 000117837 ____C C:\Users\PC\Downloads\Merkel rúška.jpeg.lezp
2020-04-24 22:33 - 2020-03-19 06:42 - 000035295 ____C C:\Users\PC\Downloads\putin europe.jpeg.lezp
2020-04-24 22:33 - 2020-03-19 06:41 - 000032379 ____C C:\Users\PC\Downloads\Greta vyzvyly činanov.jpeg.lezp
2020-04-24 22:33 - 2020-03-19 06:39 - 002662343 ____C C:\Users\PC\Downloads\WhatsApp Video 2020-03-18 at 15.01.58.mp4.lezp
2020-04-24 22:33 - 2020-03-18 22:45 - 000036372 ____C C:\Users\PC\Downloads\90595066_10219724831290265_1324870747935473664_n.jpg.lezp
2020-04-24 22:33 - 2020-03-18 21:49 - 022094105 ____C C:\Users\PC\Desktop\MPC-HC.1.9.1.x64.zip.lezp
2020-04-24 22:33 - 2020-03-18 04:07 - 000165959 ____C C:\Users\PC\Downloads\90111508_3130295370321967_3679316423114489856_n.jpg.lezp
2020-04-24 22:33 - 2020-03-18 03:43 - 000031567 ____C C:\Users\PC\Downloads\89880658_1081375102235358_5989703009511145472_n.jpg.lezp
2020-04-24 22:33 - 2020-03-18 01:44 - 000347396 ____C C:\Users\PC\Desktop\wallpaper_backup.jpg.lezp
2020-04-24 22:33 - 2020-03-18 01:43 - 029291725 ____C C:\Users\PC\Desktop\FastSave_53.0.zip.lezp
2020-04-24 22:33 - 2020-03-18 01:42 - 248330056 ____C C:\Users\PC\Desktop\10000000_207850157098036_551609583589770702_n.mp4.lezp
2020-04-24 22:33 - 2020-03-18 01:42 - 002662319 ____C C:\Users\PC\Desktop\89698757_1411667312339176_3608939953023043643_n.mp4.lezp
2020-04-24 22:33 - 2020-03-18 01:41 - 002744370 ____C C:\Users\PC\Desktop\Taliani .mp4.lezp
2020-04-24 22:33 - 2020-03-18 01:40 - 000357112 ____C C:\Users\PC\Desktop\Screenshot_20200317_152107_com.facebook.katana.jpg.lezp
2020-04-24 22:33 - 2020-03-18 01:40 - 000079278 ____C C:\Users\PC\Desktop\FB_IMG_1584454786298.jpg.lezp
2020-04-24 22:33 - 2020-03-17 12:01 - 004965396 ____C C:\Users\PC\Desktop\Josef Laufer - Sbohem lasko, ja jedu dal.mp3.lezp
2020-04-24 22:33 - 2020-03-17 12:01 - 000051557 ____C C:\Users\PC\Desktop\kontakty.vcf.lezp
2020-04-24 22:33 - 2020-03-17 12:01 - 000000000 ___DC C:\Users\PC\Desktop\bluetooth
2020-04-24 22:33 - 2020-03-17 11:59 - 005931393 ____C C:\Users\PC\Desktop\VID-20190606-WA0000.mp4.lezp
2020-04-24 22:33 - 2020-03-17 11:59 - 002944098 ____C C:\Users\PC\Desktop\VID-20191026-WA0001.mp4.lezp
2020-04-24 22:33 - 2020-03-17 11:59 - 000000000 ___DC C:\Users\PC\Desktop\WhatsApp Images
2020-04-24 22:33 - 2020-03-17 11:55 - 000000000 ___DC C:\Users\PC\Desktop\Screenshots
2020-04-24 22:33 - 2020-03-17 11:50 - 007255348 ____C C:\Users\PC\Desktop\Ringtones.zip.lezp
2020-04-24 22:33 - 2020-03-17 04:17 - 000182320 ____C C:\Users\PC\Downloads\90088253_3222103781156225_4014613511912030208_n.jpg.lezp
2020-04-24 22:33 - 2020-03-17 03:52 - 000031085 ____C C:\Users\PC\Desktop\Nová položka Dokument Microsoft Wordu (2).docx.lezp
2020-04-24 22:33 - 2020-03-17 03:49 - 000457860 ____C C:\Users\PC\Downloads\Nová položka Dokument Microsoft Wordu (2).docx.lezp
2020-04-24 22:33 - 2020-03-17 03:49 - 000000000 ___DC C:\Users\PC\Downloads\Nová položka Dokument Microsoft Wordu (2)_files
2020-04-24 22:33 - 2020-03-17 02:44 - 000082931 ____C C:\Users\PC\Downloads\89468375_694363498056955_5491363902685970432_n.jpg.lezp
2020-04-24 22:33 - 2020-03-15 02:35 - 000000000 ____D C:\TEMP
2020-04-24 22:33 - 2020-03-14 22:57 - 003167292 ____C C:\Users\PC\Downloads\88247925_211101080133926_3113110626784772096_n.mp4.lezp
2020-04-24 22:33 - 2020-03-14 21:04 - 006770724 ____C C:\Users\PC\Downloads\87771909_191738985256515_5139114904388632576_n.mp4.lezp
2020-04-24 22:33 - 2020-03-14 20:49 - 011919822 ____C C:\Users\PC\Downloads\10000000_226529448735879_1706452547503390720_n.mp4.lezp
2020-04-24 22:33 - 2020-03-14 18:16 - 000041084 ____C C:\Users\PC\Downloads\9S6G.peter_pellegrini_v_mimoriadnej_relacii_.jpg.lezp
2020-04-24 22:33 - 2020-03-14 03:20 - 004182977 ____C C:\Users\PC\Downloads\Nicholson v Bruseli.mp4.lezp
2020-04-24 22:33 - 2020-03-12 04:54 - 000162956 ____C C:\Users\PC\Downloads\87821750_2797215697160663_6095143198202527744_o.jpg.lezp
2020-04-24 22:33 - 2020-03-12 04:51 - 000102520 ____C C:\Users\PC\Downloads\89598334_555745948375127_6475831614508105728_n.jpg.lezp
2020-04-24 22:33 - 2020-03-12 02:35 - 000057581 ____C C:\Users\PC\Downloads\89672804_649153212566249_1947462781892558848_n.jpg.lezp
2020-04-24 22:33 - 2020-03-11 22:58 - 001153200 ____C C:\Users\PC\Downloads\opilec.mp4.lezp
2020-04-24 22:33 - 2020-03-11 01:59 - 000038222 ____C C:\Users\PC\Downloads\89169270_2871772709536716_5699711340285788160_n.jpg.lezp
2020-04-24 22:33 - 2020-03-10 21:11 - 000387191 ____C C:\Users\PC\AppData\LocalLow\chrome_urls.txt.lezp
2020-04-24 22:33 - 2020-03-10 21:11 - 000008194 ____C C:\Users\PC\AppData\LocalLow\passwords.txt.lezp
2020-04-24 22:33 - 2020-03-10 21:11 - 000002464 ____C C:\Users\PC\AppData\LocalLow\chrome_autofill.txt.lezp
2020-04-24 22:33 - 2020-03-10 01:12 - 000075766 ____C C:\Users\PC\Downloads\89270251_2857215741027048_4911647762740674560_n.jpg.lezp
2020-04-24 22:33 - 2020-03-10 00:26 - 020785409 ____C C:\Users\PC\Downloads\video-1577194160.mp4.lezp
2020-04-24 22:33 - 2020-03-09 20:16 - 000072182 ____C C:\Users\PC\Downloads\89341068_1077998875899395_974482883521544192_o.jpg.lezp
2020-04-24 22:33 - 2020-03-09 16:51 - 000155680 ____C C:\Users\PC\Downloads\88325775_845414315871203_6891378981820432384_o.jpg.lezp
2020-04-24 22:33 - 2020-03-07 23:11 - 008508801 ____C C:\Users\PC\Downloads\10000000_508877796483963_3776874221536280576_n.mp4.lezp
2020-04-24 22:33 - 2020-03-07 21:25 - 001634888 ____C C:\Users\PC\Downloads\86851709_807202216459971_7768807935303483392_n.mp4.lezp
2020-04-24 22:33 - 2020-03-04 02:34 - 000105668 ____C C:\Users\PC\Downloads\88160841_130584315139184_2553693838015201280_n.jpg.lezp
2020-04-24 22:33 - 2020-03-01 03:59 - 000093853 ____C C:\Users\PC\Downloads\87857631_2460219544229395_3026843425505804288_n.jpg.lezp
2020-04-24 22:33 - 2020-02-29 20:39 - 000078995 ____C C:\Users\PC\Downloads\88033835_2717851181625171_1526050417694212096_n.jpg.lezp
2020-04-24 22:33 - 2020-02-29 19:49 - 000092743 ____C C:\Users\PC\Downloads\87839160_3058994000791087_4279779067575664640_o.jpg.lezp
2020-04-24 22:33 - 2020-02-29 15:52 - 000620828 ____C C:\Users\PC\Downloads\86411986_200259434693683_8221574196417789952_n.mp4.lezp
2020-04-24 22:33 - 2020-02-29 15:43 - 000207337 ____C C:\Users\PC\Downloads\88132068_1503617413129586_1350536110991736832_o.jpg.lezp
2020-04-24 22:33 - 2020-02-29 01:15 - 000099104 ____C C:\Users\PC\Downloads\albert.jpg.lezp
2020-04-24 22:33 - 2020-02-29 01:11 - 000110556 ____C C:\Users\PC\Downloads\87806354_2768698286500195_4174224903337148416_o.jpg.lezp
2020-04-24 22:33 - 2020-02-29 00:57 - 000141475 ____C C:\Users\PC\Downloads\52297947_2302880133329594_7849098191373860864_n.jpg.lezp
2020-04-24 22:33 - 2020-02-29 00:48 - 000076872 ____C C:\Users\PC\Downloads\87784139_2835524599846611_6055522202206339072_n.jpg.lezp
2020-04-24 22:33 - 2020-02-29 00:47 - 000029052 ____C C:\Users\PC\Downloads\88265876_2790592677701693_6376200948905148416_n.jpg.lezp
2020-04-24 22:33 - 2020-02-28 17:41 - 000130319 ____C C:\Users\PC\Downloads\88060266_232044887965887_8420284637938450432_o.jpg.lezp
2020-04-24 22:33 - 2020-02-28 17:23 - 001414648 ____C C:\Users\PC\Downloads\hajzli.mp4.lezp
2020-04-24 22:33 - 2020-02-28 17:20 - 007333903 ____C C:\Users\PC\Downloads\Kisko svet.mp4.lezp
2020-04-24 22:33 - 2020-02-28 16:58 - 000031222 ____C C:\Users\PC\Downloads\88984799_507728443264009_554311739101937664_n.jpg.lezp
2020-04-24 22:33 - 2020-02-28 16:08 - 000068027 ____C C:\Users\PC\Downloads\Harabin air.jpg.lezp
2020-04-24 22:33 - 2020-02-27 03:40 - 013652751 ____C C:\Users\PC\Downloads\LOndýn odvrátená tvár.mp4.lezp
2020-04-24 22:33 - 2020-02-27 03:09 - 000003776 ____C C:\Users\PC\Desktop\protesty.txt.lezp
2020-04-24 22:33 - 2020-02-27 02:25 - 000027339 ____C C:\Users\PC\Downloads\Putin kočner.jpg.lezp
2020-04-24 22:33 - 2020-02-25 04:53 - 000037937 ____C C:\Users\PC\Downloads\84022345_3191269280886373_1721555224474157056_n.jpg.lezp
2020-04-24 22:33 - 2020-02-25 03:54 - 000039950 ____C C:\Users\PC\Downloads\KIska šušeň.jpg.lezp
2020-04-24 22:33 - 2020-02-24 23:35 - 000054307 ____C C:\Users\PC\Downloads\karikatúra-Andrej-Mišanek-960x548.jpg.lezp
2020-04-24 22:33 - 2020-02-24 23:07 - 000000000 ___DC C:\Users\PC\Documents\dwhelper
2020-04-24 22:33 - 2020-02-24 22:15 - 000045204 ____C C:\Users\PC\Downloads\5143826811321440139.png.lezp
2020-04-24 22:33 - 2020-02-24 21:16 - 000059771 ____C C:\Users\PC\Downloads\odkaz.jpg.lezp
2020-04-24 22:33 - 2020-02-23 02:22 - 000041431 ____C C:\Users\PC\Downloads\Matovič a LIpšic.jpg.lezp
2020-04-24 22:33 - 2020-02-23 02:19 - 009487138 ____C C:\Users\PC\Downloads\Blaha Bellingcat.mp4.lezp
2020-04-24 22:33 - 2020-02-23 00:56 - 000001319 ____C C:\Users\PC\AppData\LocalLow\thunderbird.txt.lezp
2020-04-24 22:33 - 2020-02-05 16:06 - 000171785 ____C C:\Users\PC\Desktop\Nicolle A.jpg.lezp
2020-04-24 22:33 - 2020-01-19 00:53 - 000000000 ___DC C:\Users\PC\Downloads\VSO Downloader 5.0.1.64 + Ultimate
2020-04-24 22:33 - 2020-01-07 19:07 - 000000000 ___DC C:\Users\PC\Desktop\Nový priečinok (4)
2020-04-24 22:33 - 2020-01-07 10:17 - 000000000 ___DC C:\Users\PC\Documents\VSO Downloader
2020-04-24 22:33 - 2020-01-02 02:15 - 000000000 ____D C:\Coolutils Total Movie Converter v4.1.22 Setup + Serial
2020-04-24 22:33 - 2019-12-27 09:11 - 000001030 ____C C:\Users\PC\Desktop\JRT.txt.lezp
2020-04-24 22:33 - 2019-12-27 01:08 - 209488024 ____C C:\Users\PC\Desktop\2044222-720p.mp4.lezp
2020-04-24 22:33 - 2019-12-27 01:06 - 001153809 ____C C:\Users\PC\Desktop\migration.pdf.lezp
2020-04-24 22:33 - 2019-12-27 01:06 - 000633152 ____C C:\Users\PC\Desktop\Ked-vasen-zhadzuje-masku-Linda-Chopin-sk.pdf.lezp
2020-04-24 22:33 - 2019-12-27 01:06 - 000197997 ____C C:\Users\PC\Desktop\vtipy.txt.lezp
2020-04-24 22:33 - 2019-12-01 14:11 - 000082852 ____C C:\Users\PC\Desktop\fajka.gif.lezp
2020-04-24 22:33 - 2019-11-23 21:55 - 000003857 ____C C:\Users\PC\Desktop\Gorila Haščák.txt.lezp
2020-04-24 22:33 - 2019-11-22 03:21 - 000000000 ___DC C:\Users\PC\Desktop\Cleaner
2020-04-24 22:33 - 2019-11-22 01:47 - 000000000 ___DC C:\Users\PC\Desktop\Nový priečinok (2)
2020-04-24 22:33 - 2019-11-09 04:42 - 000000000 ___DC C:\Users\PC\Downloads\Stará Bratislava
2020-04-24 22:33 - 2019-11-06 13:30 - 068619719 ____C C:\Users\PC\Desktop\Sexy lesbian Ivy Jones is actually ready for some good pussy.mp4.lezp
2020-04-24 22:33 - 2019-10-15 01:51 - 000000000 ____D C:\Skript kontroly a vyčištění OS Windows ( Kombinátor_v0.3 )
2020-04-24 22:33 - 2019-09-03 03:46 - 000003661 ____C C:\Users\PC\Desktop\maily.txt.lezp
2020-04-24 22:33 - 2019-08-30 18:53 - 000005092 ____C C:\Users\PC\Desktop\citáty proti SK.txt.lezp
2020-04-24 22:33 - 2019-08-10 08:30 - 000000000 ___DC C:\Users\PC\Desktop\Maroko
2020-04-24 22:33 - 2019-08-07 04:05 - 000124340 ____C C:\Users\PC\Desktop\NewPicture127.jpg.lezp
2020-04-24 22:33 - 2019-07-31 11:10 - 000000000 ___DC C:\Users\PC\Desktop\Nový priečinok (3)
2020-04-24 22:33 - 2019-07-28 13:37 - 000000000 ___DC C:\Users\PC\Desktop\Nový priečinok
2020-04-24 22:33 - 2019-07-12 00:48 - 000000000 ___DC C:\Users\PC\Documents\VLC snap
2020-04-24 22:33 - 2019-06-23 22:32 - 000000000 ___DC C:\Users\PC\Downloads\carrie.pilby.(2016).scc.1cd.(7093552)
2020-04-24 22:33 - 2019-06-22 12:57 - 000000000 ___DC C:\Users\PC\Downloads\Dokument filmy
2020-04-24 22:33 - 2019-06-22 12:54 - 000000000 ___DC C:\Users\PC\Downloads\Zoznfilmov2
2020-04-24 22:33 - 2019-06-18 00:56 - 000000000 ___DC C:\Audio
2020-04-24 22:33 - 2019-05-22 15:23 - 000000000 ___DC C:\Users\PC\Desktop\Videoprojekty
2020-04-24 22:33 - 2019-05-02 09:47 - 000000000 ___DC C:\Users\PC\Desktop\Ringtones
2020-04-24 22:33 - 2019-04-22 13:07 - 062386500 ____C C:\Users\PC\Desktop\Bloncka.flv.lezp
2020-04-24 22:33 - 2019-03-16 16:56 - 000000000 ___DC C:\Users\PC\dwhelper
2020-04-24 22:33 - 2019-03-14 02:28 - 000000000 ___DC C:\Users\PC\Desktop\vypinac-pc_1.2
2020-04-24 22:33 - 2019-03-08 03:58 - 000000000 ___DC C:\Users\PC\Documents\Bandicut
2020-04-24 22:33 - 2019-03-05 11:59 - 000000000 ___DC C:\Users\PC\Desktop\VirtualdubFFMpegPlugin_1905_X86_X64
2020-04-24 22:33 - 2019-03-05 02:12 - 000000000 ___DC C:\Users\PC\Downloads\Malwarebytes Premium 3.0.4.1269 CZ,SK,HU 2016 FINAL!
2020-04-24 22:33 - 2019-03-03 00:09 - 000000000 ___DC C:\AllokMP3toAMRFolder
2020-04-24 22:33 - 2019-03-03 00:06 - 000000000 ___DC C:\Users\PC\.fontconfig
2020-04-24 22:33 - 2019-02-24 13:37 - 000000000 ___DC C:\Users\PC\TapinRadio
2020-04-24 22:33 - 2019-02-23 04:17 - 000000000 ___DC C:\Users\PC\Documents\TMPGEnc Video Mastering Works 5
2020-04-24 22:33 - 2019-02-22 19:39 - 000000000 ___DC C:\Users\PC\Documents\Easy Screen Capture
2020-04-24 22:33 - 2019-02-22 18:24 - 000000000 ___DC C:\Users\PC\Downloads\Ulozto
2020-04-24 22:33 - 2019-02-22 16:08 - 000000000 ___DC C:\Users\PC\.objectdb
2020-04-24 22:33 - 2019-02-22 15:34 - 000000000 ___DC C:\Users\PC\Downloads\Video
2020-04-24 22:33 - 2019-02-22 15:01 - 165615694 ____C C:\Users\PC\Desktop\Indiana-Jones-1_frej-kinodabing.ac3.lezp
2020-04-24 22:33 - 2019-02-22 14:58 - 000000000 ___DC C:\totalcmd
2020-04-24 22:33 - 2019-02-22 14:47 - 000195068 ____C C:\Users\PC\Desktop\picisko.jpg.lezp
2020-04-24 22:33 - 2019-02-22 14:38 - 003544787 ____C C:\Users\PC\Desktop\založky.html.lezp
2020-04-24 22:33 - 2019-02-22 14:33 - 000000000 __RDC C:\Users\PC\Desktop\Nastroje_soft
2020-04-24 22:33 - 2019-02-22 12:26 - 000000000 ___DC C:\Users\PC\Desktop\Ikony
2020-04-24 22:33 - 2019-02-17 18:11 - 000000000 RSHDC C:\acroldr
2020-04-24 22:33 - 2019-02-14 09:48 - 000000000 ___DC C:\Users\PC
2020-04-24 22:33 - 2019-01-13 09:24 - 017463968 ____C C:\Users\PC\Desktop\huawei-p20-lite-3731225.pdf.lezp
2020-04-24 22:33 - 2018-06-28 07:21 - 000342826 ____C C:\Users\PC\Desktop\03 (2).jpg.lezp
2020-04-24 22:33 - 2018-06-28 07:21 - 000165033 ____C C:\Users\PC\Desktop\00.jpg.lezp
2020-04-24 22:33 - 2018-05-26 13:07 - 000038539 ____C C:\Users\PC\Desktop\15_bw_38205.jpg.lezp
2020-04-24 22:33 - 2018-01-10 11:55 - 001237476 ____C C:\Users\PC\Desktop\vodník.m4a.lezp
2020-04-24 22:33 - 2017-01-25 17:57 - 000873146 ____C C:\Users\PC\Desktop\Šokujúce odhalenie! Pravda o rozkradnutých v minulosti prosperujúcich fabrikách – Regionoviny.mht.lezp
2020-04-24 22:33 - 2016-08-18 07:53 - 012297289 ____C C:\Users\PC\Desktop\Angie 1.gif.lezp
2020-04-24 22:33 - 2016-08-16 10:09 - 017832216 ____C C:\Users\PC\Desktop\Angie.gif.lezp
2020-04-24 22:33 - 1601-01-03 22:26 - 000182094 ____C C:\Users\PC\IaUmOeA.exe.lezp
2020-04-24 22:23 - 2019-02-14 11:41 - 000000000 ___DC C:\Users\PC\AppData\Roaming\vlc
2020-04-24 22:21 - 2019-02-14 09:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-24 22:08 - 2019-11-24 04:49 - 000000000 ____D C:\$SysReset
2020-04-24 22:08 - 2019-06-08 17:49 - 000000000 ___DC C:\Video
2020-04-24 22:08 - 2019-05-25 09:34 - 000000000 ___DC C:\DVD Autor
2020-04-24 22:08 - 2019-05-17 11:15 - 000000000 ___DC C:\Pinneacle
2020-04-24 22:08 - 2019-03-16 02:33 - 000000000 ___DC C:\OutputFolder
2020-04-24 22:08 - 2019-02-05 20:28 - 000000000 ___DC C:\AMD
2020-04-24 22:07 - 2019-12-02 16:50 - 000000000 ____D C:\WINDOWS\Minidump
2020-04-24 22:06 - 2019-05-31 10:02 - 000000000 ___DC C:\Users\PC\AppData\Local\CrashDumps
2020-04-24 22:05 - 2018-09-15 08:09 - 018153472 _____ C:\WINDOWS\system32\C_3389.NLS
2020-04-24 22:04 - 2019-11-24 02:14 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-24 22:00 - 2019-02-14 09:54 - 001547904 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-24 22:00 - 2019-02-07 16:18 - 000655026 _____ C:\WINDOWS\system32\perfh01B.dat
2020-04-24 22:00 - 2019-02-07 16:18 - 000125938 _____ C:\WINDOWS\system32\perfc01B.dat
2020-04-24 22:00 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2020-04-24 21:56 - 2019-02-04 13:25 - 000000000 ___DC C:\ProgramData\NVIDIA
2020-04-22 05:54 - 2019-02-22 15:34 - 000000000 ___DC C:\Users\PC\AppData\Roaming\DMCache
2020-04-21 23:11 - 2019-02-24 16:26 - 000000000 ___DC C:\Users\PC\AppData\Roaming\Pegasys Inc
2020-04-21 02:02 - 2020-03-18 17:42 - 000000000 ___DC C:\Users\PC\AppData\Roaming\dvdcss
2020-04-20 20:36 - 2019-12-17 02:47 - 000001186 ____C C:\Users\PC\Desktop\dwhelper – odkaz.lnk
2020-04-20 12:55 - 2019-08-27 23:53 - 000000000 ___DC C:\Users\PC\AppData\Roaming\WhatsApp
2020-04-20 10:03 - 2019-10-08 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-04-20 10:03 - 2019-06-05 03:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-20 10:03 - 2019-02-04 13:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-20 10:03 - 2019-02-04 13:12 - 000000000 ____D C:\Program Files\Opera
2020-04-19 23:08 - 2019-02-14 10:45 - 000000000 ___DC C:\Users\PC\AppData\Local\Adobe
2020-04-19 23:08 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-19 23:08 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-14 23:02 - 2019-10-08 11:23 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-04-14 21:23 - 2019-02-04 13:20 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2020-04-11 02:47 - 2019-08-27 23:53 - 000002160 ____C C:\Users\PC\Desktop\WhatsApp.lnk
2020-04-10 04:59 - 2020-03-18 22:10 - 000000000 ___DC C:\Users\PC\AppData\Roaming\MPC-HC
2020-04-10 02:21 - 2019-02-22 19:47 - 000000000 ___DC C:\ProgramData\DVD Shrink
2020-04-10 01:03 - 2020-02-29 17:13 - 000000671 ____C C:\Users\PC\Downloads\C – odkaz.lnk
2020-04-09 23:18 - 2019-02-05 21:45 - 000000000 ___DC C:\Users\PC\AppData\Local\D3DSCache
2020-04-09 22:20 - 2019-11-26 04:50 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-08 01:24 - 2019-02-14 09:44 - 000562720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-08 01:16 - 2019-02-25 15:45 - 000000000 ___DC C:\Users\PC\AppData\Roaming\uTorrent
2020-04-07 20:54 - 2019-02-24 08:41 - 000000000 ____D C:\Program Files (x86)\Nero
2020-04-07 20:49 - 2019-02-24 08:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017
2020-04-07 20:46 - 2019-02-24 08:48 - 000000000 ___DC C:\Users\PC\AppData\Roaming\Nero
2020-04-06 14:56 - 2019-05-15 09:43 - 000000000 ___DC C:\Users\Public\Documents\Wondershare
2020-04-05 23:32 - 2019-11-08 01:37 - 000000000 ___DC C:\Users\PC\AppData\Local\cache
2020-04-03 03:10 - 2019-11-08 02:00 - 000000000 ___DC C:\Users\PC\AppData\Local\RadeonSettings
2020-04-01 23:20 - 2019-08-27 23:53 - 000000000 ___DC C:\Users\PC\AppData\Local\WhatsApp
2020-04-01 23:19 - 2020-03-18 03:10 - 000000000 ___DC C:\Users\PC\AppData\Local\SquirrelTemp
2020-03-29 23:17 - 2020-02-22 22:05 - 000001186 ____C C:\Users\PC\Downloads\dwhelper – odkaz.lnk
2020-03-27 23:03 - 2019-02-24 15:09 - 000000000 ___DC C:\ProgramData\VSO
==================== Files in the root of some directories ========
2020-04-24 22:06 - 2020-04-24 22:06 - 000334288 ____C (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000137168 ____C (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000440120 ____C (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 001246160 ____C (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000144848 ____C (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000083784 ____C (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2020-04-24 22:06 - 2020-04-24 22:06 - 000000559 ____C () C:\Users\PC\AppData\Local\bowsakkdestx.txt
2019-03-03 00:08 - 2020-03-25 18:22 - 000007168 ____C () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-04-24 22:06 - 2020-04-24 22:06 - 000000049 ____C () C:\Users\PC\AppData\Local\script.ps1
2019-02-24 17:27 - 2019-02-24 17:27 - 000000003 ____C () C:\Users\PC\AppData\Local\wbem.ini
==================== FLock ==============================
2020-04-24 22:05 C:\WINDOWS\SysWOW64\ecqhffhy
2020-04-25 00:43 C:\WINDOWS\system32\config\SYSTEM
2020-04-24 22:05 C:\WINDOWS\system32\Drivers\Wdf06747.sys
2020-04-24 22:05 C:\Users\PC\AppData\Local\c9be20e8-bb55-4cb9-bcfd-ddbc5e05e6a4
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
safeboot: Network => The system is configured to boot to Safe Mode <==== ATTENTION
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2020
Ran by PC (25-04-2020 00:49:45)
Running from C:\Users\PC\Desktop
Windows 10 Home Version 1809 17763.805 (X64) (2019-02-14 08:01:55)
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3825040074-1848257447-117141455-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3825040074-1848257447-117141455-503 - Limited - Disabled)
Guest (S-1-5-21-3825040074-1848257447-117141455-501 - Limited - Disabled)
PC (S-1-5-21-3825040074-1848257447-117141455-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-3825040074-1848257447-117141455-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2.0 (HKLM-x32\...\Free Video to GIF Converter_is1) (Version: 2.0 - http://www.video-gif-converter.com)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.363 - Adobe)
Adobe Reader XI (11.0.23) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Allok MP3 to AMR Converter 3.0.2 (HKLM-x32\...\Allok MP3 to AMR Converter_is1) (Version: - Allok Soft .Inc)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.11.1 - Advanced Micro Devices, Inc.)
Any Video Converter 6.3.1 (HKLM-x32\...\Any Video Converter) (Version: 6.3.1 - Anvsoft)
Apowersoft Video Konvertor V4.5.5 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.5.5 - APOWERSOFT LIMITED)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avidemux VC++ 64bits (HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\{748a843a-48f1-4030-92e0-8b18df897267}) (Version: 2.7.5 - Mean)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
AVS Video Converter 11.0.2 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 11.0.2.637 - Online Media Technologies Ltd.)
BadCopy Pro (HKLM-x32\...\BadCopy Pro) (Version: - )
Bandicut (HKLM-x32\...\Bandicut) (Version: 3.5.0.594 - Bandicam.com)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD2one V2.4.2 (HKLM-x32\...\DVD2one V2) (Version: 2.4.2 - Eximius B.V.)
DVDFab (x64) 11.0.1.4 (09/01/2019) (HKLM-x32\...\DVDFab 11(x64)) (Version: 11.0.1.4 - DVDFab Software Inc.)
DVDIdle Pro 5.9.7.9 (HKLM-x32\...\DVDIdle Pro_is1) (Version: - Fengtao Software Inc.)
DVD-lab PRO 2.51 (HKLM-x32\...\DVD-lab PRO 2.51_is1) (Version: - Mediachance)
Easy Screen Capture 2 (HKLM-x32\...\Easy Screen Capture 2_is1) (Version: - Longfine Software)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ffdshow v1.3.4534 [2015-08-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4534.0 - )
FormatFactory 5.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.1.0.0 - Free Time)
Free Video Flip and Rotate (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 1.1.35.831 - Digital Wave Ltd)
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.7.717 - Digital Wave Ltd)
Freemake Video Converter verzia 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.2 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HitFilm Express (HKLM\...\{1D96578F-E964-4EE6-8286-9C1EFBFD855D}) (Version: 14.2.9727.07202 - FXHOME)
IE Download Helper (HKLM\...\{66EB7F3B-E4DC-4E0F-A052-D1323B2828B5}) (Version: 3.3 - IE Download Helper)
Image Convert and Resize (HKLM-x32\...\Image Convert and Resize_is1) (Version: 2.1.70.822 - Digital Wave Ltd)
inPixio Photo Clip 9 Demo (HKLM-x32\...\{1F45A8A5-0487-4aa6-A67E-46E103C927AE}) (Version: 9.00 - inPixio)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Macallan Convert Srt To Ssa (HKLM-x32\...\{F070CE8E-8A5F-41EB-A5A6-639920BF929C}) (Version: 2.1.00013 - Macallan)
MediaInfo 18.12 (HKLM\...\MediaInfo) (Version: 18.12 - MediaArea.net)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MKVCleaver 64 bit (HKLM\...\{32886311-ABB4-45BE-8274-1F53641B2AC7}_is1) (Version: 0.8.0.0 - Ilia Bakhmoutski)
Movavi Video Suite 18 (HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\Movavi Video Suite 18) (Version: 18.0.0 - Movavi)
Mozilla Firefox 75.0 (x64 sk) (HKLM\...\Mozilla Firefox 75.0 (x64 sk)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
Mozilla Thunderbird 68.7.0 (x64 sk) (HKLM\...\Mozilla Thunderbird 68.7.0 (x64 sk)) (Version: 68.7.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Music Recorder (HKLM-x32\...\{F3949798-3544-433B-B5AB-A61F32F0386F}) (Version: 18.001.2 - Nero AG) Hidden
Nero 2017 (HKLM-x32\...\{18625598-62C3-4DBF-B1AA-3BD27395F7F5}) (Version: 18.0.05900 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0010 - Nero AG)
NVIDIA Grafický ovládač 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.74 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.74 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Opera Stable 67.0.3575.137 (HKLM-x32\...\Opera 67.0.3575.137) (Version: 67.0.3575.137 - Opera Software)
Ovládací panel NVIDIA 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 341.74 - NVIDIA Corporation) Hidden
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version: 19.09.14 - Meltytech, LLC)
Skype verzia 8.57 (HKLM-x32\...\Skype_is1) (Version: 8.57 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.8.10.170 - EnigmaSoft Limited)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
TapinRadio 2.10 (x64) (HKLM-x32\...\TapinRadio_is1) (Version: - Raimersoft)
TotalAudioConverter (HKLM-x32\...\Total Audio Converter_is1) (Version: 5.1 - Softplicity, Inc.)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Ultra MPEG-4 Converter 4.2.1021 (HKLM-x32\...\Ultra MPEG-4 Converter_is1) (Version: - Aone Software)
Ultra Video Joiner 5.2.0603 (HKLM-x32\...\Ultra Video Joiner_is1) (Version: - Aone Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.56 - VSO Software)
VSO ConvertXtoHD 3 (HKLM-x32\...\{57ED9A08-896E-4FD1-A5D8-651D0790DA5A}_is1) (Version: 3.0.0.56 - VSO Software)
VSO ConvertXtoVideo Ultimate 2 (HKLM-x32\...\{{3852A371-F5ED-491A-86C3-998CD0688D4A}_is1) (Version: 2.0.0.88 - VSO Software)
VSO Downloader 5.0.1.64 (HKLM-x32\...\{3C5CD638-CAD0-4F6C-81FD-B37D47B411F7}_is1) (Version: 5.0.1.64 - VSO Software)
WhatsApp (HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\WhatsApp) (Version: 0.4.2088 - WhatsApp)
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter) (Version: 11.6.1.4734 - ZJMedia Digital Technology Ltd.)
Windows 10 Manager (HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\Windows 10 Manager 3.1.5) (Version: 3.1.5 - Yamicsoft)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.71 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.9.9 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
Wondershare Filmora9(Build 9.3.7) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
XMedia Recode 64bit verze 3.4.8.3 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.4.8.3 - XMedia Recode 64bit)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.7) (Version: 1.3.7 - Xvid Team)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.12831.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: DVDIdleShell Class - {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\Program Files (x86)\DVDIdle Pro\DVDShell.dll [49152 2004-10-09] (Fengtao Software Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-03-19] (Free Time) [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2017-12-18] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{26D8ED70-189A-48FD-9482-67F08AAC0D31}] -> {26D8ED70-189A-48FD-9482-67F08AAC0D31} => C:\Program Files (x86)\CoolUtils\TotalAudioConverter\CoolUtilsContextMenu64.dll [2018-05-20] (Softplicity -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-03-19] (Free Time) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [183296 2018-09-15] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [189952 2018-09-15] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [127488 2015-09-13] () [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2019-12-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11 (x64)\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab10&p=x64&v=11.0.1.
