CreateRestorePoint:
CloseProcesses:
EmptyTemp:
File: C:\Users\Martin JBL\AppData\Roaming\WinHost\svchost.exe
File: C:\Users\Martin JBL\AppData\Local\Temp\46CAC324-1C876C08-D26481BC-F4BD736C\2gGz8zoyKCiK.exe
C:\Users\Martin JBL\AppData\Roaming\WinHost\syswow.exe
C:\Users\Martin JBL\AppData\Local\Temp\46CAC324-1C876C08-D26481BC-F4BD736C\2XLAOmkzqr.exe
C:\Users\Martin JBL\AppData\Local\Temp\46CAC324-1C876C08-D26481BC-F4BD736C\4c5wB9rL0p.exe
C:\Users\Martin JBL\Downloads\o61gr4vh.exe
C:\Users\Martin JBL\AppData\Roaming\WinHost\kernel.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-396878965-3115303201-3986776825-1002\...\Run: [Prun] => C:\WINDOWS\PublicGaming\prun.exe [715657728 2021-05-06] (DearMob, Inc.) [Brak podpisu cyfrowego] <==== UWAGA
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {1F6589B9-0618-41A9-A60A-F12AFBF7B3EE} - System32\Tasks\TR_Updater => C:\Program Files (x86)\Trojan Remover\Trupd.exe [6480784 2020-10-05] (Simply Super Software -> Simply Super Software)
Task: {1FC35EED-C768-4E92-B9CD-D7C9D986ABDF} - \Firefox Default Browser Agent 2B9CDF9E80034952 -> Brak pliku <==== UWAGA
Task: {32CD883B-9A9E-4E03-9D5A-76D4D09598A9} - System32\Tasks\UpdateWindows => C:\Users\Martin [Argument = JBL\AppData\Roaming\WinHost\svchost.exe] <==== UWAGA
Task: {60FCAE3A-4117-43D6-B060-3AD5C57F70E8} - System32\Tasks\TR_FastScan_AtLogon => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [6499736 2021-02-27] (Simply Super Software -> Simply Super Software)
Task: {CF6791E2-4028-4EB8-8995-897241B1E16C} - System32\Tasks\TR_FastScan_Daily_Martin JBL => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [6499736 2021-02-27] (Simply Super Software -> Simply Super Software)
Task: {D554457D-9501-4F66-87E9-774505EA5E15} - System32\Tasks\TR_AntiHijack => C:\Program Files (x86)\Trojan Remover\TRAntiHJ.exe
Task: {EEF3F29F-DDEC-400C-8ED6-862C9B17FE5D} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA
Task: {EFF69E7F-C4F6-4C39-ACB4-D35E618739AD} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [170776 2019-02-09] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA
Tcpip\..\Interfaces\{03cd6cbb-6e41-4868-99b8-0c21a12146ef}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0dc88211-c468-42fd-9be2-3b67b61cd91a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1937732f-f689-4a45-a158-1de6be65e60f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3a39de96-d57d-433b-8794-542ebee7ddb7}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{f8ea3161-0c80-44f2-ace5-d8b1dba99c93}: [DhcpNameServer] 192.168.1.1
FF Notifications: Mozilla\Firefox\Profiles\961chwb7.default -> hxxps://s9pri.concerss.online
CHR DefaultSearchURL: Default -> hxxps://www.ctcodeinfo.com/search?q={searchTerms}
CHR Extension: (yTrustDoc) - C:\ProgramData\Beakdn\Zuzzrmg [2021-05-16]
BRA Extension: (yTrustDoc) - C:\ProgramData\Beakdn\Zuzzrmg [2021-05-16]
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [176928 2019-02-09] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
S3 Disc Soft Lite Bus Service; "C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe" [X]
S2 UCBrowserSvc; "C:\Program Files (x86)\UCBrowser\Application\UCService.exe" [X] <==== UWAGA
2021-05-16 10:55 - 2021-05-16 10:55 - 000000000 ____D C:\Users\Martin JBL\AppData\Roaming\WinHost
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9 [135]
FirewallRules: [{9BB91E76-C260-4494-B91D-286AB709E6A2}] => (Block) C:\Program Files\Marvelous Designer 9 Enterprise\MarvelousDesigner9_Enterprise_x64.exe => Brak pliku
FirewallRules: [{11491880-E078-40FE-85DB-B73D79ED65AD}] => (Block) C:\Program Files\Marvelous Designer 9 Enterprise\MarvelousDesigner9_Enterprise_x64.exe => Brak pliku
FirewallRules: [{93CE51D1-A003-4916-ACFC-96FA6DEC69B0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.1\DriverBooster.exe => Brak pliku
FirewallRules: [{204DBB96-D518-40FF-9278-17F4C0C18973}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.2.1\DriverBooster.exe => Brak pliku
FirewallRules: [{58115A3A-9C9A-4838-8BF1-E0DEFF85E640}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
FirewallRules: [{47992470-D815-4412-A1DF-7258B3F6DF53}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
FirewallRules: [{6B4FAFCB-808A-4090-950D-9F00137E6A1E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe => Brak pliku
C:\ProgramData\Beakdn
FilesInDirectory: C:\Users\Martin JBL\AppData\Local\*.exe;*.dll;*.ini
FilesInDirectory: C:\Users\Martin JBL\AppData\Roaming\*.exe;*.dll;*.ini
RemoveProxy:
Hosts: