Logfile of random's system information tool 1.08 (written by random/random)
Run by Citron at 2010-09-07 17:39:41
Systém Microsoft Windows XP Professional Service Pack 1
System drive C: has 5 GB (61%) free of 8 GB
Total RAM: 503 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:40:10, on 7.9.2010
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Programy\Avast\aswUpdSv.exe
D:\Programy\Avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Firewall\Personal Firewall 4\kpf4ss.exe
D:\Programy\Avast\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
D:\Programy\Rainlendar2\Rainlendar2.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Firewall\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
D:\Programy\Avast\ashWebSv.exe
C:\Program Files\Firewall\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\_pal\Údržba\RSIT.exe
C:\Program Files\trend micro\Citron.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [avast!] D:\Programy\Avast\ashDisp.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Rainlendar2] D:\Programy\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC46E705-B684-4E21-A561-3ED0980EFADC}: NameServer = 192.168.1.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Programy\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Programy\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programy\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Programy\Avast\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Firewall\Personal Firewall 4\kpf4ss.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 3739 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\PCConfidential.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-03 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2004-12-21 155648]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2004-12-21 126976]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-08-24 88363]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-09-23 860160]
"avast!"=D:\Programy\Avast\ashDisp.exe [2009-11-25 81000]
"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2002-09-20 13312]
"Rainlendar2"=D:\Programy\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Programy\AdobeReader\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Programy\DAEMON Tools Lite\daemon.exe [2007-12-29 486856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\PROGRA~1\ICQ6.5\ICQ.exe silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\MSMSGS.EXE [2004-11-15 1670144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
D:\Programy\Olympus\FirstStart.exe [2007-09-04 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-12-21 348160]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2010-09-07 17:39:42 ----DC---- C:\Program Files\trend micro
2010-09-06 18:07:19 ----SHDC---- C:\Config.Msi
======List of files/folders modified in the last 1 months======
2010-09-07 17:39:46 ----DC---- C:\WINDOWS\Prefetch
2010-09-07 17:39:42 ----RDC---- C:\Program Files
2010-09-07 17:26:34 ----DC---- C:\WINDOWS\Temp
2010-09-07 17:25:09 ----DC---- C:\WINDOWS\Debug
2010-09-07 15:57:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-07 12:59:09 ----DC---- C:\WINDOWS\system32
2010-09-07 12:59:09 ----AC---- C:\WINDOWS\System32\PerfStringBackup.INI
2010-09-06 21:10:16 ----DC---- C:\WINDOWS\System32\CatRoot2
2010-09-06 18:12:07 ----SHDC---- C:\WINDOWS\Installer
2010-09-06 18:12:07 ----DC---- C:\WINDOWS\WinSxS
2010-09-06 18:12:05 ----DC---- C:\Program Files\Common Files\Microsoft Shared
2010-09-06 18:09:43 ----DC---- C:\Program Files\OpenOffice.org 3
2010-09-06 18:04:50 ----DC---- C:\WINDOWS
2010-09-06 18:03:48 ----DC---- C:\backups
2010-09-06 17:49:56 ----SHD---- C:\System Volume Information
2010-09-06 17:49:56 ----DC---- C:\WINDOWS\System32\Restore
2010-09-06 13:51:12 ----DC---- C:\Documents and Settings\Citron\Data aplikací\Skype
2010-09-06 00:23:22 ----DC---- C:\WINDOWS\System32\config
2010-09-06 00:22:59 ----DC---- C:\WINDOWS\System32\wbem
2010-09-06 00:22:57 ----DC---- C:\WINDOWS\Registration
2010-09-05 22:59:33 ----AC---- C:\WINDOWS\win.ini
2010-09-05 22:59:33 ----AC---- C:\WINDOWS\system.ini
2010-09-02 14:32:29 ----DC---- C:\WINDOWS\Minidump
2010-08-28 09:20:40 ----DC---- C:\WINDOWS\System32\CatRoot
2010-08-28 09:18:50 ----HDC---- C:\WINDOWS\inf
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\System32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2002-08-29 55680]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 speedfan;speedfan; C:\WINDOWS\System32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-07-14 715248]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\System32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\System32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\System32\drivers\aswTdi.sys [2009-11-25 48560]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2001-10-25 8064]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\System32\drivers\aswMon2.sys [2009-11-25 94160]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2001-10-25 84864]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-11-08 127744]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2004-08-24 1268204]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2002-09-20 57344]
R3 aswRdr;aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [2009-11-25 23120]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller; C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys [2004-05-26 44928]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2004-12-21 776349]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2002-09-20 57984]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [2002-08-29 156544]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-10-13 259840]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\System32\ASNDIS5.SYS []
S3 axm5y9mw;axm5y9mw; C:\WINDOWS\System32\drivers\axm5y9mw.sys []
S3 Bridge;Most MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2002-08-29 68864]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2002-08-29 68864]
S3 RT2500;AsusTek RT2500 Wireless Driver; C:\WINDOWS\System32\DRIVERS\RT2500.sys [2004-07-29 211072]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2002-08-29 28160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 14208]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Programy\Avast\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Programy\Avast\ashServ.exe [2009-11-25 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-03 153376]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Firewall\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\System32\svchost.exe [2001-10-25 12800]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R3 avast! Web Scanner;avast! Web Scanner; D:\Programy\Avast\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 avast! Mail Scanner;avast! Mail Scanner; D:\Programy\Avast\ashMaiSv.exe [2009-11-25 254040]
S4 Google Online Services;Google Online Services; C:\Documents and Settings\Citron\ie_updates3r.exe -A []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13493
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Doinstalujte SP3 
Re: Prosím o preventivní kontrolu
Pěkný den,
koukněte, prosím, na následující, PC jde v pohodě, ale asi by byl čas jej zas pročistit od případného bordelu a mrtvol.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2020
Ran by Citron (administrator) on CITRONIDLO (Hewlett-Packard HP ProBook 4530s) (28-11-2020 09:19:49)
Running from C:\_Pal\deebordel
Loaded Profiles: Citron
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Programy\Rainlendar2\Rainlendar2.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\avast software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\avast software\SecureLine VPN\VpnSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\AvastUI.exe <2>
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Macrovision Europe Ltd.) [File not signed] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <4>
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Programy\Spybot - Search & Destroy 2\SDTray.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Programy\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files\Motorola\Bluetooth\btmshell.dll [21709904 2011-02-15] (Motorola Inc -> Motorola Solutions, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Programy\AVAST Software\Avast\AvLaunch.exe [109160 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-12-12] (PC Tools -> PC Tools)
HKLM-x32\...\Run: [SDTray] => C:\Programy\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\Run: [Rainlendar2] => C:\Programy\Rainlendar2\Rainlendar2.exe [2433024 2011-08-12] () [File not signed]
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> c:\Windows\system32\DPLic.dll [2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11FB2D45-4C36-4B01-80D3-C6F28E3FBCFC} - System32\Tasks\Avast Emergency Update => C:\Programy\AVAST Software\Avast\AvEmUpdate.exe [3339872 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
Task: {127B6C7C-FAD1-467F-A605-57B0EDBF74C8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Programy\Spybot - Search & Destroy 2\SDImmunize.exe [4460472 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {16FDFC7E-4C9C-4B03-A55A-A88111667DFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {20066DC0-7C08-484F-86C6-4B3A39336BC1} - System32\Tasks\{D0670148-D19E-4A37-9E43-414C3329655E} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQ7.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {274671AA-2BBE-47E4-B053-0A30C1A96475} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Programy\Spybot - Search & Destroy 2\SDScan.exe [4818848 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {297F3292-8529-49B9-9795-7DDB56A05D25} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4661856 2020-11-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 3df9be00-2d4b-4fbd-8ba1-5159d1dfa004
Task: {2BB2D93A-3368-44E5-8B55-B35727CE9AAD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {44FB9B9F-D616-4B35-A103-60E0FF9D659D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4CED4619-CFC0-47A3-BFDE-3F12ECF15B9F} - System32\Tasks\{7EF8CF4C-BA2C-469C-9F98-95A77CAEAB85} => C:\windows\system32\pcalua.exe -a C:\Programy\UltraISO\UltraISO.exe -d C:\Programy\UltraISO
Task: {578033CC-051B-4EBD-8062-285BAE0BDDD6} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {62459F05-C238-4A71-857A-57D1A5B6DFF5} - System32\Tasks\NetworkWizardVCW => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {64794E5C-6B59-45A5-8BAD-BC0672C6C949} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-11] (Adobe Inc. -> Adobe)
Task: {695A5BC7-5581-4316-AB56-A3B2F71E04CA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Programy\Spybot - Search & Destroy 2\SDUpdate.exe [4747720 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {6B651EBD-A992-4C4B-942D-792024AD09E7} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\update.exe [2201560 2011-12-12] (PC Tools -> PC Tools)
Task: {70181105-497C-412F-833A-561EFCACB892} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5442656 2020-11-11] (Avast Software s.r.o. -> Avast Software)
Task: {765F8E8C-A40E-4CA2-AFCA-78224A6754E9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8138C2E1-F250-4C6E-91BB-A8D49B2A7C3C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {8679D50D-F393-46B8-982F-F86416468933} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {96467BB1-3E81-45E9-B4D4-6F98CFB6FFAA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-11] (Adobe Inc. -> Adobe)
Task: {9E535FE7-7B3C-4875-AE5E-0C174D8A5F59} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2020-11-12] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 8e7ab03c-fd72-46de-bf97-7145cc0e0713
Task: {A03A6A39-1B1E-40CD-89BC-A54A63AC8E91} - System32\Tasks\{89C2FC3E-6315-4EE0-9C6C-D17B2BC64A48} => C:\windows\system32\pcalua.exe -a C:\_Pal\deebordel\RegCleaner.exe -d C:\_Pal\deebordel
Task: {A1AA614F-7206-4D56-A458-72C9BDA4ADCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {A40FF1B3-B5E9-4745-8A30-A9DC72B8D8AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {AE8BC164-1C92-448D-B105-1D17222BF0D8} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5442656 2020-11-16] (Avast Software s.r.o. -> Avast Software)
Task: {B0A4EF81-0C82-4EC6-BFD1-85320AD14C83} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1188968 2020-11-18] (Avast Software s.r.o. -> AVAST Software)
Task: {DA4BF705-9A0A-492F-9496-21CE91B2E253} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 192.168.1.1
Tcpip\..\Interfaces\{A7F6367F-3D94-4B8E-881D-DE8832225970}: [DhcpNameServer] 192.168.5.1 192.168.1.1
Tcpip\..\Interfaces\{B1E8BFDC-2148-4261-81EB-3F462AE02610}: [DhcpNameServer] 192.168.5.1
FireFox:
========
FF DefaultProfile: ng7a8cym.default-1379696775163
FF ProfilePath: C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513 [2020-11-28]
FF Homepage: Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513 -> about:blank
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2020-11-02]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-11-24]
FF Extension: (No Name) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-17]
FF ProfilePath: C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163 [2020-11-21]
FF user.js: detected! => C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\user.js [2016-09-18]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\Extensions\sp@avast.com.xpi [2020-06-28]
FF Extension: (Adblock na Youtube™) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\Extensions\{0ac04bdb-d698-452f-8048-bcef1a3f4b0d}.xpi [2019-05-05]
FF Extension: (No Name) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-01]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\NOD 32\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\NOD 32\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-11] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll [2012-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-11] (Adobe Inc. -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-11] (Adobe Inc. -> Adobe)
S4 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Programy\AVAST Software\Avast\aswidsagent.exe [6514072 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Programy\AVAST Software\Avast\AvastSvc.exe [356824 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Programy\AVAST Software\Avast\afwServ.exe [1065456 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12971112 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-03] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2016-11-11] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2016-11-11] (Macrovision Europe Ltd.) [File not signed]
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [399720 2017-10-09] (WildTangent Inc -> WildTangent)
S3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
S4 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
S4 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-02-09] () [File not signed]
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-12-12] (PC Tools -> PC Tools)
R2 SDScannerService; C:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Programy\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [7897696 2020-11-18] (Avast Software s.r.o. -> AVAST Software)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [378568 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3315400 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [296448 2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S4 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation -> Xobni Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205880 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235584 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [195648 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60480 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42768 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175192 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [514448 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-09-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109272 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84848 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851600 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [466232 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216816 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\windows\System32\DRIVERS\aswTap.sys [53904 2017-04-14] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [323272 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
S3 BTMCOM; C:\windows\System32\Drivers\btmcom.sys [52736 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMUSB; C:\windows\System32\Drivers\btmusb.sys [486144 2011-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-10] (DT Soft Ltd -> DT Soft Ltd)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [168008 2011-02-09] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R3 nusb3hub; C:\windows\System32\DRIVERS\nusb3hub.sys [80384 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\windows\System32\DRIVERS\nusb3xhc.sys [181248 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [2621128 2015-07-15] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R1 SpyEmrg; C:\windows\System32\Drivers\spyemrg.sys [17608 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\windows\System32\Drivers\spyemrg_access.sys [24776 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\windows\System32\Drivers\spyemrg_guard.sys [19656 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt64.sys [520192 2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 SWDUMon; C:\windows\System32\DRIVERS\SWDUMon.sys [25608 2020-06-28] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 BTMNET; system32\DRIVERS\btmnet.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-28 09:19 - 2020-11-28 09:20 - 000000000 ____D C:\FRST
2020-11-24 13:18 - 2020-11-24 13:18 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2020-11-13 10:37 - 2020-11-13 10:37 - 000295568 _____ C:\windows\system32\FNTCACHE.DAT
2020-11-03 10:39 - 2020-11-03 10:39 - 000035763 _____ C:\Users\Citron\Downloads\tabiical-de-page24.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-28 09:20 - 2012-07-11 15:30 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-28 09:19 - 2016-11-18 12:44 - 000000000 ____D C:\Users\Citron\AppData\LocalLow\Mozilla
2020-11-28 09:13 - 2009-07-14 05:45 - 000019760 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-28 09:13 - 2009-07-14 05:45 - 000019760 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-28 09:04 - 2020-09-21 20:33 - 000003938 _____ C:\windows\system32\Tasks\Avast SecureLine VPN Update
2020-11-28 09:02 - 2012-07-11 16:06 - 000000000 ____D C:\Users\Citron\.rainlendar2
2020-11-28 09:02 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-11-28 08:58 - 2017-04-14 08:02 - 000004158 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-11-28 08:24 - 2018-04-24 13:33 - 000004128 _____ C:\windows\system32\Tasks\CCleaner Update
2020-11-27 23:55 - 2014-12-22 10:02 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-24 21:03 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2020-11-24 21:01 - 2020-07-12 10:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-24 21:01 - 2012-07-11 15:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-23 15:28 - 2018-05-30 06:39 - 000000000 ____D C:\Users\Citron\AppData\Local\AVAST Software
2020-11-21 21:34 - 2020-06-24 20:28 - 000003296 _____ C:\windows\system32\Tasks\{D0670148-D19E-4A37-9E43-414C3329655E}
2020-11-21 21:34 - 2018-04-26 14:35 - 000002796 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-11-21 21:34 - 2018-03-14 17:53 - 000004534 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-21 21:34 - 2017-04-21 18:27 - 000003106 _____ C:\windows\system32\Tasks\{89C2FC3E-6315-4EE0-9C6C-D17B2BC64A48}
2020-11-21 21:34 - 2015-12-03 15:34 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2020-11-21 21:34 - 2013-03-10 17:48 - 000003114 _____ C:\windows\system32\Tasks\{7EF8CF4C-BA2C-469C-9F98-95A77CAEAB85}
2020-11-21 21:34 - 2012-08-09 17:15 - 000004396 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-11-21 21:34 - 2012-07-11 20:17 - 000003386 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-21 21:34 - 2012-07-11 20:17 - 000003258 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-18 08:06 - 2020-06-29 14:51 - 000000000 ____D C:\Users\Citron\AppData\Roaming\Spy Emergency
2020-11-16 15:12 - 2020-06-09 18:18 - 000082024 _____ (Avast Software) C:\windows\system32\icarus_rvrt.exe
2020-11-12 17:06 - 2012-07-15 14:18 - 000000000 ____D C:\Users\Citron\AppData\Local\CrashDumps
2020-11-11 12:53 - 2012-07-11 20:09 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-11-11 12:53 - 2012-07-11 20:09 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-11 12:53 - 2012-07-11 18:26 - 000000000 ____D C:\windows\system32\Macromed
2020-11-11 12:53 - 2011-05-10 21:11 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-11-07 18:28 - 2020-10-13 19:50 - 000004478 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-11-07 18:22 - 2020-10-13 19:50 - 000002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-05 19:38 - 2012-07-11 15:55 - 000000000 ____D C:\Fotky
2020-11-05 19:33 - 2011-05-10 21:12 - 000669116 _____ C:\windows\system32\perfh005.dat
2020-11-05 19:33 - 2011-05-10 21:12 - 000141744 _____ C:\windows\system32\perfc005.dat
2020-11-05 19:33 - 2009-07-14 06:13 - 001584554 _____ C:\windows\system32\PerfStringBackup.INI
2020-11-02 16:33 - 2020-10-04 10:45 - 000000000 ____D C:\Users\Citron\Desktop\Old Firefox Data
==================== Files in the root of some directories ========
2012-07-11 15:33 - 2020-11-05 22:38 - 000004586 _____ () C:\Users\Citron\AppData\Local\mbt-actwiz.log
2012-10-28 12:23 - 2020-06-29 14:35 - 000007601 _____ () C:\Users\Citron\AppData\Local\resmon.resmoncfg
2017-03-29 14:46 - 2017-03-29 14:46 - 000000000 _____ () C:\Users\Citron\AppData\Local\{2662E165-2985-4912-B895-E386B6A16BD4}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-11-23 15:57
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2020
Ran by Citron (28-11-2020 09:22:44)
Running from C:\_Pal\deebordel
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-11 14:19:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1536627339-1155438233-2228032490-500 - Administrator - Disabled)
Citron (S-1-5-21-1536627339-1155438233-2228032490-1001 - Administrator - Enabled) => C:\Users\Citron
Guest (S-1-5-21-1536627339-1155438233-2228032490-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Spy Emergency (Disabled - Up to date) {CC339280-553F-D68A-6F68-9FB25810C8B4}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.453 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\{4114A073-7385-4742-8A5E-A5788FAC838F}) (Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{63E42DE7-C468-31B0-E373-173C67C87B88}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 20.1.9442.1244 - Avast Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.5.2415 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.8.5262.1418 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.33.24411 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4303 - Hewlett-Packard Company)
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT087361) (Version: 2.2.0.95 - WildTangent) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.8 - Hewlett-Packard Company)
Final Drive Nitro (HKLM-x32\...\WT087362) (Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
HP 3D DriveGuard (HKLM\...\{83DA38AB-1014-41C2-A3CD-E2B93832A71A}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{4B21E4B2-89B8-499D-803A-34ABF929401E}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{CFC1988A-F492-4BC5-B6F7-683A95718AE9}) (Version: 1.1.11.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.00.888 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{20976B1F-E910-404D-9261-C16EE7E12DC8}) (Version: 3.0.0.9057 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}) (Version: 4.0.112.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}) (Version: 2.1.2 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 en-US) (HKLM\...\Mozilla Firefox 83.0 (x64 en-US)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OLYMPUS Master 2 (HKLM-x32\...\{45FCADDB-0B29-457E-83A1-D245C62A716C}) (Version: 1.0.6 - OLYMPUS IMAGING CORP.)
OpenOffice.org 3.3 (HKLM-x32\...\{10B43A43-FF73-47FD-83E8-A503E84F9ED6}) (Version: 3.3.9567 - OpenOffice.org)
PC Tools Registry Mechanic 11.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)
Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek)
Realtek Motorola BC8 Bluetooth 3.0+HS Adapter (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.82.298 - Motorola Solutions, Inc.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0323 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Silent Hunter III (HKLM-x32\...\{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}) (Version: 1.4.0000 - Ubisoft) Hidden
Silent Hunter III (HKLM-x32\...\InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}) (Version: 1.4.0000 - Ubisoft)
Skype verze 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
Spy Emergency 2020-25.0.770 (HKLM\...\Spy Emergency_is1) (Version: - NETGATE Technologies s.r.o.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company)
TomTom MyDrive Connect 4.1.6.3253 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.30 - WildTangent)
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 1.0.0.28 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WMV9/VC-1 Video Playback (HKLM\...\{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (HKLM-x32\...\{8DC069E7-893C-41E1-9442-DE89FEC33371}) (Version: 1.0.0 - Xobni, Inc.) Hidden
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-15] (Motorola Inc -> Motorola Solutions, Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Programy\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Programy\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-03-28] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Programy\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Programy\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2011-02-09 20:27 - 2011-02-09 20:27 - 000141824 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2011-02-09 21:04 - 2011-02-09 21:04 - 002905600 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2011-01-27 01:35 - 2011-01-27 01:35 - 000007168 _____ () [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\SDKCOMServerLib.dll
2011-05-10 21:12 - 2011-01-27 01:34 - 001083392 _____ () [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2011-01-31 19:54 - 2011-01-31 19:54 - 000107008 _____ () [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-01-31 19:54 - 2011-01-31 19:54 - 000008192 _____ () [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\Interop.HPQWMIEXLib.dll
2020-06-29 14:51 - 2007-11-02 15:20 - 001403904 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\LIBEAY32.dll
2020-06-29 14:51 - 2007-11-02 15:20 - 000243712 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\SSLEAY32.dll
2020-06-29 14:51 - 2007-09-04 14:25 - 000198144 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\unrar.dll
2010-05-23 19:20 - 2010-05-23 19:20 - 000012288 _____ () [File not signed] C:\Programy\Rainlendar2\lfs.dll
2010-05-23 19:20 - 2010-05-23 19:20 - 000126976 _____ () [File not signed] C:\Programy\Rainlendar2\lua51.dll
2011-08-12 06:45 - 2011-08-12 06:45 - 000198144 _____ () [File not signed] C:\Programy\Rainlendar2\plugins\iCalendarPlugin.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 001412608 _____ () [File not signed] C:\windows\system32\LIBEAY32.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 002792960 _____ (Apache Software Foundation) [File not signed] C:\windows\system32\xerces-c_3_0.dll
2010-11-25 23:21 - 2010-11-25 23:21 - 004899328 _____ (Cogent Systems Inc.) [File not signed] C:\windows\system32\CgtFace_Dll.dll
2011-02-15 00:28 - 2011-02-15 00:28 - 000187016 _____ (Cogent Systems, Inc. -> Cogent Systems, Inc.) [File not signed] C:\windows\system32\BSWAuthImp.dll
2011-02-15 00:03 - 2011-02-15 00:03 - 000033928 _____ (Cogent Systems, Inc. -> TODO: <Company name>) [File not signed] C:\windows\system32\OEMComponentProvider.dll
2011-02-12 04:04 - 2011-02-12 04:04 - 000514560 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\KEYLIB64.dll
2011-02-12 04:04 - 2011-02-12 04:04 - 000495616 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\SKCA64.dll
2020-06-29 14:51 - 2011-08-15 17:49 - 001965056 _____ (CPULib Team) [File not signed] C:\Program Files\NETGATE\Spy Emergency\CPULib.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000916992 _____ (Free Software Foundation) [File not signed] C:\windows\system32\iconv.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000044544 _____ (Free Software Foundation) [File not signed] C:\windows\system32\intl.dll
2011-01-31 19:53 - 2011-01-31 19:53 - 000151552 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomain.dll
2011-01-31 19:54 - 2011-01-31 19:54 - 001044480 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTHostServices.dll
2011-01-31 19:55 - 2011-01-31 19:55 - 000081920 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTStrings.dll
2011-02-07 19:43 - 2011-02-07 19:43 - 005263872 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
2011-01-27 01:34 - 2011-01-27 01:34 - 000838656 _____ (HP) [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\HP.SupportFramework.dll
2014-02-01 11:25 - 2014-02-01 11:25 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2014-02-01 11:25 - 2014-02-01 11:25 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\MSVCP140.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\ucrtbase.DLL
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\VCRUNTIME140_1.dll
2011-01-11 21:04 - 2011-01-11 21:04 - 000599552 _____ (Symantec) [File not signed] C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv64.dll
2011-07-28 19:20 - 2011-07-28 19:20 - 000244736 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Programy\Rainlendar2\libcurl.dll
2011-01-29 12:59 - 2011-01-29 12:59 - 001102336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Programy\Rainlendar2\LIBEAY32.dll
2011-01-29 12:59 - 2011-01-29 12:59 - 000237056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Programy\Rainlendar2\SSLEAY32.dll
2010-12-12 11:56 - 2010-12-12 11:56 - 001205760 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxbase28u_vc_rny.dll
2010-12-12 11:58 - 2010-12-12 11:58 - 000131584 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxbase28u_xml_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 000707584 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_adv_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 002633216 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_core_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 000485376 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_html_vc_rny.dll
2010-12-12 11:58 - 2010-12-12 11:58 - 000502784 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_xrc_vc_rny.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [105]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) [File not signed]
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Toolbar: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7946 more sites.
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123simsen.com -> www.123simsen.com
There are 7946 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-10-17 11:45 - 000454011 ____R C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 15613 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Citron\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.5.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: XobniService => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: File Sanitizer => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
MSCONFIG\startupreg: HPConnectionManager => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: MfeEpePcMonitor => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EFE78C0F-A8D4-4891-95B5-64FF6E45F2C9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}] => (Allow) LPort=2869
FirewallRules: [{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{ED85CC10-1D65-494A-9911-77464812B347}C:\programy\qip\qip infium pafopack 9040\infium.exe] => (Allow) C:\programy\qip\qip infium pafopack 9040\infium.exe (OOO Russkie Internet Reshenija -> ) [File not signed]
FirewallRules: [UDP Query User{3D4908B8-B46A-4DF1-B5CA-60230D9E6EEB}C:\programy\qip\qip infium pafopack 9040\infium.exe] => (Allow) C:\programy\qip\qip infium pafopack 9040\infium.exe (OOO Russkie Internet Reshenija -> ) [File not signed]
FirewallRules: [TCP Query User{8DCE783B-1887-4850-9F0D-C003A0F5FF05}C:\programy\icq7.7\icq.exe] => (Allow) C:\programy\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{DD39CE13-D8BE-400A-985F-DF5F9D0F94D8}C:\programy\icq7.7\icq.exe] => (Allow) C:\programy\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{56BD7C38-2B1C-4E88-A002-7E5FFD8CB975}C:\programy\winamp\winamp.exe] => (Block) C:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{F4A647FE-6DB4-4C76-8C9E-996FD659191F}C:\programy\winamp\winamp.exe] => (Block) C:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E8735C39-2A5E-4B92-9353-076C65203934}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7A8BBF25-841F-4DAD-871C-D650D654D485}] => (Allow) C:\Programy\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [{B45139AA-B604-4E88-AD7C-D39E53F3D9EC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{59AE5393-1AA5-41EE-838A-14166FCE6F26}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{91EEFF27-64DA-4337-81FA-A304ABC14D6D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B4365BE-7BA5-411D-B6BA-F83229ABBFE2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
StandardProfile\AuthorizedApplications: [C:\Programy\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Programy\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
12-11-2020 15:12:18 Naplánovaný kontrolní bod
19-11-2020 22:20:28 Naplánovaný kontrolní bod
27-11-2020 16:29:13 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Realtek Motorola BC8 Bluetooth 3.0+HS Adapter
Description: Realtek Motorola BC8 Bluetooth 3.0+HS Adapter
Class Guid: {a173b237-6a34-4bb5-aa63-2561160fa200}
Manufacturer: Motorola Solutions, Inc.
Service: BTMUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/27/2020 09:38:38 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
Kontext: aplikace Windows
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)
Error: (11/13/2020 10:39:50 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:50 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Server indexu obsahu neaktualizoval nebo nenačetl informace kvůli chybě databáze. Zastavte a restartujte vyhledávací službu. Pokud potíže potrvají, vymažte index obsahu a proveďte znovu jeho procházení. V některých případech bude pravděpodobně nutné odstranit a znovu vytvořit index obsahu. (HRESULT : 0x8004117f) (0x8004117f)
System errors:
=============
Error: (11/28/2020 09:15:18 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (11/28/2020 09:15:18 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (11/28/2020 09:04:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (11/28/2020 09:00:06 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/28/2020 08:17:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby hpqwmiex bylo dosaženo časového limitu (30000 ms).
Error: (11/28/2020 08:16:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (11/28/2020 08:16:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Avast Cleanup neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/28/2020 08:16:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avast Cleanup bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===================================
Date: 2016-01-28 17:25:13.891
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C5B06EE9-5815-45BD-9F3A-089279E2DDBF}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Úplné prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2015-05-02 16:14:27.837
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{52BED4F3-1B3D-4771-86AE-99773FBE6CBB}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Citronidlo\Citron
Date: 2015-05-01 08:08:22.456
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{02636881-D547-43A1-A918-CF1FA67E9967}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Úplné prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2014-12-10 21:46:39.666
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{BF8F101D-5D30-40F3-89CF-2A6B4CE4ECD4}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Citronidlo\Citron
Date: 2013-08-17 05:04:53.918
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0E03EA01-0797-4A4D-AF6E-81BAA5790D90}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
CodeIntegrity:
===================================
Date: 2020-06-28 14:28:08.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Citron\AppData\Local\Temp\bcmwlNTP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-28 14:28:08.631
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Citron\AppData\Local\Temp\bcmwlNTP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-28 14:28:05.087
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Citron\AppData\Local\Temp\bcmwlNTP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-28 14:28:04.962
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Citron\AppData\Local\Temp\bcmwlNTP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 16:06:52.974
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-01-05 16:06:52.334
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-01-04 16:22:23.195
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-01-04 16:22:23.148
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Hewlett-Packard 68SRR Ver. F.0A 07/18/2011
Motherboard: Hewlett-Packard 167C
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 88%
Total physical RAM: 4030.36 MB
Available physical RAM: 458.57 MB
Total Virtual: 8058.9 MB
Available Virtual: 3615.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:676.39 GB) (Free:588.14 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:16.95 GB) (Free:2.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.13 GB) FAT32
\\?\Volume{ac3b751b-3067-11e1-9518-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 9FD8FEA1)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)
==================== End of Addition.txt =======================
koukněte, prosím, na následující, PC jde v pohodě, ale asi by byl čas jej zas pročistit od případného bordelu a mrtvol.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2020
Ran by Citron (administrator) on CITRONIDLO (Hewlett-Packard HP ProBook 4530s) (28-11-2020 09:19:49)
Running from C:\_Pal\deebordel
Loaded Profiles: Citron
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Programy\Rainlendar2\Rainlendar2.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\avast software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\avast software\SecureLine VPN\VpnSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Programy\AVAST Software\Avast\AvastUI.exe <2>
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Macrovision Europe Ltd.) [File not signed] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Motorola Inc -> Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <4>
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Programy\Spybot - Search & Destroy 2\SDTray.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Programy\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files\Motorola\Bluetooth\btmshell.dll [21709904 2011-02-15] (Motorola Inc -> Motorola Solutions, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Programy\AVAST Software\Avast\AvLaunch.exe [109160 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-12-12] (PC Tools -> PC Tools)
HKLM-x32\...\Run: [SDTray] => C:\Programy\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\Run: [Rainlendar2] => C:\Programy\Rainlendar2\Rainlendar2.exe [2433024 2011-08-12] () [File not signed]
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> c:\Windows\system32\DPLic.dll [2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11FB2D45-4C36-4B01-80D3-C6F28E3FBCFC} - System32\Tasks\Avast Emergency Update => C:\Programy\AVAST Software\Avast\AvEmUpdate.exe [3339872 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
Task: {127B6C7C-FAD1-467F-A605-57B0EDBF74C8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Programy\Spybot - Search & Destroy 2\SDImmunize.exe [4460472 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {16FDFC7E-4C9C-4B03-A55A-A88111667DFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {20066DC0-7C08-484F-86C6-4B3A39336BC1} - System32\Tasks\{D0670148-D19E-4A37-9E43-414C3329655E} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQ7.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {274671AA-2BBE-47E4-B053-0A30C1A96475} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Programy\Spybot - Search & Destroy 2\SDScan.exe [4818848 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {297F3292-8529-49B9-9795-7DDB56A05D25} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4661856 2020-11-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 3df9be00-2d4b-4fbd-8ba1-5159d1dfa004
Task: {2BB2D93A-3368-44E5-8B55-B35727CE9AAD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {44FB9B9F-D616-4B35-A103-60E0FF9D659D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4CED4619-CFC0-47A3-BFDE-3F12ECF15B9F} - System32\Tasks\{7EF8CF4C-BA2C-469C-9F98-95A77CAEAB85} => C:\windows\system32\pcalua.exe -a C:\Programy\UltraISO\UltraISO.exe -d C:\Programy\UltraISO
Task: {578033CC-051B-4EBD-8062-285BAE0BDDD6} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {62459F05-C238-4A71-857A-57D1A5B6DFF5} - System32\Tasks\NetworkWizardVCW => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {64794E5C-6B59-45A5-8BAD-BC0672C6C949} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-11] (Adobe Inc. -> Adobe)
Task: {695A5BC7-5581-4316-AB56-A3B2F71E04CA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Programy\Spybot - Search & Destroy 2\SDUpdate.exe [4747720 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {6B651EBD-A992-4C4B-942D-792024AD09E7} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\update.exe [2201560 2011-12-12] (PC Tools -> PC Tools)
Task: {70181105-497C-412F-833A-561EFCACB892} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5442656 2020-11-11] (Avast Software s.r.o. -> Avast Software)
Task: {765F8E8C-A40E-4CA2-AFCA-78224A6754E9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8138C2E1-F250-4C6E-91BB-A8D49B2A7C3C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {8679D50D-F393-46B8-982F-F86416468933} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {96467BB1-3E81-45E9-B4D4-6F98CFB6FFAA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-11] (Adobe Inc. -> Adobe)
Task: {9E535FE7-7B3C-4875-AE5E-0C174D8A5F59} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2020-11-12] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 8e7ab03c-fd72-46de-bf97-7145cc0e0713
Task: {A03A6A39-1B1E-40CD-89BC-A54A63AC8E91} - System32\Tasks\{89C2FC3E-6315-4EE0-9C6C-D17B2BC64A48} => C:\windows\system32\pcalua.exe -a C:\_Pal\deebordel\RegCleaner.exe -d C:\_Pal\deebordel
Task: {A1AA614F-7206-4D56-A458-72C9BDA4ADCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {A40FF1B3-B5E9-4745-8A30-A9DC72B8D8AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {AE8BC164-1C92-448D-B105-1D17222BF0D8} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5442656 2020-11-16] (Avast Software s.r.o. -> Avast Software)
Task: {B0A4EF81-0C82-4EC6-BFD1-85320AD14C83} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1188968 2020-11-18] (Avast Software s.r.o. -> AVAST Software)
Task: {DA4BF705-9A0A-492F-9496-21CE91B2E253} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 192.168.1.1
Tcpip\..\Interfaces\{A7F6367F-3D94-4B8E-881D-DE8832225970}: [DhcpNameServer] 192.168.5.1 192.168.1.1
Tcpip\..\Interfaces\{B1E8BFDC-2148-4261-81EB-3F462AE02610}: [DhcpNameServer] 192.168.5.1
FireFox:
========
FF DefaultProfile: ng7a8cym.default-1379696775163
FF ProfilePath: C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513 [2020-11-28]
FF Homepage: Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513 -> about:blank
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2020-11-02]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-11-24]
FF Extension: (No Name) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\xxiki3cb.default-release-1604331180513\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-17]
FF ProfilePath: C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163 [2020-11-21]
FF user.js: detected! => C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\user.js [2016-09-18]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\Extensions\sp@avast.com.xpi [2020-06-28]
FF Extension: (Adblock na Youtube™) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\Extensions\{0ac04bdb-d698-452f-8048-bcef1a3f4b0d}.xpi [2019-05-05]
FF Extension: (No Name) - C:\Users\Citron\AppData\Roaming\Mozilla\Firefox\Profiles\ng7a8cym.default-1379696775163\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-01]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\NOD 32\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\NOD 32\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-11] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll [2012-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Programy\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-11] (Adobe Inc. -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-11] (Adobe Inc. -> Adobe)
S4 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Programy\AVAST Software\Avast\aswidsagent.exe [6514072 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Programy\AVAST Software\Avast\AvastSvc.exe [356824 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Programy\AVAST Software\Avast\afwServ.exe [1065456 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12971112 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-03] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2016-11-11] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2016-11-11] (Macrovision Europe Ltd.) [File not signed]
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [399720 2017-10-09] (WildTangent Inc -> WildTangent)
S3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
S4 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
S4 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-02-09] () [File not signed]
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-12-12] (PC Tools -> PC Tools)
R2 SDScannerService; C:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Programy\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [7897696 2020-11-18] (Avast Software s.r.o. -> AVAST Software)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [378568 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3315400 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [296448 2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S4 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation -> Xobni Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205880 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235584 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [195648 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60480 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42768 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175192 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [514448 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-09-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109272 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84848 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851600 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [466232 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216816 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\windows\System32\DRIVERS\aswTap.sys [53904 2017-04-14] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [323272 2020-07-05] (Avast Software s.r.o. -> AVAST Software)
S3 BTMCOM; C:\windows\System32\Drivers\btmcom.sys [52736 2010-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.)
S3 BTMUSB; C:\windows\System32\Drivers\btmusb.sys [486144 2011-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-10] (DT Soft Ltd -> DT Soft Ltd)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [168008 2011-02-09] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.)
R3 nusb3hub; C:\windows\System32\DRIVERS\nusb3hub.sys [80384 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\windows\System32\DRIVERS\nusb3xhc.sys [181248 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [2621128 2015-07-15] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R1 SpyEmrg; C:\windows\System32\Drivers\spyemrg.sys [17608 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\windows\System32\Drivers\spyemrg_access.sys [24776 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\windows\System32\Drivers\spyemrg_guard.sys [19656 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt64.sys [520192 2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 SWDUMon; C:\windows\System32\DRIVERS\SWDUMon.sys [25608 2020-06-28] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 BTMNET; system32\DRIVERS\btmnet.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-28 09:19 - 2020-11-28 09:20 - 000000000 ____D C:\FRST
2020-11-24 13:18 - 2020-11-24 13:18 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2020-11-13 10:37 - 2020-11-13 10:37 - 000295568 _____ C:\windows\system32\FNTCACHE.DAT
2020-11-03 10:39 - 2020-11-03 10:39 - 000035763 _____ C:\Users\Citron\Downloads\tabiical-de-page24.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-28 09:20 - 2012-07-11 15:30 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-28 09:19 - 2016-11-18 12:44 - 000000000 ____D C:\Users\Citron\AppData\LocalLow\Mozilla
2020-11-28 09:13 - 2009-07-14 05:45 - 000019760 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-28 09:13 - 2009-07-14 05:45 - 000019760 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-28 09:04 - 2020-09-21 20:33 - 000003938 _____ C:\windows\system32\Tasks\Avast SecureLine VPN Update
2020-11-28 09:02 - 2012-07-11 16:06 - 000000000 ____D C:\Users\Citron\.rainlendar2
2020-11-28 09:02 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-11-28 08:58 - 2017-04-14 08:02 - 000004158 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-11-28 08:24 - 2018-04-24 13:33 - 000004128 _____ C:\windows\system32\Tasks\CCleaner Update
2020-11-27 23:55 - 2014-12-22 10:02 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-24 21:03 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2020-11-24 21:01 - 2020-07-12 10:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-24 21:01 - 2012-07-11 15:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-23 15:28 - 2018-05-30 06:39 - 000000000 ____D C:\Users\Citron\AppData\Local\AVAST Software
2020-11-21 21:34 - 2020-06-24 20:28 - 000003296 _____ C:\windows\system32\Tasks\{D0670148-D19E-4A37-9E43-414C3329655E}
2020-11-21 21:34 - 2018-04-26 14:35 - 000002796 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-11-21 21:34 - 2018-03-14 17:53 - 000004534 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-21 21:34 - 2017-04-21 18:27 - 000003106 _____ C:\windows\system32\Tasks\{89C2FC3E-6315-4EE0-9C6C-D17B2BC64A48}
2020-11-21 21:34 - 2015-12-03 15:34 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2020-11-21 21:34 - 2013-03-10 17:48 - 000003114 _____ C:\windows\system32\Tasks\{7EF8CF4C-BA2C-469C-9F98-95A77CAEAB85}
2020-11-21 21:34 - 2012-08-09 17:15 - 000004396 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-11-21 21:34 - 2012-07-11 20:17 - 000003386 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-21 21:34 - 2012-07-11 20:17 - 000003258 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-18 08:06 - 2020-06-29 14:51 - 000000000 ____D C:\Users\Citron\AppData\Roaming\Spy Emergency
2020-11-16 15:12 - 2020-06-09 18:18 - 000082024 _____ (Avast Software) C:\windows\system32\icarus_rvrt.exe
2020-11-12 17:06 - 2012-07-15 14:18 - 000000000 ____D C:\Users\Citron\AppData\Local\CrashDumps
2020-11-11 12:53 - 2012-07-11 20:09 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-11-11 12:53 - 2012-07-11 20:09 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-11 12:53 - 2012-07-11 18:26 - 000000000 ____D C:\windows\system32\Macromed
2020-11-11 12:53 - 2011-05-10 21:11 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-11-07 18:28 - 2020-10-13 19:50 - 000004478 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-11-07 18:22 - 2020-10-13 19:50 - 000002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-05 19:38 - 2012-07-11 15:55 - 000000000 ____D C:\Fotky
2020-11-05 19:33 - 2011-05-10 21:12 - 000669116 _____ C:\windows\system32\perfh005.dat
2020-11-05 19:33 - 2011-05-10 21:12 - 000141744 _____ C:\windows\system32\perfc005.dat
2020-11-05 19:33 - 2009-07-14 06:13 - 001584554 _____ C:\windows\system32\PerfStringBackup.INI
2020-11-02 16:33 - 2020-10-04 10:45 - 000000000 ____D C:\Users\Citron\Desktop\Old Firefox Data
==================== Files in the root of some directories ========
2012-07-11 15:33 - 2020-11-05 22:38 - 000004586 _____ () C:\Users\Citron\AppData\Local\mbt-actwiz.log
2012-10-28 12:23 - 2020-06-29 14:35 - 000007601 _____ () C:\Users\Citron\AppData\Local\resmon.resmoncfg
2017-03-29 14:46 - 2017-03-29 14:46 - 000000000 _____ () C:\Users\Citron\AppData\Local\{2662E165-2985-4912-B895-E386B6A16BD4}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-11-23 15:57
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2020
Ran by Citron (28-11-2020 09:22:44)
Running from C:\_Pal\deebordel
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-11 14:19:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1536627339-1155438233-2228032490-500 - Administrator - Disabled)
Citron (S-1-5-21-1536627339-1155438233-2228032490-1001 - Administrator - Enabled) => C:\Users\Citron
Guest (S-1-5-21-1536627339-1155438233-2228032490-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Spy Emergency (Disabled - Up to date) {CC339280-553F-D68A-6F68-9FB25810C8B4}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.453 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\{4114A073-7385-4742-8A5E-A5788FAC838F}) (Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{63E42DE7-C468-31B0-E373-173C67C87B88}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 20.1.9442.1244 - Avast Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.5.2415 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.8.5262.1418 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.33.24411 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4303 - Hewlett-Packard Company)
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT087361) (Version: 2.2.0.95 - WildTangent) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.8 - Hewlett-Packard Company)
Final Drive Nitro (HKLM-x32\...\WT087362) (Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
HP 3D DriveGuard (HKLM\...\{83DA38AB-1014-41C2-A3CD-E2B93832A71A}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{4B21E4B2-89B8-499D-803A-34ABF929401E}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{CFC1988A-F492-4BC5-B6F7-683A95718AE9}) (Version: 1.1.11.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.00.888 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{20976B1F-E910-404D-9261-C16EE7E12DC8}) (Version: 3.0.0.9057 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}) (Version: 4.0.112.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}) (Version: 2.1.2 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 en-US) (HKLM\...\Mozilla Firefox 83.0 (x64 en-US)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OLYMPUS Master 2 (HKLM-x32\...\{45FCADDB-0B29-457E-83A1-D245C62A716C}) (Version: 1.0.6 - OLYMPUS IMAGING CORP.)
OpenOffice.org 3.3 (HKLM-x32\...\{10B43A43-FF73-47FD-83E8-A503E84F9ED6}) (Version: 3.3.9567 - OpenOffice.org)
PC Tools Registry Mechanic 11.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)
Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek)
Realtek Motorola BC8 Bluetooth 3.0+HS Adapter (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.82.298 - Motorola Solutions, Inc.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0323 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Silent Hunter III (HKLM-x32\...\{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}) (Version: 1.4.0000 - Ubisoft) Hidden
Silent Hunter III (HKLM-x32\...\InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}) (Version: 1.4.0000 - Ubisoft)
Skype verze 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
Spy Emergency 2020-25.0.770 (HKLM\...\Spy Emergency_is1) (Version: - NETGATE Technologies s.r.o.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company)
TomTom MyDrive Connect 4.1.6.3253 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.30 - WildTangent)
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 1.0.0.28 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WMV9/VC-1 Video Playback (HKLM\...\{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (HKLM-x32\...\{8DC069E7-893C-41E1-9442-DE89FEC33371}) (Version: 1.0.0 - Xobni, Inc.) Hidden
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-15] (Motorola Inc -> Motorola Solutions, Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Programy\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Programy\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-03-28] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll [2020-07-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Programy\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Programy\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2011-02-09 20:27 - 2011-02-09 20:27 - 000141824 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2011-02-09 21:04 - 2011-02-09 21:04 - 002905600 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2011-01-27 01:35 - 2011-01-27 01:35 - 000007168 _____ () [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\SDKCOMServerLib.dll
2011-05-10 21:12 - 2011-01-27 01:34 - 001083392 _____ () [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2011-01-31 19:54 - 2011-01-31 19:54 - 000107008 _____ () [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-01-31 19:54 - 2011-01-31 19:54 - 000008192 _____ () [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\Interop.HPQWMIEXLib.dll
2020-06-29 14:51 - 2007-11-02 15:20 - 001403904 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\LIBEAY32.dll
2020-06-29 14:51 - 2007-11-02 15:20 - 000243712 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\SSLEAY32.dll
2020-06-29 14:51 - 2007-09-04 14:25 - 000198144 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\unrar.dll
2010-05-23 19:20 - 2010-05-23 19:20 - 000012288 _____ () [File not signed] C:\Programy\Rainlendar2\lfs.dll
2010-05-23 19:20 - 2010-05-23 19:20 - 000126976 _____ () [File not signed] C:\Programy\Rainlendar2\lua51.dll
2011-08-12 06:45 - 2011-08-12 06:45 - 000198144 _____ () [File not signed] C:\Programy\Rainlendar2\plugins\iCalendarPlugin.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 001412608 _____ () [File not signed] C:\windows\system32\LIBEAY32.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 002792960 _____ (Apache Software Foundation) [File not signed] C:\windows\system32\xerces-c_3_0.dll
2010-11-25 23:21 - 2010-11-25 23:21 - 004899328 _____ (Cogent Systems Inc.) [File not signed] C:\windows\system32\CgtFace_Dll.dll
2011-02-15 00:28 - 2011-02-15 00:28 - 000187016 _____ (Cogent Systems, Inc. -> Cogent Systems, Inc.) [File not signed] C:\windows\system32\BSWAuthImp.dll
2011-02-15 00:03 - 2011-02-15 00:03 - 000033928 _____ (Cogent Systems, Inc. -> TODO: <Company name>) [File not signed] C:\windows\system32\OEMComponentProvider.dll
2011-02-12 04:04 - 2011-02-12 04:04 - 000514560 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\KEYLIB64.dll
2011-02-12 04:04 - 2011-02-12 04:04 - 000495616 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\SKCA64.dll
2020-06-29 14:51 - 2011-08-15 17:49 - 001965056 _____ (CPULib Team) [File not signed] C:\Program Files\NETGATE\Spy Emergency\CPULib.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000916992 _____ (Free Software Foundation) [File not signed] C:\windows\system32\iconv.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000044544 _____ (Free Software Foundation) [File not signed] C:\windows\system32\intl.dll
2011-01-31 19:53 - 2011-01-31 19:53 - 000151552 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomain.dll
2011-01-31 19:54 - 2011-01-31 19:54 - 001044480 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTHostServices.dll
2011-01-31 19:55 - 2011-01-31 19:55 - 000081920 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTStrings.dll
2011-02-07 19:43 - 2011-02-07 19:43 - 005263872 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
2011-01-27 01:34 - 2011-01-27 01:34 - 000838656 _____ (HP) [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\HP.SupportFramework.dll
2014-02-01 11:25 - 2014-02-01 11:25 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2014-02-01 11:25 - 2014-02-01 11:25 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\MSVCP140.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\ucrtbase.DLL
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\VCRUNTIME140.dll
2020-11-27 17:57 - 2020-11-27 17:57 - 000000000 ____L (Microsoft Corporation) C:\Programy\AVAST Software\Avast\defs\20112708\avast.local_vc142.crt\VCRUNTIME140_1.dll
2011-01-11 21:04 - 2011-01-11 21:04 - 000599552 _____ (Symantec) [File not signed] C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv64.dll
2011-07-28 19:20 - 2011-07-28 19:20 - 000244736 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Programy\Rainlendar2\libcurl.dll
2011-01-29 12:59 - 2011-01-29 12:59 - 001102336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Programy\Rainlendar2\LIBEAY32.dll
2011-01-29 12:59 - 2011-01-29 12:59 - 000237056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Programy\Rainlendar2\SSLEAY32.dll
2010-12-12 11:56 - 2010-12-12 11:56 - 001205760 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxbase28u_vc_rny.dll
2010-12-12 11:58 - 2010-12-12 11:58 - 000131584 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxbase28u_xml_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 000707584 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_adv_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 002633216 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_core_vc_rny.dll
2010-12-12 11:57 - 2010-12-12 11:57 - 000485376 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_html_vc_rny.dll
2010-12-12 11:58 - 2010-12-12 11:58 - 000502784 _____ (wxWidgets development team) [File not signed] C:\Programy\Rainlendar2\wxmsw28u_xrc_vc_rny.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [105]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) [File not signed]
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Toolbar: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7946 more sites.
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\...\123simsen.com -> www.123simsen.com
There are 7946 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-10-17 11:45 - 000454011 ____R C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 15613 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1536627339-1155438233-2228032490-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Citron\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.5.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: XobniService => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: File Sanitizer => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
MSCONFIG\startupreg: HPConnectionManager => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: MfeEpePcMonitor => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EFE78C0F-A8D4-4891-95B5-64FF6E45F2C9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}] => (Allow) LPort=2869
FirewallRules: [{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{ED85CC10-1D65-494A-9911-77464812B347}C:\programy\qip\qip infium pafopack 9040\infium.exe] => (Allow) C:\programy\qip\qip infium pafopack 9040\infium.exe (OOO Russkie Internet Reshenija -> ) [File not signed]
FirewallRules: [UDP Query User{3D4908B8-B46A-4DF1-B5CA-60230D9E6EEB}C:\programy\qip\qip infium pafopack 9040\infium.exe] => (Allow) C:\programy\qip\qip infium pafopack 9040\infium.exe (OOO Russkie Internet Reshenija -> ) [File not signed]
FirewallRules: [TCP Query User{8DCE783B-1887-4850-9F0D-C003A0F5FF05}C:\programy\icq7.7\icq.exe] => (Allow) C:\programy\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{DD39CE13-D8BE-400A-985F-DF5F9D0F94D8}C:\programy\icq7.7\icq.exe] => (Allow) C:\programy\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{56BD7C38-2B1C-4E88-A002-7E5FFD8CB975}C:\programy\winamp\winamp.exe] => (Block) C:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{F4A647FE-6DB4-4C76-8C9E-996FD659191F}C:\programy\winamp\winamp.exe] => (Block) C:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E8735C39-2A5E-4B92-9353-076C65203934}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7A8BBF25-841F-4DAD-871C-D650D654D485}] => (Allow) C:\Programy\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [{B45139AA-B604-4E88-AD7C-D39E53F3D9EC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{59AE5393-1AA5-41EE-838A-14166FCE6F26}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{91EEFF27-64DA-4337-81FA-A304ABC14D6D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B4365BE-7BA5-411D-B6BA-F83229ABBFE2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
StandardProfile\AuthorizedApplications: [C:\Programy\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Programy\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
12-11-2020 15:12:18 Naplánovaný kontrolní bod
19-11-2020 22:20:28 Naplánovaný kontrolní bod
27-11-2020 16:29:13 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Realtek Motorola BC8 Bluetooth 3.0+HS Adapter
Description: Realtek Motorola BC8 Bluetooth 3.0+HS Adapter
Class Guid: {a173b237-6a34-4bb5-aa63-2561160fa200}
Manufacturer: Motorola Solutions, Inc.
Service: BTMUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/27/2020 09:38:38 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
Kontext: aplikace Windows
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:51 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)
Error: (11/13/2020 10:39:50 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (11/13/2020 10:39:50 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Server indexu obsahu neaktualizoval nebo nenačetl informace kvůli chybě databáze. Zastavte a restartujte vyhledávací službu. Pokud potíže potrvají, vymažte index obsahu a proveďte znovu jeho procházení. V některých případech bude pravděpodobně nutné odstranit a znovu vytvořit index obsahu. (HRESULT : 0x8004117f) (0x8004117f)
System errors:
=============
Error: (11/28/2020 09:15:18 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (11/28/2020 09:15:18 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (11/28/2020 09:04:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (11/28/2020 09:00:06 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/28/2020 08:17:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby hpqwmiex bylo dosaženo časového limitu (30000 ms).
Error: (11/28/2020 08:16:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (11/28/2020 08:16:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Avast Cleanup neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/28/2020 08:16:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avast Cleanup bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===================================
Date: 2016-01-28 17:25:13.891
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C5B06EE9-5815-45BD-9F3A-089279E2DDBF}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Úplné prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2015-05-02 16:14:27.837
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{52BED4F3-1B3D-4771-86AE-99773FBE6CBB}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Citronidlo\Citron
Date: 2015-05-01 08:08:22.456
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{02636881-D547-43A1-A918-CF1FA67E9967}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Úplné prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2014-12-10 21:46:39.666
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{BF8F101D-5D30-40F3-89CF-2A6B4CE4ECD4}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Citronidlo\Citron
Date: 2013-08-17 05:04:53.918
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0E03EA01-0797-4A4D-AF6E-81BAA5790D90}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
CodeIntegrity:
===================================
Date: 2020-06-28 14:28:08.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Citron\AppData\Local\Temp\bcmwlNTP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-28 14:28:08.631
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Citron\AppData\Local\Temp\bcmwlNTP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-28 14:28:05.087
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Citron\AppData\Local\Temp\bcmwlNTP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-28 14:28:04.962
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Citron\AppData\Local\Temp\bcmwlNTP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 16:06:52.974
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-01-05 16:06:52.334
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-01-04 16:22:23.195
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-01-04 16:22:23.148
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Hewlett-Packard 68SRR Ver. F.0A 07/18/2011
Motherboard: Hewlett-Packard 167C
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 88%
Total physical RAM: 4030.36 MB
Available physical RAM: 458.57 MB
Total Virtual: 8058.9 MB
Available Virtual: 3615.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:676.39 GB) (Free:588.14 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:16.95 GB) (Free:2.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.13 GB) FAT32
\\?\Volume{ac3b751b-3067-11e1-9518-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 9FD8FEA1)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)
==================== End of Addition.txt =======================
Re: Prosím o preventivní kontrolu
Dobry den.
Zalozte, prosim, nove tema, tam polozte logy a mozeme pokracovat v nom.
Toto tema zamykam.
Zalozte, prosim, nove tema, tam polozte logy a mozeme pokracovat v nom.
Toto tema zamykam.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?