Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by IRENA-PC (administrator) on IRENA-PC (05-03-2021 08:57:33)
Running from C:\Users\IRENA-PC\Desktop
Loaded Profiles: IRENA-PC
Platform: Windows 10 Pro Version 20H2 19042.844 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-01-28] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-02-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-03-04] (Google LLC -> Google LLC)
Startup: C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2021-03-05]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (No File)
Startup: C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-11-14]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2019-10-05]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1882D01A-1238-48A7-98E5-0A132D50C3CA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-03-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {21567792-F593-4A2B-A8B0-FD12215C4505} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [19999848 2021-02-04] (Goversoft LLC -> Goversoft LLC)
Task: {34EDBC21-FC93-4443-A5B6-912CF8FD6D1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
Task: {4CB8A5A1-E837-468B-AE16-C594753EAC31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BABCDAA-9BC6-4EF1-97CA-B64ED3F3022B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-23] (Google LLC -> Google LLC)
Task: {814313D7-11C2-4EF2-A031-26EF3BE0C7A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {87D9290F-3525-4C2A-BBCB-0D49A626C8EE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A04AC8DE-49A0-49FC-8C62-201A6869B886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B361FB97-6933-4F4C-ACD7-F6F2A55A5075} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA91164F-496B-4BC2-92A8-FFFA0C65DFAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB806155-3D2A-4177-A203-0FD110F04427} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4FC8779-698F-4176-95A0-5286A8AEA159} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 09 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [67072 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [67072 2020-08-19] (Microsoft Windows -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3ca49153-5896-4467-b2d9-205cc451433b}: [DhcpNameServer] 192.168.0.1 1.1.1.1
Tcpip\..\Interfaces\{6275ca9c-c816-47f0-8729-a3236c979e44}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir: C:\Users\IRENA-PC\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\IRENA-PC\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: woy2c7nl.default-1506939824614
FF ProfilePath: C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 [2021-03-05]
FF Homepage: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> hxxps://sktorrent.os.tc; hxxps://kryptomagazin.cz
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Disabled: {672e9d7d-f917-49e9-a2cb-eeae9a7cd1af}
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614 -> Enabled: google@search.mozilla.org
FF Extension: (HLS Video Download) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\@hls.video.download.xpi [2021-01-05]
FF Extension: (Download with Ant Download Manager) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\antffw@antdownloadmanager.com.xpi [2021-02-04]
FF Extension: (Avast Online Security) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\wrc@avast.com.xpi [2021-02-18]
FF Extension: (Video Downloader for FireFox) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{672e9d7d-f917-49e9-a2cb-eeae9a7cd1af}.xpi [2021-01-05]
FF Extension: (KITVideofy) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{6c09ef97-fbbc-4dc1-bc9a-777b216f1303}.xpi [2021-01-05]
FF Extension: (Plná Peněženka Lištička Lite) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{85d8e8cc-273a-4845-a75b-4b44377c703c}.xpi [2021-01-13]
FF Extension: (Video DownloadHelper) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-16]
FF Extension: (Greasemonkey) - C:\Users\IRENA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\woy2c7nl.default-1506939824614\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-02-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default [2021-03-05]
CHR DownloadDir: D:\Filmy\Seriály\Telenovely
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/","hxxp://www.google.cz/","hxxps://www.google.com ... oogle.com/"
CHR Extension: (Easy Auto Refresh) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2021-03-05]
CHR Extension: (HLS Downloader) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apomkbibleomoihlhhdbeghnfioffbej [2021-02-04]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-08]
CHR Extension: (YouTube) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-30]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2020-04-19]
CHR Extension: (YouTube Music) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2021-03-05]
CHR Extension: (Image Downloader) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2019-01-27]
CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2017-01-30]
CHR Extension: (YouTube) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\egjdagpondeapnnockkjcocjdkfkffnb [2021-03-05]
CHR Extension: (Google Translate) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiogdnnnljjlfjgkifccooilblmjflkm [2021-02-27]
CHR Extension: (Přehrávání | SledovaniTV.cz) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gccmmlklnkpaihbmbpcdknammjmmdocb [2021-03-05]
CHR Extension: (Video downloader - CoCoCut) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gddbgllpilhpnjpkdbopahnpealaklle [2021-02-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-03-05]
CHR Extension: (Video DownloadHelper) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-05]
CHR Extension: (Live Stream Downloader) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\looepbdllpjgdmkpdcdffhdbmpbcfekj [2021-02-23]
CHR Extension: (Hangouts Google) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (SS TV Remote) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\npciacphlpgklgcjgiamnmfjipjdkacf [2020-03-23]
CHR Extension: (Browsec VPN - Free VPN for Chrome) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2021-03-05]
CHR Extension: (Gmail) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-05]
CHR Profile: C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-20]
CHR Extension: (d8yI+Hf7rX) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\flolbpainfebnmecbjhlffonapejhgom [2021-02-27]
CHR Profile: C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-20]
CHR Extension: (d8yI+Hf7rX) - C:\Users\IRENA-PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\flolbpainfebnmecbjhlffonapejhgom [2021-02-27]
CHR HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA Profile: C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-04]
BRA Extension: (McAfee® WebAdvisor) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-02-09]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-02-09]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-02-23]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-02-09]
BRA Extension: (PDF Viewer) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-02-09]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2019-02-23]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\IRENA-PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-02-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-03-04] (Microsoft Windows -> Microsoft Corporation)
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [147264 2021-01-05] (eVenture Limited -> eVenture Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-04] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 e2eVAWdm; C:\WINDOWS\System32\drivers\VAud_WDM.sys [112696 2017-07-12] (ARTRAY CO., LTD. -> e2eSoft)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-03-04] (Malwarebytes Corporation -> Malwarebytes)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [95744 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 jakstaVA; C:\WINDOWS\System32\drivers\jaksta_va.sys [103816 2020-04-02] (Jaksta Technologies Pty Ltd -> e2eSoft)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-03-05] (Malwarebytes Inc -> Malwarebytes)
R3 nuviocir; C:\WINDOWS\system32\DRIVERS\nuviocir_x64.sys [40464 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-01-29] (WireGuard LLC -> WireGuard LLC)
U4 npcap_wifi; no ImagePath
U4 npf_wifi; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-05 08:57 - 2021-03-05 08:58 - 000022414 _____ C:\Users\IRENA-PC\Desktop\FRST.txt
2021-03-05 08:57 - 2021-03-05 08:57 - 000000000 ____D C:\Users\IRENA-PC\Desktop\FRST-OlderVersion
2021-03-05 08:55 - 2021-03-05 08:55 - 000000552 _____ C:\Users\IRENA-PC\Documents\cc_20210305_085547.reg
2021-03-05 08:53 - 2021-03-05 08:53 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-03-05 08:53 - 2021-03-05 08:53 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-03-05 08:53 - 2021-03-05 08:53 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-03-05 08:53 - 2021-03-05 08:53 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-03-05 08:53 - 2021-03-05 08:53 - 000000000 ____D C:\Users\IRENA-PC\AppData\LocalLow\IGDump
2021-03-05 08:52 - 2021-03-05 08:52 - 000008628 _____ C:\Users\IRENA-PC\Documents\cc_20210305_085207.reg
2021-03-05 08:49 - 2021-03-05 08:49 - 000000000 ____D C:\ProgramData\TotalAV
2021-03-05 08:48 - 2021-03-05 08:49 - 000000000 ____D C:\Program Files (x86)\TotalAV
2021-03-04 22:02 - 2021-03-04 22:02 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-04 22:02 - 2021-03-04 22:02 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-04 22:02 - 2021-03-04 22:02 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-04 22:02 - 2021-03-04 22:02 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-04 22:02 - 2021-03-04 22:02 - 000011002 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-04 22:01 - 2021-03-04 22:01 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-04 22:01 - 2021-03-04 22:01 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-04 21:19 - 2021-03-04 21:19 - 000000000 ____D C:\Users\IRENA-PC\Downloads\windows 10 fix.reg-20210304T201839Z-001
2021-03-04 21:18 - 2021-03-04 21:18 - 000001283 _____ C:\Users\IRENA-PC\Downloads\windows 10 fix.reg-20210304T201839Z-001.zip
2021-03-04 21:05 - 2021-03-04 21:05 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\ElevatedDiagnostics
2021-03-04 20:17 - 2021-03-05 08:17 - 000000000 ____D C:\Program Files (x86)\Outbyte
2021-03-04 19:23 - 2021-03-05 08:17 - 000000000 ____D C:\ProgramData\Outbyte
2021-03-04 19:20 - 2021-03-04 19:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-04 18:28 - 2021-03-04 18:28 - 000002248 _____ C:\Users\IRENA-PC\Documents\cc_20210304_182805.reg
2021-03-04 18:24 - 2021-03-04 18:24 - 000037460 _____ C:\Users\IRENA-PC\Documents\cc_20210304_182419.reg
2021-03-04 18:17 - 2021-03-04 18:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-03-04 18:06 - 2021-03-04 18:26 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-04 18:06 - 2021-03-04 18:06 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-04 18:05 - 2021-03-04 18:05 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-03-04 18:05 - 2021-03-04 18:05 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-04 18:04 - 2021-03-04 18:04 - 002084016 _____ (Malwarebytes) C:\Users\IRENA-PC\Downloads\MBSetup.exe
2021-03-04 17:57 - 2021-03-04 17:57 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Hide.me
2021-03-04 10:56 - 2021-03-04 10:56 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-04 10:54 - 2021-03-04 18:25 - 000000000 ____D C:\WINDOWS\pss
2021-03-03 09:26 - 2021-03-03 09:27 - 000000000 ____D C:\AdwCleaner
2021-03-02 07:49 - 2021-03-03 08:35 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-27 12:46 - 2021-02-27 12:46 - 000000000 ____D C:\Users\IRENA-PC\Documents\Apowersoft
2021-02-27 09:02 - 2021-02-27 09:02 - 000172860 _____ C:\Users\IRENA-PC\AppData\LocalLow\screen.jpeg
2021-02-27 09:02 - 2021-02-27 09:02 - 000000765 _____ C:\Users\IRENA-PC\AppData\LocalLow\machineinfo.txt
2021-02-27 09:02 - 2021-02-27 09:02 - 000000000 ____D C:\Microsoft Vision
2021-02-27 09:02 - 2021-02-25 15:33 - 000032768 _____ C:\Users\IRENA-PC\AppData\LocalLow\B2yBpRoCof
2021-02-27 09:02 - 2021-02-04 17:32 - 000020480 _____ C:\Users\IRENA-PC\AppData\LocalLow\4kr4CYIt7j
2021-02-27 09:02 - 2021-01-28 11:23 - 000108544 _____ C:\Users\IRENA-PC\AppData\LocalLow\rCpV8waZwl
2021-02-27 09:02 - 2021-01-28 11:23 - 000108544 _____ C:\Users\IRENA-PC\AppData\LocalLow\ogWWU484LM
2021-02-27 09:02 - 2020-12-24 15:19 - 000040960 _____ C:\Users\IRENA-PC\AppData\LocalLow\zGrjIyDITw
2021-02-27 09:02 - 2019-02-14 20:28 - 000516096 _____ C:\Users\IRENA-PC\AppData\LocalLow\qhcAQPjDDg
2021-02-27 09:02 - 2019-02-14 20:28 - 000073728 _____ C:\Users\IRENA-PC\AppData\LocalLow\OdQjUNyB3q
2021-02-27 09:02 - 2019-02-14 20:28 - 000073728 _____ C:\Users\IRENA-PC\AppData\LocalLow\eHwbcVTD4m
2021-02-27 09:01 - 2021-02-27 09:01 - 000000000 ____D C:\Users\IRENA-PC\AppData\LocalLow\Wallets
2021-02-27 09:01 - 2021-02-27 09:01 - 000000000 ____D C:\ProgramData\JA5E54QHG1VKTTOGAOZU08F8J
2021-02-27 09:01 - 2021-02-27 09:00 - 000524288 _____ C:\Users\IRENA-PC\AppData\LocalLow\IDCdJOyapn
2021-02-27 09:00 - 2021-02-27 09:26 - 000000000 ____D C:\Program Files (x86)\DTS
2021-02-27 09:00 - 2021-02-27 09:01 - 000358825 _____ C:\ProgramData\64513.64513
2021-02-27 09:00 - 2021-02-27 09:00 - 001564823 _____ C:\ProgramData\7592
2021-02-27 08:18 - 2021-03-04 17:55 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Screen Recorder 21
2021-02-27 08:18 - 2021-02-27 08:18 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\CrashRpt
2021-02-27 08:17 - 2021-03-04 17:55 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Movavi Screen Recorder 21
2021-02-27 08:17 - 2021-02-27 08:17 - 000004958 _____ C:\ProgramData\xnugqooy.ugm
2021-02-24 18:50 - 2021-02-28 19:31 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Bigasoft Video Downloader Pro
2021-02-24 18:50 - 2021-02-24 18:50 - 000000000 ____D C:\Users\IRENA-PC\Documents\Bigasoft Video Downloader Pro
2021-02-24 18:50 - 2021-02-24 18:50 - 000000000 ____D C:\Program Files (x86)\Bigasoft
2021-02-11 17:35 - 2021-03-04 19:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-10 23:08 - 2021-03-05 08:11 - 000433944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-10 10:35 - 2021-02-10 10:35 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 10:35 - 2021-02-10 10:35 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-05 15:11 - 2021-02-05 15:11 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 15:11 - 2021-02-05 15:11 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-05 08:58 - 2021-01-13 14:04 - 000000000 ____D C:\FRST
2021-03-05 08:57 - 2021-01-13 14:00 - 002301440 _____ (Farbar) C:\Users\IRENA-PC\Desktop\FRST64.exe
2021-03-05 08:57 - 2020-08-19 19:15 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-05 08:57 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-05 08:57 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-05 08:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-05 08:52 - 2020-08-19 19:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-05 08:52 - 2020-08-19 19:06 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-05 08:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-05 08:52 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-05 08:52 - 2018-12-26 18:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-05 08:50 - 2017-08-17 07:20 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\CrashDumps
2021-03-05 08:22 - 2021-01-29 08:39 - 000000000 ____D C:\Program Files (x86)\hide.me VPN
2021-03-05 08:22 - 2020-09-06 10:11 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\PrivaZer
2021-03-05 08:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-05 08:13 - 2019-02-05 07:34 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-05 08:13 - 2017-01-30 08:45 - 000000000 ____D C:\Users\IRENA-PC\AppData\LocalLow\Mozilla
2021-03-05 08:10 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-05 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-05 08:09 - 2020-08-19 19:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-05 04:50 - 2020-08-19 19:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 04:50 - 2020-08-19 19:19 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-04 23:18 - 2020-03-23 13:20 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-04 22:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-04 21:43 - 2021-01-23 21:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-04 21:32 - 2020-06-04 19:19 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-04 21:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-03-04 19:50 - 2017-01-30 08:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-04 19:20 - 2017-01-30 08:44 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-04 18:08 - 2017-01-30 09:49 - 000000000 ____D C:\uTorrent
2021-03-04 18:05 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-04 18:04 - 2020-08-19 19:19 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-04 18:04 - 2017-02-04 16:14 - 000000000 ____D C:\Torrents
2021-03-04 18:03 - 2020-12-15 18:05 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-04 18:01 - 2020-08-19 19:19 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3708313529-2431682257-2596704864-1001
2021-03-04 18:01 - 2020-08-19 19:07 - 000002412 _____ C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-04 18:01 - 2017-01-29 20:11 - 000000000 ___RD C:\Users\IRENA-PC\OneDrive
2021-03-04 17:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-04 17:56 - 2020-08-19 19:07 - 000000000 ____D C:\Users\IRENA-PC
2021-03-04 17:56 - 2019-03-15 19:37 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avidemux 2.7 VC++ 64bits
2021-03-04 17:56 - 2019-03-15 19:37 - 000000000 ____D C:\Program Files\Avidemux 2.7 VC++ 64bits
2021-03-04 17:56 - 2018-11-20 09:06 - 000000000 ____D C:\Program Files\Avidemux 2.7 - 64 bits
2021-03-04 17:55 - 2021-01-29 15:18 - 000000000 ____D C:\Program Files (x86)\MultiDoge-0.1.7
2021-03-04 17:55 - 2021-01-29 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2021-03-04 17:55 - 2021-01-03 08:36 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2021-03-04 17:55 - 2021-01-03 08:36 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\exodus
2021-03-04 17:55 - 2020-12-20 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2021-03-04 17:55 - 2020-12-20 15:39 - 000000000 ____D C:\Program Files\Subtitle Edit
2021-03-04 17:55 - 2020-05-02 17:27 - 000000000 ____D C:\Program Files (x86)\Admiral Markets MT4
2021-03-04 17:55 - 2018-11-20 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits)
2021-03-04 17:55 - 2018-06-14 10:05 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\JDownloader 2.0
2021-03-04 17:55 - 2017-07-05 17:16 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\vlc
2021-03-04 17:55 - 2017-04-27 15:39 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Ulozto File Manager
2021-03-04 17:55 - 2017-02-01 11:07 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Greenshot
2021-03-04 17:55 - 2017-01-30 12:39 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Rainmeter
2021-03-04 17:52 - 2021-01-03 08:36 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Exodus
2021-03-04 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-03-04 17:52 - 2018-02-16 13:35 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\Authy Desktop
2021-03-04 17:52 - 2017-01-30 08:45 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Mozilla
2021-03-04 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-03-04 17:43 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-04 10:54 - 2020-06-30 17:37 - 000002296 ____H C:\Users\IRENA-PC\Documents\Default.rdp
2021-03-03 09:29 - 2017-02-01 11:07 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Greenshot
2021-03-02 08:56 - 2018-10-14 17:50 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\avidemux
2021-03-01 17:17 - 2019-04-16 19:31 - 000017080 _____ C:\Users\IRENA-PC\Documents\web hlavní stránka.txt
2021-02-28 15:35 - 2019-01-02 09:37 - 000000000 ____D C:\Users\IRENA-PC\AppData\Roaming\HandBrake
2021-02-27 17:37 - 2019-03-19 10:59 - 000000000 ____D C:\Users\IRENA-PC\Downloads\Ulozto
2021-02-27 08:18 - 2018-11-16 17:27 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Movavi
2021-02-21 14:33 - 2017-03-10 18:17 - 000044452 _____ C:\Users\IRENA-PC\Documents\klikačky.txt
2021-02-14 08:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-14 08:24 - 2019-01-19 22:33 - 000031846 _____ C:\Users\IRENA-PC\Documents\web.txt
2021-02-11 23:20 - 2018-02-27 08:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-10 23:09 - 2020-11-12 04:45 - 000000000 ____D C:\Users\IRENA-PC\AppData\Local\Notepad
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 23:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 10:24 - 2017-01-29 22:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 10:20 - 2017-01-29 22:43 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 16:49 - 2021-01-03 08:36 - 000002280 _____ C:\Users\IRENA-PC\Desktop\Exodus.lnk
2021-02-05 20:04 - 2021-01-23 21:23 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2021-01-23 21:23 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-04 19:06 - 2021-01-09 08:12 - 000000000 ____D C:\Program Files (x86)\PrivaZer
==================== Files in the root of some directories ========
2019-01-25 08:47 - 2019-02-04 08:42 - 000012386 _____ () C:\Users\IRENA-PC\AppData\Roaming\downloads.json
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by IRENA-PC (05-03-2021 09:00:09)
Running from C:\Users\IRENA-PC\Desktop
Windows 10 Pro Version 20H2 19042.844 (X64) (2020-08-19 18:19:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3708313529-2431682257-2596704864-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3708313529-2431682257-2596704864-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3708313529-2431682257-2596704864-1000 - Limited - Disabled)
Guest (S-1-5-21-3708313529-2431682257-2596704864-501 - Limited - Disabled)
IRENA-PC (S-1-5-21-3708313529-2431682257-2596704864-1001 - Administrator - Enabled) => C:\Users\IRENA-PC
WDAGUtilityAccount (S-1-5-21-3708313529-2431682257-2596704864-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Authy Desktop (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\authy) (Version: 1.8.3 - Twilio Inc.)
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{3598910c-c7d9-450b-bfde-5a8d49dabd30}) (Version: 2.7.3 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{8cbf4d89-2ce8-4178-8bb4-1600f5e69e65}) (Version: 2.7.3 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{b859fd90-1d56-4013-8e47-a727a65ae7a3}) (Version: 2.7.3 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{c28b1ebe-2fed-4e19-a347-e0629e5cf6f5}) (Version: 2.7.2 - Mean)
Bighits4U Viewer 3.6 (HKLM-x32\...\{ACC1EF6D-F9C2-4B5E-BA01-25F3F9E57B68}) (Version: 3.6.0 - BigHits4U) Hidden
Bighits4U Viewer 3.6 (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\Bighits4U Viewer 3.6 3.6.0) (Version: 3.6.0 - BigHits4U)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Exodus (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\exodus) (Version: 21.1.29 - Exodus Movement Inc)
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Free MP3 Cutter 1.01 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: - PolySoft Solutions)
Free Netflix Download version 5.0.16.1204 (HKLM-x32\...\Free Netflix Download_is1) (Version: 5.0.16.1204 - FreeGrabApp Ltd)
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.3 - ghost-mouse.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla)
Mp3tag v2.97 (HKLM-x32\...\Mp3tag) (Version: 2.97 - Florian Heidenreich)
MultiDoge 0.1.7 (HKLM-x32\...\MultiDoge 0.1.7) (Version: 0.1.7 - )
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 4.0.18.0 - Goversoft LLC)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3.1 r3321 - Rainmeter)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RoboForex - MetaTrader 4 (HKLM-x32\...\RoboForex - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Subtitle Edit 3.5.18 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.18.1 - Nikse)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1254 - SUPERAntiSpyware.com)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Telegram Desktop version 2.5.1 (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.1 - Telegram FZ-LLC)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TotalAV (HKLM-x32\...\TotalAV) (Version: 5.14.15 - TotalAV) <==== ATTENTION
Tweetz Desktop verze 0.11.0 (HKLM-x32\...\{FE1B7E2D-6E96-4D39-B39F-62CA62D11A79}_is1) (Version: 0.11.0 - Mike Ward)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ulož.to FileManager 2.82 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.82 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Web Launch Recorder (HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\WebLaunchRecorder) (Version: 2.0 - )
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Packages:
=========
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_4.32.10.0_x86__q7m17pa7q8kj0 [2021-03-04] (Deezer SA)
Easy WOL (Wake on LAN) -> C:\Program Files\WindowsApps\1460ArunasAdomaitis.EasyWOLWakeonLAN_1.1.1.0_x64__fzh5k4x0zh00p [2021-03-04] (Arunas Adomaitis)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2021-03-04] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.37.4392.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Corporation) [Startup Task]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Studios)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-03-04] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2021-03-04] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-02-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2021-01-09] (Goversoft LLC -> )
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [7680 2009-12-17] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-10-12 11:29 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2019-10-12 11:29 - 2016-10-08 16:03 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2019-10-12 11:29 - 2016-10-08 16:04 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\IRENA-PC:.repos [2466270]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\IRENA-PC\Downloads\desktop (New).ini:com.dropbox.attrs [54]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\Translator_2016.03\WebIE.dll [2019-01-28] () [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\Translator_2016.03\WebIE.dll [2019-01-28] () [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2021-01-20 20:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-11-30 16:39 - 2019-11-30 16:44 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\StartupApproved\StartupFolder: => "IQTray.lnk"
HKU\S-1-5-21-3708313529-2431682257-2596704864-1001\...\StartupApproved\Run: => "Microsoft Software Essentials"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{793400D7-7C54-425B-9BD7-60F988299959}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D34719B9-E1F9-42F6-BA3A-AA6AF2D45F2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2F9D3059-4454-4A07-BEE5-D6684A9BC8B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{033BC72C-1DEC-4D1D-87CB-14942A26DDDB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ADECB0C0-D817-4AFC-AB5F-3E7FDA043DFE}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CC710CB0-69B1-4D2B-9AAE-B86204635A9F}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DE047D0E-57E7-42E5-852F-33C6129D3B85}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{0AAFD932-9B41-400A-B798-B7F6A5298120}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{0FFA7186-061D-43D7-922F-73C9FE27F461}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{D7909A0E-59A3-44AA-AD21-357E7A504E90}C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{60724E25-F8FD-44AA-9BC9-A2ADC8EC3C89}C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\irena-pc\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{C9001568-7E61-4092-92AC-A2A34F885F7B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E0915DD-85DC-4816-9616-A952C0C0C79C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1AB3D34D-2096-4639-A6F4-DB0021276C1B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A8D7038-61CD-44CF-88BD-3B4A6221113F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E0C9F16-EE9A-44B8-9451-7D5FB88A5D9D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB36692E-B7B2-42BD-BC9B-B5B9C427A112}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2E494270-3352-4EE4-9BEB-DFDABEB0B492}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{CE8260C1-93C7-47AF-97D4-687806A341AB}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{41A0FD6F-32C7-4629-843F-F84BD1CF7F57}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{F7DDB9BD-EF26-4906-BD31-A72205B5AFBB}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{2996E712-43FC-4FF8-8202-BA352CC77FF9}C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [UDP Query User{E5D79571-6F5B-47A0-BB49-86E0BBEFF6CD}C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [{CA592CA4-BCFB-4B95-9DD9-523494768967}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
04-03-2021 21:26:35 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name: Qualcomm Atheros AR9287 Wireless Network Adapter
Description: Qualcomm Atheros AR9287 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/05/2021 01:27:25 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/04/2021 08:44:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na IR10_2004_All_One_DVD (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/04/2021 08:44:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HDD Záloha (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/04/2021 08:44:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/04/2021 08:36:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na IR10_2004_All_One_DVD (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/04/2021 08:36:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HDD Záloha (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/04/2021 08:36:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (03/04/2021 08:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: regsvr32.exe, verze: 10.0.19041.1, časové razítko: 0xc2fd4602
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc0000602
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x1268
Čas spuštění chybující aplikace: 0x01d71129d89ae889
Cesta k chybující aplikaci: C:\WINDOWS\system32\regsvr32.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f3046b05-69be-4f56-8b03-58ab39f9400d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/05/2021 08:55:02 AM) (Source: DCOM) (EventID: 10000) (User: IRENA-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (03/05/2021 08:50:47 AM) (Source: DCOM) (EventID: 10000) (User: IRENA-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (03/04/2021 09:41:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/04/2021 09:39:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Update byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (03/04/2021 09:38:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/04/2021 09:36:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Update byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (03/04/2021 08:11:09 PM) (Source: Virtual Disk Service) (EventID: 1) (User: )
Description: Neočekávaná chyba. Kód chyby: 5@02000028
Error: (03/04/2021 08:11:09 PM) (Source: Virtual Disk Service) (EventID: 1) (User: )
Description: Neočekávaná chyba. Kód chyby: 5@02000028
Windows Defender:
================
Date: 2021-02-25 20:06:34
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Ymacco.AA6B
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\Filmy\Seriály\Telenovely\Bigasoft Video Pro 3.23.2.7675 Multilingual\file.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.1802.0, AS: 1.331.1802.0, NIS: 1.331.1802.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-25 10:39:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DAB5F033-0E7F-42BA-9428-7C2E5D1D6CC9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-02-24 18:43:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\IRENA-PC\Dropbox\My PC (IRENA-PC)\Downloads\Bigasoft.Video.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\Bigasoft.Video.Pro.v3.22.3.7359.Incl.Keymaker-BLiZZARD\b-vd359a\file.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: IRENA-PC\IRENA-PC
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.331.1663.0, AS: 1.331.1663.0, NIS: 1.331.1663.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-24 15:05:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3813D534-EEDE-4878-8D0F-C2E9E540668E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-02-23 15:12:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F28121F5-E2C0-440E-8420-CDB40D469BE7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-02-14 08:55:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.932.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2021-02-14 08:35:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.932.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2021-02-11 16:31:01
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2021-02-11 16:20:02
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.30 05/25/2010
Motherboard: ASRock HM55-HT
Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 62%
Total physical RAM: 3767.05 MB
Available physical RAM: 1408.04 MB
Total Virtual: 5943.05 MB
Available Virtual: 3439.22 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.19 GB) (Free:62.9 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:465.76 GB) (Free:217.65 GB) NTFS
Drive e: (HDD Záloha) (Fixed) (Total:465.76 GB) (Free:61.41 GB) NTFS
Drive g: (IR10_2004_All_One_DVD) (Removable) (Total:29.29 GB) (Free:24.74 GB) NTFS
Drive h: (UEFI_NTFS) (Removable) (Total:0 GB) (Free:0 GB) FAT
\\?\Volume{89fed6d2-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{89fed6d2-0000-0000-0000-a0d21b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 89FED6D2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=509 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B5BDF682)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: DD2566A6)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Protective MBR) (Size: 29.3 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Přispějete na provoz fóra?