==================== Loaded Modules (Whitelisted) =============
2020-03-19 13:12 - 2020-03-19 13:12 - 000340480 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx_108.dll
2019-03-03 05:27 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-06-27 08:06 - 2019-06-27 08:06 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2020-04-24 22:41 - 268443306 ____C C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 example.net
127.0.0.1 keystone.mwbsys.com
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com
127.0.0.1 sharefolder.online
127.0.0.1 install.portmdfmoon.com
127.0.0.1 adkqow01283.pw
127.0.0.1 telechargini.com
127.0.0.1 rothsideadome.pw
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz
127.0.0.1 discretdan.com
0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com 127.0.0.1 support.apowersoft.com
127.0.0.1 http://www.apowersoft.com
127.0.0.1 ds.download.windowsupdate.com
127.0.0.1 http://www.update.microsoft.com
127.0.0.1 download.windowsupdate.com
127.0.0.1 fe2.update.microsoft.com
127.0.0.1 whoer.net
127.0.0.1 http://www.whoer.net
127.0.0.1 windowsupdate.com
127.0.0.1 http://www.windowsupdate.com
127.0.0.1 microsoft.com
There are 241 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\PC\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\Control Panel\Desktop\\Wallpaper -> F:\C\Obrázky\hd_wallpaper_3635.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: JumpStart Wireless Filter Driver -> MS_NdisLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: bookingdesktopapp => 2
MSCONFIG\Services: bookingdesktopappm => 3
MSCONFIG\Services: BTAGService => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: DusmSvc => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: PhoneSvc => 3
MSCONFIG\Services: RmSvc => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: WpcMonSvc => 3
MSCONFIG\Services: WsDrvInst => 3
MSCONFIG\Services: XboxGipSvc => 3
HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\StartupApproved\StartupFolder: => "Shortcut to Primary output from Start (Active).lnk"
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\StartupApproved\StartupFolder: => "Google.ini.lnk"
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\StartupApproved\Run: => "KRRNJIJR6LH4VJQ"
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\StartupApproved\Run: => "PM0E9UC2ZLEUXIG"
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-3825040074-1848257447-117141455-1001\...\StartupApproved\Run: => "SysHelper"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{63ADAA38-7586-4D09-AE25-5C5E1F36FB39}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E153CA97-A0E6-414E-B8BE-3941340A6366}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8F94578A-6B71-4876-9544-FBCFE1364326}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe No File
FirewallRules: [{D185A17A-D8D9-4B73-9DA0-2780E29D28A4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe No File
FirewallRules: [{9621177E-67C5-4462-B360-96F590D64C05}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe No File
FirewallRules: [{788BF72D-CBD6-482E-8B5E-CC1B3912BEE3}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe No File
FirewallRules: [TCP Query User{32290E52-6D17-4333-91D9-B2FC6A55B535}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{156786FA-F0A2-4034-91AC-4DE464D0C399}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{0A971FCF-C3B5-442B-BF9F-07F1419FC8FA}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{18293558-3FAE-4E15-8394-2E8903A58D66}] => (Allow) C:\WINDOWS\SysWOW64\iiIPYeTb.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{AC2D017B-D769-48AD-BB07-D0A7DAC75B0E}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{F1FAB609-20C0-46DB-BCA2-B671F5442D66}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [{CF9E056A-A772-4BCF-A32A-CAA2EE2F1B0A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{15372F5C-7791-4934-8635-C9C8A8ABBE72}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{22369BF0-84DA-42D4-BB07-D2D1E1BB2BDE}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{3662D655-FB21-4CE2-A8C6-8EBAC472971E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{97C867A8-4A3B-4E80-92BC-1D3DC8139D02}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{919F3DE5-D055-4DC9-A05E-C1053D879E55}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{4D90D43F-946E-4BC1-9EFA-A441604B3ACE}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{A3B09EC6-4EB1-45DE-93E7-EF8137BEED0C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{FADF3AF9-B169-41F5-A660-8631FC1BF688}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{E97E0EA3-FA35-4EDD-9C2F-7D4A7496CD28}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{DB7BFE97-BE09-474C-8894-3070B0C273EA}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{8D3DB75C-5D7A-47C1-BE67-D3D899FD4D06}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1C91696-EA98-42A6-AE0A-7FCF8C04C1C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0516C3EA-C50B-4DF5-896B-8411A06EB9B0}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{C7BFE005-92D6-43C1-BB7F-003B95A08C17}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{E3054BAB-3B13-44BC-8AC7-A4997CF24A7C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{AACF990D-18C2-48E7-A57A-623AC38F8306}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{47CB29D1-A28D-4641-A270-36E8BF452D53}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A9F2B58F-1262-4966-B2BF-43DCD69D6214}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{78928A75-0095-43DF-8DAE-F675D920CB51}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{0162E46F-F9FD-4637-A3A4-E7A1035E4CEE}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{E37E99AE-E001-4796-931F-D4DFA285071E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{9DE98076-AA36-4638-9336-1191615F905B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{24EC37F9-C0EC-4F8E-A58F-A29294EED0BB}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Allow) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [UDP Query User{D5F8783D-D814-4DAA-9974-008FB0BCD5D9}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Allow) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [{8FE56BA6-375A-4787-9782-4C81604D625E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{8DE464F0-3738-44EA-8349-D08F84D50E65}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [UDP Query User{4EBEFF03-7BCB-4A23-87EA-AC4E6C4155DB}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [{95989840-23C5-4B49-8650-64B1E897D454}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53A67ACF-A24B-47D9-946E-F25B86E77970}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4905CA62-4217-4860-B95B-75E67529FE46}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{9F30E5E5-0AD5-4A91-80F6-78695A549E50}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{BC818683-61CC-4B20-94B3-E5C1BCA4EAC3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8813B850-F81E-4F54-ADBD-B6F70D291EB9}] => (Allow) C:\Program Files\Opera\67.0.3575.115\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C0657433-2EEF-4815-A038-08FB56B5CDEC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe No File
FirewallRules: [{17F6542A-A36F-4E49-B817-8414A74906C6}] => (Allow) C:\Program Files\Opera\67.0.3575.137\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C86E555D-ADC7-44BE-9C07-B1BA96DA8933}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
19-04-2020 00:05:00 Scheduled Checkpoint
21-04-2020 23:02:30 Installed TMPGEnc Video Mastering Works 7
24-04-2020 23:26:13 Removed TMPGEnc Video Mastering Works 7
==================== Faulty Device Manager Devices ============
Name: Microsoft Hyper-V Virtualization Infrastructure Driver
Description: Microsoft Hyper-V Virtualization Infrastructure Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: ========================
Application errors:
==================
Error: (04/24/2020 11:52:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RSITx64.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1360
Start Time: 01d61a827e91f3b7
Termination Time: 4294967295
Application Path: C:\Users\PC\Desktop\RSITx64.exe
Report Id: 04fa1edd-f180-4437-a87a-029ef01e5329
Faulting package full name:
Faulting package-relative application ID:
Hang type: Cross-process
Error: (04/24/2020 11:26:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (04/24/2020 10:06:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: 5.exe, verzia: 0.0.0.0, časová značka: 0x5ea1b394
Názov chybujúceho modulu: 5.exe, verzia: 0.0.0.0, časová značka: 0x5ea1b394
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000144e
Identifikácia chybujúceho procesu: 0x2a70
Čas spustenia chybujúcej aplikácie: 0x01d61a73cccab41e
Cesta chybujúcej aplikácie: C:\Users\PC\AppData\Local\70295ff5-85b0-4bea-a71e-e1adaac6a9ae\5.exe
Cesta chybujúceho modulu: C:\Users\PC\AppData\Local\70295ff5-85b0-4bea-a71e-e1adaac6a9ae\5.exe
Identifikácia hlásenia: 8be1bcb6-2304-44b1-8659-13fbbe28a51e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (04/22/2020 01:49:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: javaw.exe, verzia: 8.0.2410.7, časová značka: 0x5df0c5c7
Názov chybujúceho modulu: kbhk.dll, verzia: 1.0.0.8, časová značka: 0x2a425e19
Kód výnimky: 0xc0000005
Odstup chyby: 0x0002b001
Identifikácia chybujúceho procesu: 0x2780
Čas spustenia chybujúcej aplikácie: 0x01d61836f6b3f145
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Java\jre1.8.0_241\bin\javaw.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Easy Screen Capture 2\kbhk.dll
Identifikácia hlásenia: b733b303-789b-4ddf-a044-319db6f8c6de
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (04/22/2020 01:49:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: javaw.exe, verzia: 8.0.2410.7, časová značka: 0x5df0c5c7
Názov chybujúceho modulu: kbhk.dll, verzia: 1.0.0.8, časová značka: 0x2a425e19
Kód výnimky: 0xc0000005
Odstup chyby: 0x0002b001
Identifikácia chybujúceho procesu: 0x2780
Čas spustenia chybujúcej aplikácie: 0x01d61836f6b3f145
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Java\jre1.8.0_241\bin\javaw.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Easy Screen Capture 2\kbhk.dll
Identifikácia hlásenia: 0caac0fb-f98b-4ca1-a94d-bc17af7b1341
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (04/22/2020 01:49:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: javaw.exe, verzia: 8.0.2410.7, časová značka: 0x5df0c5c7
Názov chybujúceho modulu: kbhk.dll, verzia: 1.0.0.8, časová značka: 0x2a425e19
Kód výnimky: 0xc0000005
Odstup chyby: 0x0002b001
Identifikácia chybujúceho procesu: 0x2780
Čas spustenia chybujúcej aplikácie: 0x01d61836f6b3f145
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Java\jre1.8.0_241\bin\javaw.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Easy Screen Capture 2\kbhk.dll
Identifikácia hlásenia: ccd55990-f136-4c5d-b80e-ffb6b6579885
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (04/22/2020 01:49:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: javaw.exe, verzia: 8.0.2410.7, časová značka: 0x5df0c5c7
Názov chybujúceho modulu: kbhk.dll, verzia: 1.0.0.8, časová značka: 0x2a425e19
Kód výnimky: 0xc0000005
Odstup chyby: 0x0002b001
Identifikácia chybujúceho procesu: 0x2780
Čas spustenia chybujúcej aplikácie: 0x01d61836f6b3f145
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Java\jre1.8.0_241\bin\javaw.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Easy Screen Capture 2\kbhk.dll
Identifikácia hlásenia: 4503fad2-a9d2-4504-987f-0df89a29a1eb
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (04/22/2020 01:49:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: javaw.exe, verzia: 8.0.2410.7, časová značka: 0x5df0c5c7
Názov chybujúceho modulu: kbhk.dll, verzia: 1.0.0.8, časová značka: 0x2a425e19
Kód výnimky: 0xc0000005
Odstup chyby: 0x0002b001
Identifikácia chybujúceho procesu: 0x2780
Čas spustenia chybujúcej aplikácie: 0x01d61836f6b3f145
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Java\jre1.8.0_241\bin\javaw.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Easy Screen Capture 2\kbhk.dll
Identifikácia hlásenia: c3d1539c-233f-4227-8590-cfc5bb36f998
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
System errors:
=============
Error: (04/25/2020 12:50:30 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (04/25/2020 12:49:45 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-CUHD9KK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/25/2020 12:49:23 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-CUHD9KK)
Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (04/25/2020 12:49:22 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-CUHD9KK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/25/2020 12:49:10 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-CUHD9KK)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/25/2020 12:48:46 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-CUHD9KK)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/25/2020 12:48:46 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-CUHD9KK)
Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (04/25/2020 12:48:46 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-CUHD9KK)
Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Windows Defender:
===================================
Date: 2019-03-02 16:29:32.664
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A36C6819-EA02-42D0-BBAD-6B9CB3568484}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-02-28 03:56:57.883
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DDED93E4-5F2E-41D1-9302-466F4CD973AA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-02-27 00:44:15.594
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BC2AB687-EC53-4BC6-8C7E-A2F759718880}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-02-26 09:43:08.954
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Tiggre!plock
ID: 2147723626
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\WINDOWS\9D77E4994588.sys
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.287.800.0, AS: 1.287.800.0, NIS: 0.0.0.0
Engine Version: AM: 1.1.15700.8, NIS: 0.0.0.0
Date: 2019-02-26 09:42:37.896
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Tiggre!plock
ID: 2147723626
Severity: Závažná
Category: Trójsky kôň
Path: driver:_9D77E4994588; file:_C:\WINDOWS\9D77E4994588.sys
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.287.800.0, AS: 1.287.800.0, NIS: 0.0.0.0
Engine Version: AM: 1.1.15700.8, NIS: 0.0.0.0
Date: 2019-02-20 23:14:06.871
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.287.407.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15700.8
Error code: 0x80240438
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
Date: 2019-02-17 17:11:15.705
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.285.1555.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-02-17 17:11:15.704
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.285.1555.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-02-17 17:11:15.704
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.285.1555.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-02-17 17:11:15.687
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.285.1555.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2020-04-25 00:45:13.931
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-13 23:52:59.851
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-03-24 23:51:04.093
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-24 23:51:04.077
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-24 23:51:04.009
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-24 23:51:03.992
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-24 23:51:03.973
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-24 23:51:03.953
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F1 04/08/2013
Motherboard: Gigabyte Technology Co., Ltd. 970A-DS3P
Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 47%
Total physical RAM: 8156.63 MB
Available physical RAM: 4322.85 MB
Total Virtual: 11996.63 MB
Available Virtual: 8347.94 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.51 GB) (Free:35.76 GB) NTFS
Drive d: (Lokálny disk) (Fixed) (Total:465.76 GB) (Free:137.7 GB) NTFS
Drive e: (DVD_VIDEO_RECORDER) (CDROM) (Total:0.1 GB) (Free:0 GB) UDF
Drive f: (Disk) (Fixed) (Total:465.76 GB) (Free:24.28 GB) NTFS
Drive g: (WD 1TB) (Fixed) (Total:931.51 GB) (Free:17.63 GB) NTFS
\\?\Volume{f40892d5-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: F40892D5)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0F360F35)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=42)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: F97E82F7)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: EA1B2E9E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Mám problém, PC mi napadol LEZP.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Mám problém, PC mi napadol LEZP.
- Přílohy
-
- B290.tmp.rar
- Toto sa nedá odstrániť a je takých viac, pýta to povolenia správcu a tvári sa to ako správca.
- (25 bajtů) Staženo 87 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mám problém, PC mi napadol LEZP.
Zdravím!
Váš PC pravděpodobně napadl Ransomware. PC vám můžeme vyčistit, ale neobnovíme vám soubory (pokud je nemáte zálohovány mimo PC). K tomu je třeba přímý přístup do PC, to nemáme právně ošetřené a potřeba mít k dispozici dešifrovací klíč. Spusťte tuto utilitu:
Váš PC pravděpodobně napadl Ransomware. PC vám můžeme vyčistit, ale neobnovíme vám soubory (pokud je nemáte zálohovány mimo PC). K tomu je třeba přímý přístup do PC, to nemáme právně ošetřené a potřeba mít k dispozici dešifrovací klíč. Spusťte tuto utilitu:
Jinak *.rar soubor v příloze je prázdný.Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mám problém, PC mi napadol LEZP.
Zdravím, bol som v práci tak až teraz.
Urobil som ako ste kázal ale píše že načítava moduly a potom skončí. Nevyhodí žiadny text.
Urobil som ako ste kázal ale píše že načítava moduly a potom skončí. Nevyhodí žiadny text.
- Přílohy
-
- Tu je foto
- NewPicture043.jpg (34.63 KiB) Zobrazeno 2350 x
Re: Mám problém, PC mi napadol LEZP.
Skusil som ešte raz.
- Přílohy
-
- B290.tmp.rar
- (645.17 KiB) Staženo 79 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mám problém, PC mi napadol LEZP.
Co je to za exáč v tom archivu? Navíc pokud je váš PC pracovní, k jeho čištění není fórum viry.cz určeno. Je to podpora pro home usery. Viz pravidla: https://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 6).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mám problém, PC mi napadol LEZP.
To je z toho čo mi napadlo PC. Vypol som to v správcovi ale nejde to odstrániť. Chová sa to ako správca, nemám prístup.
PC je domáce, žiadna firma. Mám u vás účet už roky.
PC je domáce, žiadna firma. Mám u vás účet už roky.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mám problém, PC mi napadol LEZP.
OK, špatně jsem si to přeložil. Omlouvám se. Ten exáč nebudu otevírat. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShortcutTarget: Google.ini.lnk -> C:\Users\PC\AppData\Google.js (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jaardiaw.lnk [2020-04-24]
ShortcutAndArgument: jaardiaw.lnk -> C:\Windows\System32\cmd.exe => /c start "" "C:\Users\PC\AppData\Roaming\Microsoft\Windows\jaardiaw\cejrbbbg.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\Users\PC\AppData\Roaming\Microsoft\Windows\jaardiaw
Task: {01E70923-2B95-4955-BA0B-71200DE18CC6} - \Opera scheduled Autoupdate 711520318 -> No File <==== ATTENTION
Task: {06FC6085-2E5D-4656-ACE2-32F44A190D3E} - \EOSv3 Scheduler onTime -> No File <==== ATTENTION
Task: {0902AD6C-76A6-4E90-BD77-15FB607E003F} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {1515E966-7FF0-4003-AEDC-3805E098ADA1} - \Adobe Flash Player NPAPI Notifier -> No File <==== ATTENTION
Task: {1592A801-82D8-4091-ACE0-2FED4B2C4D5B} - \EOSv3 Scheduler onLogOn -> No File <==== ATTENTION
Task: {4783522E-4979-43D0-B1B1-4CB1FF8F7EA0} - \AMDInstallUEP -> No File <==== ATTENTION
Task: {508DBA5D-1C8D-4392-B81D-84D6C8175562} - \Opera scheduled assistant Autoupdate 1582762724 -> No File <==== ATTENTION
Task: {541A8380-0CF9-444D-A5E2-2019A9BFFC37} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {54D59D9B-C9B4-42D9-B0E1-6EB953795C1B} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {5885E06A-F6FE-4207-BE2D-B43AAE33C843} - \Time Trigger Task -> No File <==== ATTENTION
Task: {65781D4D-1E04-471E-A0A8-EADD85BAA494} - \StartDVR -> No File <==== ATTENTION
Task: {7BBC3BE0-40BA-4EA6-A5F6-8ACC03C20AE6} - \{1ABD41D0-0BF0-E01C-705B-27257D6C7EB3} -> No File <==== ATTENTION
Task: {7E6D3919-E9E4-4888-97AB-50452D924E4B} - \AMD ThankingURL -> No File <==== ATTENTION
Task: {83F012FC-DAD6-47E8-8116-C0E31F1FD301} - \Opera scheduled Autoupdate 1549279223 -> No File <==== ATTENTION
Task: {8E00CACB-69A0-4427-8B13-C958F34C32CD} - System32\Tasks\synhelper\{19EE27F2-43A7-AE60-5C14-1DC53B58CC6E} => C:\Users\PC\AppData\Roaming\19EE27~1\SYNHEL~1.EXE <==== ATTENTION
Task: {A19994D2-F57C-4D43-BB9F-F66A264816BC} - \StartCN -> No File <==== ATTENTION
Task: {B32A1DAD-299D-4304-A190-E7596E3EAAEF} - \Avast Emergency Update -> No File <==== ATTENTION
Task: {CE3726C1-278C-4C37-A141-5004FD8C8373} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {D92BEEB8-1B61-4A71-AD2B-B9926FA81DF3} - \AMDLinkUpdate -> No File <==== ATTENTION
Task: {D95E4599-1CE7-4339-AD28-3656F850F1E4} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\PC\AppData\Roaming\\systemdiag\\sysinfo.exe [66560 2017-03-12] () [File not signed] <==== ATTENTION
Task: {F03CCFB9-8B04-4834-9A5A-D26C8C207C4A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {F2B64E06-CABA-43FF-86E7-DBFF49A487AC} - \ModifyLinkUpdate -> No File <==== ATTENTION
Task: {F3741818-85CF-4C9D-8B3C-4B125FDF2BF2} - -> No File <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
Handler: WSKVAllmytubechrome - No CLSID Value
C:\ProgramData\TEMP
C:\Users\PC\AppData\Roaming\wik0rj04sil
C:\Program Files\K6HGF5G4M7
C:\Users\PC\AppData\Local\4a99b151-9fb3-43fc-be15-723444579ff9
C:\Users\PC\AppData\Local\70295ff5-85b0-4bea-a71e-e1adaac6a9ae
C:\ProgramData\1FNGR8TNJGWN229V8BV7DKKDJ
C:\Users\PC\AppData\Roaming\spyvio1ad4z
C:\WINDOWS\system32\JU5W6tSk29.exe
C:\Program Files\2HGKOU9R05
C:\Users\PC\AppData\Local\c9be20e8-bb55-4cb9-bcfd-ddbc5e05e6a4
C:\WINDOWS\SysWOW64\ecqhffhy
C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]
FirewallRules: [{8F94578A-6B71-4876-9544-FBCFE1364326}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe No File
FirewallRules: [{D185A17A-D8D9-4B73-9DA0-2780E29D28A4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe No File
FirewallRules: [{9621177E-67C5-4462-B360-96F590D64C05}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe No File
FirewallRules: [{788BF72D-CBD6-482E-8B5E-CC1B3912BEE3}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe No File
FirewallRules: [{C0657433-2EEF-4815-A038-08FB56B5CDEC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe No File
C:\WINDOWS\9D77E4994588.sys
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mám problém, PC mi napadol LEZP.
Vykonané, je to velké musím to poslať ako prílohy.
- Přílohy
-
- FRST.rar
- (37.25 KiB) Staženo 70 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mám problém, PC mi napadol LEZP.
OK. Potřebuji vidět obsah souboru fixlog.txt. Je na ploše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mám problém, PC mi napadol LEZP.
Nie je musím to celé zopakovať.
Re: Mám problém, PC mi napadol LEZP.
Nový scan, je tam aj fix.
- Přílohy
-
- FRST.rar
- (39.27 KiB) Staženo 72 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mám problém, PC mi napadol LEZP.
Ne fixlist, ale fixlog.txt. Ten je pro mne důležitý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mám problém, PC mi napadol LEZP.
Bohužiaľ na ploche nie je a nikde ho nemôžem nájsť.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mám problém, PC mi napadol LEZP.
Tak to je špatně, nevím, co bylo smazáno a co ne. Udělejte kompletní sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení skce smažte vše, co najde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mám problém, PC mi napadol LEZP.
Takto vyzerá obrazovka, nikde to tam nevidím.
Přispějete na provoz fóra?