Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventívka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Minmi
Návštěvník
Návštěvník
Příspěvky: 176
Registrován: 07 bře 2009 22:18

Preventívka

#1 Příspěvek od Minmi »

Zdravím,

mohol by som poprosiť o preventívnu kontrolu? Avira hlásila nejaký blok k sdclt.exe ako HEUR/AGEN.1130721

Vďaka :)


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by Minmi (administrator) on MINMI-HP (Hewlett-Packard HP ProBook 4530s) (15-05-2020 13:44:28)
Running from C:\Users\Minmi\Desktop
Loaded Profiles: Minmi
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
() [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Development Company, L.P) [File not signed] C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>
(PDF Complete Inc. -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-09-08] (IDT, Inc.) [File not signed]
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] () [File not signed]
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2945080 2011-09-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [Google Update] => C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\MountPoints2: {79637908-f198-11e0-acbe-d0df9a83b246} - D:\SETUP.EXE
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> c:\Windows\system32\DPLic.dll [2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1542298A-FA93-4041-8496-BD308149BC9A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759304 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {161C82F6-9CB9-4A6E-ACED-5F21DBBC39CB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {496B3AD7-34F1-4A00-93C7-12E9B27A8363} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {4FA97840-4DB9-4E7A-A95B-2CFB7B8CECB1} - System32\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002 => C:\Users\Minmi\AppData\Local\GoToMeeting\17052\g2mupdate.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {53C0AD5F-987A-4815-B3AF-38B35BC0FDC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {6E65DDDC-4D0B-4F15-9E39-A481A60869AF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-13] (Adobe Inc. -> Adobe)
Task: {9B7F1EB9-26A9-455E-9AA3-BA5B6A380750} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228368 2020-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A8736EC1-29F4-494F-A25F-27F2B61102A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd -> Piriform Ltd)
Task: {AC7E5527-DA18-4FE4-9577-7201A126AA8A} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {B0C66866-0C81-4FEF-9BB7-0F9C6E754448} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [216944 2017-10-11] (HP Inc. -> HP Inc.)
Task: {B45FC13B-F193-4C1D-BC0F-B26139B2377B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-13] (Adobe Inc. -> Adobe)
Task: {C1441E67-95EE-4DB6-996E-C7F0D362D809} - System32\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002 => C:\Users\Minmi\AppData\Local\GoToMeeting\17052\g2mupload.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {DA4BF705-9A0A-492F-9496-21CE91B2E253} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {DE9A0307-EA7F-4F25-BAD6-FE1DB7A289D4} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {E130C858-4317-4AA8-B6B2-D0D17A161263} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {E661FF61-1EF0-483E-9A3F-3CC58F6C3325} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [120680 2017-06-22] (HP Inc. -> HP Inc.)
Task: {FE4DB1ED-9C86-4CC1-A43B-1B73E189DFC9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {FF16A45C-E5F7-41E2-BAAE-3D9AF9EFEFED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002.job => C:\Users\Minmi\AppData\Local\GoToMeeting\17052\g2mupdate.exe
Task: C:\windows\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002.job => C:\Users\Minmi\AppData\Local\GoToMeeting\17052\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{22B3E4C8-FE8D-423D-9CF1-7AE1AA67CFD5}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{D21A25A4-1FB0-448D-84D5-6EC191DB4D91}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) [File not signed]
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-04] (Skype Technologies SA -> Skype Technologies)

FireFox:
========
FF DefaultProfile: s1t6q2ot.default
FF ProfilePath: C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default [2020-05-15]
FF user.js: detected! => C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default\user.js [2012-03-29]
FF Homepage: Mozilla\Firefox\Profiles\s1t6q2ot.default -> www.google.sk
FF Extension: (Avira Browser Safety) - C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default\Extensions\abs@avira.com.xpi [2020-05-03]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-05-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [204288 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1209000 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484160 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484160 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [576368 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636264 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383344 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [242448 2020-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-09-08] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation -> Xobni Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 AgereSoftModem; C:\windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
R3 amdkmdag; C:\windows\System32\DRIVERS\atikmdag.sys [10496000 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\windows\System32\DRIVERS\atikmpag.sys [326656 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 ATHDFU; C:\windows\System32\Drivers\AthDfu.sys [55448 2012-08-19] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
R3 athr; C:\windows\System32\DRIVERS\athrx.sys [4022272 2013-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [68152 2019-07-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [222176 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [178720 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [78600 2018-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [35376 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-17] (DT Soft Ltd -> DT Soft Ltd)
R0 hpdskflt; C:\windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [25912 2010-12-03] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [165504 2016-08-05] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R3 phantomtap; C:\windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-02-08] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2611704 2011-01-12] (Sunplus Innovation Technology Inc. -> Sunplus Technology)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt64.sys [543744 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 13:44 - 2020-05-15 13:46 - 000030358 _____ C:\Users\Minmi\Desktop\FRST.txt
2020-05-15 13:43 - 2020-05-15 13:45 - 000000000 ____D C:\FRST
2020-05-15 13:42 - 2020-05-15 13:42 - 002286080 _____ (Farbar) C:\Users\Minmi\Desktop\FRST64.exe
2020-05-14 19:20 - 2020-05-14 19:20 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2020-05-14 01:45 - 2020-05-14 01:50 - 000000000 ____D C:\novy_mobil_zaloha
2020-05-13 22:13 - 2020-05-13 22:13 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-05-13 22:13 - 2020-05-13 22:13 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk
2020-05-13 22:09 - 2020-05-14 19:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 13:10 - 2017-09-13 17:54 - 000000538 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002.job
2020-05-15 13:06 - 2016-11-21 23:12 - 000000000 ____D C:\Users\Minmi\AppData\LocalLow\Mozilla
2020-05-15 13:02 - 2009-07-14 06:45 - 000022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-15 13:02 - 2009-07-14 06:45 - 000022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-15 12:50 - 2018-04-08 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-05-15 00:05 - 2017-09-13 17:54 - 000000634 _____ C:\windows\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002.job
2020-05-14 19:20 - 2012-04-25 01:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-14 19:09 - 2009-07-14 07:13 - 000782470 _____ C:\windows\system32\PerfStringBackup.INI
2020-05-14 19:09 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2020-05-14 19:05 - 2014-08-21 13:42 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-14 19:05 - 2011-05-10 22:10 - 000000000 ____D C:\ProgramData\PDFC
2020-05-14 19:04 - 2011-05-10 22:06 - 000000000 ____D C:\ProgramData\HPQLOG
2020-05-14 19:00 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-05-14 01:00 - 2015-09-08 22:00 - 000145920 _____ C:\Users\Minmi\Desktop\vydavky.xls
2020-05-13 22:21 - 2015-11-09 20:53 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-13 22:15 - 2018-03-13 22:05 - 000004462 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-05-13 22:15 - 2012-05-31 09:49 - 000004312 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-05-13 22:15 - 2012-05-31 09:48 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-05-13 22:15 - 2011-11-28 00:19 - 000000000 ____D C:\windows\system32\Macromed
2020-05-13 22:15 - 2011-09-17 13:03 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-13 22:15 - 2011-05-10 22:11 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-05-13 22:14 - 2018-04-08 16:02 - 000222176 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2020-05-13 22:14 - 2018-04-08 16:02 - 000178720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2020-05-13 22:07 - 2020-01-28 21:31 - 000003454 _____ C:\windows\system32\Tasks\Avira_Security_Update
2020-04-19 16:36 - 2017-10-11 22:41 - 000000000 ____D C:\trading
2020-04-19 15:50 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF

==================== Files in the root of some directories ========

2011-09-25 13:20 - 2012-02-12 13:44 - 000103482 _____ () C:\Users\Minmi\AppData\Roaming\QWInstall.log
2011-10-12 14:35 - 2014-03-04 22:09 - 000004608 _____ () C:\Users\Minmi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-05 23:24 - 2015-03-05 23:24 - 000000717 _____ () C:\Users\Minmi\AppData\Local\recently-used.xbel
2013-09-07 13:26 - 2018-01-29 01:11 - 000007601 _____ () C:\Users\Minmi\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-05-13 23:00
==================== End of FRST.txt ========================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventívka

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Minmi
Návštěvník
Návštěvník
Příspěvky: 176
Registrován: 07 bře 2009 22:18

Re: Preventívka

#3 Příspěvek od Minmi »

Zdravím,

prikladám log z AdwCleanera. Vyhodilo to aj nejaké predinštalované veci (HP, Lenovo,..), ale neboli označené, tak som ich nechal tak.


# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-15-2020
# Duration: 00:00:17
# OS: Windows 7 Home Premium
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\ProgramData\ytd video downloader

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5888 octets] - [15/05/2020 21:05:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventívka

#4 Příspěvek od Diallix »

Super, mozem poprosit o nove logy z FRST ,a pridajte, prosim, aj log Addition
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Minmi
Návštěvník
Návštěvník
Příspěvky: 176
Registrován: 07 bře 2009 22:18

Re: Preventívka

#5 Příspěvek od Minmi »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by Minmi (administrator) on MINMI-HP (Hewlett-Packard HP ProBook 4530s) (15-05-2020 21:55:57)
Running from C:\Users\Minmi\Desktop
Loaded Profiles: Minmi
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
() [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Development Company, L.P) [File not signed] C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <5>
(PDF Complete Inc. -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-09-08] (IDT, Inc.) [File not signed]
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] () [File not signed]
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2945080 2011-09-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [Google Update] => C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\MountPoints2: {79637908-f198-11e0-acbe-d0df9a83b246} - D:\SETUP.EXE
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> c:\Windows\system32\DPLic.dll [2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1542298A-FA93-4041-8496-BD308149BC9A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759304 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {161C82F6-9CB9-4A6E-ACED-5F21DBBC39CB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {496B3AD7-34F1-4A00-93C7-12E9B27A8363} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {4FA97840-4DB9-4E7A-A95B-2CFB7B8CECB1} - System32\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002 => C:\Users\Minmi\AppData\Local\GoToMeeting\17359\g2mupdate.exe [32256 2020-05-15] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {53C0AD5F-987A-4815-B3AF-38B35BC0FDC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {6E65DDDC-4D0B-4F15-9E39-A481A60869AF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-13] (Adobe Inc. -> Adobe)
Task: {9B7F1EB9-26A9-455E-9AA3-BA5B6A380750} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228368 2020-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A8736EC1-29F4-494F-A25F-27F2B61102A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd -> Piriform Ltd)
Task: {AC7E5527-DA18-4FE4-9577-7201A126AA8A} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {B0C66866-0C81-4FEF-9BB7-0F9C6E754448} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [216944 2017-10-11] (HP Inc. -> HP Inc.)
Task: {B45FC13B-F193-4C1D-BC0F-B26139B2377B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-13] (Adobe Inc. -> Adobe)
Task: {C1441E67-95EE-4DB6-996E-C7F0D362D809} - System32\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002 => C:\Users\Minmi\AppData\Local\GoToMeeting\17359\g2mupload.exe [32256 2020-05-15] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {DA4BF705-9A0A-492F-9496-21CE91B2E253} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {DE9A0307-EA7F-4F25-BAD6-FE1DB7A289D4} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {E130C858-4317-4AA8-B6B2-D0D17A161263} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {E661FF61-1EF0-483E-9A3F-3CC58F6C3325} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [120680 2017-06-22] (HP Inc. -> HP Inc.)
Task: {FE4DB1ED-9C86-4CC1-A43B-1B73E189DFC9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {FF16A45C-E5F7-41E2-BAAE-3D9AF9EFEFED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002.job => C:\Users\Minmi\AppData\Local\GoToMeeting\17359\g2mupdate.exe
Task: C:\windows\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002.job => C:\Users\Minmi\AppData\Local\GoToMeeting\17359\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{22B3E4C8-FE8D-423D-9CF1-7AE1AA67CFD5}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{D21A25A4-1FB0-448D-84D5-6EC191DB4D91}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) [File not signed]
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-04] (Skype Technologies SA -> Skype Technologies)

FireFox:
========
FF DefaultProfile: s1t6q2ot.default
FF ProfilePath: C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default [2020-05-15]
FF user.js: detected! => C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default\user.js [2012-03-29]
FF Homepage: Mozilla\Firefox\Profiles\s1t6q2ot.default -> www.google.sk
FF Extension: (Avira Browser Safety) - C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default\Extensions\abs@avira.com.xpi [2020-05-03]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-05-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [204288 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1209000 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484160 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484160 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [576368 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636264 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383344 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [242448 2020-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-09-08] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation -> Xobni Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 AgereSoftModem; C:\windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
R3 amdkmdag; C:\windows\System32\DRIVERS\atikmdag.sys [10496000 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\windows\System32\DRIVERS\atikmpag.sys [326656 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 ATHDFU; C:\windows\System32\Drivers\AthDfu.sys [55448 2012-08-19] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
R3 athr; C:\windows\System32\DRIVERS\athrx.sys [4022272 2013-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [68152 2019-07-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [222176 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [178720 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [78600 2018-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [35376 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-17] (DT Soft Ltd -> DT Soft Ltd)
R0 hpdskflt; C:\windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [25912 2010-12-03] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [165504 2016-08-05] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R3 phantomtap; C:\windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-02-08] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2611704 2011-01-12] (Sunplus Innovation Technology Inc. -> Sunplus Technology)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt64.sys [543744 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 21:03 - 2020-05-15 21:08 - 000000000 ____D C:\AdwCleaner
2020-05-15 20:59 - 2020-05-15 20:59 - 008196784 _____ (Malwarebytes) C:\Users\Minmi\Desktop\adwcleaner_8.0.4.exe
2020-05-15 13:50 - 2020-05-15 13:53 - 000088398 _____ C:\Users\Minmi\Desktop\Addition.txt
2020-05-15 13:44 - 2020-05-15 21:58 - 000030562 _____ C:\Users\Minmi\Desktop\FRST.txt
2020-05-15 13:43 - 2020-05-15 21:57 - 000000000 ____D C:\FRST
2020-05-15 13:42 - 2020-05-15 13:42 - 002286080 _____ (Farbar) C:\Users\Minmi\Desktop\FRST64.exe
2020-05-14 19:20 - 2020-05-14 19:20 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2020-05-14 01:45 - 2020-05-14 01:50 - 000000000 ____D C:\novy_mobil_zaloha
2020-05-13 22:13 - 2020-05-13 22:13 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-05-13 22:13 - 2020-05-13 22:13 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk
2020-05-13 22:09 - 2020-05-15 21:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 21:55 - 2016-10-02 13:03 - 000000000 ____D C:\veci_z_plochy
2020-05-15 21:33 - 2017-09-13 17:54 - 000000634 _____ C:\windows\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002.job
2020-05-15 21:33 - 2016-11-21 23:12 - 000000000 ____D C:\Users\Minmi\AppData\LocalLow\Mozilla
2020-05-15 21:30 - 2017-09-13 17:54 - 000000538 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002.job
2020-05-15 21:21 - 2009-07-14 06:45 - 000022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-15 21:21 - 2009-07-14 06:45 - 000022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-15 21:20 - 2009-07-14 07:13 - 000782470 _____ C:\windows\system32\PerfStringBackup.INI
2020-05-15 21:20 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2020-05-15 21:16 - 2011-05-10 22:10 - 000000000 ____D C:\ProgramData\PDFC
2020-05-15 21:15 - 2011-05-10 22:06 - 000000000 ____D C:\ProgramData\HPQLOG
2020-05-15 21:11 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-05-15 21:10 - 2012-04-25 01:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-15 15:10 - 2017-09-13 17:54 - 000003660 _____ C:\windows\system32\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002
2020-05-15 15:10 - 2017-09-13 17:54 - 000003564 _____ C:\windows\system32\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002
2020-05-15 15:10 - 2017-09-13 17:54 - 000000000 ____D C:\Users\Minmi\AppData\Local\GoToMeeting
2020-05-15 15:00 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF
2020-05-15 12:50 - 2018-04-08 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-05-14 19:05 - 2014-08-21 13:42 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-14 01:00 - 2015-09-08 22:00 - 000145920 _____ C:\Users\Minmi\Desktop\vydavky.xls
2020-05-13 22:21 - 2015-11-09 20:53 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-13 22:15 - 2018-03-13 22:05 - 000004462 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-05-13 22:15 - 2012-05-31 09:49 - 000004312 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-05-13 22:15 - 2012-05-31 09:48 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-05-13 22:15 - 2011-11-28 00:19 - 000000000 ____D C:\windows\system32\Macromed
2020-05-13 22:15 - 2011-09-17 13:03 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-13 22:15 - 2011-05-10 22:11 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-05-13 22:14 - 2018-04-08 16:02 - 000222176 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2020-05-13 22:14 - 2018-04-08 16:02 - 000178720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2020-05-13 22:07 - 2020-01-28 21:31 - 000003454 _____ C:\windows\system32\Tasks\Avira_Security_Update
2020-04-19 16:36 - 2017-10-11 22:41 - 000000000 ____D C:\trading

==================== Files in the root of some directories ========

2011-09-25 13:20 - 2012-02-12 13:44 - 000103482 _____ () C:\Users\Minmi\AppData\Roaming\QWInstall.log
2011-10-12 14:35 - 2014-03-04 22:09 - 000004608 _____ () C:\Users\Minmi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-05 23:24 - 2015-03-05 23:24 - 000000717 _____ () C:\Users\Minmi\AppData\Local\recently-used.xbel
2013-09-07 13:26 - 2018-01-29 01:11 - 000007601 _____ () C:\Users\Minmi\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-05-13 23:00
==================== End of FRST.txt ========================

Minmi
Návštěvník
Návštěvník
Příspěvky: 176
Registrován: 07 bře 2009 22:18

Re: Preventívka

#6 Příspěvek od Minmi »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Minmi (15-05-2020 21:59:31)
Running from C:\Users\Minmi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-16 11:53:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2934419145-1383663255-327153009-500 - Administrator - Disabled)
Guest (S-1-5-21-2934419145-1383663255-327153009-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2934419145-1383663255-327153009-1003 - Limited - Enabled)
Minmi (S-1-5-21-2934419145-1383663255-327153009-1002 - Administrator - Enabled) => C:\Users\Minmi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.371 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft TotalMedia (HKLM-x32\...\{4114A073-7385-4742-8A5E-A5788FAC838F}) (Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.331 - ArcSoft)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avira (HKLM-x32\...\{4BC31208-EC3B-453B-8819-6B81AE3EC153}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{caade1ea-26aa-4e8f-a4f0-59cf0c0e91a5}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2005.1866 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.33.3.30309 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.28.9397 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (HKLM-x32\...\WT089453) (Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.0.2282.0 - Microsoft Corporation)
Bing Bar Platform (HKLM-x32\...\{77C4850C-3592-4A2F-B652-ACB77A1EF77C}) (Version: 6.0.2282.0 - Microsoft Corporation) Hidden
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CrystalDiskInfo 7.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.1 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.100.35469 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Eurobattle.net (HKLM-x32\...\Eurobattle.net1.26) (Version: 1.26 - Eurobattle.net)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Exodus (HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\exodus) (Version: 1.57.0 - Exodus Movement Inc)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4303 - Hewlett-Packard Company)
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT087361) (Version: 2.2.0.95 - WildTangent) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.8 - Hewlett-Packard Company)
Final Drive Nitro (HKLM-x32\...\WT087362) (Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Video Support Plugin (HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
GoTo Opener (HKLM-x32\...\{8B2D47CC-1558-4939-B27F-41E30530072A}) (Version: 1.0.467 - LogMeIn, Inc.)
GoToMeeting 10.9.1.17359 (HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\GoToMeeting) (Version: 10.9.1.17359 - LogMeIn, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{F8C604AC-1939-4B74-B847-CB59417F1FF2}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{5DCA44EB-03F6-44A3-A294-F3E5DE98D7F6}) (Version: 4.4.10.1 - Hewlett-Packard Company)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP HD Webcam [Fixed] (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.4.07 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.4.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{D1C6B636-5578-4A9E-ACCF-2AFA5F166335}) (Version: 2.0.6.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.00.888 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{3F437675-F102-4866-BDE1-FFFC7B45EC0B}) (Version: 3.1.2.10229 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D82ABA2F-492B-440F-A9BC-12331B17EEA9}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{A806B71B-00A4-4BFC-9476-3CBEFBE440E5}) (Version: 12.8.37.11 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
Chuzzle Deluxe (HKLM-x32\...\WT089454) (Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6428.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
KaM - The Peasants Rebellion (HKLM-x32\...\KaM - The Peasants Rebellion) (Version: - )
KaM Remake Full r6720 (HKLM-x32\...\{FDE049C8-E4B2-4EB5-A534-CF5C581F5D32}_is1) (Version: - )
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mozilla Firefox 76.0.1 (x64 sk) (HKLM\...\Mozilla Firefox 76.0.1 (x64 sk)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 76.0.1.7432 - Mozilla)
Mystery P.I. - The London Caper (HKLM-x32\...\WT089299) (Version: 2.2.0.95 - WildTangent) Hidden
Obrázkový slovník nemecko-slovenský (HKLM-x32\...\Obrázkový slovník nemecko-slovenský) (Version: 1.00 - Naumann & Goebel)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenTTD 1.9.1 (HKLM-x32\...\OpenTTD) (Version: 1.9.1 - OpenTTD)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.26 - PDF Complete, Inc)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.1 - pdfforge GmbH)
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\WT087501) (Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company)
PX Profile Update (HKLM-x32\...\{80C45B94-2BA0-8E23-95A7-8A9FCD836EFD}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{DB94388C-62E9-570D-2BD6-90864F7E1282}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.209 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
SaxoTrader (HKLM-x32\...\{49C14B93-58AD-4178-B52C-750D54CE618D}) (Version: 2.158.42.0 - Saxo Bank)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.26.012 - Portrait Displays, Inc.) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.12.23 - Meltytech, LLC)
Skype™ 5.1 (HKLM-x32\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.1.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{EFE3D683-903C-4B58-AB8F-C68C69F33758}) (Version: 4.5.3.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19.4 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company)
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Warcraft III) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
World Cup Cricket 20-20 (HKLM-x32\...\WT089451) (Version: 2.2.0.95 - WildTangent) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (HKLM-x32\...\{8DC069E7-893C-41E1-9442-DE89FEC33371}) (Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (HKLM-x32\...\WT089455) (Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Minmi\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-06] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-06] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-06] (WinZip Computing -> WinZip Computing, S.L.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-07-16] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [74752 2011-08-29] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2011-01-12 20:11 - 2011-01-12 20:11 - 000008192 _____ ( ( ) [File not signed]) [File is in use ] c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\Interop.HPQWMIEXLib.dll
2011-09-12 18:03 - 2011-09-12 18:03 - 000007168 _____ ( ( ) [File not signed]) [File is in use ] C:\Program Files\Hewlett-Packard\HP Power Assistant\SDKCOMServerLib.dll
2011-01-31 20:54 - 2011-01-31 20:54 - 000008192 _____ ( ( ) [File not signed]) [File is in use ] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\Interop.HPQWMIEXLib.dll
2011-08-23 15:06 - 2011-01-13 03:56 - 000058880 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-09-12 18:02 - 2011-09-12 18:02 - 001083392 _____ ( () [File not signed]) [File is in use ] C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2011-01-12 20:11 - 2011-01-12 20:11 - 001040384 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTHostServices.dll
2011-01-12 20:12 - 2011-01-12 20:12 - 000086016 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTStrings.dll
2011-01-31 20:53 - 2011-01-31 20:53 - 000151552 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomain.dll
2011-01-31 20:54 - 2011-01-31 20:54 - 001044480 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTHostServices.dll
2011-01-31 20:55 - 2011-01-31 20:55 - 000081920 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTStrings.dll
2011-09-12 18:02 - 2011-09-12 18:02 - 000869888 _____ ( (HP) [File not signed]) [File is in use ] C:\Program Files\Hewlett-Packard\HP Power Assistant\HP.SupportFramework.dll
2018-03-26 13:58 - 2018-03-26 13:58 - 000112128 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:\windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000384128 _____ ( (Qualcomm Atheros -> ) [File not signed]) [File is in use ] C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-02-01 09:42 - 2013-02-01 09:42 - 002035712 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 000126976 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 000141824 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2013-02-01 09:43 - 2013-02-01 09:43 - 001945600 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 002863104 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-01 10:39 - 2013-02-01 10:39 - 003401216 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2013-02-01 10:15 - 2013-02-01 10:15 - 000053248 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-01 10:12 - 2013-02-01 10:12 - 003092480 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2013-02-01 10:14 - 2013-02-01 10:14 - 002830336 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2011-01-31 20:54 - 2011-01-31 20:54 - 000107008 _____ () [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-09-17 16:13 - 2011-05-28 22:05 - 000164864 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2018-12-24 18:17 - 2018-12-24 18:17 - 000169984 _____ () [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\997d4e13343128a1e06c318c34b75cd4\IsdiInterop.ni.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 001412608 _____ () [File not signed] C:\windows\system32\LIBEAY32.dll
2011-08-23 15:06 - 2011-01-17 21:19 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 002792960 _____ (Apache Software Foundation) [File not signed] C:\windows\system32\xerces-c_3_0.dll
2015-01-15 00:42 - 2013-10-28 19:14 - 000440320 _____ (Atheros) [File not signed] C:\windows\system32\athihvs.dll
2010-11-25 23:21 - 2010-11-25 23:21 - 004899328 _____ (Cogent Systems Inc.) [File not signed] C:\windows\system32\CgtFace_Dll.dll
2011-02-15 00:28 - 2011-02-15 00:28 - 000187016 _____ (Cogent Systems, Inc. -> Cogent Systems, Inc.) [File not signed] C:\windows\system32\BSWAuthImp.dll
2011-02-15 00:03 - 2011-02-15 00:03 - 000033928 _____ (Cogent Systems, Inc. -> TODO: <Company name>) [File not signed] C:\windows\system32\OEMComponentProvider.dll
2011-02-12 05:04 - 2011-02-12 05:04 - 000514560 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\KEYLIB64.dll
2011-02-12 05:04 - 2011-02-12 05:04 - 000495616 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\SKCA64.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000916992 _____ (Free Software Foundation) [File not signed] C:\windows\system32\iconv.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000044544 _____ (Free Software Foundation) [File not signed] C:\windows\system32\intl.dll
2011-02-07 20:43 - 2011-02-07 20:43 - 005263872 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
2018-12-24 18:17 - 2018-12-24 18:17 - 000014336 _____ (Intel Corp.) [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e8e5ccab88b15ab97e5f4d0c2e1b3be3\IAStorCommon.ni.dll
2011-08-23 15:06 - 2011-01-17 21:14 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-08-23 15:06 - 2011-01-13 03:52 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2018-12-24 18:17 - 2018-12-24 18:17 - 000218624 _____ (Intel Corporation) [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\18ee2072678f5f49077c164710f6cd3d\IAStorDataMgr.ni.dll
2018-12-24 18:17 - 2018-12-24 18:17 - 000475648 _____ (Intel Corporation) [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2e9abe11b5b3db1c04347520bac24a0b\IAStorUtil.ni.dll
2013-07-14 13:19 - 2013-07-14 13:19 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2013-07-14 13:19 - 2013-07-14 13:19 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2017-04-04 22:11 - 2017-04-04 22:11 - 000115200 _____ (pdfforge GmbH) [File not signed] C:\windows\System32\pdfcmon.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000253056 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvSdkDll.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000070784 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CombineAgent.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000202368 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000085632 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GattI.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000124544 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2012-09-14 12:42 - 2012-09-14 12:42 - 000083072 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000035456 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000063104 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ModuleManager.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 001067648 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutlookLib.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000130176 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000098944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.dll
2012-09-14 12:38 - 2012-09-14 12:38 - 000195584 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000161792 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000177152 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BIP\BIP.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000018432 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\DID\DId.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000036352 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FAX\Fax.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000421376 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000088064 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2012-09-14 12:36 - 2012-09-14 12:36 - 000096768 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\goep\goep.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000029696 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000091136 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000303616 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\LE\LE.dll
2012-09-14 12:36 - 2012-09-14 12:36 - 000181248 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\ObjPush.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000065024 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000066560 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\pbap\pbap.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000063488 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000097280 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\sap\sap.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000087552 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2012-09-14 12:38 - 2012-09-14 12:38 - 000055296 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\spp\spp.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000064512 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Sync\Sync.dll
2011-01-11 22:04 - 2011-01-11 22:04 - 000599552 _____ (Symantec) [File not signed] C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\evolveo_mars_win7_win8_cd_rom.zip:$CmdTcID [64]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-10-12 21:14 - 000000098 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\Program Files (x86)\AMD APP\bin\x86_64;c:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Intel\Services\IPT\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Minmi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: File Sanitizer => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
MSCONFIG\startupreg: Google Update => C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
MSCONFIG\startupreg: HP HD Webcam [Fixed]_Monitor => C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: QLBController => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EFE78C0F-A8D4-4891-95B5-64FF6E45F2C9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}] => (Allow) LPort=2869
FirewallRules: [{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}] => (Allow) LPort=1900
FirewallRules: [{A749F252-2377-4E66-BC22-22EA685CFD7C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies SA -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BE05EFDD-D899-4D70-B847-0A22AF815D9D}C:\hry\warcraft iii\war3.exe] => (Allow) C:\hry\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{11D42AB1-9E99-4FCD-AB16-23732A8FEA32}C:\hry\warcraft iii\war3.exe] => (Allow) C:\hry\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{B7DFEA63-62DF-4063-8EAA-924C9F1513F2}C:\hry\cs 1.6 v48\hl.exe] => (Block) C:\hry\cs 1.6 v48\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{2DC031EA-A41C-40DE-9742-4F7C3F09F3D1}C:\hry\cs 1.6 v48\hl.exe] => (Block) C:\hry\cs 1.6 v48\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{5B4D12FC-6293-4986-AC64-A89B5841D848}C:\hry\cs 1.6 v48\hl.exe] => (Allow) C:\hry\cs 1.6 v48\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{C0548085-F04A-4F9F-B205-E78770DA1A91}C:\hry\cs 1.6 v48\hl.exe] => (Allow) C:\hry\cs 1.6 v48\hl.exe (Valve) [File not signed]
FirewallRules: [{92484929-D351-41E5-98CB-63FF1EC0A369}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DDBBBD96-FDEC-47AB-AE75-78AB549EF3A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4BCF1869-D20A-44D0-98FF-97E640FDAEE5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AC2E131A-8AA9-493D-87E8-B1CAF60B3B37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EA099976-2512-4E2F-A20E-0BD3C9536CE6}] => (Allow) C:\Hry\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{DACEE047-046B-49B8-BCF7-1CAA40BEE5BC}] => (Allow) C:\Hry\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{A953BAB6-5671-48EF-945D-36C6887C08E6}] => (Allow) C:\Hry\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{F4F223C1-004B-453B-BF5E-99B0544D3098}] => (Allow) C:\Hry\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{0C44A714-256E-414E-8F5B-507BC2E4ECEC}C:\hry\hearthstone\hearthstone.exe] => (Allow) C:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{7A18FDFD-F8AC-490C-B39B-C58945ADD290}C:\hry\hearthstone\hearthstone.exe] => (Allow) C:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{0B0A5256-3EBC-4495-A6FE-993BDB2F61CD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E3D2CD63-0200-448F-92FC-6FBDAEC30086}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{A2B98606-9DA2-4C62-BC0E-975D15A35715}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{033C17D9-41E3-4CB0-A6AD-2FD81BA8F7B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{984EC91A-43E2-46E6-9ED0-614CA1805BB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{4FB367D7-AA2F-48A6-B18D-AE3E8AE88E75}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{222C57A9-EDAD-4831-9138-D7E75CBABA8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{214F05D0-1CE7-4EA9-9BBC-FEF571DAA4E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{CB8B075D-54AD-4B25-A1BE-FE8AAD93B3EC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3A5BB36B-C58E-4105-861A-55D1148E56AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BE329F50-93E0-4219-98F2-858E0A7B6D77}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{69207AC7-91DB-441F-86EA-6B33A4A8F9E3}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{96A48AC2-6FF6-44E5-8487-08F651E2DDBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{A0F159AF-5172-4C02-BD2D-09C9905D0AC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{39FACD69-E29B-445A-B68D-5BCE7793CCBB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6BD1499C-5111-4246-8A95-462C58EB56B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{78D615BF-BA35-4A73-A610-A0DEF5E69A1E}C:\kam remake\kam_remake.exe] => (Allow) C:\kam remake\kam_remake.exe () [File not signed]
FirewallRules: [UDP Query User{61F096FE-F9BA-4086-9B1A-F043B8F37638}C:\kam remake\kam_remake.exe] => (Allow) C:\kam remake\kam_remake.exe () [File not signed]
FirewallRules: [{4031375A-6425-48BF-9891-CE7A925241A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe (Obsidian Entertainment, Inc. -> Obsidian Entertainment, Inc.)
FirewallRules: [{1F1647FB-50F2-42D8-8B32-B8C3C02DE043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe (Obsidian Entertainment, Inc. -> Obsidian Entertainment, Inc.)
FirewallRules: [{D844EEFF-C402-4C5F-97A8-684E280C193D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe (Valve -> )
FirewallRules: [{8A860689-EEC3-44DD-8AD4-D4CBE1CCA39B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe (Valve -> )
FirewallRules: [{A30ACEED-BF89-439D-8579-75BAD82C91AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1E056E71-BF85-41EA-B286-57006B9634B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F5562AAD-C77B-4898-AC03-D9DD89259BA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B13E329D-2FC8-455B-8732-4BFFE85357E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E6DEEFF7-E14D-406A-A927-59E5017E9D36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{936E88D4-60B9-4364-933C-7CBE1FBC051E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E895A3CB-9BF9-42BC-BBF9-3A5C43732F14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E728726E-EC26-448A-B90D-9A6469072A7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{347CC175-6CC7-421D-8AA5-6254C026C540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{12F6E5CC-B1BB-43CB-A79A-C64A687C31B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{70FFE59C-4884-4C7E-AEB1-AAC0F489FD38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{624CA68B-273C-4913-A3C9-CF41DF7B3A4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{46F5A7DE-A713-482F-8795-43A1CAACF558}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{FB4D0B8B-66C6-4B1B-B443-A8190DE24F6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{84E8B929-6935-4129-9069-948F7B31BEC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BB162B28-EE2D-4BDB-B0D8-79BB8D3C2531}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{79808DA2-720F-47E4-BCA3-AA5BC931E101}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C080EEE0-EEE3-495B-BC41-6369BB63695D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F52F5FB7-D88E-4B9C-ABFD-DB3977AD1742}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7390C2FB-793D-4972-88CE-4F00A186AF9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6AF5A679-5FF7-4BDC-B206-AA668BE99717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5119FB93-295E-4494-B60C-084AD209726C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E1FEDCEE-273C-45DE-B518-A0384D3E8633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{85173B7F-0926-4D43-A988-F2E60A4E9B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DBEFFC5E-AF0B-4474-B6A9-A79D6B045127}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3669386A-9F69-4441-9B0C-5B5EC0C686F7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CC6E16EC-9EFC-427B-8930-9EC382130FAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0D5AC157-3A4C-48D6-9AD0-6FA1B07C8F02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C063D4C8-B638-4065-935B-0A1FE2B778E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F43D30D7-63DE-41E7-913F-50D632ECC8BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F9E8203E-9606-411A-94AB-C7EA4CCECC88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2D371623-239E-4806-907D-52C0BD3ABC9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2D65EE70-D74D-4F30-AFA3-D4E0D85F2D02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C6A9CC55-1962-4B3F-A5A6-F2C0372D744A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0889158B-C76E-415D-9C0A-85ED6464CF92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7527C00D-16FB-4184-8F01-F6146FE76FEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{51218AAD-D2B7-42D1-AC50-0F0AC4008E88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{924B9BC0-8D0A-494E-97D8-DD44E1D245DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{3FF6AB93-D305-4852-A563-3DB291C61377}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{FA6ACD2B-FC91-418A-A2EE-46298093C24A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8487EE31-CB9C-4BF5-A9ED-202456394517}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{72A4861A-23AF-45D1-A340-49CF463A8D74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6F1D9C88-FF86-4D56-B3E1-B79C64DEF07D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{386BEC0C-25B2-43C2-BBD6-FF9437372EA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6B94AD25-0B82-4C05-9C61-9FB8CEDF620C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{693DB0F0-4494-4DF6-8973-00E91F342680}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B65DDDBC-D42F-4F30-976F-CB836C3B6DF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1F552CC6-BFF8-4E0E-B9E2-166A00923C07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{43AF9BF4-EE52-48ED-82A1-0A1E855FCE6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BE44BEE2-4CB0-4D39-917A-13FFE85D627B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F1E95C54-4099-4113-B5F1-84838AE121AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7696AF79-403E-49E0-B7D3-685275468B42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [TCP Query User{26E36370-C00E-43A5-86DC-A0455C5C0670}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [UDP Query User{004BE8C4-FCEB-46CF-802B-BB7FEE319DE0}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [TCP Query User{9812156E-795C-4461-8B16-2F4B99EEA9B9}C:\kam remake\kam_remake.exe] => (Allow) C:\kam remake\kam_remake.exe () [File not signed]
FirewallRules: [UDP Query User{9D6D8813-24E3-4DF5-B7E7-1A9C0C53BD0D}C:\kam remake\kam_remake.exe] => (Allow) C:\kam remake\kam_remake.exe () [File not signed]
FirewallRules: [{7CD3BEC0-F7D6-4050-BFCB-C97A876389BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5D862453-877B-410A-9CDD-B9564C2F8FB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9D23AB33-C1BF-452B-A310-571F352EBFFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{97A6F3EE-F6B0-4F4A-9E3F-074FC82316FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{888A938F-100E-4BC4-AAFD-7D144A351059}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2459EA01-CF23-4996-BA2D-D64B9CBE3437}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6A6AE778-F756-4B9B-8FCC-53E22B9F926E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9DE573B9-35B5-4908-A7F4-AA8025B5AAF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2D0F7B1E-DDAF-41C3-A292-50C0977A036D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{63502293-86BA-40D3-B237-3AF9C9E43742}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{355F0E36-091A-4F1E-BB4E-E7B48CA003E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{62EF6E36-BD84-4846-9397-2B9B139786E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{CF09C674-D2F5-4968-B4F7-A0F8207B0D18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2F6C346A-0C8A-41B2-B154-4787F5BCED8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D1E9BDBF-FD0F-4409-9AF0-BC777047D4E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9EDDCAF4-ADC0-442D-8E40-006E00D32798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{75D5AD7C-825C-4C68-8BC6-8A0DFC7FF540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BE807C1E-B203-4649-BFE1-6152E5D56EA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6185212C-6046-4293-BDC2-4CDBF579BCEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DC17EA17-7908-413B-9783-393705BDC0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2E96D055-55D9-4594-91A6-9EEB31CA99D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{91A9F2B4-75FF-43C5-ABB2-B1EE05C2B3CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8C27D7E2-0624-45FA-A039-D027DFEFC414}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9055979B-01B8-4949-B001-A32BAAC32DDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7E068A34-078F-4472-9ECF-7DE9B78A7203}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{3064032E-76AD-444A-B699-9C2D1FF71125}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D2CFE1A2-8385-4282-B14C-6BC3060A7A11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{163FDABF-93DD-4FC0-90BB-46F90B032F79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C86EDA4B-846E-4DD8-B018-04EC2AB78ACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{95ADD888-49A6-4C6C-88D0-366DC18967F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8826DDD7-2D13-4622-9C69-DD9ED444AE4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{AEDE9657-E187-46DD-AE63-95C6A12E17CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7C297924-7071-4A5F-9C4A-E5353F342816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{246F27B4-103F-42D3-B78A-0686A8A71A23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{721B4BCD-6BB1-4836-A7BB-9E0F20CE97AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{AD22E5E6-E392-4A41-83C9-B515EB4919E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9CF7B764-2C66-45EF-8F0B-20FEB076347D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DF4BBEE1-F0AA-434D-B0AB-EC68DFC2D7CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{44FCF4B5-F84A-4246-92EF-B41623CC4695}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B5A4BD48-6609-43A4-B697-847DF55CF297}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{21C0969D-6E31-4ADE-8B45-713C055CDADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{06594C41-F943-47EE-B5DF-D94A5EDE93EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{844BA947-EC9E-49C2-A48D-3D98E482AC7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D869D51F-BB2B-47E9-923C-B2F2C455DEE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C8474475-37D3-41F2-9093-E00F2DC7EFFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9B702D33-4DB7-4B50-B492-CB50542B9FC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{AF98FED6-E7BA-4278-A523-70106F01DE23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B800083A-1CDD-46EA-B604-F6DB442F0D23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{886384F9-00A1-4267-B1A8-0AEF511FE56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{AC56C69E-061D-49C2-9C9D-01CD3F705218}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B91202E5-0D8B-4871-A3F2-7A3ED4A485B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2498B7B3-CEAF-4BB7-BEB1-432D95E306E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6FB2589F-7EEC-46DD-87FA-24828BD081AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0E2930B3-7A28-415F-A7E7-AC08DA095C1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4898CF7A-76D6-41A0-AA5E-0152D381B40F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C7C75E42-F75E-49C7-B0BB-7CEF5D009E8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5925F856-CD73-4BDB-AFD1-09FF3E88E601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{83288C4D-B950-4492-BBAC-EB60C97CC556}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9A8BFF67-2B56-437C-885D-39F953909656}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{06D82CA7-891E-4C71-A404-A9E37EB343E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B04371F2-F9C7-4C42-A222-FD62034E6975}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{958B2441-09CE-4B5B-B6D0-B16CD821600E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{07254F21-5D97-4038-BC10-866B922B963F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8F07566C-5DB3-4FB9-AE33-AA3DB4C9EA69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4921D4A6-A5CB-4F6D-9931-7E991B4A7869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{705070CC-FFF9-4FDB-851F-938305E44179}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B0ED5336-E917-42DE-A448-E33B659F80D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0A257051-4AB4-44AD-93A5-47058B9BE496}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C0C3EF2C-DF3B-4633-BA70-750D4E94D0F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6122A5BE-0E74-4906-8829-03AE0D96A834}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{249142A7-1FB7-4A8B-BB2E-DAA28483EA0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BE1F9679-BE88-49FB-BCF4-FCCA94F092B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{28D085FF-8241-4A6F-89E6-9B1221B73B7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2CE0E1A4-490A-466E-A07D-6680B2D66255}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7507B140-6A5B-4CC6-B063-6DCBC2FA2C32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{98D920B2-0D20-472C-8D5F-BC6B20F1D754}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1D50830A-B118-4952-BCFF-D5DAF3DCB242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F3A4B0F2-0C03-48C2-ACEE-37178DABA129}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{FFDA6172-E93F-49C2-BD58-A2E3A42F5DDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E9DD68D6-BC4F-47B0-BD5F-DC63E2AFA319}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8FC83620-9264-463F-B7DE-9330D2601D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D714503D-36B2-43BC-B2A4-CD2603E4FF62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B3C2FECA-31A4-445A-A532-B623379D2AD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6140265F-9B6A-49A9-910C-963BB9A53F24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E68C0930-EE3B-40B6-8692-C7A5A2B24216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9045AECC-64F3-485E-B1B8-A21FE0FF717D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{012B452C-20D1-4FB5-96DD-0719BA3372F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{80915A45-1C57-4B7C-8675-E30B9547DFAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DA324233-33EF-4AAC-B46B-0795ABD97F0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D8200021-9F5A-492C-9635-D8EFC5C28A6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1166166D-6F4B-4D06-A3FE-97191793056F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D0F2CF6B-662F-41F3-B766-F87B456F3AF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{285B1025-03E7-4C99-8A8E-14D8F8ECE876}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E1B600F6-71E8-4FFA-8F8F-16DCE6C574D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5AC84B69-C057-478A-841E-2BEF4E42659E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F6630ABF-4274-4670-8408-B6923C812B23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{CF1BA89E-FB17-43AB-B832-C0AFD687B066}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B6C9C1CC-0E44-4861-94F1-C2AF40BFAE32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BE7B276E-9EEE-4C8F-B63D-6F5B0881B7C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B63269A5-69A7-43DE-A9DE-B866273B73E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{782B1834-F52C-4ECE-A66A-6CA91CF3F95F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9997339A-8B8B-42EF-B257-E8879C8FF4ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7FF35290-D087-40A4-96A3-8FBF37EF91B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6DB41820-0348-4412-A542-ED1A6F91607F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [TCP Query User{8CDC1AFA-EAE0-477E-9A45-C093D6E09743}C:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{D92F469A-0B80-4D35-AB37-40563D2FED01}C:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{BC54A1CD-4E96-43C9-96E2-BB42C3893BC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C9E80B5E-464E-473C-B2E3-D4740DCF7E98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [TCP Query User{BAF31AD2-B999-409D-9A3D-019DEBA5F88F}C:\hry\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Block) C:\hry\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{3DA4075E-A57F-4E06-B9B1-CF6489FD9047}C:\hry\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Block) C:\hry\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E591B0FB-95BA-4E0E-B753-C2157EBBCFBD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{B1877396-2801-49A9-A13A-99BF749CE4D7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{FD432167-C979-416B-A21C-15A0217A04CC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/15/2020 09:20:01 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/15/2020 09:20:01 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/15/2020 05:18:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

Error: (05/15/2020 12:49:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Avira.ServiceHost.exe, verzia: 1.2.146.25871, časová značka: 0x5eb52788
Názov chybového modulu: KERNELBASE.dll, verzia: 6.1.7601.24308, časová značka: 0x5be85d6b
Kód výnimky: 0xe0434352
Odstup chyby: 0x0000c54f
Identifikácia chybného procesu: 0xef0
Čas spustenia chybnej aplikácie: 0x01d62a117e130d7e
Cesta chybnej aplikácie: C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
Cesta chybného modulu: C:\windows\syswow64\KERNELBASE.dll
Identifikácia hlásenia: bdf13347-9699-11ea-b9ba-d0df9a83b246

Error: (05/15/2020 12:49:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Net.Sockets.SocketException

Exception Info: System.Exception
at SuperSocket.ClientEngine.TcpClientSession.DetectConnected()
at SuperSocket.ClientEngine.TcpClientSession.Send(Byte[], Int32, Int32)
at WebSocket4Net.Protocol.DraftHybi10Processor.SendHandshake(WebSocket4Net.WebSocket)
at WebSocket4Net.WebSocket.OnConnected()
at WebSocket4Net.WebSocket.client_Connected(System.Object, System.EventArgs)
at SuperSocket.ClientEngine.ClientSession.OnConnected()
at SuperSocket.ClientEngine.SslStreamTcpSession.OnAuthenticated(System.IAsyncResult)
at System.Net.LazyAsyncResult.Complete(IntPtr)
at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
at System.Net.Security.SslState.FinishHandshake(System.Exception, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(System.Net.Security.ProtocolToken, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[], System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(System.Net.Security.ProtocolToken, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.ReadFrameCallback(System.Net.AsyncProtocolRequest)
at System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
at System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
at System.Net.LazyAsyncResult.Complete(IntPtr)
at System.Net.ContextAwareResult.CompleteCallback(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Net.ContextAwareResult.Complete(IntPtr)
at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (05/14/2020 11:24:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Avira.SystemSpeedup.Maintenance.exe, verzia: 6.4.1.10871, časová značka: 0x5e32ea26
Názov chybového modulu: clr.dll, verzia: 4.7.3260.0, časová značka: 0x5bb7bcb7
Kód výnimky: 0xc0000409
Odstup chyby: 0x002f8ca9
Identifikácia chybného procesu: 0x1d08
Čas spustenia chybnej aplikácie: 0x01d62a360e47c696
Cesta chybnej aplikácie: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta chybného modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Identifikácia hlásenia: 4d5b9257-9629-11ea-b9ba-d0df9a83b246

Error: (05/14/2020 10:53:03 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

Error: (05/14/2020 09:35:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).


System errors:
=============
Error: (05/15/2020 09:15:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby hpqwmiex bol dosiahnutý časový limit (30000 ms).

Error: (05/15/2020 09:12:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Avira Phantom VPN bol dosiahnutý časový limit (30000 ms).

Error: (05/15/2020 09:10:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (05/15/2020 09:10:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (05/15/2020 09:09:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (05/15/2020 09:08:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Authentication Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (05/15/2020 09:08:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Security sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (05/15/2020 09:08:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP DayStarter Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Windows Defender:
===================================
Date: 2017-10-28 15:07:13.542
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{4CE1D91F-9983-4E2E-8E78-7077EEBCEFA9}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2017-10-28 15:07:10.500
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{599A30AF-F83E-4B4C-9E22-8BE90CA0A209}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

==================== Memory info ===========================

BIOS: Hewlett-Packard 68SRR Ver. F.61 04/22/2016
Motherboard: Hewlett-Packard 167C
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 90%
Total physical RAM: 4030.36 MB
Available physical RAM: 370.54 MB
Total Virtual: 8058.86 MB
Available Virtual: 3201.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:574.02 GB) (Free:13.98 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:16.85 GB) (Free:2.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.1 GB) FAT32

\\?\Volume{0982d8b6-cd87-11e0-a3e5-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 9FD8FEA1)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=574 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventívka

#7 Příspěvek od Diallix »

Mate nainstalovane dva antiviry, Aviru a McAfee. Doporucujem Aviru ponechat a McAfee odinstalovat.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Start::
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Minmi\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
AlternateDataStreams: C:\evolveo_mars_win7_win8_cd_rom.zip:$CmdTcID [64]
FirewallRules: [{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}] => (Allow) LPort=2869
FirewallRules: [{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}] => (Allow) LPort=1900
FirewallRules: [{984EC91A-43E2-46E6-9ED0-614CA1805BB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{4FB367D7-AA2F-48A6-B18D-AE3E8AE88E75}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{26E36370-C00E-43A5-86DC-A0455C5C0670}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [UDP Query User{004BE8C4-FCEB-46CF-802B-BB7FEE319DE0}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [{E591B0FB-95BA-4E0E-B753-C2157EBBCFBD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{B1877396-2801-49A9-A13A-99BF749CE4D7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{FD432167-C979-416B-A21C-15A0217A04CC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [Google Update] => C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\MountPoints2: {79637908-f198-11e0-acbe-d0df9a83b246} - D:\SETUP.EXE
Task: {AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

EmptyTemp:

End:: 

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

----

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Minmi
Návštěvník
Návštěvník
Příspěvky: 176
Registrován: 07 bře 2009 22:18

Re: Preventívka

#8 Příspěvek od Minmi »

Prikladám log. Akurát pozerám, že mi to vymazalo históriu prehliadania vo Firefoxe :(


Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Minmi (15-05-2020 22:31:29) Run:1
Running from C:\Users\Minmi\Desktop
Loaded Profiles: Minmi
Boot Mode: Normal
==============================================

fixlist content:
*****************
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Minmi\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
AlternateDataStreams: C:\evolveo_mars_win7_win8_cd_rom.zip:$CmdTcID [64]
FirewallRules: [{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}] => (Allow) LPort=2869
FirewallRules: [{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}] => (Allow) LPort=1900
FirewallRules: [{984EC91A-43E2-46E6-9ED0-614CA1805BB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{4FB367D7-AA2F-48A6-B18D-AE3E8AE88E75}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{26E36370-C00E-43A5-86DC-A0455C5C0670}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [UDP Query User{004BE8C4-FCEB-46CF-802B-BB7FEE319DE0}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [{E591B0FB-95BA-4E0E-B753-C2157EBBCFBD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{B1877396-2801-49A9-A13A-99BF749CE4D7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{FD432167-C979-416B-A21C-15A0217A04CC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [Google Update] => C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\MountPoints2: {79637908-f198-11e0-acbe-d0df9a83b246} - D:\SETUP.EXE
Task: {AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
EmptyTemp:

*****************

HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F} => removed successfully
C:\evolveo_mars_win7_win8_cd_rom.zip => ":$CmdTcID" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{984EC91A-43E2-46E6-9ED0-614CA1805BB8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FB367D7-AA2F-48A6-B18D-AE3E8AE88E75}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{26E36370-C00E-43A5-86DC-A0455C5C0670}C:\hry\battle.net\battle.net.8180\battle.net.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{004BE8C4-FCEB-46CF-802B-BB7FEE319DE0}C:\hry\battle.net\battle.net.8180\battle.net.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E591B0FB-95BA-4E0E-B753-C2157EBBCFBD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1877396-2801-49A9-A13A-99BF749CE4D7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD432167-C979-416B-A21C-15A0217A04CC}" => removed successfully
"HKU\S-1-5-21-2934419145-1383663255-327153009-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update" => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79637908-f198-11e0-acbe-d0df9a83b246} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 47529966 B
Java, Flash, Steam htmlcache => 408291066 B
Windows/system/drivers => 274705909 B
Edge => 0 B
Chrome => 0 B
Firefox => 1075959318 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 124310 B
Minmi => 1094765884 B

RecycleBin => 234309 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:35:56 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventívka

#9 Příspěvek od Diallix »

Ano, prikaz maze historie, a docasne subory. Ja sa vam velmi ospravedlnujem, ak som vam tym nieco skomplikoval. Mrzi ma to. Mozete mi, prosim, povedat, ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Minmi
Návštěvník
Návštěvník
Příspěvky: 176
Registrován: 07 bře 2009 22:18

Re: Preventívka

#10 Příspěvek od Minmi »

Ah, to ste ma nepotešil :( Škoda že som si predtým neskopíroval profil firefoxu, posledný mám zálohovaný ale spred 2 mesiacov. Napadá ma ešte Recuva, len neviem aký súbor by to bol, resp. či vôbec bol vymazaný, alebo len upravený.

Čo všetko sa tým vymazalo - temporary files a histórie z prehliadačov, alebo ešte niečo? Snáď časom neprídem na nejaké prekvapenie :)

Inak PC vyzerá byť ok, po tom FRST fixe sa mi zdá trochu dlhšie nabiehalo a bola tam čierna obrazovka kým naskočila plocha a všetky ikony. McAfee som v liste programov nenašiel, nemôže to byť nejaký pozostatok iba? Nie som si vedomý, že by niekedy bolo na PC.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventívka

#11 Příspěvek od Diallix »

Prikaz zmazal nasledovne data:
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 47529966 B
Java, Flash, Steam htmlcache => 408291066 B
Windows/system/drivers => 274705909 B
Edge => 0 B
Chrome => 0 B
Firefox => 1075959318 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 124310 B
Minmi => 1094765884 B

RecycleBin => 234309 B
EmptyTemp: => 2.7 GB temporary data Removed.

Odstratime zvysky McAfee:


Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Start::
CloseProcesses:
CreateRestorePoint:
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)

End::
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Minmi
Návštěvník
Návštěvník
Příspěvky: 176
Registrován: 07 bře 2009 22:18

Re: Preventívka

#12 Příspěvek od Minmi »

Zdravím,

posielam log. Čo som vygooglil, tak Firefox ukladá históriu a záložky v súbore places.sqlite. Keďže to vymazalo iba históriu a nie záložky, tak usudzujem, že to ten súbor nevymaže, ale iba upraví a teda žiadny súbor na recovernutie tam nie je. Tak som nakopíroval ten places.sqlite z poslednej februárovej Firefox zálohy a mám históriu naspäť, odvtedy sa na tomto PC zas toľko nového nerobilo, takže celkom pohoda :)


Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Minmi (17-05-2020 21:16:25) Run:2
Running from C:\Users\Minmi\Desktop
Loaded Profiles: Minmi
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)

*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\System\CurrentControlSet\Services\McAfee Endpoint Encryption Agent => removed successfully
McAfee Endpoint Encryption Agent => service removed successfully
MfeEpeOpal => Unable to stop service.
HKLM\System\CurrentControlSet\Services\MfeEpeOpal => removed successfully
MfeEpeOpal => service removed successfully
HKLM\System\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\\UpperFilters MfeEpeOpal => value removed successfully
MfeEpePc => Unable to stop service.
HKLM\System\CurrentControlSet\Services\MfeEpePc => removed successfully
MfeEpePc => service removed successfully
HKLM\System\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\\UpperFilters MfeEpePc => value removed successfully


The system needed a reboot.

==== End of Fixlog 21:18:22 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventívka

#13 Příspěvek od Diallix »

Ste sikovny :]]

Zbytky zmazalo v pohode :]] malo by to byt ok.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Minmi
Návštěvník
Návštěvník
Příspěvky: 176
Registrován: 07 bře 2009 22:18

Re: Preventívka

#14 Příspěvek od Minmi »

Super, vďaka :thumbsup:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventívka

#15 Příspěvek od Diallix »

Za malicko :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno