Dobrý den,
prosím o preventivní kontrolu logu. Problémy žádné, snad pomalý start systému.
Předem děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.02.2019
Ran by Mirajs (administrator) on DESKTOP-9FIOE6M (25-02-2019 17:50:13)
Running from C:\Users\miraj\Desktop
Loaded Profiles: Mirajs (Available Profiles: Mirajs)
Platform: Windows 10 Pro Version 1809 17763.316 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(DESlock Limited -> DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NeoSmart Technologies -> NeoSmart Technologies) C:\Program Files (x86)\NeoSmart Technologies\iReboot\iRebootd.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.54.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\vsnpstd3.exe
(Lamantine Software a.s. -> ESET) C:\Program Files\ESET\ESET Password Manager\pwm.exe
(NeoSmart Technologies -> NeoSmart Technologies) C:\Program Files (x86)\NeoSmart Technologies\iReboot\iReboot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Lamantine Software a.s. -> ESET) C:\Program Files\ESET\ESET Password Manager\pwmNMHost.exe
(Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-12-14] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [843776 2006-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [588360 2017-06-22] (Acronis International GmbH -> )
HKLM\...\Run: [EPSON Stylus DX3800] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [262144 2006-07-07] () [File not signed]
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-02-14] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5118656 2017-06-22] (Acronis International GmbH -> )
HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [94152 2019-01-11] (Lamantine Software a.s. -> ESET)
HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [63944 2018-11-26] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4047984 2019-02-10] (Tonec Inc. -> Tonec Inc.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-22] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iReboot 2.0.lnk [2018-12-03]
ShortcutTarget: iReboot 2.0.lnk -> C:\Program Files (x86)\NeoSmart Technologies\iReboot\iReboot.exe (NeoSmart Technologies -> NeoSmart Technologies)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{a45b863a-33a9-4242-b537-85b42c584dce}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-91579782-3472383839-2110979629-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-11-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-11-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2018-12-04]
FireFox:
========
FF HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\miraj\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\miraj\AppData\Roaming\IDM\idmmzcc5 [2018-12-04] [Legacy] [not signed]
FF HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-09] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-09] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxps://www.seznam.cz/"
CHR Profile: C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default [2019-02-25]
CHR Extension: (Disk Google) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-03]
CHR Extension: (YouTube) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-03]
CHR Extension: (Sticky Password extension) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2018-12-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (Sticky Password Autofill Engine) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaafoaobjaplofpihlhbcbcjhmgnjplf [2018-12-04]
CHR Extension: (ESET Password Manager Autofill Engine) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\naadnjadnmooagmfidjkcedpinpdlldd [2018-12-04]
CHR Extension: (IDM Integration Module) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-02-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-03]
CHR Extension: (Gmail) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-03]
CHR Extension: (Chrome Media Router) - C:\Users\miraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-20]
CHR Profile: C:\Users\miraj\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-24]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-02-11]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-02-11]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2017-11-02] (DESlock Limited -> DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-14] (ESET, spol. s r.o. -> ESET)
R2 iReboot; C:\Program Files (x86)\NeoSmart Technologies\iReboot\iRebootd.exe [34488 2015-05-02] (NeoSmart Technologies -> NeoSmart Technologies)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4795288 2017-02-13] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [2908352 2017-01-06] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1617520 2017-06-22] (Acronis International GmbH -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 DLMFENC; C:\Windows\System32\DRIVERS\DLMFENC.sys [174152 2018-02-27] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\Windows\System32\DRIVERS\dlpcrypt.sys [121728 2017-11-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\Windows\System32\DRIVERS\dlpvdisk.sys [98296 2017-11-02] (DESlock Limited -> DESlock Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-12-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107896 2018-12-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188832 2018-12-04] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50144 2018-12-04] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [82304 2018-12-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [109864 2018-12-04] (ESET, spol. s r.o. -> ESET)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [378712 2018-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-12-10] (Martin Malik - REALiX -> REALiX(tm))
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 SNPSTD3; C:\Windows\system32\DRIVERS\snpstd3.sys [10475648 2006-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Sonix Co. Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1310552 2018-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [213336 2018-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [690520 2018-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 VDLPToken2; C:\Windows\System32\DRIVERS\vdlptkn2.sys [135672 2017-11-02] (DESlock Limited -> DESlock Ltd.)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [324952 2018-12-05] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-25 17:50 - 2019-02-25 17:51 - 000019657 _____ C:\Users\miraj\Desktop\FRST.txt
2019-02-25 17:49 - 2019-02-25 17:50 - 000000000 ____D C:\FRST
2019-02-25 17:46 - 2019-02-25 17:46 - 002433536 _____ (Farbar) C:\Users\miraj\Desktop\FRST64.exe
2019-02-25 10:51 - 2019-02-25 10:56 - 460765816 _____ C:\Users\miraj\Downloads\Herečka Stárková- Užívám si své tělo, Most! není Dallas a má jasný konec. Rasistům otevírá oči, může je utvrdit - Reflex.cz.ts
2019-02-22 14:22 - 2019-02-22 14:24 - 1214830378 _____ C:\Users\miraj\Downloads\Hurvínek a kouzelné muzeum-animovaný (2017) cz.avi
2019-02-20 10:34 - 2019-02-20 10:34 - 026807296 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 023439360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 020812288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 019023872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 009683984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-20 10:34 - 2019-02-20 10:34 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 007645600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 006540424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 006070272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 004885504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 004688896 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 003922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 003662336 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 002927120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 002721280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 002626592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 002469648 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 002437552 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 002323696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 002021584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 001969680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 001700864 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 001671864 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 001467560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 001255736 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-02-20 10:34 - 2019-02-20 10:34 - 001050936 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-02-20 10:34 - 2019-02-20 10:34 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000982576 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000982032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000833536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000765960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000475152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-02-20 10:34 - 2019-02-20 10:34 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000421904 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000419128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000387384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000047136 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-02-20 10:34 - 2019-02-20 10:34 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\hidparse.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-20 10:34 - 2019-02-20 10:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000039304 _____ (Microsoft Corporation) C:\Windows\system32\NtlmShared.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000072 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2019-02-11 07:33 - 2018-12-20 12:05 - 000229296 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2019-01-28 21:12 - 2019-01-28 21:15 - 000297354 _____ C:\Users\miraj\Desktop\Kalendář 2019.pdf
2019-01-28 21:12 - 2019-01-28 21:12 - 000000000 ____D C:\Users\miraj\Documents\Vlastní šablony Office
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-25 17:34 - 2018-12-03 18:35 - 001606102 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-25 17:34 - 2018-09-15 18:39 - 000682358 _____ C:\Windows\system32\perfh005.dat
2019-02-25 17:34 - 2018-09-15 18:39 - 000137076 _____ C:\Windows\system32\perfc005.dat
2019-02-25 17:34 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2019-02-25 17:29 - 2018-12-03 18:34 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-25 17:29 - 2018-12-03 18:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-25 17:29 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-25 17:28 - 2018-09-15 07:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-02-25 14:06 - 2018-12-04 08:07 - 000000000 ___SD C:\Users\miraj\Documents\Password Manager
2019-02-25 12:54 - 2018-12-04 12:50 - 000000000 ____D C:\Users\miraj\AppData\Roaming\DMCache
2019-02-25 12:54 - 2018-12-03 18:37 - 000000000 ____D C:\Users\miraj\AppData\Local\ConnectedDevicesPlatform
2019-02-24 18:42 - 2018-12-03 18:24 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-02-24 17:59 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-24 17:59 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2019-02-24 17:58 - 2018-12-03 21:04 - 000004208 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F34CB79C-84D7-49BA-BB36-C08CF57A8C0F}
2019-02-22 14:49 - 2018-12-04 11:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-22 14:47 - 2018-12-04 12:46 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-22 14:47 - 2018-12-04 12:46 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-22 14:27 - 2018-12-03 21:17 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-22 14:27 - 2018-12-03 21:17 - 000002271 ____H C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-22 10:28 - 2018-12-03 18:44 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-91579782-3472383839-2110979629-1001
2019-02-22 10:28 - 2018-12-03 18:44 - 000000000 ___RD C:\Users\miraj\OneDrive
2019-02-22 10:28 - 2018-12-03 18:33 - 000002398 _____ C:\Users\miraj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-20 21:09 - 2018-12-03 18:33 - 000000000 ____D C:\Users\miraj
2019-02-20 18:28 - 2018-12-04 12:50 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2019-02-20 16:23 - 2018-12-04 12:50 - 000000000 ____D C:\Users\miraj\AppData\Roaming\IDM
2019-02-20 10:57 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2019-02-20 10:52 - 2018-12-03 18:48 - 000000000 ____D C:\Windows\system32\MRT
2019-02-20 10:48 - 2018-12-03 18:48 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-20 10:44 - 2018-12-03 18:24 - 000285888 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-20 10:43 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-02-20 10:43 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2019-02-20 10:42 - 2018-12-03 18:43 - 000000000 ____D C:\ProgramData\Packages
2019-02-20 10:39 - 2018-12-04 11:19 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-20 10:25 - 2018-12-04 12:46 - 000000000 ____D C:\Program Files\CCleaner
2019-02-01 23:31 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-01 23:31 - 2018-09-15 08:36 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-27 12:48 - 2018-12-03 18:37 - 000000000 ____D C:\Users\miraj\AppData\Local\Packages
2019-01-26 20:13 - 2018-12-06 12:03 - 000000000 ____D C:\Users\miraj\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2018-12-06 06:34 - 2018-12-06 06:34 - 000007605 _____ () C:\Users\miraj\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019
Ran by Mirajs (25-02-2019 17:52:13)
Running from C:\Users\miraj\Desktop
Windows 10 Pro Version 1809 17763.316 (X64) (2018-12-03 17:30:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-91579782-3472383839-2110979629-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-91579782-3472383839-2110979629-503 - Limited - Disabled)
Guest (S-1-5-21-91579782-3472383839-2110979629-501 - Limited - Disabled)
Mirajs (S-1-5-21-91579782-3472383839-2110979629-1001 - Administrator - Enabled) => C:\Users\miraj
WDAGUtilityAccount (S-1-5-21-91579782-3472383839-2110979629-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acronis True Image (HKLM-x32\...\{3FB8B185-7EBB-4E02-9038-DBF328954435}) (Version: 20.0.8058 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{3FB8B185-7EBB-4E02-9038-DBF328954435}Visible) (Version: 20.0.8058 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
EasyBCD 2.4 (HKLM-x32\...\EasyBCD) (Version: 2.4 - NeoSmart Technologies)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
ESET Premium Line Encryption (HKLM\...\{2B31C297-1E0A-4082-B95B-E41B8822FF3D}) (Version: 1.0.14 - ESET) Hidden
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 11.2.63.0 - ESET, spol. s r.o.)
Free FLV Player (HKLM-x32\...\Free FLV Player) (Version: - )
Free Hide Folder (HKLM-x32\...\Free Hide Folder) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HWiNFO64 Version 5.86 (HKLM\...\HWiNFO64_is1) (Version: 5.86 - Martin Malík - REALiX)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
iReboot 2.0 (HKLM-x32\...\iReboot) (Version: 2.0 - NeoSmart Technologies)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
StarCam Clip (HKLM-x32\...\{7AEF344E-DB20-4D76-9077-30BD339DFD99}) (Version: 5.17.0.201 - MSI)
Sticky Password 8.2.1.224 (HKLM-x32\...\Sticky Password_is1) (Version: 8.2 - Lamantine Software)
Update for Skype for Business 2016 (KB4462114) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5126E98E-F00E-4A1F-A056-90E6144D4601}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4462114) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5126E98E-F00E-4A1F-A056-90E6144D4601}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4462114) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{5126E98E-F00E-4A1F-A056-90E6144D4601}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-91579782-3472383839-2110979629-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-03-02] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-03-02] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-03-02] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-03-02] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2017-11-02] (DESlock Limited -> DESlock Limited)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {38B576EF-2E03-4B11-8E43-468430B5B034} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4A960ABD-7E9E-47D6-90A1-89323E9A254F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {68CEE1D2-28F6-49E4-8F21-0D92A597F599} - System32\Tasks\AutoPico Daily Restart => I:\ALL [Argument = MS OFFICE WINDOWS PERNAMEN ACTIVATOR!\AutoPico.exe /silent]
Task: {82CAC088-7392-4213-B4B7-682CB202EDA6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8F1F5AE8-D595-47F6-A773-6DBDC36907D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {A916B2D9-D5B5-4B83-82EC-D753D910ED4B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CD91992E-A49A-4B4B-A9FF-09C92E84649E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D57BEF9E-0257-44ED-8C2A-361D1DF52A8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DAFC7983-597C-4789-B8B5-23AE31493CF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-02-20 10:22 - 2016-07-07 14:34 - 002960896 _____ (Python Software Foundation) [File not signed] C:\Program Files\ESET\ESET Password Manager\python27.dll
2019-02-20 10:22 - 2016-07-07 14:34 - 000796160 _____ () [File not signed] C:\Program Files\ESET\ESET Password Manager\DLLs\unicodedata.pyd
2019-02-20 10:22 - 2016-07-07 14:34 - 000231936 _____ () [File not signed] C:\Program Files\ESET\ESET Password Manager\DLLs\pyexpat.pyd
==================== Alternate Data Streams (Whitelisted) =========
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-91579782-3472383839-2110979629-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\miraj\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "tsnpstd3"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\StartupApproved\Run: => "StickyPassword"
HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-91579782-3472383839-2110979629-1001\...\StartupApproved\Run: => "IDMan"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8E1B36C1-AEC5-4E18-ADEA-384EB9E3019B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{0DE26ECD-E2ED-4205-8B3D-4D35DBA4C9DA}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{C82B7703-B934-46B4-8C62-9724685A570A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{1F9EE88C-386B-4287-B244-835A5809881E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{FC19E259-8BD9-41E5-9CAC-37C00E3ABDB3}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{F037E2B4-455E-41DD-8941-5B7CCEF20A4C}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{6C2A4CC3-C829-4608-BDE7-0EE9492A7E67}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{8EF06227-9451-435D-A7CF-83468C0F50FA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{E28E6212-54C7-45D4-ACBC-919AACF81DFB}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{3AC9B92D-6563-4392-8D43-270E78502156}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{80EC9979-3A95-426C-B4A8-158F923FA08D}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{82806B7A-409A-4A78-A062-301F6832D477}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{06D4A65C-25CC-400D-9932-DA0A28E65F3C}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{8AE66CE9-5E91-40FC-8669-459ADC5066AF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A05B11BD-F693-406C-A669-AE6258B813FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4053D511-A7CB-46AF-A627-473FB0277A68}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F3A19037-4556-40B9-84DB-CBE18CEEE523}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4DD6F954-CA22-46FA-8100-99B207814CC7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{21924FE3-1D60-4768-A787-4D371173C5A1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6209E2B1-BE95-446F-90B3-E7518C379981}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{04894C69-9C2A-4868-96A6-A3D718C40902}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{23B53880-C6A5-4B50-BF65-B85F0BBE4E9C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
20-02-2019 11:50:05 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/27/2019 12:48:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SkypeBridge.exe verze 8.37.0.98 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 27d8
Čas spuštění: 01d4b5ab0c481cb6
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
ID hlášení: b9a850f8-0fb3-478b-8915-ccbca6fa6f50
Úplný název balíčku s chybou: Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (01/26/2019 06:48:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program IDMan.exe verze 6.32.5.3 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 520
Čas spuštění: 01d4b34eeb13bd66
Čas ukončení: 151
Cesta k aplikaci: C:\Program Files (x86)\Internet Download Manager\IDMan.exe
ID hlášení: 7a16cf0b-179b-4526-ba63-7cba7bc476df
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Cross-process
Error: (01/15/2019 05:29:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program KMPlayer.exe verze 4.2.2.13 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2470
Čas spuštění: 01d4acef1a65066d
Čas ukončení: 4294967295
Cesta k aplikaci: C:\KMPlayer\KMPlayer.exe
ID hlášení: 95e8caa4-b195-4a15-bfba-d43aabe680a5
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Cross-process
Error: (12/06/2018 12:04:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vlc.exe, verze: 3.0.0.0, časové razítko: 0x00dee6e6
Název chybujícího modulu: vlc.exe, verze: 3.0.0.0, časové razítko: 0x00dee6e6
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000021860
ID chybujícího procesu: 0xbf0
Čas spuštění chybující aplikace: 0x01d48d5354cc832e
Cesta k chybující aplikaci: C:\Program Files\VideoLAN\VLC\vlc.exe
Cesta k chybujícímu modulu: C:\Program Files\VideoLAN\VLC\vlc.exe
ID zprávy: 973a5610-b970-4ec4-948b-dab051877bce
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/06/2018 06:43:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.17763.1, časové razítko: 0xac0ac398
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.1, časové razítko: 0xb5be830e
Kód výjimky: 0xc0000005
Posun chyby: 0x0005109e
ID chybujícího procesu: 0x185c
Čas spuštění chybující aplikace: 0x01d48d267c268adc
Cesta k chybující aplikaci: C:\Windows\SysWOW64\DllHost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: f8060e3f-1163-479d-a8a7-3192f9682cab
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/05/2018 01:13:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.17763.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2044
Čas spuštění: 01d48c937508eb1b
Čas ukončení: 13
Cesta k aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe
ID hlášení: b7d608ba-1d11-4b56-9c57-c758b7b36305
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (12/05/2018 01:10:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.17763.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 223c
Čas spuštění: 01d48c92b8d53c2e
Čas ukončení: 24
Cesta k aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe
ID hlášení: e83c4975-f498-419e-bb64-a93aa22990b5
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (12/04/2018 12:32:38 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
System errors:
=============
Error: (02/25/2019 05:41:36 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9FIOE6M)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-9FIOE6M\Mirajs (SID: S-1-5-21-91579782-3472383839-2110979629-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/25/2019 05:31:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/25/2019 05:31:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/25/2019 05:22:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/25/2019 05:22:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/25/2019 05:21:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9FIOE6M)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-9FIOE6M\Mirajs (SID: S-1-5-21-91579782-3472383839-2110979629-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/25/2019 05:08:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9FIOE6M)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-9FIOE6M\Mirajs (SID: S-1-5-21-91579782-3472383839-2110979629-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/25/2019 04:29:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9FIOE6M)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-9FIOE6M\Mirajs (SID: S-1-5-21-91579782-3472383839-2110979629-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
CodeIntegrity:
===================================
Date: 2019-02-25 17:53:58.578
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-25 17:53:58.576
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-25 17:49:34.307
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-25 17:49:34.304
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-25 17:49:34.297
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-25 17:49:34.294
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-25 17:49:34.254
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-25 17:49:34.251
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 67%
Total physical RAM: 4095.23 MB
Available physical RAM: 1344.27 MB
Total Virtual: 5119.23 MB
Available Virtual: 1870.09 MB
==================== Drives ================================
Drive c: (Woknousy 10) (Fixed) (Total:110.44 GB) (Free:75.17 GB) NTFS
Drive d: (Windows 10) (Fixed) (Total:287.03 GB) (Free:245.93 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Naše DATA) (Fixed) (Total:465.76 GB) (Free:135.92 GB) NTFS
Drive f: (Disk Z) (Fixed) (Total:9.77 GB) (Free:6.26 GB) NTFS
\\?\Volume{9af3c623-0000-0000-0000-e0c147000000}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS
\\?\Volume{9af3c623-0000-0000-0000-80f847000000}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
\\?\Volume{8d95bdc3-0000-0000-0000-109c1b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{8d95bdc3-0000-0000-0000-50b91b000000}\ () (Fixed) (Total:0.45 GB) (Free:0.08 GB) NTFS
\\?\Volume{8d95bdc3-0000-0000-0000-60d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 9AF3C623)
Partition 1: (Active) - (Size=287 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=873 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1DED93DC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 8D95BDC3)
Partition 1: (Not Active) - (Size=110.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=467 MB) - (Type=27)
Partition 3: (Not Active) - (Size=464 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prev. kontr. logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prev. kontr. logu
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prev. kontr. logu
Diallix píše:Dobry den.
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-25-2019
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\csastats
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1280 octets] - [25/02/2019 18:23:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Prev. kontr. logu
otestujte na virustotal.com tento subor: C:\Windows\vsnpstd3.exevysledok testu nasledne vlozte sem.
Do poznamkoveho bloku skopirujte obsah dole:Kód: Vybrat vše
CloseProcesses:
c:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {DAFC7983-597C-4789-B8B5-23AE31493CF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4A960ABD-7E9E-47D6-90A1-89323E9A254F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{8AE66CE9-5E91-40FC-8669-459ADC5066AF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A05B11BD-F693-406C-A669-AE6258B813FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4053D511-A7CB-46AF-A627-473FB0277A68}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F3A19037-4556-40B9-84DB-CBE18CEEE523}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
EmptyTemp:Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prev. kontr. logu
Basic Properties
MD5 45f5ad6f433356128bc65128399f533d
SHA-1 c4b8ba8c27d35b68a264dc1505172ebbe7e4d1b2
Authentihash 47f4f401d13b21e0d60cab684eeeb4192d666ff31149793039654679b4a3aa2d
Imphash 191139395970c66dd0570454b442d8be
File Type Win32 EXE
Magic PE32 executable for MS Windows (GUI) Intel 80386 32-bit
SSDeep 24576:Uyq/qVzQvFsroRtPb7HYSc8f6Ix01ST2vF:9zQvqkb2kq1STS
TRiD Win32 Executable MS Visual C++ (generic) (41%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
File Size 824 KB
Tags
peexearmadillo
History
Creation Time 2006-09-18 06:12:11
First Submission 2008-11-14 04:33:53
Last Submission 2018-02-10 07:00:26
Last Analysis 2018-12-26 12:50:42
File Names
CameraMonitor
CameraMonitor.EXE
vsnpstd3.exe
VSNPSTD3.EXE
scan_file
file-2984349_exe
a15ed8ab0d376c0c10c6e45a60be5538_vsnpstd3.exe.safe
file-151376_exe
Packers
PEiD Armadillo v1.71
Signature Info
Signature Verification
This file is not signed
File Version Information
Copyright Copyright 2002-2005
Product CameraMonitor Application
Description CameraMonitor Application
Original Name CameraMonitor.EXE
Internal Name CameraMonitor
File Version 1, 0, 6, 0
Comments Compatible Vista Multi-language
Portable Executable Info
Header
Target Machine Intel 386 or later processors and compatible processors
Compilation Timestamp 2006-09-18 06:12:11
Entry Point 571007
Contained Sections 4
Sections
Name Virtual Address Virtual Size Raw Size Entropy MD5
.text 4096 571530 573440 6.62 7840c52c09504e41c50985f101311a29
.rdata 577536 155319 155648 4.13 44838d3d8ec619bddf359ca24f67cecd
.data 733184 71852 49152 5.37 27d50c3d1039d6c657463b50f5ee8971
.rsrc 806912 59576 61440 4.65 9a4529fc67c5af70621f804be5c500a5
Imports
ADVAPI32.dll
GDI32.dll
KERNEL32.dll
MFC42.DLL
MSVCRT.dll
USER32.dll
VERSION.dll
WINMM.dll
Exports
??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
Contained Resources By Type
RT ICON 23
RT DIALOG 21
RT STRING 8
RT GROUP ICON 5
RT VERSION 1
Contained Resources By Language
ENGLISH US 41
TURKISH DEFAULT 1
SWEDISH 1
SPANISH MODERN 1
PORTUGUESE BRAZILIAN 1
Contained Resources
SHA-256 File Type Type Language
0c8c3a2ff052d01cca38910e39978db7935ffbae8a0bc5acb9e59e173fe82896 data RT_ICON ENGLISH US
f3847e9106d4dd4a29e2097f6d3de0c2222a58d75f80a64170489a19819bf149 data RT_ICON ENGLISH US
ee0fd0da8d71ffc1ac37ca90246b844db5d9daa436496386551a292c6ac41abc data RT_ICON ENGLISH US
6349354b4e4c7fb5a14f155172560a84e4639a8f99243f8c3af74a7cbdeadcfa data RT_ICON ENGLISH US
272d6543bba41e7cd10af091c81cad68b12b16a27feb988debe92f06a466bc68 data RT_ICON ENGLISH US
ExifTool File Metadata
CharacterSet Unicode
CodeSize 573440
Comments Compatible Vista Multi-language
EntryPoint 0x8b67f
FileDescription CameraMonitor Application
FileFlagsMask 0x003f
FileOS Win32
FileSubtype 0
FileType Win32 EXE
FileTypeExtension exe
FileVersion 1, 0, 6, 0
FileVersionNumber 1.0.6.0
ImageFileCharacteristics No relocs, Executable, No line numbers, No symbols, 32-bit
ImageVersion 0.0
InitializedDataSize 290816
InternalName CameraMonitor
LanguageCode English (U.S.)
LegalCopyright Copyright 2002-2005
LinkerVersion 6.0
MIMEType application/octet-stream
MachineType Intel 386 or later, and compatibles
OSVersion 4.0
ObjectFileType Executable application
OriginalFileName CameraMonitor.EXE
PEType PE32
ProductName CameraMonitor Application
ProductVersion 1, 0, 0, 0
ProductVersionNumber 1.0.0.0
Subsystem Windows GUI
SubsystemVersion 4.0
TimeStamp 2006:09:18 08:12:11+02:00
UninitializedDataSize 0
Fix result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019
Ran by Mirajs (25-02-2019 18:52:07) Run:1
Running from C:\Users\miraj\Desktop
Loaded Profiles: Mirajs (Available Profiles: Mirajs)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
c:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {DAFC7983-597C-4789-B8B5-23AE31493CF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4A960ABD-7E9E-47D6-90A1-89323E9A254F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{8AE66CE9-5E91-40FC-8669-459ADC5066AF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A05B11BD-F693-406C-A669-AE6258B813FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4053D511-A7CB-46AF-A627-473FB0277A68}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F3A19037-4556-40B9-84DB-CBE18CEEE523}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
EmptyTemp:
*****************
Processes closed successfully.
c:\Program Files\Bonjour\mDNSResponder.exe => moved successfully
c:\Program Files\Bonjour => moved successfully
C:\Program Files (x86)\Bonjour => moved successfully
C:\Windows\system32\DrtmAuth8.bin => moved successfully
C:\Windows\system32\DrtmAuth7.bin => moved successfully
C:\Windows\system32\DrtmAuth6.bin => moved successfully
C:\Windows\system32\DrtmAuth5.bin => moved successfully
C:\Windows\system32\DrtmAuth4.bin => moved successfully
C:\Windows\system32\DrtmAuth3.bin => moved successfully
C:\Windows\system32\DrtmAuth2.bin => moved successfully
C:\Windows\system32\DrtmAuth1.bin => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAFC7983-597C-4789-B8B5-23AE31493CF2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAFC7983-597C-4789-B8B5-23AE31493CF2}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A960ABD-7E9E-47D6-90A1-89323E9A254F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A960ABD-7E9E-47D6-90A1-89323E9A254F}" => removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8AE66CE9-5E91-40FC-8669-459ADC5066AF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A05B11BD-F693-406C-A669-AE6258B813FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4053D511-A7CB-46AF-A627-473FB0277A68}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F3A19037-4556-40B9-84DB-CBE18CEEE523}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16910122 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4118292 B
Edge => 2383860 B
Chrome => 307071857 B
Firefox => 0 B
Opera => 390786 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 31306 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
miraj => 49690771 B
RecycleBin => 0 B
EmptyTemp: => 372.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:53:12 ====
MD5 45f5ad6f433356128bc65128399f533d
SHA-1 c4b8ba8c27d35b68a264dc1505172ebbe7e4d1b2
Authentihash 47f4f401d13b21e0d60cab684eeeb4192d666ff31149793039654679b4a3aa2d
Imphash 191139395970c66dd0570454b442d8be
File Type Win32 EXE
Magic PE32 executable for MS Windows (GUI) Intel 80386 32-bit
SSDeep 24576:Uyq/qVzQvFsroRtPb7HYSc8f6Ix01ST2vF:9zQvqkb2kq1STS
TRiD Win32 Executable MS Visual C++ (generic) (41%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
File Size 824 KB
Tags
peexearmadillo
History
Creation Time 2006-09-18 06:12:11
First Submission 2008-11-14 04:33:53
Last Submission 2018-02-10 07:00:26
Last Analysis 2018-12-26 12:50:42
File Names
CameraMonitor
CameraMonitor.EXE
vsnpstd3.exe
VSNPSTD3.EXE
scan_file
file-2984349_exe
a15ed8ab0d376c0c10c6e45a60be5538_vsnpstd3.exe.safe
file-151376_exe
Packers
PEiD Armadillo v1.71
Signature Info
Signature Verification
This file is not signed
File Version Information
Copyright Copyright 2002-2005
Product CameraMonitor Application
Description CameraMonitor Application
Original Name CameraMonitor.EXE
Internal Name CameraMonitor
File Version 1, 0, 6, 0
Comments Compatible Vista Multi-language
Portable Executable Info
Header
Target Machine Intel 386 or later processors and compatible processors
Compilation Timestamp 2006-09-18 06:12:11
Entry Point 571007
Contained Sections 4
Sections
Name Virtual Address Virtual Size Raw Size Entropy MD5
.text 4096 571530 573440 6.62 7840c52c09504e41c50985f101311a29
.rdata 577536 155319 155648 4.13 44838d3d8ec619bddf359ca24f67cecd
.data 733184 71852 49152 5.37 27d50c3d1039d6c657463b50f5ee8971
.rsrc 806912 59576 61440 4.65 9a4529fc67c5af70621f804be5c500a5
Imports
ADVAPI32.dll
GDI32.dll
KERNEL32.dll
MFC42.DLL
MSVCRT.dll
USER32.dll
VERSION.dll
WINMM.dll
Exports
??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
Contained Resources By Type
RT ICON 23
RT DIALOG 21
RT STRING 8
RT GROUP ICON 5
RT VERSION 1
Contained Resources By Language
ENGLISH US 41
TURKISH DEFAULT 1
SWEDISH 1
SPANISH MODERN 1
PORTUGUESE BRAZILIAN 1
Contained Resources
SHA-256 File Type Type Language
0c8c3a2ff052d01cca38910e39978db7935ffbae8a0bc5acb9e59e173fe82896 data RT_ICON ENGLISH US
f3847e9106d4dd4a29e2097f6d3de0c2222a58d75f80a64170489a19819bf149 data RT_ICON ENGLISH US
ee0fd0da8d71ffc1ac37ca90246b844db5d9daa436496386551a292c6ac41abc data RT_ICON ENGLISH US
6349354b4e4c7fb5a14f155172560a84e4639a8f99243f8c3af74a7cbdeadcfa data RT_ICON ENGLISH US
272d6543bba41e7cd10af091c81cad68b12b16a27feb988debe92f06a466bc68 data RT_ICON ENGLISH US
ExifTool File Metadata
CharacterSet Unicode
CodeSize 573440
Comments Compatible Vista Multi-language
EntryPoint 0x8b67f
FileDescription CameraMonitor Application
FileFlagsMask 0x003f
FileOS Win32
FileSubtype 0
FileType Win32 EXE
FileTypeExtension exe
FileVersion 1, 0, 6, 0
FileVersionNumber 1.0.6.0
ImageFileCharacteristics No relocs, Executable, No line numbers, No symbols, 32-bit
ImageVersion 0.0
InitializedDataSize 290816
InternalName CameraMonitor
LanguageCode English (U.S.)
LegalCopyright Copyright 2002-2005
LinkerVersion 6.0
MIMEType application/octet-stream
MachineType Intel 386 or later, and compatibles
OSVersion 4.0
ObjectFileType Executable application
OriginalFileName CameraMonitor.EXE
PEType PE32
ProductName CameraMonitor Application
ProductVersion 1, 0, 0, 0
ProductVersionNumber 1.0.0.0
Subsystem Windows GUI
SubsystemVersion 4.0
TimeStamp 2006:09:18 08:12:11+02:00
UninitializedDataSize 0
Fix result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019
Ran by Mirajs (25-02-2019 18:52:07) Run:1
Running from C:\Users\miraj\Desktop
Loaded Profiles: Mirajs (Available Profiles: Mirajs)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
c:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-02-20 10:34 - 2019-02-20 10:34 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {DAFC7983-597C-4789-B8B5-23AE31493CF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4A960ABD-7E9E-47D6-90A1-89323E9A254F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{8AE66CE9-5E91-40FC-8669-459ADC5066AF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A05B11BD-F693-406C-A669-AE6258B813FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4053D511-A7CB-46AF-A627-473FB0277A68}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F3A19037-4556-40B9-84DB-CBE18CEEE523}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
EmptyTemp:
*****************
Processes closed successfully.
c:\Program Files\Bonjour\mDNSResponder.exe => moved successfully
c:\Program Files\Bonjour => moved successfully
C:\Program Files (x86)\Bonjour => moved successfully
C:\Windows\system32\DrtmAuth8.bin => moved successfully
C:\Windows\system32\DrtmAuth7.bin => moved successfully
C:\Windows\system32\DrtmAuth6.bin => moved successfully
C:\Windows\system32\DrtmAuth5.bin => moved successfully
C:\Windows\system32\DrtmAuth4.bin => moved successfully
C:\Windows\system32\DrtmAuth3.bin => moved successfully
C:\Windows\system32\DrtmAuth2.bin => moved successfully
C:\Windows\system32\DrtmAuth1.bin => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAFC7983-597C-4789-B8B5-23AE31493CF2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAFC7983-597C-4789-B8B5-23AE31493CF2}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A960ABD-7E9E-47D6-90A1-89323E9A254F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A960ABD-7E9E-47D6-90A1-89323E9A254F}" => removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8AE66CE9-5E91-40FC-8669-459ADC5066AF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A05B11BD-F693-406C-A669-AE6258B813FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4053D511-A7CB-46AF-A627-473FB0277A68}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F3A19037-4556-40B9-84DB-CBE18CEEE523}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16910122 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4118292 B
Edge => 2383860 B
Chrome => 307071857 B
Firefox => 0 B
Opera => 390786 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 31306 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
miraj => 49690771 B
RecycleBin => 0 B
EmptyTemp: => 372.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:53:12 ====
Re: Prev. kontr. logu
mozete sem vlozit vysledky testu suboru, ci je infikovany alebo nie?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prev. kontr. logu
Acronis
Clean
Ad-Aware
Clean
AegisLab
Clean
AhnLab-V3
Clean
Alibaba
Clean
ALYac
Clean
Antiy-AVL
Clean
Arcabit
Clean
Avast
Clean
Avast Mobile Security
Clean
AVG
Clean
Avira
Clean
AVware
Clean
Babable
Clean
Baidu
Clean
BitDefender
Clean
Bkav
Clean
CAT-QuickHeal
Clean
ClamAV
Clean
CMC
Clean
Comodo
Clean
CrowdStrike Falcon
Clean
Cybereason
Clean
Cylance
Clean
Cyren
Clean
DrWeb
Clean
eGambit
Clean
Emsisoft
Clean
Endgame
Clean
eScan
Clean
ESET-NOD32
Clean
F-Prot
Clean
F-Secure
Clean
Fortinet
Clean
GData
Clean
Ikarus
Clean
Jiangmin
Clean
K7AntiVirus
Clean
K7GW
Clean
Kaspersky
Clean
Kingsoft
Clean
Malwarebytes
Clean
MAX
Clean
McAfee
Clean
McAfee-GW-Edition
Clean
Microsoft
Clean
NANO-Antivirus
Clean
Palo Alto Networks
Clean
Panda
Clean
Qihoo-360
Clean
Rising
Clean
SentinelOne
Clean
Sophos AV
Clean
Sophos ML
Clean
SUPERAntiSpyware
Clean
Symantec
Clean
TACHYON
Clean
Tencent
Clean
TheHacker
Clean
TotalDefense
Clean
Trapmine
Clean
TrendMicro
Clean
TrendMicro-HouseCall
Clean
Trustlook
Clean
VBA32
Clean
VIPRE
Clean
ViRobot
Clean
Webroot
Clean
Yandex
Clean
Zillya
Clean
ZoneAlarm
Clean
Zoner
Clean
Clean
Ad-Aware
Clean
AegisLab
Clean
AhnLab-V3
Clean
Alibaba
Clean
ALYac
Clean
Antiy-AVL
Clean
Arcabit
Clean
Avast
Clean
Avast Mobile Security
Clean
AVG
Clean
Avira
Clean
AVware
Clean
Babable
Clean
Baidu
Clean
BitDefender
Clean
Bkav
Clean
CAT-QuickHeal
Clean
ClamAV
Clean
CMC
Clean
Comodo
Clean
CrowdStrike Falcon
Clean
Cybereason
Clean
Cylance
Clean
Cyren
Clean
DrWeb
Clean
eGambit
Clean
Emsisoft
Clean
Endgame
Clean
eScan
Clean
ESET-NOD32
Clean
F-Prot
Clean
F-Secure
Clean
Fortinet
Clean
GData
Clean
Ikarus
Clean
Jiangmin
Clean
K7AntiVirus
Clean
K7GW
Clean
Kaspersky
Clean
Kingsoft
Clean
Malwarebytes
Clean
MAX
Clean
McAfee
Clean
McAfee-GW-Edition
Clean
Microsoft
Clean
NANO-Antivirus
Clean
Palo Alto Networks
Clean
Panda
Clean
Qihoo-360
Clean
Rising
Clean
SentinelOne
Clean
Sophos AV
Clean
Sophos ML
Clean
SUPERAntiSpyware
Clean
Symantec
Clean
TACHYON
Clean
Tencent
Clean
TheHacker
Clean
TotalDefense
Clean
Trapmine
Clean
TrendMicro
Clean
TrendMicro-HouseCall
Clean
Trustlook
Clean
VBA32
Clean
VIPRE
Clean
ViRobot
Clean
Webroot
Clean
Yandex
Clean
Zillya
Clean
ZoneAlarm
Clean
Zoner
Clean
Re: Prev. kontr. logu
ok ako je na tom pocitac
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prev. kontr. logu
PC šlape standartním způsobem, šlo jen o preventivku,
Re: Prev. kontr. logu
v pohode, je to ok
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Prev. kontr. logu
Děkuji,
a přeji hezký den.
psina M.
a přeji hezký den.
psina M.
Re: Prev. kontr. logu
aj vam 
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?