Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
TIVL
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 20 led 2007 20:20
Kontaktovat uživatele:

Preventivní kontrola

#1 Příspěvek od TIVL »

Dobrý den,
prosím o kontrolu, myš odmítá spolupracovat, přitom ovladače aktuální, system vcelku v normálu.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by Virgill (04-02-2019 08:19:02)
Running from C:\Users\Virgill\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2018-04-06 10:12:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3750458451-981303790-4038828487-500 - Administrator - Disabled)
Guest (S-1-5-21-3750458451-981303790-4038828487-501 - Limited - Disabled)
Virgill (S-1-5-21-3750458451-981303790-4038828487-1000 - Administrator - Enabled) => C:\Users\Virgill

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Actionaz 3.8.0 (32 bits) (HKLM-x32\...\{968D7F40-0B23-457D-AD67-0F7C0012EF1E}_is1) (Version: 3.8.0 - Actionaz.org)
Akamai NetSession Interface (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aliens Colonial Marines (HKLM-x32\...\Aliens Colonial Marines_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Auto Keyboard v6.1 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 6.1 - MurGee.com)
AutoHotkey 1.1.30.01 (HKLM\...\AutoHotkey) (Version: 1.1.30.01 - Lexikos)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.1.3075 - AVG Technologies)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.10.0001 - Bloody)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Cok Free Auto Clicker 2.0 (HKLM-x32\...\Cok Free Auto Clicker_is1) (Version: 2.0 - Cok Software)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.5.1 - IObit)
EVE Online (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\{a855ea64-17fc-4621-8088-817c6e5216da}) (Version: 1.0.0 - CCP)
GoldWave v6.31 (HKLM\...\GoldWave v6.31) (Version: 6.31 - GoldWave Inc.)
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
GoToMeeting 8.39.2.11674 (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\GoToMeeting) (Version: 8.39.2.11674 - LogMeIn, Inc.)
KeyCommander 1.3.1 (HKLM-x32\...\KeyCommander) (Version: 1.3.1 - fabi.me)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 64.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 64.0.2 (x64 cs)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Opera Stable 56.0.3051.116 (HKLM-x32\...\Opera 56.0.3051.116) (Version: 56.0.3051.116 - Opera Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
pyfa version 2.5.0b1 (YC120.8 1.0) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 2.5.0b1 (YC120.8 1.0) - pyfa)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8549 - Realtek Semiconductor Corp.)
ReMouse Micro (HKLM-x32\...\ReMouse Micro_is1) (Version: Micro V4.0 - AutomaticSolution Software)
Sandboxie 5.22 (64-bit) (HKLM\...\Sandboxie) (Version: 5.22 - Sandboxie Holdings, LLC)
Skype version 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\TeamSpeak 3 Client) (Version: 3.0.19.4 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer)
The Lord of the Rings Online™ v1903.0058.2732.4095 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1903.0058.2732.4095 - Standing Stone Games, LLC)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 58.0 - Ubisoft)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {101AFC1F-385B-4C85-9233-96B637E6DC1A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {31CE8820-DEC3-44FE-AF5E-5341094DE701} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {33DAF243-3C26-4503-8A14-B38DCBE438FB} - System32\Tasks\Driver Booster SkipUAC (Virgill) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe [2018-07-17] (IObit Information Technology -> IObit)
Task: {582D6876-09D2-4858-9680-ADA581D3177F} - System32\Tasks\update-S-1-5-21-3750458451-981303790-4038828487-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {7E620777-3F47-4547-8BFA-6A7F0A779454} - System32\Tasks\{2C9D620B-59DD-4BC0-B514-879AECD29A76} => C:\Windows\system32\pcalua.exe -a C:\Users\Virgill\Downloads\arcanumcz-full.exe -d C:\Users\Virgill\Downloads
Task: {8699578C-7053-4B54-BCEE-C59CCF011286} - System32\Tasks\G2MUpdateTask-S-1-5-21-3750458451-981303790-4038828487-1000 => C:\Users\Virgill\AppData\Local\GoToMeeting\11674\g2mupdate.exe [2019-02-02] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9E2D5D21-335E-4DE0-95BE-5E4049E0A0C6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {A4FFC47B-0187-4E2F-B064-169764DDA071} - System32\Tasks\Opera scheduled Autoupdate 1523012796 => C:\Program Files\Opera\launcher.exe [2018-11-26] (Opera Software AS -> Opera Software)
Task: {A897DE4B-C40C-4A4C-84E6-1B7431D8BE4E} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\Scheduler.exe [2018-07-17] (IObit Information Technology -> IObit)
Task: {A937A1EB-103E-402B-A6B3-E92BE4AE1D0C} - System32\Tasks\G2MUploadTask-S-1-5-21-3750458451-981303790-4038828487-1000 => C:\Users\Virgill\AppData\Local\GoToMeeting\11674\g2mupload.exe [2019-02-02] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {DADA697C-FC58-4389-89FD-C5C2F0337485} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {EEF6ED9C-DA56-4831-B147-DFAAD7100F51} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-01-20] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3750458451-981303790-4038828487-1000.job => C:\Users\Virgill\AppData\Local\GoToMeeting\11674\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3750458451-981303790-4038828487-1000.job => C:\Users\Virgill\AppData\Local\GoToMeeting\11674\g2mupload.exe
Task: C:\Windows\Tasks\update-S-1-5-21-3750458451-981303790-4038828487-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-01-19 18:51 - 2019-01-19 18:51 - 000662960 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
2019-02-04 06:51 - 2019-02-04 06:51 - 006953672 _____ () C:\Program Files\AVG\Antivirus\defs\19020304\algo64.dll
2019-01-19 18:51 - 2019-01-19 18:51 - 000550832 _____ () C:\Program Files\AVG\Antivirus\gui_cache.dll
2019-01-19 18:51 - 2019-01-19 18:51 - 001967536 _____ () C:\Program Files\AVG\Antivirus\shepherdsync.dll
2018-08-16 09:30 - 2018-08-16 09:30 - 000076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2019-01-19 18:51 - 2019-01-19 18:51 - 093696960 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2019-02-04 07:49 - 2018-10-05 08:50 - 016443120 ____N () C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
2018-06-24 12:26 - 2018-06-24 12:26 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-02-04 07:50 - 2018-01-26 10:50 - 000103152 ____N () C:\Program Files (x86)\Bloody6\Bloody6\DLL\DLL_ZoomControl.dll
2019-02-04 07:50 - 2017-04-17 09:43 - 003852800 ____N () C:\Program Files (x86)\Bloody6\Bloody6\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-12-03 19:32 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3750458451-981303790-4038828487-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Virgill\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.147.250.13 - 185.147.250.14
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Virgill\AppData\Local\Discord\app-0.0.301\Discord.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0AFE4862-6F63-4B15-BC82-49D3270CD47A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6644E874-9026-4432-8BF2-F0FA09681D8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{858A0103-95D1-44DD-8CC5-89524C0C2D74}C:\users\virgill\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\virgill\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{03437D70-8B8F-426C-ADE4-8A0BF185F46C}C:\users\virgill\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\virgill\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{BCA1691E-71E5-4D78-9104-51ADF5FA588D}C:\rulez\lotro\lotroclient.exe] => (Allow) C:\rulez\lotro\lotroclient.exe (Standing Stone Games, LLC.)
FirewallRules: [UDP Query User{3934B692-D28F-4998-B6D9-DC87E6AC20B2}C:\rulez\lotro\lotroclient.exe] => (Allow) C:\rulez\lotro\lotroclient.exe (Standing Stone Games, LLC.)
FirewallRules: [TCP Query User{52EF2886-6503-4B6D-9D35-36F6A35F96F5}C:\users\virgill\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\virgill\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{B81E49CF-EBD1-45CF-B7BF-7E9B389810FD}C:\users\virgill\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\virgill\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{CFC6CB4D-92DD-4CE6-A8D8-03BA660FD588}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A3F05935-FC59-4968-B0F3-262F8B3CBE1F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FFCD49BC-7947-4E3A-86BC-2B1CB9C33BC6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B5AF05A6-070C-4F35-9FE0-F55C1E680ECD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8D45DDF1-F208-4C57-9CD1-635921FE7AE4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{9D99E127-35BB-49CA-8AFA-2CFDA65792F7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{3F440024-4556-47DC-82CD-BAC7D49BA374}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{17AF3A5C-2DA9-4DFD-A812-B38602574457}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{785231B1-43FA-449E-A04B-677AFEEA936D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{1B10F87B-E20D-4958-95AC-D97D3BE93B78}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{EB19A4ED-507A-40D0-886A-E267A22F0AD2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{CD295741-42FD-4710-B568-E8F1B198507E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{62D517FC-1B13-48B0-A8A0-322111200F0D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{9DEF38D6-FE89-481C-9618-E2BC9B5FB51D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{FC34DEF1-3474-4460-881B-CDF36B132F66}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2CDEA9F2-D138-44C4-B014-C28211805186}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{E40A58DB-E40B-4F76-8C00-820FB8C5816F}C:\rulez\am\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\rulez\am\aliens colonial marines\binaries\win32\acm.exe (Valve Corporation -> SEGA Corporation)
FirewallRules: [UDP Query User{11FDF7FA-2C74-47F0-837C-FE95D3C6CA6E}C:\rulez\am\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\rulez\am\aliens colonial marines\binaries\win32\acm.exe (Valve Corporation -> SEGA Corporation)
FirewallRules: [{D4FB539C-ECA7-4856-AC5D-3351B15B0719}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5EEDECD6-2754-4FBE-A5BB-85075C570F28}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{85F6DE95-6940-4E55-A145-0B2C0A661DFB}C:\rulez\bsgo\launcher\launcher.exe] => (Allow) C:\rulez\bsgo\launcher\launcher.exe No File
FirewallRules: [UDP Query User{F9B5121D-A2A5-456E-A82C-F3CA77A85A3A}C:\rulez\bsgo\launcher\launcher.exe] => (Allow) C:\rulez\bsgo\launcher\launcher.exe No File
FirewallRules: [{BC679100-1FA5-4025-97EA-8CED23CC9E9A}] => (Allow) C:\Program Files\Opera\56.0.3051.104\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{1262BF53-B29F-4FD6-8680-55E4145B9E57}] => (Allow) C:\Program Files\Opera\56.0.3051.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6E914660-7EC6-4CBD-BCAD-4411160385FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E54558BD-7978-4438-A7EA-29ACF382FCC5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C7173121-F702-47B0-B177-1A56D3495212}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{533400F1-97B9-4758-AF75-03EA22476129}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6142E86A-87F5-400F-84C9-2446A39B7DC4}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{BA4D2F96-2170-4705-8D26-98AF2D9C8862}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

==================== Restore Points =========================

19-01-2019 18:53:33 Driver Booster : Realtek High Definition Audio
30-01-2019 04:01:17 Scheduled Checkpoint
04-02-2019 07:42:51 Removed Mumble 1.2.19

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2019 07:57:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/04/2019 07:03:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/04/2019 06:56:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/04/2019 06:51:07 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/m ... ootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/03/2019 06:48:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/02/2019 03:16:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/m ... ootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/02/2019 06:26:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/01/2019 01:35:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/m ... ootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (01/24/2019 06:47:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (01/18/2019 06:47:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/17/2019 04:50:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/16/2019 05:26:42 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.100 with the system
having network hardware address DC-0E-A1-E1-0C-23. Network operations on this system may
be disrupted as a result.

Error: (01/16/2019 05:27:22 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{428ECB01-5BCC-4B16-992C-5DA81CD9FA39} because another computer on the network has the same name. The server could not start.

Error: (01/16/2019 06:52:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/15/2019 07:19:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/10/2019 08:07:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetGroup Packet Filter Driver service failed to start due to the following error:
The system cannot find the file specified.


CodeIntegrity:
===================================

Date: 2018-11-12 07:17:47.586
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.586
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.571
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.212
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.134
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.056
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 06:47:16.320
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-12 06:47:16.320
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 90%
Total physical RAM: 3963.49 MB
Available physical RAM: 364.06 MB
Total Virtual: 7925.18 MB
Available Virtual: 4062.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.95 GB) (Free:122.03 GB) NTFS
Drive d: () (Fixed) (Total:186.07 GB) (Free:185.75 GB) NTFS

\\?\Volume{e566fc40-3981-11e8-8d79-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{e566fc42-3981-11e8-8d79-806e6f6e6963}\ () (Fixed) (Total:0.84 GB) (Free:0.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 811594C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=861 MB) - (Type=27)

========================================================
Disk: 1 (Size: 186.3 GB) (Disk ID: 000400A5)
Partition 1: (Not Active) - (Size=186.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

TIVL
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 20 led 2007 20:20
Kontaktovat uživatele:

Re: Preventivní kontrola

#3 Příspěvek od TIVL »

ADC log

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-04-2019
# Duration: 00:00:09
# OS: Windows 7 Ultimate
# Scanned: 31793
# Detected: 5


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\Virgill\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\Driver Booster Scheduler

***** [ Registry ] *****

PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A897DE4B-C40C-4A4C-84E6-1B7431D8BE4E}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola

#4 Příspěvek od Diallix »

Poprosim o nove logy z FRST + ADDITION.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

TIVL
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 20 led 2007 20:20
Kontaktovat uživatele:

Re: Preventivní kontrola

#5 Příspěvek od TIVL »

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2019
Ran by Virgill (administrator) on VIRGILL-PC (17-02-2019 19:00:09)
Running from C:\Users\Virgill\Downloads
Loaded Profiles: Virgill (Available Profiles: Virgill)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\Virgill\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Virgill\AppData\Local\Akamai\netsession_win.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [308656 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391096 2019-01-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [308656 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Virgill\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49799184 2018-08-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [799880 2017-10-30] (Invincea, Inc. -> Sandboxie Holdings, LLC)
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.147.250.13 185.147.250.14 192.168.1.1
Tcpip\..\Interfaces\{428ECB01-5BCC-4B16-992C-5DA81CD9FA39}: [DhcpNameServer] 185.147.250.13 185.147.250.14 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3750458451-981303790-4038828487-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: adwx4gvo.default
FF ProfilePath: C:\Users\Virgill\AppData\Roaming\Mozilla\Firefox\Profiles\adwx4gvo.default [2019-02-17]
FF NewTabOverride: Mozilla\Firefox\Profiles\adwx4gvo.default -> Disabled: {ea614400-e918-4741-9a97-7a972ff7c30b}

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [357872 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7882752 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2018-08-16] (Even Balance, Inc. -> )
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [198792 2017-10-30] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37160 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [203336 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [223616 2019-01-20] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [196632 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgblog.sys [320744 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [58008 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [46432 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42336 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [166840 2019-01-20] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111848 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87992 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1033904 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [474504 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [217912 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [380000 2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2018-05-28] (Disc Soft Ltd -> Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-04-06] (Martin Malik - REALiX -> REALiX(tm))
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [1094496 2018-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek )
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [424384 2018-04-06] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [209544 2017-10-30] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [51808 2018-04-06] (Synaptics Incorporated -> Synaptics Incorporated)
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-17 18:59 - 2019-02-17 18:59 - 000000000 ____D C:\Users\Virgill\Downloads\FRST-OlderVersion
2019-02-05 18:09 - 2019-02-05 18:09 - 000000000 ____D C:\Users\Virgill\AppData\Local\SIRIX Station By MarketsCube
2019-02-05 18:09 - 2019-02-05 18:09 - 000000000 ____D C:\Users\Virgill\AppData\Local\IsolatedStorage
2019-02-05 18:07 - 2019-02-05 18:07 - 013578240 _____ C:\Users\Virgill\Downloads\SirixStation-MarketsCube1.9.29921.0.msi
2019-02-05 17:03 - 2019-02-05 17:04 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-04 16:45 - 2019-02-04 16:48 - 000000000 ____D C:\AdwCleaner
2019-02-04 16:44 - 2019-02-04 16:44 - 007316688 _____ (Malwarebytes) C:\Users\Virgill\Downloads\adwcleaner_7.2.7.0.exe
2019-02-04 08:19 - 2019-02-04 08:19 - 000031972 _____ C:\Users\Virgill\Downloads\Addition.txt
2019-02-04 08:17 - 2019-02-17 19:01 - 000009996 _____ C:\Users\Virgill\Downloads\FRST.txt
2019-02-04 08:17 - 2019-02-17 19:00 - 000000000 ____D C:\FRST
2019-02-04 08:17 - 2019-02-17 18:59 - 002434560 _____ (Farbar) C:\Users\Virgill\Downloads\FRST64.exe
2019-02-04 07:49 - 2019-02-04 07:49 - 000000000 ____D C:\Program Files (x86)\Bloody6
2019-02-04 07:45 - 2019-02-04 07:48 - 034207048 _____ C:\Users\Virgill\Downloads\Bloody6_V2018.1005.exe
2019-02-04 07:10 - 2019-02-04 07:10 - 000000000 ____D C:\Users\Virgill\AppData\LocalLow\IObit
2019-01-31 18:01 - 2019-01-31 18:01 - 000343800 _____ C:\Users\Virgill\Downloads\562070542.pdf
2019-01-31 16:25 - 2019-01-31 16:25 - 000244919 _____ C:\Users\Virgill\Downloads\MC client agreement.pdf
2019-01-31 16:24 - 2019-01-31 16:25 - 000174512 _____ C:\Users\Virgill\Downloads\DOD Tomas Legath.pdf
2019-01-24 06:47 - 2019-01-24 06:47 - 000000000 _____ C:\Windows\system32\last.dump
2019-01-20 23:20 - 2019-01-20 23:20 - 000002465 _____ C:\Users\Virgill\Documents\EMT_Settings.txt
2019-01-20 23:17 - 2019-01-20 23:17 - 000976593 _____ C:\Users\Virgill\Downloads\Eve Mining Timer.zip
2019-01-20 23:06 - 2019-01-20 23:06 - 000000000 ____D C:\Users\Virgill\AppData\Local\EMT
2019-01-20 23:04 - 2019-01-20 23:04 - 000881664 _____ C:\Users\Virgill\Downloads\Eve Mining Timer (EMT).exe
2019-01-20 04:32 - 2019-01-20 04:32 - 000223616 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2019-01-20 04:32 - 2019-01-19 18:51 - 000361392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2019-01-19 23:06 - 2019-01-19 23:06 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-01-19 23:06 - 2019-01-19 23:06 - 000000959 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-01-19 19:36 - 2019-01-19 19:36 - 000227896 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2019-01-19 19:36 - 2019-01-19 19:36 - 000047384 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2019-01-19 18:55 - 2016-09-30 21:53 - 000017232 _____ C:\Windows\system32\Drivers\RTSPKPT1.dat
2019-01-19 18:55 - 2016-09-30 21:53 - 000017232 _____ C:\Windows\system32\Drivers\RTSPKPT0.dat
2019-01-19 18:55 - 2016-09-30 21:52 - 000008236 _____ C:\Windows\system32\Drivers\RTPL.dat
2019-01-19 18:54 - 2019-01-19 18:54 - 015218696 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 006400040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2019-01-19 18:54 - 2019-01-19 18:54 - 003418072 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 003306896 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 003159472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 003128888 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 002198048 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 001435216 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 001396232 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 001382312 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 001337720 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 001318912 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 001282616 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 001180584 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 001073736 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 001027888 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000994744 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000965088 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000873544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000852208 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000604872 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000541192 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000467232 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000447256 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000381488 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000343768 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000341224 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000341224 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000266616 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000231976 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000230784 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000218352 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000175016 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000158776 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000090976 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000088384 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000083688 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2019-01-19 18:54 - 2019-01-19 18:54 - 000075616 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 072520776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2019-01-19 18:53 - 2019-01-19 18:53 - 023073815 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2019-01-19 18:53 - 2019-01-19 18:53 - 007178544 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 007101824 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 006270264 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 005347072 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 003761640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 003677224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2019-01-19 18:53 - 2019-01-19 18:53 - 003319480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 003281232 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 002992264 _____ (Audyssey Labs) C:\Windows\system32\AudysseyEfx.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 002930216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 002444760 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001971448 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001965232 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001788032 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001598472 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001544328 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001516368 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001448856 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOv251gm.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001372472 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001353384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001259808 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001164696 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOvlldpgm.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 001159264 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000888616 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000751376 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000734848 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000715720 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000692224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000511720 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000453352 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000452816 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000448680 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000416584 _____ (Harman) C:\Windows\system32\HMUI.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000406528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000392936 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000378456 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000367688 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000366200 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000360424 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000333088 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000327336 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000327328 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000316080 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000278352 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000261312 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000261280 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000260288 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000220448 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000203912 _____ (Harman) C:\Windows\system32\HMHVS.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000193040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000191008 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000191008 _____ (Harman) C:\Windows\system32\HMEQ.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000179672 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000175824 _____ (ASUSTeK COMPUTER INC.) C:\Windows\system32\ATKWMI.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000157408 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000154440 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000139832 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000122424 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000118664 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000116600 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000105384 _____ C:\Windows\system32\audioLibVc.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000093968 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000090232 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2019-01-19 18:53 - 2019-01-19 18:53 - 000023752 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2019-01-19 18:51 - 2019-01-19 18:51 - 000320744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblog.sys
2019-01-19 18:51 - 2019-01-19 18:51 - 000196632 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2019-01-19 18:51 - 2019-01-19 18:51 - 000058008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2019-01-19 18:51 - 2019-01-19 18:51 - 000037160 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-17 19:00 - 2018-04-06 12:06 - 000000000 ____D C:\Program Files\Opera
2019-02-17 18:59 - 2009-07-14 05:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-17 18:59 - 2009-07-14 05:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-17 18:54 - 2018-08-24 21:56 - 000000000 ____D C:\Users\Virgill\AppData\LocalLow\Mozilla
2019-02-17 18:50 - 2018-05-11 20:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-17 18:50 - 2018-04-06 11:50 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-17 18:50 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-17 00:29 - 2018-04-06 11:49 - 000000000 ____D C:\Users\Virgill\AppData\Roaming\TS3Client
2019-02-17 00:14 - 2018-05-31 23:12 - 000000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3750458451-981303790-4038828487-1000.job
2019-02-16 23:48 - 2018-05-31 23:12 - 000000646 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3750458451-981303790-4038828487-1000.job
2019-02-16 00:13 - 2018-09-03 11:12 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-02-16 00:13 - 2018-08-20 16:07 - 000003152 _____ C:\Windows\System32\Tasks\{2C9D620B-59DD-4BC0-B514-879AECD29A76}
2019-02-16 00:13 - 2018-08-04 12:10 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-16 00:13 - 2018-08-04 12:10 - 000002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-16 00:13 - 2018-05-31 23:12 - 000003680 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3750458451-981303790-4038828487-1000
2019-02-16 00:13 - 2018-05-31 23:12 - 000003584 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3750458451-981303790-4038828487-1000
2019-02-16 00:13 - 2018-05-13 17:34 - 000002894 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Virgill)
2019-02-16 00:13 - 2018-04-06 12:06 - 000003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1523012796
2019-02-16 00:13 - 2018-04-06 11:22 - 000004162 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2019-02-15 19:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-15 19:03 - 2018-04-06 12:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-15 19:03 - 2018-04-06 12:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-12 06:49 - 2018-11-06 22:23 - 000000392 _____ C:\Windows\Tasks\update-sys.job
2019-02-11 13:54 - 2018-04-06 11:45 - 000001764 _____ C:\Windows\Sandboxie.ini
2019-02-09 22:14 - 2018-05-31 23:12 - 000000000 ____D C:\Users\Virgill\AppData\Local\GoToMeeting
2019-02-09 19:47 - 2018-11-06 22:23 - 000003402 _____ C:\Windows\System32\Tasks\update-sys
2019-02-08 04:30 - 2018-04-06 12:09 - 000000000 ____D C:\Users\Virgill\AppData\Local\CrashDumps
2019-02-04 16:49 - 2018-08-04 12:10 - 000000000 ____D C:\Program Files\CCleaner
2019-02-04 07:10 - 2018-04-06 11:26 - 000000000 ____D C:\ProgramData\ProductData
2019-02-01 13:42 - 2018-05-28 07:59 - 000000000 ____D C:\rulez
2019-01-31 21:32 - 2018-05-23 23:59 - 000000000 ____D C:\Users\Virgill\Documents\bsgo
2019-01-31 17:15 - 2009-07-14 06:13 - 000781582 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-30 04:05 - 2018-05-11 20:48 - 000000000 ____D C:\Users\Virgill\AppData\Roaming\TeamViewer
2019-01-28 05:09 - 2018-04-06 12:29 - 000000000 ____D C:\Users\Virgill\Documents\EVE
2019-01-25 19:04 - 2018-04-06 12:29 - 000000000 ____D C:\Users\Virgill\Documents\actionaz skripty
2019-01-20 22:58 - 2018-04-06 11:20 - 000057560 _____ C:\Users\Virgill\AppData\Local\GDIPFONTCACHEV1.DAT
2019-01-20 04:39 - 2018-04-06 11:25 - 000000000 ____D C:\ProgramData\IObit
2019-01-20 04:32 - 2018-05-17 05:45 - 000001914 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2019-01-20 04:32 - 2018-04-06 11:21 - 000166840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2019-01-20 04:30 - 2009-07-14 05:45 - 000275848 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-20 03:44 - 2018-12-25 15:05 - 000000000 ____D C:\Python27
2019-01-20 03:44 - 2018-12-25 15:04 - 000000000 ____D C:\Users\Virgill\AppData\Roaming\xmoviemaker
2019-01-20 03:44 - 2018-12-25 15:04 - 000000000 ____D C:\ProgramData\xmoviemaker
2019-01-20 03:44 - 2018-12-24 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2019-01-20 03:44 - 2018-12-24 18:13 - 000000000 ____D C:\Program Files (x86)\Bandicam
2019-01-20 03:44 - 2018-12-24 17:50 - 000000000 ____D C:\ProgramData\install_clap
2019-01-20 03:44 - 2018-12-24 17:40 - 000000000 ___HD C:\ProgramData\CyberLink
2019-01-20 03:44 - 2018-11-19 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2019-01-20 03:44 - 2018-11-19 16:18 - 000000000 ____D C:\Program Files\AutoHotkey
2019-01-20 03:44 - 2018-05-29 18:20 - 000000000 ____D C:\Users\Virgill\AppData\Local\Akamai
2019-01-20 03:44 - 2018-05-29 18:17 - 000000000 ____D C:\Users\Virgill\Documents\The Lord of the Rings Online
2019-01-20 03:44 - 2018-04-06 11:46 - 000000000 ____D C:\Users\Virgill\AppData\Roaming\GHISLER
2019-01-20 03:44 - 2018-04-06 11:25 - 000000000 ____D C:\Users\Virgill\AppData\Roaming\IObit
2019-01-20 03:44 - 2018-04-06 11:22 - 000000000 ____D C:\Windows\System32\Tasks\AVG
2019-01-20 03:44 - 2018-04-06 11:21 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-01-20 03:44 - 2010-11-21 08:16 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-01-20 03:44 - 2010-11-21 08:16 - 000000000 ____D C:\Windows\ShellNew
2019-01-20 03:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2019-01-20 03:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat
2019-01-19 19:36 - 2018-04-06 11:37 - 001682896 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2019-01-19 18:55 - 2018-04-06 11:37 - 000000000 ____D C:\Windows\system32\DAX3
2019-01-19 18:55 - 2018-04-06 11:36 - 000000000 ____D C:\Windows\system32\DAX2
2019-01-19 18:54 - 2018-04-06 11:36 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-01-19 18:51 - 2018-10-22 09:16 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2019-01-19 18:51 - 2018-04-06 11:21 - 001033904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2019-01-19 18:51 - 2018-04-06 11:21 - 000474504 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2019-01-19 18:51 - 2018-04-06 11:21 - 000380000 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2019-01-19 18:51 - 2018-04-06 11:21 - 000217912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2019-01-19 18:51 - 2018-04-06 11:21 - 000203336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2019-01-19 18:51 - 2018-04-06 11:21 - 000111848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2019-01-19 18:51 - 2018-04-06 11:21 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2019-01-19 18:51 - 2018-04-06 11:21 - 000046432 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2019-01-19 18:46 - 2018-04-06 11:12 - 000000000 ____D C:\Users\Virgill

==================== Files in the root of some directories =======

2018-12-15 13:13 - 2018-12-15 13:17 - 000000042 _____ () C:\Users\Virgill\AppData\Local\Autosofted License.txt
2018-11-06 22:23 - 2018-11-06 22:23 - 000000003 _____ () C:\Users\Virgill\AppData\Local\updater.log
2018-11-06 22:23 - 2018-11-06 23:26 - 000000059 _____ () C:\Users\Virgill\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-02 06:55

==================== End of FRST.txt ============================

addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.02.2019
Ran by Virgill (17-02-2019 19:01:29)
Running from C:\Users\Virgill\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2018-04-06 10:12:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3750458451-981303790-4038828487-500 - Administrator - Disabled)
Guest (S-1-5-21-3750458451-981303790-4038828487-501 - Limited - Disabled)
Virgill (S-1-5-21-3750458451-981303790-4038828487-1000 - Administrator - Enabled) => C:\Users\Virgill

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Actionaz 3.8.0 (32 bits) (HKLM-x32\...\{968D7F40-0B23-457D-AD67-0F7C0012EF1E}_is1) (Version: 3.8.0 - Actionaz.org)
Akamai NetSession Interface (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aliens Colonial Marines (HKLM-x32\...\Aliens Colonial Marines_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Auto Keyboard v6.1 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 6.1 - MurGee.com)
AutoHotkey 1.1.30.01 (HKLM\...\AutoHotkey) (Version: 1.1.30.01 - Lexikos)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.1.3075 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Cok Free Auto Clicker 2.0 (HKLM-x32\...\Cok Free Auto Clicker_is1) (Version: 2.0 - Cok Software)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.5.1 - IObit)
EVE Online (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\{a855ea64-17fc-4621-8088-817c6e5216da}) (Version: 1.0.0 - CCP)
GoldWave v6.31 (HKLM\...\GoldWave v6.31) (Version: 6.31 - GoldWave Inc.)
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
GoToMeeting 8.39.3.11748 (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\GoToMeeting) (Version: 8.39.3.11748 - LogMeIn, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 65.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 65.0.1 (x64 cs)) (Version: 65.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Opera Stable 56.0.3051.116 (HKLM-x32\...\Opera 56.0.3051.116) (Version: 56.0.3051.116 - Opera Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
pyfa version 2.5.0b1 (YC120.8 1.0) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 2.5.0b1 (YC120.8 1.0) - pyfa)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8549 - Realtek Semiconductor Corp.)
ReMouse Micro (HKLM-x32\...\ReMouse Micro_is1) (Version: Micro V4.0 - AutomaticSolution Software)
Sandboxie 5.22 (64-bit) (HKLM\...\Sandboxie) (Version: 5.22 - Sandboxie Holdings, LLC)
Skype version 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3750458451-981303790-4038828487-1000\...\TeamSpeak 3 Client) (Version: 3.0.19.4 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer)
The Lord of the Rings Online™ v1903.0058.2732.4095 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1903.0058.2732.4095 - Standing Stone Games, LLC)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 58.0 - Ubisoft)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-01-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {101AFC1F-385B-4C85-9233-96B637E6DC1A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {31CE8820-DEC3-44FE-AF5E-5341094DE701} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {582D6876-09D2-4858-9680-ADA581D3177F} - System32\Tasks\update-S-1-5-21-3750458451-981303790-4038828487-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (OOO Lightshot -> TODO: <Company name>)
Task: {7E620777-3F47-4547-8BFA-6A7F0A779454} - System32\Tasks\{2C9D620B-59DD-4BC0-B514-879AECD29A76} => C:\Windows\system32\pcalua.exe -a C:\Users\Virgill\Downloads\arcanumcz-full.exe -d C:\Users\Virgill\Downloads
Task: {8699578C-7053-4B54-BCEE-C59CCF011286} - System32\Tasks\G2MUpdateTask-S-1-5-21-3750458451-981303790-4038828487-1000 => C:\Users\Virgill\AppData\Local\GoToMeeting\11748\g2mupdate.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {938426F7-ABCD-4473-AE8A-E4992A9E330E} - System32\Tasks\Driver Booster SkipUAC (Virgill) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
Task: {9E2D5D21-335E-4DE0-95BE-5E4049E0A0C6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A4FFC47B-0187-4E2F-B064-169764DDA071} - System32\Tasks\Opera scheduled Autoupdate 1523012796 => C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {A937A1EB-103E-402B-A6B3-E92BE4AE1D0C} - System32\Tasks\G2MUploadTask-S-1-5-21-3750458451-981303790-4038828487-1000 => C:\Users\Virgill\AppData\Local\GoToMeeting\11748\g2mupload.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {DADA697C-FC58-4389-89FD-C5C2F0337485} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (OOO Lightshot -> TODO: <Company name>)
Task: {EEF6ED9C-DA56-4831-B147-DFAAD7100F51} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3750458451-981303790-4038828487-1000.job => C:\Users\Virgill\AppData\Local\GoToMeeting\11748\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3750458451-981303790-4038828487-1000.job => C:\Users\Virgill\AppData\Local\GoToMeeting\11748\g2mupload.exe
Task: C:\Windows\Tasks\update-S-1-5-21-3750458451-981303790-4038828487-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-01-19 18:51 - 2019-01-19 18:51 - 000662960 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
2019-02-16 21:39 - 2019-02-16 21:39 - 006884552 _____ () C:\Program Files\AVG\Antivirus\defs\19021604\algo64.dll
2019-01-19 18:51 - 2019-01-19 18:51 - 000550832 _____ () C:\Program Files\AVG\Antivirus\gui_cache.dll
2019-01-19 18:51 - 2019-01-19 18:51 - 001967536 _____ () C:\Program Files\AVG\Antivirus\shepherdsync.dll
2019-02-17 18:52 - 2019-02-17 18:52 - 006884552 _____ () C:\Program Files\AVG\Antivirus\defs\19021702\algo64.dll
2018-08-16 09:30 - 2018-08-16 09:30 - 000076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2019-01-19 18:51 - 2019-01-19 18:51 - 093696960 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2018-06-24 12:26 - 2018-06-24 12:26 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-12-03 19:32 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3750458451-981303790-4038828487-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Virgill\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.147.250.13 - 185.147.250.14
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Virgill\AppData\Local\Discord\app-0.0.301\Discord.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0AFE4862-6F63-4B15-BC82-49D3270CD47A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6644E874-9026-4432-8BF2-F0FA09681D8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{858A0103-95D1-44DD-8CC5-89524C0C2D74}C:\users\virgill\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\virgill\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{03437D70-8B8F-426C-ADE4-8A0BF185F46C}C:\users\virgill\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\virgill\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{BCA1691E-71E5-4D78-9104-51ADF5FA588D}C:\rulez\lotro\lotroclient.exe] => (Allow) C:\rulez\lotro\lotroclient.exe (Standing Stone Games, LLC.)
FirewallRules: [UDP Query User{3934B692-D28F-4998-B6D9-DC87E6AC20B2}C:\rulez\lotro\lotroclient.exe] => (Allow) C:\rulez\lotro\lotroclient.exe (Standing Stone Games, LLC.)
FirewallRules: [TCP Query User{52EF2886-6503-4B6D-9D35-36F6A35F96F5}C:\users\virgill\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\virgill\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{B81E49CF-EBD1-45CF-B7BF-7E9B389810FD}C:\users\virgill\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\virgill\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{CFC6CB4D-92DD-4CE6-A8D8-03BA660FD588}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A3F05935-FC59-4968-B0F3-262F8B3CBE1F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FFCD49BC-7947-4E3A-86BC-2B1CB9C33BC6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B5AF05A6-070C-4F35-9FE0-F55C1E680ECD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8D45DDF1-F208-4C57-9CD1-635921FE7AE4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{9D99E127-35BB-49CA-8AFA-2CFDA65792F7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{3F440024-4556-47DC-82CD-BAC7D49BA374}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{17AF3A5C-2DA9-4DFD-A812-B38602574457}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{785231B1-43FA-449E-A04B-677AFEEA936D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{1B10F87B-E20D-4958-95AC-D97D3BE93B78}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{EB19A4ED-507A-40D0-886A-E267A22F0AD2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CD295741-42FD-4710-B568-E8F1B198507E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{62D517FC-1B13-48B0-A8A0-322111200F0D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{9DEF38D6-FE89-481C-9618-E2BC9B5FB51D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{FC34DEF1-3474-4460-881B-CDF36B132F66}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2CDEA9F2-D138-44C4-B014-C28211805186}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{E40A58DB-E40B-4F76-8C00-820FB8C5816F}C:\rulez\am\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\rulez\am\aliens colonial marines\binaries\win32\acm.exe (Valve Corporation -> SEGA Corporation)
FirewallRules: [UDP Query User{11FDF7FA-2C74-47F0-837C-FE95D3C6CA6E}C:\rulez\am\aliens colonial marines\binaries\win32\acm.exe] => (Allow) C:\rulez\am\aliens colonial marines\binaries\win32\acm.exe (Valve Corporation -> SEGA Corporation)
FirewallRules: [{D4FB539C-ECA7-4856-AC5D-3351B15B0719}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5EEDECD6-2754-4FBE-A5BB-85075C570F28}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{85F6DE95-6940-4E55-A145-0B2C0A661DFB}C:\rulez\bsgo\launcher\launcher.exe] => (Allow) C:\rulez\bsgo\launcher\launcher.exe No File
FirewallRules: [UDP Query User{F9B5121D-A2A5-456E-A82C-F3CA77A85A3A}C:\rulez\bsgo\launcher\launcher.exe] => (Allow) C:\rulez\bsgo\launcher\launcher.exe No File
FirewallRules: [{BC679100-1FA5-4025-97EA-8CED23CC9E9A}] => (Allow) C:\Program Files\Opera\56.0.3051.104\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{1262BF53-B29F-4FD6-8680-55E4145B9E57}] => (Allow) C:\Program Files\Opera\56.0.3051.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6E914660-7EC6-4CBD-BCAD-4411160385FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E54558BD-7978-4438-A7EA-29ACF382FCC5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C7173121-F702-47B0-B177-1A56D3495212}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{533400F1-97B9-4758-AF75-03EA22476129}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6142E86A-87F5-400F-84C9-2446A39B7DC4}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{BA4D2F96-2170-4705-8D26-98AF2D9C8862}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

==================== Restore Points =========================

04-02-2019 07:42:51 Removed Mumble 1.2.19
05-02-2019 18:08:37 Installed SIRIX Station By MarketsCube
17-02-2019 18:52:07 Removed SIRIX Station By MarketsCube

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/17/2019 06:51:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/17/2019 04:47:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/16/2019 09:36:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/16/2019 05:43:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/15/2019 07:04:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/13/2019 06:27:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/12/2019 06:50:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/09/2019 07:36:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/m ... ootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (02/16/2019 09:41:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (02/15/2019 07:08:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (02/13/2019 06:31:32 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (02/05/2019 05:07:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (02/04/2019 04:48:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/04/2019 04:48:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Sandboxie Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/04/2019 04:48:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (02/04/2019 04:48:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================

Date: 2018-11-12 07:17:47.586
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.586
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.571
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.212
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.134
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 07:17:47.056
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 06:47:16.320
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-12 06:47:16.320
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 82%
Total physical RAM: 3963.49 MB
Available physical RAM: 697.05 MB
Total Virtual: 7925.18 MB
Available Virtual: 4168.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.95 GB) (Free:111.46 GB) NTFS
Drive d: () (Fixed) (Total:186.07 GB) (Free:185.75 GB) NTFS

\\?\Volume{e566fc40-3981-11e8-8d79-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{e566fc42-3981-11e8-8d79-806e6f6e6963}\ () (Fixed) (Total:0.84 GB) (Free:0.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 811594C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=861 MB) - (Type=27)

========================================================
Disk: 1 (Size: 186.3 GB) (Disk ID: 000400A5)
Partition 1: (Not Active) - (Size=186.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola

#6 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-01-20 04:39 - 2018-04-06 11:25 - 000000000 ____D C:\ProgramData\IObit
2019-01-20 03:44 - 2018-04-06 11:25 - 000000000 ____D C:\Users\Virgill\AppData\Roaming\IObit
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {7E620777-3F47-4547-8BFA-6A7F0A779454} - System32\Tasks\{2C9D620B-59DD-4BC0-B514-879AECD29A76} => C:\Windows\system32\pcalua.exe -a C:\Users\Virgill\Downloads\arcanumcz-full.exe -d C:\Users\Virgill\Downloads
Task: {938426F7-ABCD-4473-AE8A-E4992A9E330E} - System32\Tasks\Driver Booster SkipUAC (Virgill) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
2019-02-04 07:10 - 2019-02-04 07:10 - 000000000 ____D C:\Users\Virgill\AppData\LocalLow\IObit
FirewallRules: [{8D45DDF1-F208-4C57-9CD1-635921FE7AE4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{9D99E127-35BB-49CA-8AFA-2CFDA65792F7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{3F440024-4556-47DC-82CD-BAC7D49BA374}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{17AF3A5C-2DA9-4DFD-A812-B38602574457}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{785231B1-43FA-449E-A04B-677AFEEA936D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{1B10F87B-E20D-4958-95AC-D97D3BE93B78}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

TIVL
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 20 led 2007 20:20
Kontaktovat uživatele:

Re: Preventivní kontrola

#7 Příspěvek od TIVL »

Fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 17.02.2019
Ran by Virgill (18-02-2019 18:48:08) Run:1
Running from C:\Users\Virgill\Downloads
Loaded Profiles: Virgill (Available Profiles: Virgill)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-01-20 04:39 - 2018-04-06 11:25 - 000000000 ____D C:\ProgramData\IObit
2019-01-20 03:44 - 2018-04-06 11:25 - 000000000 ____D C:\Users\Virgill\AppData\Roaming\IObit
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {7E620777-3F47-4547-8BFA-6A7F0A779454} - System32\Tasks\{2C9D620B-59DD-4BC0-B514-879AECD29A76} => C:\Windows\system32\pcalua.exe -a C:\Users\Virgill\Downloads\arcanumcz-full.exe -d C:\Users\Virgill\Downloads
Task: {938426F7-ABCD-4473-AE8A-E4992A9E330E} - System32\Tasks\Driver Booster SkipUAC (Virgill) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
2019-02-04 07:10 - 2019-02-04 07:10 - 000000000 ____D C:\Users\Virgill\AppData\LocalLow\IObit
FirewallRules: [{8D45DDF1-F208-4C57-9CD1-635921FE7AE4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{9D99E127-35BB-49CA-8AFA-2CFDA65792F7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{3F440024-4556-47DC-82CD-BAC7D49BA374}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{17AF3A5C-2DA9-4DFD-A812-B38602574457}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{785231B1-43FA-449E-A04B-677AFEEA936D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{1B10F87B-E20D-4958-95AC-D97D3BE93B78}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe (IObit Information Technology -> IObit)
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\System\CurrentControlSet\Services\nvvad_WaveExtensible => removed successfully
nvvad_WaveExtensible => service removed successfully
HKLM\System\CurrentControlSet\Services\nvvhci => removed successfully
nvvhci => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\ProgramData\IObit => moved successfully
C:\Users\Virgill\AppData\Roaming\IObit => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E620777-3F47-4547-8BFA-6A7F0A779454}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E620777-3F47-4547-8BFA-6A7F0A779454}" => removed successfully
C:\Windows\System32\Tasks\{2C9D620B-59DD-4BC0-B514-879AECD29A76} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2C9D620B-59DD-4BC0-B514-879AECD29A76}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{938426F7-ABCD-4473-AE8A-E4992A9E330E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{938426F7-ABCD-4473-AE8A-E4992A9E330E}" => removed successfully
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Virgill) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Virgill)" => removed successfully
C:\Users\Virgill\AppData\LocalLow\IObit => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D45DDF1-F208-4C57-9CD1-635921FE7AE4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D99E127-35BB-49CA-8AFA-2CFDA65792F7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F440024-4556-47DC-82CD-BAC7D49BA374}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17AF3A5C-2DA9-4DFD-A812-B38602574457}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{785231B1-43FA-449E-A04B-677AFEEA936D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B10F87B-E20D-4958-95AC-D97D3BE93B78}" => removed successfully

==== End of Fixlog 18:48:14 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola

#8 Příspěvek od Diallix »

Supeer, ako je na tom pocitac
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

TIVL
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 20 led 2007 20:20
Kontaktovat uživatele:

Re: Preventivní kontrola

#9 Příspěvek od TIVL »

Je v pohodě, až na ten planovany upgrade.
Díky

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola

#10 Příspěvek od Diallix »

Nemate zac :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno