VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventívka

https://forum.viry.cz:443/viewtopic.php?t=157124

Stránka 1 z 2

Preventívka

Napsal: 15 kvě 2020 13:23
od Minmi
Zdravím,

mohol by som poprosiť o preventívnu kontrolu? Avira hlásila nejaký blok k sdclt.exe ako HEUR/AGEN.1130721

Vďaka :)


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by Minmi (administrator) on MINMI-HP (Hewlett-Packard HP ProBook 4530s) (15-05-2020 13:44:28)
Running from C:\Users\Minmi\Desktop
Loaded Profiles: Minmi
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
() [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Development Company, L.P) [File not signed] C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>
(PDF Complete Inc. -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-09-08] (IDT, Inc.) [File not signed]
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] () [File not signed]
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2945080 2011-09-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [Google Update] => C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\MountPoints2: {79637908-f198-11e0-acbe-d0df9a83b246} - D:\SETUP.EXE
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> c:\Windows\system32\DPLic.dll [2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1542298A-FA93-4041-8496-BD308149BC9A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759304 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {161C82F6-9CB9-4A6E-ACED-5F21DBBC39CB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {496B3AD7-34F1-4A00-93C7-12E9B27A8363} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {4FA97840-4DB9-4E7A-A95B-2CFB7B8CECB1} - System32\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002 => C:\Users\Minmi\AppData\Local\GoToMeeting\17052\g2mupdate.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {53C0AD5F-987A-4815-B3AF-38B35BC0FDC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {6E65DDDC-4D0B-4F15-9E39-A481A60869AF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-13] (Adobe Inc. -> Adobe)
Task: {9B7F1EB9-26A9-455E-9AA3-BA5B6A380750} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228368 2020-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A8736EC1-29F4-494F-A25F-27F2B61102A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd -> Piriform Ltd)
Task: {AC7E5527-DA18-4FE4-9577-7201A126AA8A} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {B0C66866-0C81-4FEF-9BB7-0F9C6E754448} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [216944 2017-10-11] (HP Inc. -> HP Inc.)
Task: {B45FC13B-F193-4C1D-BC0F-B26139B2377B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-13] (Adobe Inc. -> Adobe)
Task: {C1441E67-95EE-4DB6-996E-C7F0D362D809} - System32\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002 => C:\Users\Minmi\AppData\Local\GoToMeeting\17052\g2mupload.exe [32256 2020-03-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {DA4BF705-9A0A-492F-9496-21CE91B2E253} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {DE9A0307-EA7F-4F25-BAD6-FE1DB7A289D4} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {E130C858-4317-4AA8-B6B2-D0D17A161263} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {E661FF61-1EF0-483E-9A3F-3CC58F6C3325} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [120680 2017-06-22] (HP Inc. -> HP Inc.)
Task: {FE4DB1ED-9C86-4CC1-A43B-1B73E189DFC9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {FF16A45C-E5F7-41E2-BAAE-3D9AF9EFEFED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002.job => C:\Users\Minmi\AppData\Local\GoToMeeting\17052\g2mupdate.exe
Task: C:\windows\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002.job => C:\Users\Minmi\AppData\Local\GoToMeeting\17052\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{22B3E4C8-FE8D-423D-9CF1-7AE1AA67CFD5}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{D21A25A4-1FB0-448D-84D5-6EC191DB4D91}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) [File not signed]
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-04] (Skype Technologies SA -> Skype Technologies)

FireFox:
========
FF DefaultProfile: s1t6q2ot.default
FF ProfilePath: C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default [2020-05-15]
FF user.js: detected! => C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default\user.js [2012-03-29]
FF Homepage: Mozilla\Firefox\Profiles\s1t6q2ot.default -> www.google.sk
FF Extension: (Avira Browser Safety) - C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default\Extensions\abs@avira.com.xpi [2020-05-03]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-05-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [204288 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1209000 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484160 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484160 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [576368 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636264 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383344 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [242448 2020-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-09-08] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation -> Xobni Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 AgereSoftModem; C:\windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
R3 amdkmdag; C:\windows\System32\DRIVERS\atikmdag.sys [10496000 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\windows\System32\DRIVERS\atikmpag.sys [326656 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 ATHDFU; C:\windows\System32\Drivers\AthDfu.sys [55448 2012-08-19] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
R3 athr; C:\windows\System32\DRIVERS\athrx.sys [4022272 2013-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [68152 2019-07-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [222176 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [178720 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [78600 2018-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [35376 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-17] (DT Soft Ltd -> DT Soft Ltd)
R0 hpdskflt; C:\windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [25912 2010-12-03] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [165504 2016-08-05] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R3 phantomtap; C:\windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-02-08] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2611704 2011-01-12] (Sunplus Innovation Technology Inc. -> Sunplus Technology)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt64.sys [543744 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 13:44 - 2020-05-15 13:46 - 000030358 _____ C:\Users\Minmi\Desktop\FRST.txt
2020-05-15 13:43 - 2020-05-15 13:45 - 000000000 ____D C:\FRST
2020-05-15 13:42 - 2020-05-15 13:42 - 002286080 _____ (Farbar) C:\Users\Minmi\Desktop\FRST64.exe
2020-05-14 19:20 - 2020-05-14 19:20 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2020-05-14 01:45 - 2020-05-14 01:50 - 000000000 ____D C:\novy_mobil_zaloha
2020-05-13 22:13 - 2020-05-13 22:13 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-05-13 22:13 - 2020-05-13 22:13 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk
2020-05-13 22:09 - 2020-05-14 19:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 13:10 - 2017-09-13 17:54 - 000000538 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002.job
2020-05-15 13:06 - 2016-11-21 23:12 - 000000000 ____D C:\Users\Minmi\AppData\LocalLow\Mozilla
2020-05-15 13:02 - 2009-07-14 06:45 - 000022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-15 13:02 - 2009-07-14 06:45 - 000022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-15 12:50 - 2018-04-08 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-05-15 00:05 - 2017-09-13 17:54 - 000000634 _____ C:\windows\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002.job
2020-05-14 19:20 - 2012-04-25 01:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-14 19:09 - 2009-07-14 07:13 - 000782470 _____ C:\windows\system32\PerfStringBackup.INI
2020-05-14 19:09 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2020-05-14 19:05 - 2014-08-21 13:42 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-14 19:05 - 2011-05-10 22:10 - 000000000 ____D C:\ProgramData\PDFC
2020-05-14 19:04 - 2011-05-10 22:06 - 000000000 ____D C:\ProgramData\HPQLOG
2020-05-14 19:00 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-05-14 01:00 - 2015-09-08 22:00 - 000145920 _____ C:\Users\Minmi\Desktop\vydavky.xls
2020-05-13 22:21 - 2015-11-09 20:53 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-13 22:15 - 2018-03-13 22:05 - 000004462 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-05-13 22:15 - 2012-05-31 09:49 - 000004312 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-05-13 22:15 - 2012-05-31 09:48 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-05-13 22:15 - 2011-11-28 00:19 - 000000000 ____D C:\windows\system32\Macromed
2020-05-13 22:15 - 2011-09-17 13:03 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-13 22:15 - 2011-05-10 22:11 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-05-13 22:14 - 2018-04-08 16:02 - 000222176 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2020-05-13 22:14 - 2018-04-08 16:02 - 000178720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2020-05-13 22:07 - 2020-01-28 21:31 - 000003454 _____ C:\windows\system32\Tasks\Avira_Security_Update
2020-04-19 16:36 - 2017-10-11 22:41 - 000000000 ____D C:\trading
2020-04-19 15:50 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF

==================== Files in the root of some directories ========

2011-09-25 13:20 - 2012-02-12 13:44 - 000103482 _____ () C:\Users\Minmi\AppData\Roaming\QWInstall.log
2011-10-12 14:35 - 2014-03-04 22:09 - 000004608 _____ () C:\Users\Minmi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-05 23:24 - 2015-03-05 23:24 - 000000717 _____ () C:\Users\Minmi\AppData\Local\recently-used.xbel
2013-09-07 13:26 - 2018-01-29 01:11 - 000007601 _____ () C:\Users\Minmi\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-05-13 23:00
==================== End of FRST.txt ========================

Re: Preventívka

Napsal: 15 kvě 2020 19:00
od Diallix
Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Re: Preventívka

Napsal: 15 kvě 2020 20:40
od Minmi
Zdravím,

prikladám log z AdwCleanera. Vyhodilo to aj nejaké predinštalované veci (HP, Lenovo,..), ale neboli označené, tak som ich nechal tak.


# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-15-2020
# Duration: 00:00:17
# OS: Windows 7 Home Premium
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\ProgramData\ytd video downloader

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5888 octets] - [15/05/2020 21:05:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Preventívka

Napsal: 15 kvě 2020 20:48
od Diallix
Super, mozem poprosit o nove logy z FRST ,a pridajte, prosim, aj log Addition

Re: Preventívka

Napsal: 15 kvě 2020 21:03
od Minmi
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by Minmi (administrator) on MINMI-HP (Hewlett-Packard HP ProBook 4530s) (15-05-2020 21:55:57)
Running from C:\Users\Minmi\Desktop
Loaded Profiles: Minmi
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
() [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Development Company, L.P) [File not signed] C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <5>
(PDF Complete Inc. -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-09-08] (IDT, Inc.) [File not signed]
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] () [File not signed]
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2945080 2011-09-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [Google Update] => C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\MountPoints2: {79637908-f198-11e0-acbe-d0df9a83b246} - D:\SETUP.EXE
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> c:\Windows\system32\DPLic.dll [2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1542298A-FA93-4041-8496-BD308149BC9A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759304 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {161C82F6-9CB9-4A6E-ACED-5F21DBBC39CB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {496B3AD7-34F1-4A00-93C7-12E9B27A8363} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {4FA97840-4DB9-4E7A-A95B-2CFB7B8CECB1} - System32\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002 => C:\Users\Minmi\AppData\Local\GoToMeeting\17359\g2mupdate.exe [32256 2020-05-15] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {53C0AD5F-987A-4815-B3AF-38B35BC0FDC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {6E65DDDC-4D0B-4F15-9E39-A481A60869AF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-13] (Adobe Inc. -> Adobe)
Task: {9B7F1EB9-26A9-455E-9AA3-BA5B6A380750} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228368 2020-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A8736EC1-29F4-494F-A25F-27F2B61102A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd -> Piriform Ltd)
Task: {AC7E5527-DA18-4FE4-9577-7201A126AA8A} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {B0C66866-0C81-4FEF-9BB7-0F9C6E754448} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [216944 2017-10-11] (HP Inc. -> HP Inc.)
Task: {B45FC13B-F193-4C1D-BC0F-B26139B2377B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-13] (Adobe Inc. -> Adobe)
Task: {C1441E67-95EE-4DB6-996E-C7F0D362D809} - System32\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002 => C:\Users\Minmi\AppData\Local\GoToMeeting\17359\g2mupload.exe [32256 2020-05-15] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {DA4BF705-9A0A-492F-9496-21CE91B2E253} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {DE9A0307-EA7F-4F25-BAD6-FE1DB7A289D4} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-25] (Hewlett-Packard Company -> )
Task: {E130C858-4317-4AA8-B6B2-D0D17A161263} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {E661FF61-1EF0-483E-9A3F-3CC58F6C3325} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [120680 2017-06-22] (HP Inc. -> HP Inc.)
Task: {FE4DB1ED-9C86-4CC1-A43B-1B73E189DFC9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {FF16A45C-E5F7-41E2-BAAE-3D9AF9EFEFED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002.job => C:\Users\Minmi\AppData\Local\GoToMeeting\17359\g2mupdate.exe
Task: C:\windows\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002.job => C:\Users\Minmi\AppData\Local\GoToMeeting\17359\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{22B3E4C8-FE8D-423D-9CF1-7AE1AA67CFD5}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{D21A25A4-1FB0-448D-84D5-6EC191DB4D91}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) [File not signed]
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-04] (Skype Technologies SA -> Skype Technologies)

FireFox:
========
FF DefaultProfile: s1t6q2ot.default
FF ProfilePath: C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default [2020-05-15]
FF user.js: detected! => C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default\user.js [2012-03-29]
FF Homepage: Mozilla\Firefox\Profiles\s1t6q2ot.default -> www.google.sk
FF Extension: (Avira Browser Safety) - C:\Users\Minmi\AppData\Roaming\Mozilla\Firefox\Profiles\s1t6q2ot.default\Extensions\abs@avira.com.xpi [2020-05-03]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-05-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-05-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [204288 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1209000 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484160 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484160 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [576368 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636264 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383344 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [242448 2020-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-09-08] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation -> Xobni Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 AgereSoftModem; C:\windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
R3 amdkmdag; C:\windows\System32\DRIVERS\atikmdag.sys [10496000 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\windows\System32\DRIVERS\atikmpag.sys [326656 2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 ATHDFU; C:\windows\System32\Drivers\AthDfu.sys [55448 2012-08-19] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
R3 athr; C:\windows\System32\DRIVERS\athrx.sys [4022272 2013-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [68152 2019-07-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [222176 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [178720 2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [78600 2018-03-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [35376 2019-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-17] (DT Soft Ltd -> DT Soft Ltd)
R0 hpdskflt; C:\windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [25912 2010-12-03] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [165504 2016-08-05] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R3 phantomtap; C:\windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 SmbDrvI; C:\windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-02-08] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2611704 2011-01-12] (Sunplus Innovation Technology Inc. -> Sunplus Technology)
R3 STHDA; C:\windows\System32\DRIVERS\stwrt64.sys [543744 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 21:03 - 2020-05-15 21:08 - 000000000 ____D C:\AdwCleaner
2020-05-15 20:59 - 2020-05-15 20:59 - 008196784 _____ (Malwarebytes) C:\Users\Minmi\Desktop\adwcleaner_8.0.4.exe
2020-05-15 13:50 - 2020-05-15 13:53 - 000088398 _____ C:\Users\Minmi\Desktop\Addition.txt
2020-05-15 13:44 - 2020-05-15 21:58 - 000030562 _____ C:\Users\Minmi\Desktop\FRST.txt
2020-05-15 13:43 - 2020-05-15 21:57 - 000000000 ____D C:\FRST
2020-05-15 13:42 - 2020-05-15 13:42 - 002286080 _____ (Farbar) C:\Users\Minmi\Desktop\FRST64.exe
2020-05-14 19:20 - 2020-05-14 19:20 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2020-05-14 01:45 - 2020-05-14 01:50 - 000000000 ____D C:\novy_mobil_zaloha
2020-05-13 22:13 - 2020-05-13 22:13 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2020-05-13 22:13 - 2020-05-13 22:13 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk
2020-05-13 22:09 - 2020-05-15 21:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 21:55 - 2016-10-02 13:03 - 000000000 ____D C:\veci_z_plochy
2020-05-15 21:33 - 2017-09-13 17:54 - 000000634 _____ C:\windows\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002.job
2020-05-15 21:33 - 2016-11-21 23:12 - 000000000 ____D C:\Users\Minmi\AppData\LocalLow\Mozilla
2020-05-15 21:30 - 2017-09-13 17:54 - 000000538 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002.job
2020-05-15 21:21 - 2009-07-14 06:45 - 000022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-15 21:21 - 2009-07-14 06:45 - 000022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-15 21:20 - 2009-07-14 07:13 - 000782470 _____ C:\windows\system32\PerfStringBackup.INI
2020-05-15 21:20 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2020-05-15 21:16 - 2011-05-10 22:10 - 000000000 ____D C:\ProgramData\PDFC
2020-05-15 21:15 - 2011-05-10 22:06 - 000000000 ____D C:\ProgramData\HPQLOG
2020-05-15 21:11 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-05-15 21:10 - 2012-04-25 01:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-15 15:10 - 2017-09-13 17:54 - 000003660 _____ C:\windows\system32\Tasks\G2MUploadTask-S-1-5-21-2934419145-1383663255-327153009-1002
2020-05-15 15:10 - 2017-09-13 17:54 - 000003564 _____ C:\windows\system32\Tasks\G2MUpdateTask-S-1-5-21-2934419145-1383663255-327153009-1002
2020-05-15 15:10 - 2017-09-13 17:54 - 000000000 ____D C:\Users\Minmi\AppData\Local\GoToMeeting
2020-05-15 15:00 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF
2020-05-15 12:50 - 2018-04-08 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-05-14 19:05 - 2014-08-21 13:42 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-14 01:00 - 2015-09-08 22:00 - 000145920 _____ C:\Users\Minmi\Desktop\vydavky.xls
2020-05-13 22:21 - 2015-11-09 20:53 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-13 22:15 - 2018-03-13 22:05 - 000004462 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-05-13 22:15 - 2012-05-31 09:49 - 000004312 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-05-13 22:15 - 2012-05-31 09:48 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-05-13 22:15 - 2011-11-28 00:19 - 000000000 ____D C:\windows\system32\Macromed
2020-05-13 22:15 - 2011-09-17 13:03 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-13 22:15 - 2011-05-10 22:11 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-05-13 22:14 - 2018-04-08 16:02 - 000222176 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2020-05-13 22:14 - 2018-04-08 16:02 - 000178720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2020-05-13 22:07 - 2020-01-28 21:31 - 000003454 _____ C:\windows\system32\Tasks\Avira_Security_Update
2020-04-19 16:36 - 2017-10-11 22:41 - 000000000 ____D C:\trading

==================== Files in the root of some directories ========

2011-09-25 13:20 - 2012-02-12 13:44 - 000103482 _____ () C:\Users\Minmi\AppData\Roaming\QWInstall.log
2011-10-12 14:35 - 2014-03-04 22:09 - 000004608 _____ () C:\Users\Minmi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-05 23:24 - 2015-03-05 23:24 - 000000717 _____ () C:\Users\Minmi\AppData\Local\recently-used.xbel
2013-09-07 13:26 - 2018-01-29 01:11 - 000007601 _____ () C:\Users\Minmi\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-05-13 23:00
==================== End of FRST.txt ========================

Re: Preventívka

Napsal: 15 kvě 2020 21:04
od Minmi
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Minmi (15-05-2020 21:59:31)
Running from C:\Users\Minmi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-16 11:53:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2934419145-1383663255-327153009-500 - Administrator - Disabled)
Guest (S-1-5-21-2934419145-1383663255-327153009-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2934419145-1383663255-327153009-1003 - Limited - Enabled)
Minmi (S-1-5-21-2934419145-1383663255-327153009-1002 - Administrator - Enabled) => C:\Users\Minmi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.371 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft TotalMedia (HKLM-x32\...\{4114A073-7385-4742-8A5E-A5788FAC838F}) (Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.331 - ArcSoft)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avira (HKLM-x32\...\{4BC31208-EC3B-453B-8819-6B81AE3EC153}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{caade1ea-26aa-4e8f-a4f0-59cf0c0e91a5}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2005.1866 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.33.3.30309 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.28.9397 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (HKLM-x32\...\WT089453) (Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.0.2282.0 - Microsoft Corporation)
Bing Bar Platform (HKLM-x32\...\{77C4850C-3592-4A2F-B652-ACB77A1EF77C}) (Version: 6.0.2282.0 - Microsoft Corporation) Hidden
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CrystalDiskInfo 7.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.1 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.100.35469 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Eurobattle.net (HKLM-x32\...\Eurobattle.net1.26) (Version: 1.26 - Eurobattle.net)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Exodus (HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\exodus) (Version: 1.57.0 - Exodus Movement Inc)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4303 - Hewlett-Packard Company)
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT087361) (Version: 2.2.0.95 - WildTangent) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.8 - Hewlett-Packard Company)
Final Drive Nitro (HKLM-x32\...\WT087362) (Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Video Support Plugin (HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
GoTo Opener (HKLM-x32\...\{8B2D47CC-1558-4939-B27F-41E30530072A}) (Version: 1.0.467 - LogMeIn, Inc.)
GoToMeeting 10.9.1.17359 (HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\GoToMeeting) (Version: 10.9.1.17359 - LogMeIn, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{F8C604AC-1939-4B74-B847-CB59417F1FF2}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{5DCA44EB-03F6-44A3-A294-F3E5DE98D7F6}) (Version: 4.4.10.1 - Hewlett-Packard Company)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP HD Webcam [Fixed] (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.4.07 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.4.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{D1C6B636-5578-4A9E-ACCF-2AFA5F166335}) (Version: 2.0.6.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.00.888 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{3F437675-F102-4866-BDE1-FFFC7B45EC0B}) (Version: 3.1.2.10229 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D82ABA2F-492B-440F-A9BC-12331B17EEA9}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{A806B71B-00A4-4BFC-9476-3CBEFBE440E5}) (Version: 12.8.37.11 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
Chuzzle Deluxe (HKLM-x32\...\WT089454) (Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6428.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
KaM - The Peasants Rebellion (HKLM-x32\...\KaM - The Peasants Rebellion) (Version: - )
KaM Remake Full r6720 (HKLM-x32\...\{FDE049C8-E4B2-4EB5-A534-CF5C581F5D32}_is1) (Version: - )
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mozilla Firefox 76.0.1 (x64 sk) (HKLM\...\Mozilla Firefox 76.0.1 (x64 sk)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 76.0.1.7432 - Mozilla)
Mystery P.I. - The London Caper (HKLM-x32\...\WT089299) (Version: 2.2.0.95 - WildTangent) Hidden
Obrázkový slovník nemecko-slovenský (HKLM-x32\...\Obrázkový slovník nemecko-slovenský) (Version: 1.00 - Naumann & Goebel)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenTTD 1.9.1 (HKLM-x32\...\OpenTTD) (Version: 1.9.1 - OpenTTD)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.26 - PDF Complete, Inc)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.1 - pdfforge GmbH)
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\WT087501) (Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company)
PX Profile Update (HKLM-x32\...\{80C45B94-2BA0-8E23-95A7-8A9FCD836EFD}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{DB94388C-62E9-570D-2BD6-90864F7E1282}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.209 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
SaxoTrader (HKLM-x32\...\{49C14B93-58AD-4178-B52C-750D54CE618D}) (Version: 2.158.42.0 - Saxo Bank)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.26.012 - Portrait Displays, Inc.) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.12.23 - Meltytech, LLC)
Skype™ 5.1 (HKLM-x32\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.1.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{EFE3D683-903C-4B58-AB8F-C68C69F33758}) (Version: 4.5.3.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19.4 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company)
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Warcraft III) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
World Cup Cricket 20-20 (HKLM-x32\...\WT089451) (Version: 2.2.0.95 - WildTangent) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (HKLM-x32\...\{8DC069E7-893C-41E1-9442-DE89FEC33371}) (Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (HKLM-x32\...\WT089455) (Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Minmi\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-06] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-09-14] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-06] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-06] (WinZip Computing -> WinZip Computing, S.L.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-07-16] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [74752 2011-08-29] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2011-01-12 20:11 - 2011-01-12 20:11 - 000008192 _____ ( ( ) [File not signed]) [File is in use ] c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\Interop.HPQWMIEXLib.dll
2011-09-12 18:03 - 2011-09-12 18:03 - 000007168 _____ ( ( ) [File not signed]) [File is in use ] C:\Program Files\Hewlett-Packard\HP Power Assistant\SDKCOMServerLib.dll
2011-01-31 20:54 - 2011-01-31 20:54 - 000008192 _____ ( ( ) [File not signed]) [File is in use ] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\Interop.HPQWMIEXLib.dll
2011-08-23 15:06 - 2011-01-13 03:56 - 000058880 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-09-12 18:02 - 2011-09-12 18:02 - 001083392 _____ ( () [File not signed]) [File is in use ] C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2011-01-12 20:11 - 2011-01-12 20:11 - 001040384 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTHostServices.dll
2011-01-12 20:12 - 2011-01-12 20:12 - 000086016 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTStrings.dll
2011-01-31 20:53 - 2011-01-31 20:53 - 000151552 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomain.dll
2011-01-31 20:54 - 2011-01-31 20:54 - 001044480 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTHostServices.dll
2011-01-31 20:55 - 2011-01-31 20:55 - 000081920 _____ ( (Hewlett-Packard Development Company, L.P.) [File not signed]) [File is in use ] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\PTStrings.dll
2011-09-12 18:02 - 2011-09-12 18:02 - 000869888 _____ ( (HP) [File not signed]) [File is in use ] C:\Program Files\Hewlett-Packard\HP Power Assistant\HP.SupportFramework.dll
2018-03-26 13:58 - 2018-03-26 13:58 - 000112128 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:\windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000384128 _____ ( (Qualcomm Atheros -> ) [File not signed]) [File is in use ] C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-02-01 09:42 - 2013-02-01 09:42 - 002035712 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 000126976 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 000141824 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2013-02-01 09:43 - 2013-02-01 09:43 - 001945600 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 002863104 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-01 10:39 - 2013-02-01 10:39 - 003401216 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2013-02-01 10:15 - 2013-02-01 10:15 - 000053248 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-01 10:12 - 2013-02-01 10:12 - 003092480 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2013-02-01 10:14 - 2013-02-01 10:14 - 002830336 _____ () [File not signed] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2011-01-31 20:54 - 2011-01-31 20:54 - 000107008 _____ () [File not signed] c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-09-17 16:13 - 2011-05-28 22:05 - 000164864 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2018-12-24 18:17 - 2018-12-24 18:17 - 000169984 _____ () [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\997d4e13343128a1e06c318c34b75cd4\IsdiInterop.ni.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 001412608 _____ () [File not signed] C:\windows\system32\LIBEAY32.dll
2011-08-23 15:06 - 2011-01-17 21:19 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 002792960 _____ (Apache Software Foundation) [File not signed] C:\windows\system32\xerces-c_3_0.dll
2015-01-15 00:42 - 2013-10-28 19:14 - 000440320 _____ (Atheros) [File not signed] C:\windows\system32\athihvs.dll
2010-11-25 23:21 - 2010-11-25 23:21 - 004899328 _____ (Cogent Systems Inc.) [File not signed] C:\windows\system32\CgtFace_Dll.dll
2011-02-15 00:28 - 2011-02-15 00:28 - 000187016 _____ (Cogent Systems, Inc. -> Cogent Systems, Inc.) [File not signed] C:\windows\system32\BSWAuthImp.dll
2011-02-15 00:03 - 2011-02-15 00:03 - 000033928 _____ (Cogent Systems, Inc. -> TODO: <Company name>) [File not signed] C:\windows\system32\OEMComponentProvider.dll
2011-02-12 05:04 - 2011-02-12 05:04 - 000514560 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\KEYLIB64.dll
2011-02-12 05:04 - 2011-02-12 05:04 - 000495616 ____R (Concept Software, Inc.) [File not signed] C:\windows\system32\SKCA64.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000916992 _____ (Free Software Foundation) [File not signed] C:\windows\system32\iconv.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 000044544 _____ (Free Software Foundation) [File not signed] C:\windows\system32\intl.dll
2011-02-07 20:43 - 2011-02-07 20:43 - 005263872 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
2018-12-24 18:17 - 2018-12-24 18:17 - 000014336 _____ (Intel Corp.) [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e8e5ccab88b15ab97e5f4d0c2e1b3be3\IAStorCommon.ni.dll
2011-08-23 15:06 - 2011-01-17 21:14 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-08-23 15:06 - 2011-01-13 03:52 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2018-12-24 18:17 - 2018-12-24 18:17 - 000218624 _____ (Intel Corporation) [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\18ee2072678f5f49077c164710f6cd3d\IAStorDataMgr.ni.dll
2018-12-24 18:17 - 2018-12-24 18:17 - 000475648 _____ (Intel Corporation) [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2e9abe11b5b3db1c04347520bac24a0b\IAStorUtil.ni.dll
2013-07-14 13:19 - 2013-07-14 13:19 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2013-07-14 13:19 - 2013-07-14 13:19 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2017-04-04 22:11 - 2017-04-04 22:11 - 000115200 _____ (pdfforge GmbH) [File not signed] C:\windows\System32\pdfcmon.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000253056 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvSdkDll.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000070784 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CombineAgent.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000202368 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000085632 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GattI.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000124544 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2012-09-14 12:42 - 2012-09-14 12:42 - 000083072 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000035456 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000063104 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ModuleManager.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 001067648 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutlookLib.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000130176 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2012-09-14 12:42 - 2012-09-14 12:42 - 000098944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.dll
2012-09-14 12:38 - 2012-09-14 12:38 - 000195584 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000161792 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000177152 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BIP\BIP.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000018432 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\DID\DId.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000036352 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FAX\Fax.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000421376 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000088064 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2012-09-14 12:36 - 2012-09-14 12:36 - 000096768 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\goep\goep.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000029696 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000091136 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000303616 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\LE\LE.dll
2012-09-14 12:36 - 2012-09-14 12:36 - 000181248 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\ObjPush.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000065024 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000066560 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\pbap\pbap.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000063488 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000097280 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\sap\sap.dll
2012-09-14 12:39 - 2012-09-14 12:39 - 000087552 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2012-09-14 12:38 - 2012-09-14 12:38 - 000055296 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\spp\spp.dll
2012-09-14 12:37 - 2012-09-14 12:37 - 000064512 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Sync\Sync.dll
2011-01-11 22:04 - 2011-01-11 22:04 - 000599552 _____ (Symantec) [File not signed] C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\evolveo_mars_win7_win8_cd_rom.zip:$CmdTcID [64]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-10-12 21:14 - 000000098 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\Program Files (x86)\AMD APP\bin\x86_64;c:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Intel\Services\IPT\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Minmi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: File Sanitizer => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
MSCONFIG\startupreg: Google Update => C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
MSCONFIG\startupreg: HP HD Webcam [Fixed]_Monitor => C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: QLBController => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EFE78C0F-A8D4-4891-95B5-64FF6E45F2C9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}] => (Allow) LPort=2869
FirewallRules: [{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}] => (Allow) LPort=1900
FirewallRules: [{A749F252-2377-4E66-BC22-22EA685CFD7C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies SA -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{BE05EFDD-D899-4D70-B847-0A22AF815D9D}C:\hry\warcraft iii\war3.exe] => (Allow) C:\hry\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{11D42AB1-9E99-4FCD-AB16-23732A8FEA32}C:\hry\warcraft iii\war3.exe] => (Allow) C:\hry\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{B7DFEA63-62DF-4063-8EAA-924C9F1513F2}C:\hry\cs 1.6 v48\hl.exe] => (Block) C:\hry\cs 1.6 v48\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{2DC031EA-A41C-40DE-9742-4F7C3F09F3D1}C:\hry\cs 1.6 v48\hl.exe] => (Block) C:\hry\cs 1.6 v48\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{5B4D12FC-6293-4986-AC64-A89B5841D848}C:\hry\cs 1.6 v48\hl.exe] => (Allow) C:\hry\cs 1.6 v48\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{C0548085-F04A-4F9F-B205-E78770DA1A91}C:\hry\cs 1.6 v48\hl.exe] => (Allow) C:\hry\cs 1.6 v48\hl.exe (Valve) [File not signed]
FirewallRules: [{92484929-D351-41E5-98CB-63FF1EC0A369}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DDBBBD96-FDEC-47AB-AE75-78AB549EF3A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4BCF1869-D20A-44D0-98FF-97E640FDAEE5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AC2E131A-8AA9-493D-87E8-B1CAF60B3B37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EA099976-2512-4E2F-A20E-0BD3C9536CE6}] => (Allow) C:\Hry\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{DACEE047-046B-49B8-BCF7-1CAA40BEE5BC}] => (Allow) C:\Hry\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{A953BAB6-5671-48EF-945D-36C6887C08E6}] => (Allow) C:\Hry\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{F4F223C1-004B-453B-BF5E-99B0544D3098}] => (Allow) C:\Hry\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{0C44A714-256E-414E-8F5B-507BC2E4ECEC}C:\hry\hearthstone\hearthstone.exe] => (Allow) C:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{7A18FDFD-F8AC-490C-B39B-C58945ADD290}C:\hry\hearthstone\hearthstone.exe] => (Allow) C:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{0B0A5256-3EBC-4495-A6FE-993BDB2F61CD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E3D2CD63-0200-448F-92FC-6FBDAEC30086}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{A2B98606-9DA2-4C62-BC0E-975D15A35715}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{033C17D9-41E3-4CB0-A6AD-2FD81BA8F7B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{984EC91A-43E2-46E6-9ED0-614CA1805BB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{4FB367D7-AA2F-48A6-B18D-AE3E8AE88E75}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{222C57A9-EDAD-4831-9138-D7E75CBABA8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{214F05D0-1CE7-4EA9-9BBC-FEF571DAA4E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{CB8B075D-54AD-4B25-A1BE-FE8AAD93B3EC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3A5BB36B-C58E-4105-861A-55D1148E56AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BE329F50-93E0-4219-98F2-858E0A7B6D77}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{69207AC7-91DB-441F-86EA-6B33A4A8F9E3}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{96A48AC2-6FF6-44E5-8487-08F651E2DDBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{A0F159AF-5172-4C02-BD2D-09C9905D0AC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{39FACD69-E29B-445A-B68D-5BCE7793CCBB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6BD1499C-5111-4246-8A95-462C58EB56B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{78D615BF-BA35-4A73-A610-A0DEF5E69A1E}C:\kam remake\kam_remake.exe] => (Allow) C:\kam remake\kam_remake.exe () [File not signed]
FirewallRules: [UDP Query User{61F096FE-F9BA-4086-9B1A-F043B8F37638}C:\kam remake\kam_remake.exe] => (Allow) C:\kam remake\kam_remake.exe () [File not signed]
FirewallRules: [{4031375A-6425-48BF-9891-CE7A925241A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe (Obsidian Entertainment, Inc. -> Obsidian Entertainment, Inc.)
FirewallRules: [{1F1647FB-50F2-42D8-8B32-B8C3C02DE043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe (Obsidian Entertainment, Inc. -> Obsidian Entertainment, Inc.)
FirewallRules: [{D844EEFF-C402-4C5F-97A8-684E280C193D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe (Valve -> )
FirewallRules: [{8A860689-EEC3-44DD-8AD4-D4CBE1CCA39B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe (Valve -> )
FirewallRules: [{A30ACEED-BF89-439D-8579-75BAD82C91AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1E056E71-BF85-41EA-B286-57006B9634B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F5562AAD-C77B-4898-AC03-D9DD89259BA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B13E329D-2FC8-455B-8732-4BFFE85357E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E6DEEFF7-E14D-406A-A927-59E5017E9D36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{936E88D4-60B9-4364-933C-7CBE1FBC051E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E895A3CB-9BF9-42BC-BBF9-3A5C43732F14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E728726E-EC26-448A-B90D-9A6469072A7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{347CC175-6CC7-421D-8AA5-6254C026C540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{12F6E5CC-B1BB-43CB-A79A-C64A687C31B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{70FFE59C-4884-4C7E-AEB1-AAC0F489FD38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{624CA68B-273C-4913-A3C9-CF41DF7B3A4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{46F5A7DE-A713-482F-8795-43A1CAACF558}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{FB4D0B8B-66C6-4B1B-B443-A8190DE24F6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{84E8B929-6935-4129-9069-948F7B31BEC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BB162B28-EE2D-4BDB-B0D8-79BB8D3C2531}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{79808DA2-720F-47E4-BCA3-AA5BC931E101}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C080EEE0-EEE3-495B-BC41-6369BB63695D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F52F5FB7-D88E-4B9C-ABFD-DB3977AD1742}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7390C2FB-793D-4972-88CE-4F00A186AF9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6AF5A679-5FF7-4BDC-B206-AA668BE99717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5119FB93-295E-4494-B60C-084AD209726C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E1FEDCEE-273C-45DE-B518-A0384D3E8633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{85173B7F-0926-4D43-A988-F2E60A4E9B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DBEFFC5E-AF0B-4474-B6A9-A79D6B045127}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3669386A-9F69-4441-9B0C-5B5EC0C686F7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CC6E16EC-9EFC-427B-8930-9EC382130FAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0D5AC157-3A4C-48D6-9AD0-6FA1B07C8F02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C063D4C8-B638-4065-935B-0A1FE2B778E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F43D30D7-63DE-41E7-913F-50D632ECC8BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F9E8203E-9606-411A-94AB-C7EA4CCECC88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2D371623-239E-4806-907D-52C0BD3ABC9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2D65EE70-D74D-4F30-AFA3-D4E0D85F2D02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C6A9CC55-1962-4B3F-A5A6-F2C0372D744A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0889158B-C76E-415D-9C0A-85ED6464CF92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7527C00D-16FB-4184-8F01-F6146FE76FEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{51218AAD-D2B7-42D1-AC50-0F0AC4008E88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{924B9BC0-8D0A-494E-97D8-DD44E1D245DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{3FF6AB93-D305-4852-A563-3DB291C61377}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{FA6ACD2B-FC91-418A-A2EE-46298093C24A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8487EE31-CB9C-4BF5-A9ED-202456394517}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{72A4861A-23AF-45D1-A340-49CF463A8D74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6F1D9C88-FF86-4D56-B3E1-B79C64DEF07D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{386BEC0C-25B2-43C2-BBD6-FF9437372EA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6B94AD25-0B82-4C05-9C61-9FB8CEDF620C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{693DB0F0-4494-4DF6-8973-00E91F342680}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B65DDDBC-D42F-4F30-976F-CB836C3B6DF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1F552CC6-BFF8-4E0E-B9E2-166A00923C07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{43AF9BF4-EE52-48ED-82A1-0A1E855FCE6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BE44BEE2-4CB0-4D39-917A-13FFE85D627B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F1E95C54-4099-4113-B5F1-84838AE121AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7696AF79-403E-49E0-B7D3-685275468B42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [TCP Query User{26E36370-C00E-43A5-86DC-A0455C5C0670}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [UDP Query User{004BE8C4-FCEB-46CF-802B-BB7FEE319DE0}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [TCP Query User{9812156E-795C-4461-8B16-2F4B99EEA9B9}C:\kam remake\kam_remake.exe] => (Allow) C:\kam remake\kam_remake.exe () [File not signed]
FirewallRules: [UDP Query User{9D6D8813-24E3-4DF5-B7E7-1A9C0C53BD0D}C:\kam remake\kam_remake.exe] => (Allow) C:\kam remake\kam_remake.exe () [File not signed]
FirewallRules: [{7CD3BEC0-F7D6-4050-BFCB-C97A876389BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5D862453-877B-410A-9CDD-B9564C2F8FB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9D23AB33-C1BF-452B-A310-571F352EBFFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{97A6F3EE-F6B0-4F4A-9E3F-074FC82316FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{888A938F-100E-4BC4-AAFD-7D144A351059}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2459EA01-CF23-4996-BA2D-D64B9CBE3437}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6A6AE778-F756-4B9B-8FCC-53E22B9F926E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9DE573B9-35B5-4908-A7F4-AA8025B5AAF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2D0F7B1E-DDAF-41C3-A292-50C0977A036D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{63502293-86BA-40D3-B237-3AF9C9E43742}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{355F0E36-091A-4F1E-BB4E-E7B48CA003E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{62EF6E36-BD84-4846-9397-2B9B139786E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{CF09C674-D2F5-4968-B4F7-A0F8207B0D18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2F6C346A-0C8A-41B2-B154-4787F5BCED8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D1E9BDBF-FD0F-4409-9AF0-BC777047D4E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9EDDCAF4-ADC0-442D-8E40-006E00D32798}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{75D5AD7C-825C-4C68-8BC6-8A0DFC7FF540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BE807C1E-B203-4649-BFE1-6152E5D56EA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6185212C-6046-4293-BDC2-4CDBF579BCEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DC17EA17-7908-413B-9783-393705BDC0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2E96D055-55D9-4594-91A6-9EEB31CA99D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{91A9F2B4-75FF-43C5-ABB2-B1EE05C2B3CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8C27D7E2-0624-45FA-A039-D027DFEFC414}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9055979B-01B8-4949-B001-A32BAAC32DDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7E068A34-078F-4472-9ECF-7DE9B78A7203}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{3064032E-76AD-444A-B699-9C2D1FF71125}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D2CFE1A2-8385-4282-B14C-6BC3060A7A11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{163FDABF-93DD-4FC0-90BB-46F90B032F79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C86EDA4B-846E-4DD8-B018-04EC2AB78ACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{95ADD888-49A6-4C6C-88D0-366DC18967F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8826DDD7-2D13-4622-9C69-DD9ED444AE4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{AEDE9657-E187-46DD-AE63-95C6A12E17CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7C297924-7071-4A5F-9C4A-E5353F342816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{246F27B4-103F-42D3-B78A-0686A8A71A23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{721B4BCD-6BB1-4836-A7BB-9E0F20CE97AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{AD22E5E6-E392-4A41-83C9-B515EB4919E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9CF7B764-2C66-45EF-8F0B-20FEB076347D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DF4BBEE1-F0AA-434D-B0AB-EC68DFC2D7CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{44FCF4B5-F84A-4246-92EF-B41623CC4695}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B5A4BD48-6609-43A4-B697-847DF55CF297}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{21C0969D-6E31-4ADE-8B45-713C055CDADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{06594C41-F943-47EE-B5DF-D94A5EDE93EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{844BA947-EC9E-49C2-A48D-3D98E482AC7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D869D51F-BB2B-47E9-923C-B2F2C455DEE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C8474475-37D3-41F2-9093-E00F2DC7EFFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9B702D33-4DB7-4B50-B492-CB50542B9FC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{AF98FED6-E7BA-4278-A523-70106F01DE23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B800083A-1CDD-46EA-B604-F6DB442F0D23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{886384F9-00A1-4267-B1A8-0AEF511FE56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{AC56C69E-061D-49C2-9C9D-01CD3F705218}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B91202E5-0D8B-4871-A3F2-7A3ED4A485B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2498B7B3-CEAF-4BB7-BEB1-432D95E306E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6FB2589F-7EEC-46DD-87FA-24828BD081AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0E2930B3-7A28-415F-A7E7-AC08DA095C1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4898CF7A-76D6-41A0-AA5E-0152D381B40F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C7C75E42-F75E-49C7-B0BB-7CEF5D009E8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5925F856-CD73-4BDB-AFD1-09FF3E88E601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{83288C4D-B950-4492-BBAC-EB60C97CC556}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9A8BFF67-2B56-437C-885D-39F953909656}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{06D82CA7-891E-4C71-A404-A9E37EB343E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B04371F2-F9C7-4C42-A222-FD62034E6975}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{958B2441-09CE-4B5B-B6D0-B16CD821600E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{07254F21-5D97-4038-BC10-866B922B963F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8F07566C-5DB3-4FB9-AE33-AA3DB4C9EA69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4921D4A6-A5CB-4F6D-9931-7E991B4A7869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{705070CC-FFF9-4FDB-851F-938305E44179}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B0ED5336-E917-42DE-A448-E33B659F80D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0A257051-4AB4-44AD-93A5-47058B9BE496}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C0C3EF2C-DF3B-4633-BA70-750D4E94D0F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6122A5BE-0E74-4906-8829-03AE0D96A834}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{249142A7-1FB7-4A8B-BB2E-DAA28483EA0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BE1F9679-BE88-49FB-BCF4-FCCA94F092B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{28D085FF-8241-4A6F-89E6-9B1221B73B7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{2CE0E1A4-490A-466E-A07D-6680B2D66255}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7507B140-6A5B-4CC6-B063-6DCBC2FA2C32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{98D920B2-0D20-472C-8D5F-BC6B20F1D754}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1D50830A-B118-4952-BCFF-D5DAF3DCB242}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F3A4B0F2-0C03-48C2-ACEE-37178DABA129}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{FFDA6172-E93F-49C2-BD58-A2E3A42F5DDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E9DD68D6-BC4F-47B0-BD5F-DC63E2AFA319}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8FC83620-9264-463F-B7DE-9330D2601D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D714503D-36B2-43BC-B2A4-CD2603E4FF62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B3C2FECA-31A4-445A-A532-B623379D2AD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6140265F-9B6A-49A9-910C-963BB9A53F24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E68C0930-EE3B-40B6-8692-C7A5A2B24216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9045AECC-64F3-485E-B1B8-A21FE0FF717D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{012B452C-20D1-4FB5-96DD-0719BA3372F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{80915A45-1C57-4B7C-8675-E30B9547DFAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{DA324233-33EF-4AAC-B46B-0795ABD97F0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D8200021-9F5A-492C-9635-D8EFC5C28A6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{1166166D-6F4B-4D06-A3FE-97191793056F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D0F2CF6B-662F-41F3-B766-F87B456F3AF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{285B1025-03E7-4C99-8A8E-14D8F8ECE876}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{E1B600F6-71E8-4FFA-8F8F-16DCE6C574D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{5AC84B69-C057-478A-841E-2BEF4E42659E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F6630ABF-4274-4670-8408-B6923C812B23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{CF1BA89E-FB17-43AB-B832-C0AFD687B066}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B6C9C1CC-0E44-4861-94F1-C2AF40BFAE32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{BE7B276E-9EEE-4C8F-B63D-6F5B0881B7C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{B63269A5-69A7-43DE-A9DE-B866273B73E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{782B1834-F52C-4ECE-A66A-6CA91CF3F95F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{9997339A-8B8B-42EF-B257-E8879C8FF4ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7FF35290-D087-40A4-96A3-8FBF37EF91B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6DB41820-0348-4412-A542-ED1A6F91607F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [TCP Query User{8CDC1AFA-EAE0-477E-9A45-C093D6E09743}C:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{D92F469A-0B80-4D35-AB37-40563D2FED01}C:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{BC54A1CD-4E96-43C9-96E2-BB42C3893BC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C9E80B5E-464E-473C-B2E3-D4740DCF7E98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [TCP Query User{BAF31AD2-B999-409D-9A3D-019DEBA5F88F}C:\hry\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Block) C:\hry\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{3DA4075E-A57F-4E06-B9B1-CF6489FD9047}C:\hry\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Block) C:\hry\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E591B0FB-95BA-4E0E-B753-C2157EBBCFBD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{B1877396-2801-49A9-A13A-99BF749CE4D7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{FD432167-C979-416B-A21C-15A0217A04CC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/15/2020 09:20:01 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/15/2020 09:20:01 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/15/2020 05:18:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

Error: (05/15/2020 12:49:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Avira.ServiceHost.exe, verzia: 1.2.146.25871, časová značka: 0x5eb52788
Názov chybového modulu: KERNELBASE.dll, verzia: 6.1.7601.24308, časová značka: 0x5be85d6b
Kód výnimky: 0xe0434352
Odstup chyby: 0x0000c54f
Identifikácia chybného procesu: 0xef0
Čas spustenia chybnej aplikácie: 0x01d62a117e130d7e
Cesta chybnej aplikácie: C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
Cesta chybného modulu: C:\windows\syswow64\KERNELBASE.dll
Identifikácia hlásenia: bdf13347-9699-11ea-b9ba-d0df9a83b246

Error: (05/15/2020 12:49:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Net.Sockets.SocketException

Exception Info: System.Exception
at SuperSocket.ClientEngine.TcpClientSession.DetectConnected()
at SuperSocket.ClientEngine.TcpClientSession.Send(Byte[], Int32, Int32)
at WebSocket4Net.Protocol.DraftHybi10Processor.SendHandshake(WebSocket4Net.WebSocket)
at WebSocket4Net.WebSocket.OnConnected()
at WebSocket4Net.WebSocket.client_Connected(System.Object, System.EventArgs)
at SuperSocket.ClientEngine.ClientSession.OnConnected()
at SuperSocket.ClientEngine.SslStreamTcpSession.OnAuthenticated(System.IAsyncResult)
at System.Net.LazyAsyncResult.Complete(IntPtr)
at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
at System.Net.Security.SslState.FinishHandshake(System.Exception, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(System.Net.Security.ProtocolToken, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[], System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(System.Net.Security.ProtocolToken, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[], Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.SslState.ReadFrameCallback(System.Net.AsyncProtocolRequest)
at System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
at System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
at System.Net.LazyAsyncResult.Complete(IntPtr)
at System.Net.ContextAwareResult.CompleteCallback(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Net.ContextAwareResult.Complete(IntPtr)
at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (05/14/2020 11:24:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Avira.SystemSpeedup.Maintenance.exe, verzia: 6.4.1.10871, časová značka: 0x5e32ea26
Názov chybového modulu: clr.dll, verzia: 4.7.3260.0, časová značka: 0x5bb7bcb7
Kód výnimky: 0xc0000409
Odstup chyby: 0x002f8ca9
Identifikácia chybného procesu: 0x1d08
Čas spustenia chybnej aplikácie: 0x01d62a360e47c696
Cesta chybnej aplikácie: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta chybného modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Identifikácia hlásenia: 4d5b9257-9629-11ea-b9ba-d0df9a83b246

Error: (05/14/2020 10:53:03 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

Error: (05/14/2020 09:35:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).


System errors:
=============
Error: (05/15/2020 09:15:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby hpqwmiex bol dosiahnutý časový limit (30000 ms).

Error: (05/15/2020 09:12:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Avira Phantom VPN bol dosiahnutý časový limit (30000 ms).

Error: (05/15/2020 09:10:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (05/15/2020 09:10:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (05/15/2020 09:09:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (05/15/2020 09:08:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Authentication Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (05/15/2020 09:08:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Security sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (05/15/2020 09:08:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP DayStarter Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Windows Defender:
===================================
Date: 2017-10-28 15:07:13.542
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{4CE1D91F-9983-4E2E-8E78-7077EEBCEFA9}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2017-10-28 15:07:10.500
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{599A30AF-F83E-4B4C-9E22-8BE90CA0A209}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

==================== Memory info ===========================

BIOS: Hewlett-Packard 68SRR Ver. F.61 04/22/2016
Motherboard: Hewlett-Packard 167C
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 90%
Total physical RAM: 4030.36 MB
Available physical RAM: 370.54 MB
Total Virtual: 8058.86 MB
Available Virtual: 3201.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:574.02 GB) (Free:13.98 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:16.85 GB) (Free:2.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.1 GB) FAT32

\\?\Volume{0982d8b6-cd87-11e0-a3e5-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 9FD8FEA1)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=574 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt =======================

Re: Preventívka

Napsal: 15 kvě 2020 21:17
od Diallix
Mate nainstalovane dva antiviry, Aviru a McAfee. Doporucujem Aviru ponechat a McAfee odinstalovat.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Start::
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Minmi\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
AlternateDataStreams: C:\evolveo_mars_win7_win8_cd_rom.zip:$CmdTcID [64]
FirewallRules: [{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}] => (Allow) LPort=2869
FirewallRules: [{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}] => (Allow) LPort=1900
FirewallRules: [{984EC91A-43E2-46E6-9ED0-614CA1805BB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{4FB367D7-AA2F-48A6-B18D-AE3E8AE88E75}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{26E36370-C00E-43A5-86DC-A0455C5C0670}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [UDP Query User{004BE8C4-FCEB-46CF-802B-BB7FEE319DE0}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [{E591B0FB-95BA-4E0E-B753-C2157EBBCFBD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{B1877396-2801-49A9-A13A-99BF749CE4D7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{FD432167-C979-416B-A21C-15A0217A04CC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [Google Update] => C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\MountPoints2: {79637908-f198-11e0-acbe-d0df9a83b246} - D:\SETUP.EXE
Task: {AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

EmptyTemp:

End::
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

----

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Re: Preventívka

Napsal: 15 kvě 2020 21:58
od Minmi
Prikladám log. Akurát pozerám, že mi to vymazalo históriu prehliadania vo Firefoxe :(


Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Minmi (15-05-2020 22:31:29) Run:1
Running from C:\Users\Minmi\Desktop
Loaded Profiles: Minmi
Boot Mode: Normal
==============================================

fixlist content:
*****************
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Minmi\AppData\Local\GoToMeeting\11282\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
AlternateDataStreams: C:\evolveo_mars_win7_win8_cd_rom.zip:$CmdTcID [64]
FirewallRules: [{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}] => (Allow) LPort=2869
FirewallRules: [{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}] => (Allow) LPort=1900
FirewallRules: [{984EC91A-43E2-46E6-9ED0-614CA1805BB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{4FB367D7-AA2F-48A6-B18D-AE3E8AE88E75}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{26E36370-C00E-43A5-86DC-A0455C5C0670}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [UDP Query User{004BE8C4-FCEB-46CF-802B-BB7FEE319DE0}C:\hry\battle.net\battle.net.8180\battle.net.exe] => (Block) C:\hry\battle.net\battle.net.8180\battle.net.exe => No File
FirewallRules: [{E591B0FB-95BA-4E0E-B753-C2157EBBCFBD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{B1877396-2801-49A9-A13A-99BF749CE4D7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{FD432167-C979-416B-A21C-15A0217A04CC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\Run: [Google Update] => C:\Users\Minmi\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\...\MountPoints2: {79637908-f198-11e0-acbe-d0df9a83b246} - D:\SETUP.EXE
Task: {AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
Task: {CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => C:\Users\Minmi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-06] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
EmptyTemp:

*****************

HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F} => removed successfully
C:\evolveo_mars_win7_win8_cd_rom.zip => ":$CmdTcID" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{984EC91A-43E2-46E6-9ED0-614CA1805BB8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FB367D7-AA2F-48A6-B18D-AE3E8AE88E75}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{26E36370-C00E-43A5-86DC-A0455C5C0670}C:\hry\battle.net\battle.net.8180\battle.net.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{004BE8C4-FCEB-46CF-802B-BB7FEE319DE0}C:\hry\battle.net\battle.net.8180\battle.net.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E591B0FB-95BA-4E0E-B753-C2157EBBCFBD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1877396-2801-49A9-A13A-99BF749CE4D7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD432167-C979-416B-A21C-15A0217A04CC}" => removed successfully
"HKU\S-1-5-21-2934419145-1383663255-327153009-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update" => removed successfully
HKU\S-1-5-21-2934419145-1383663255-327153009-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79637908-f198-11e0-acbe-d0df9a83b246} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF18BA60-1731-4EFE-9BC3-3ABD86C68FFF}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBA68C24-CA9C-4D9C-85DA-D9D1C410CE0B}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2934419145-1383663255-327153009-1002UA" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 47529966 B
Java, Flash, Steam htmlcache => 408291066 B
Windows/system/drivers => 274705909 B
Edge => 0 B
Chrome => 0 B
Firefox => 1075959318 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 124310 B
Minmi => 1094765884 B

RecycleBin => 234309 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:35:56 ====

Re: Preventívka

Napsal: 15 kvě 2020 22:00
od Diallix
Ano, prikaz maze historie, a docasne subory. Ja sa vam velmi ospravedlnujem, ak som vam tym nieco skomplikoval. Mrzi ma to. Mozete mi, prosim, povedat, ako je na tom pocitac?

Re: Preventívka

Napsal: 15 kvě 2020 23:15
od Minmi
Ah, to ste ma nepotešil :( Škoda že som si predtým neskopíroval profil firefoxu, posledný mám zálohovaný ale spred 2 mesiacov. Napadá ma ešte Recuva, len neviem aký súbor by to bol, resp. či vôbec bol vymazaný, alebo len upravený.

Čo všetko sa tým vymazalo - temporary files a histórie z prehliadačov, alebo ešte niečo? Snáď časom neprídem na nejaké prekvapenie :)

Inak PC vyzerá byť ok, po tom FRST fixe sa mi zdá trochu dlhšie nabiehalo a bola tam čierna obrazovka kým naskočila plocha a všetky ikony. McAfee som v liste programov nenašiel, nemôže to byť nejaký pozostatok iba? Nie som si vedomý, že by niekedy bolo na PC.

Re: Preventívka

Napsal: 16 kvě 2020 18:32
od Diallix
Prikaz zmazal nasledovne data:
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 47529966 B
Java, Flash, Steam htmlcache => 408291066 B
Windows/system/drivers => 274705909 B
Edge => 0 B
Chrome => 0 B
Firefox => 1075959318 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 124310 B
Minmi => 1094765884 B

RecycleBin => 234309 B
EmptyTemp: => 2.7 GB temporary data Removed.

Odstratime zvysky McAfee:


Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Start::
CloseProcesses:
CreateRestorePoint:
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)

End::
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Re: Preventívka

Napsal: 17 kvě 2020 20:57
od Minmi
Zdravím,

posielam log. Čo som vygooglil, tak Firefox ukladá históriu a záložky v súbore places.sqlite. Keďže to vymazalo iba históriu a nie záložky, tak usudzujem, že to ten súbor nevymaže, ale iba upraví a teda žiadny súbor na recovernutie tam nie je. Tak som nakopíroval ten places.sqlite z poslednej februárovej Firefox zálohy a mám históriu naspäť, odvtedy sa na tomto PC zas toľko nového nerobilo, takže celkom pohoda :)


Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Minmi (17-05-2020 21:16:25) Run:2
Running from C:\Users\Minmi\Desktop
Loaded Profiles: Minmi
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc. -> McAfee, Inc.)

*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\System\CurrentControlSet\Services\McAfee Endpoint Encryption Agent => removed successfully
McAfee Endpoint Encryption Agent => service removed successfully
MfeEpeOpal => Unable to stop service.
HKLM\System\CurrentControlSet\Services\MfeEpeOpal => removed successfully
MfeEpeOpal => service removed successfully
HKLM\System\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\\UpperFilters MfeEpeOpal => value removed successfully
MfeEpePc => Unable to stop service.
HKLM\System\CurrentControlSet\Services\MfeEpePc => removed successfully
MfeEpePc => service removed successfully
HKLM\System\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\\UpperFilters MfeEpePc => value removed successfully


The system needed a reboot.

==== End of Fixlog 21:18:22 ====

Re: Preventívka

Napsal: 18 kvě 2020 04:47
od Diallix
Ste sikovny :]]

Zbytky zmazalo v pohode :]] malo by to byt ok.

Re: Preventívka

Napsal: 20 kvě 2020 00:33
od Minmi
Super, vďaka :thumbsup:

Re: Preventívka

Napsal: 20 kvě 2020 06:22
od Diallix
Za malicko :]]
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz