Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zúamalený PC, seká se

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
peeetulaa
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 28 říj 2011 19:29

Zúamalený PC, seká se

#1 Příspěvek od peeetulaa »

Prosím o kontrolu logu, děkuji Petra
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by Petra (administrator) on PETULKYPC (29-09-2018 17:09:17)
Running from C:\Users\Petra\Desktop\Programy
Loaded Profiles: Petra & Administrator (Available Profiles: Petra & Administrator)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Pokki) C:\Users\Petra\AppData\Local\Pokki\Engine\pokki.exe
(Pokki) C:\Users\Petra\AppData\Local\Pokki\Engine\pokki.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Failed to access process -> iexplore.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
() C:\Program Files (x86)\Acer\Live Updater\updater.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\Installer\setup.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\Install\{94B87690-F2CB-4C4A-BCA8-43F51B231004}\GoogleUpdateSetup.exe
(Google Inc.) C:\Program Files (x86)\GUM7B6.tmp\GoogleUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\Installer\setup.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_1206092d\instup.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_1206092d\sbr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Failed to access process -> PhotosApp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-07-25] (McAfee, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7391632 2018-09-29] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm®Atheros®)
HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{97D679FC-521F-45AC-B27F-6D695C1617CE}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2820705233-1879344094-2019307044-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2820705233-1879344094-2019307044-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2820705233-1879344094-2019307044-1001 -> DefaultScope {71D053E3-A2AB-4C8C-A44E-C0246B791A33} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-09-29] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-09-29] (Google Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-09-29] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-09-29] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-09-29] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-09-29] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2013-07-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2013-07-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2013-07-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2013-07-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2013-07-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2013-07-25] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: beo6don1.default
FF ProfilePath: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\beo6don1.default [2018-09-29]
FF Extension: (Firefox Monitor) - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\beo6don1.default\features\{862a06f5-c83a-4906-b387-4c465e1ca07e}\fxmonitor@mozilla.org.xpi [2018-09-29]
FF Extension: (Telemetry coverage) - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\beo6don1.default\features\{862a06f5-c83a-4906-b387-4c465e1ca07e}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-29] [Legacy]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2018-09-29] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor [2018-09-29] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-09-29] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2013-07-25] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2013-07-25] ()
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2013-07-22] (McAfee, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2018-09-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2018-09-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-13] ()

Chrome:
=======
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default [2018-09-29]
CHR Extension: (Prezentace) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-29]
CHR Extension: (Dokumenty) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-29]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-29]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-29]
CHR Extension: (Tabulky) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-29]
CHR Extension: (SiteAdvisor) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-09-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-29]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-29]
CHR Extension: (Chrome Media Router) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-29]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-09-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2018-09-29] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [326856 2013-07-10] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [326856 2013-07-10] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [175464 2013-07-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [326856 2013-07-10] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [326856 2013-07-10] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-07-06] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [326856 2013-07-10] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [326856 2013-07-10] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [326856 2013-07-10] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-08-05] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [326856 2013-07-10] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2018-09-29] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2018-09-29] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [107792 2018-09-29] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2018-09-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2018-09-29] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1070904 2018-09-29] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [465792 2018-09-29] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [166432 2018-09-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2018-09-29] (AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [377040 2013-07-09] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [95984 2013-07-09] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 00:29 - 2018-09-30 00:29 - 000262144 _____ C:\WINDOWS\system32\config\userdiff
2018-09-30 00:29 - 2018-09-30 00:29 - 000000000 ____D C:\Windows.old
2018-09-30 00:05 - 2018-09-30 00:05 - 000000000 ____D C:\$WINDOWS.~BT
2018-09-30 00:04 - 2018-09-30 00:04 - 000000000 ___HD C:\$SysReset
2018-09-29 17:17 - 2018-09-29 17:03 - 000199712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-09-29 17:17 - 2018-09-29 16:54 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-09-29 17:17 - 2018-09-29 16:54 - 000249016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-09-29 17:17 - 2018-09-29 16:54 - 000229384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-09-29 17:17 - 2018-09-29 16:54 - 000201320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-09-29 17:17 - 2018-09-29 16:54 - 000059568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-09-29 17:11 - 2018-09-29 17:03 - 000379608 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-09-29 17:11 - 2018-09-29 16:59 - 001142072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-29 17:11 - 2018-09-29 16:59 - 001001272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-29 16:28 - 2018-09-29 16:28 - 000000000 ____D C:\Users\Petra\AppData\Roaming\AVAST Software
2018-09-29 16:26 - 2018-09-29 16:26 - 000003882 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1538231158
2018-09-29 16:26 - 2018-09-29 16:26 - 000001942 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2018-09-29 16:26 - 2018-09-29 16:26 - 000001057 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2018-09-29 16:26 - 2018-09-29 16:26 - 000001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2018-09-29 16:26 - 2018-09-29 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-09-29 16:24 - 2018-09-29 16:24 - 000044952 _____ () C:\WINDOWS\system32\Drivers\staport.sys.153823104765613
2018-09-29 16:24 - 2018-09-29 16:24 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-09-29 16:24 - 2018-09-29 16:24 - 000000000 ____D C:\Program Files\Common Files\avast software
2018-09-29 16:23 - 2018-09-29 16:36 - 000004174 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-09-29 16:23 - 2018-09-29 16:23 - 007649280 _____ C:\Program Files (x86)\GUT7D6.tmp
2018-09-29 16:23 - 2018-09-29 16:23 - 000000000 ____D C:\Program Files (x86)\GUM7B6.tmp
2018-09-29 16:22 - 2018-09-29 16:22 - 000000000 ____D C:\Program Files\Google
2018-09-29 16:21 - 2018-09-29 16:23 - 000000000 ____D C:\ProgramData\Google
2018-09-29 16:20 - 2018-09-29 16:20 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-29 16:20 - 2018-09-29 16:20 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-29 16:17 - 2018-09-29 16:30 - 000003386 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-09-29 16:16 - 2018-09-29 16:30 - 000003258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-29 16:16 - 2018-09-29 16:28 - 000000000 ____D C:\Users\Petra\AppData\Local\Google
2018-09-29 16:16 - 2018-09-29 16:22 - 000000000 ____D C:\Program Files (x86)\Google
2018-09-29 16:13 - 2018-09-29 17:04 - 000214800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-09-29 16:13 - 2018-09-29 17:03 - 000467232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-09-29 16:13 - 2018-09-29 17:03 - 000381560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-09-29 16:13 - 2018-09-29 17:03 - 000163272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-09-29 16:13 - 2018-09-29 17:03 - 000111864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-09-29 16:13 - 2018-09-29 17:03 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-09-29 16:13 - 2018-09-29 17:03 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-09-29 16:13 - 2018-09-29 16:56 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-09-29 16:13 - 2018-09-29 16:24 - 000292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2110528ef7db2a5b.tmp
2018-09-29 16:13 - 2018-09-29 16:04 - 000465792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7379edca1d147eba.tmp
2018-09-29 16:13 - 2018-09-29 16:04 - 000166432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2c7ed030cca34aae.tmp
2018-09-29 16:13 - 2018-09-29 16:04 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw702a87d1bccfdcd7.tmp
2018-09-29 16:13 - 2018-09-29 16:04 - 000103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4503b903de537650.tmp
2018-09-29 16:13 - 2018-09-29 16:04 - 000074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswdb8142f762f75262.tmp
2018-09-29 16:13 - 2018-09-29 16:04 - 000037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7a03130b88205a17.tmp
2018-09-29 16:13 - 2018-09-29 16:01 - 001070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswda9d2d3a5da5bbbc.tmp
2018-09-29 16:13 - 2018-09-29 16:01 - 000037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-09-29 16:04 - 2018-09-29 17:11 - 000000000 ____D C:\Users\Petra\AppData\Roaming\vlc
2018-09-29 16:03 - 2018-09-29 16:03 - 000052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2018-09-29 16:00 - 2018-09-29 16:00 - 000001090 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-29 16:00 - 2018-09-29 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-09-29 15:59 - 2018-09-29 16:01 - 000000000 ____D C:\Program Files\AVAST Software
2018-09-29 15:57 - 2018-09-29 17:08 - 000000000 ____D C:\ProgramData\AVAST Software
2018-09-29 15:55 - 2018-09-29 15:55 - 040210008 _____ C:\Users\Petra\Downloads\vlc-3.0.4-win32.exe
2018-09-29 15:55 - 2018-09-29 15:55 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2018-09-29 15:40 - 2018-09-29 15:47 - 000000000 ____D C:\Users\Petra\AppData\Local\Mozilla
2018-09-29 15:40 - 2018-09-29 15:40 - 000000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-29 15:40 - 2018-09-29 15:40 - 000000940 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-29 15:40 - 2018-09-29 15:40 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Mozilla
2018-09-29 15:40 - 2018-09-29 15:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-29 15:39 - 2018-09-29 15:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-29 15:32 - 2018-09-29 15:32 - 000000000 ____D C:\Users\Petra\AppData\Local\Acer Aspire R7 Tutorial
2018-09-29 15:28 - 2018-09-29 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-09-29 15:23 - 2018-09-29 15:23 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-09-29 15:17 - 2018-09-29 15:17 - 000003690 _____ C:\WINDOWS\System32\Tasks\ALU_SelfUpgrade
2018-09-29 15:14 - 2018-09-29 15:33 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2820705233-1879344094-2019307044-1001
2018-09-29 15:08 - 2018-09-29 15:08 - 000000000 ____D C:\Users\Public\Pokki
2018-09-29 15:08 - 2018-09-29 15:08 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Synaptics
2018-09-29 15:04 - 2018-09-29 15:04 - 000001280 _____ C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
2018-09-29 15:04 - 2018-09-29 15:04 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Atheros
2018-09-29 15:03 - 2018-09-29 15:04 - 000000000 ____D C:\Users\Petra\AppData\Local\clear.fi
2018-09-29 15:03 - 2018-09-29 15:03 - 000017264 _____ C:\Users\Petra\Desktop\Odebrané aplikace.html
2018-09-29 15:02 - 2018-09-29 15:02 - 000000000 ____D C:\ProgramData\OEM_YAHOO
2018-09-29 15:01 - 2018-09-29 16:31 - 000000000 ____D C:\Users\Petra\AppData\Local\VirtualStore
2018-09-29 15:01 - 2018-09-29 15:01 - 000001430 _____ C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-09-29 15:01 - 2018-09-29 15:01 - 000000020 ___SH C:\Users\Petra\ntuser.ini
2018-09-29 15:01 - 2018-09-29 15:01 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Adobe
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Šablony
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Poslední
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Okolní síť
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Dokumenty
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\Data aplikací
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\ProgramData\Šablony
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\ProgramData\Plocha
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\ProgramData\Dokumenty
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\ProgramData\Data aplikací
2018-09-29 14:35 - 2018-09-29 14:35 - 000004034 _____ C:\Users\Administrator\AppData\Local\Application.xml
2018-09-29 14:33 - 2018-09-29 15:25 - 000000000 ____D C:\Users\Petra\AppData\Local\Pokki
2018-09-29 14:33 - 2018-09-29 15:21 - 000000000 ____D C:\Users\Petra
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Šablony
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Soubory cookie
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Poslední
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Okolní tiskárny
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Okolní síť
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Nabídka Start
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Dokumenty
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Documents\Obrázky
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Documents\Hudba
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Documents\Filmy
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\Data aplikací
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-29 14:33 - 2018-09-29 14:33 - 000000000 _SHDL C:\Users\Petra\AppData\Local\Data aplikací
2018-09-29 14:32 - 2018-09-29 14:35 - 000024768 _____ C:\WINDOWS\diagwrn.xml
2018-09-29 14:32 - 2018-09-29 14:35 - 000024768 _____ C:\WINDOWS\diagerr.xml
2018-09-29 14:31 - 2018-09-29 14:31 - 000279616 _____ C:\WINDOWS\Minidump\092918-69031-01.dmp
2018-09-29 14:31 - 2018-09-29 14:31 - 000000000 ____D C:\WINDOWS\Minidump
2018-09-29 14:30 - 2018-09-29 14:30 - 190308957 _____ C:\WINDOWS\MEMORY.DMP
2018-09-29 13:49 - 2018-09-29 13:53 - 085471382 _____ C:\Users\Petra\Downloads\Ulice-3527-2.10.2018.mp4.part
2018-09-29 13:49 - 2018-09-29 13:49 - 000000000 _____ C:\Users\Petra\Downloads\Ulice-3527-2.10.2018.mp4
2018-09-29 10:28 - 2018-09-29 10:43 - 103645827 _____ C:\Users\Petra\Downloads\Ulice 3527 UT (2).mp4.part
2018-09-29 10:28 - 2018-09-29 10:28 - 000000000 _____ C:\Users\Petra\Downloads\Ulice 3527 UT (2).mp4
2018-09-28 18:24 - 2018-09-28 18:27 - 415496781 _____ C:\Users\Petra\Downloads\Ulice-3526-1.10.2018.mp4
2018-09-28 18:21 - 2018-09-28 18:24 - 198741763 _____ C:\Users\Petra\Downloads\Ulice 3525 (1).mp4
2018-09-28 18:20 - 2018-09-28 18:25 - 410795208 _____ C:\Users\Petra\Downloads\Ulice 3524 (Patrik) HD.mp4
2018-09-28 17:56 - 2018-09-28 18:12 - 728278954 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(3).mkv
2018-09-28 17:47 - 2018-09-28 17:53 - 053801046 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(2).mkv.part
2018-09-28 17:47 - 2018-09-28 17:47 - 000000000 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(2).mkv
2018-09-28 17:45 - 2018-09-28 17:48 - 015861120 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p (1).mkv.crdownload
2018-09-28 17:44 - 2018-09-28 17:46 - 002904344 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(1).mkv.part
2018-09-28 17:44 - 2018-09-28 17:44 - 000000000 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(1).mkv
2018-09-28 17:39 - 2018-09-28 17:42 - 004958398 _____ C:\Users\Petra\Downloads\Ulice 3525 .mp4.part
2018-09-28 17:39 - 2018-09-28 17:39 - 000000000 _____ C:\Users\Petra\Downloads\Ulice 3525 .mp4
2018-09-28 17:30 - 2018-09-28 17:39 - 304886554 _____ C:\Users\Petra\Downloads\Ulice 3524.mp4.part
2018-09-28 17:30 - 2018-09-28 17:30 - 000000000 _____ C:\Users\Petra\Downloads\Ulice 3524.mp4
2018-09-28 17:29 - 2018-09-28 17:39 - 464404914 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p.mkv.part
2018-09-28 17:29 - 2018-09-28 17:29 - 000000000 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p.mkv
2018-09-23 13:14 - 2018-09-23 13:18 - 424162684 _____ C:\Users\Petra\Downloads\3522,Ulice,díl.35122, (25.9.2018) 3522.Serial.ČR(1).avi
2018-09-23 12:55 - 2018-09-23 13:14 - 151669878 _____ C:\Users\Petra\Downloads\3522,Ulice,díl.35122, (25.9.2018) 3522.Serial.ČR.avi.part
2018-09-23 12:55 - 2018-09-23 12:55 - 000000000 _____ C:\Users\Petra\Downloads\3522,Ulice,díl.35122, (25.9.2018) 3522.Serial.ČR.avi
2018-09-23 12:32 - 2018-09-23 12:36 - 380313265 _____ C:\Users\Petra\Downloads\Ulice 3521(1).mp4
2018-09-23 12:27 - 2018-09-23 12:30 - 148693142 _____ C:\Users\Petra\Downloads\Ulice 3521.mp4.part
2018-09-23 12:27 - 2018-09-23 12:27 - 000000000 _____ C:\Users\Petra\Downloads\Ulice 3521.mp4
2018-09-21 12:59 - 2018-09-21 13:01 - 380313265 _____ C:\Users\Petra\Downloads\Ulice 3521 .mp4
2018-09-11 10:45 - 2018-09-11 11:01 - 1981415424 _____ C:\Users\Petra\Downloads\Akta Pentagon - Skrytá válka 2017 Cz dab..avi
2018-09-11 10:44 - 2018-09-11 10:58 - 1389654016 _____ C:\Users\Petra\Downloads\Cesta za králem trollů Askeladden - I Dovregubbens hall (2017)(CZ).avi
2018-09-11 10:29 - 2018-09-11 10:42 - 1762077344 _____ C:\Users\Petra\Downloads\Thor Ragnarok.avi
2018-08-31 11:55 - 2018-08-31 12:19 - 1606085092 _____ C:\Users\Petra\Downloads\Tomb Raider 2018 Cz dab..avi
2018-08-31 11:55 - 2018-08-31 12:16 - 1809642250 _____ C:\Users\Petra\Downloads\Operace Entebbe 2018 Cz dab..avi
2018-08-31 11:55 - 2018-08-31 12:13 - 1324322622 _____ C:\Users\Petra\Downloads\Trojí život 2018 - CZ.avi
2018-08-30 15:48 - 2018-08-30 15:48 - 000000000 ____D C:\Users\Petra\Documents\Avast! Pro Antivirus & Internet Security & Premier + License Key
2018-08-30 15:18 - 2018-09-20 08:34 - 000000000 ____D C:\Users\Petra\Desktop\Programy
2018-08-30 14:22 - 2018-08-30 15:34 - 1941075968 _____ C:\Users\Petra\Downloads\Bicentennial Man - Andrew-člen naší rodiny 1999.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-21 15:36 - 2013-11-08 14:15 - 000000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2013-11-08 14:15 - 000000712 _____ C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2018-09-30 00:29 - 2013-08-22 17:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template
2018-09-29 17:09 - 2015-10-21 19:57 - 000000000 ____D C:\FRST
2018-09-29 16:59 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-29 15:40 - 2016-11-17 16:02 - 000000000 ____D C:\Users\Petra\AppData\LocalLow\Mozilla
2018-09-29 15:30 - 2013-11-08 14:43 - 000739924 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-29 15:30 - 2013-11-08 14:43 - 000151610 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-29 15:30 - 2013-09-05 14:22 - 001745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-29 15:30 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-09-29 15:28 - 2013-09-05 14:35 - 000000000 ____D C:\ProgramData\McAfee
2018-09-29 15:28 - 2013-09-05 14:35 - 000000000 ____D C:\Program Files\Common Files\mcafee
2018-09-29 15:22 - 2014-12-30 14:06 - 000000000 ___RD C:\Users\Petra\SkyDrive
2018-09-29 15:21 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-29 15:20 - 2013-08-22 16:44 - 000336416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-29 15:13 - 2013-11-08 14:33 - 000003546 _____ C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2018-09-29 15:13 - 2013-11-08 14:33 - 000000000 ____D C:\ProgramData\Norton
2018-09-29 15:08 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-29 15:07 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2018-09-29 15:03 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-29 15:02 - 2013-09-05 15:08 - 000000000 ___HD C:\OEM
2018-09-29 15:01 - 2014-12-30 13:58 - 000000000 ____D C:\Users\Petra\AppData\Local\Packages
2018-09-29 15:01 - 2013-09-05 15:16 - 000000000 ___DC C:\WINDOWS\Panther
2018-09-29 15:01 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-09-29 15:01 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\WinStore
2018-09-29 15:01 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\FileManager
2018-09-29 15:01 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\Camera
2018-09-29 14:44 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2018-09-29 14:36 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows NT
2018-09-29 14:35 - 2013-08-22 17:36 - 000000000 __RHD C:\Users\Public\Libraries
2018-09-29 13:55 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-09-28 18:06 - 2015-01-19 22:26 - 001997824 ___SH C:\Users\Petra\Desktop\Thumbs.db
2018-09-28 17:12 - 2017-04-26 12:41 - 000000000 ___RD C:\Users\Petra\Disk Google
2018-09-28 17:11 - 2015-01-02 17:58 - 000000000 __RDO C:\Users\Petra\OneDrive
2018-09-20 13:51 - 2015-02-04 21:42 - 000000000 ____D C:\Users\Petra\Documents\programy
2018-09-20 13:51 - 2015-01-23 20:12 - 001281536 ___SH C:\Users\Petra\Downloads\Thumbs.db
2018-09-20 13:50 - 2015-02-04 21:41 - 000000000 ____D C:\Users\Petra\Documents\Books
2018-08-30 11:54 - 2015-01-02 18:07 - 000000000 ____D C:\AdwCleaner

==================== Files in the root of some directories =======

2018-09-29 16:23 - 2018-09-29 16:23 - 007649280 _____ () C:\Program Files (x86)\GUT7D6.tmp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2013-09-05 14:17

==================== End of FRST.txt ============================
Nahoru
peeetulaa
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 28 říj 2011 19:29

Re: Zpomalený PC, seká se

#2 Příspěvek od peeetulaa »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Petra (29-09-2018 17:23:43)
Running from C:\Users\Petra\Desktop\Programy
Windows 8.1 (X64) (2018-09-29 12:36:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2820705233-1879344094-2019307044-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2820705233-1879344094-2019307044-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2820705233-1879344094-2019307044-1003 - Limited - Enabled)
Petra (S-1-5-21-2820705233-1879344094-2019307044-1001 - Administrator - Enabled) => C:\Users\Petra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Antispyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: McAfee Anti-Virus and Antispyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Aloha TriPeaks (HKLM-x32\...\WTA-01e6c099-5b39-4643-aef5-aeb3d7889d19) (Version: 2.2.0.98 - WildTangent) Hidden
Avast Pro Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-21b61ce0-e954-47dd-a4af-57abdf8017cb) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-0a0c80ac-a426-48e4-ac22-5430791ea036) (Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (HKLM-x32\...\WTA-0b0cb5c8-6f31-4287-8ef3-1a638ff4a06d) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-6ee8adcb-e7fb-41f4-b22d-dde52c9fc683) (Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.397 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 62.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.2 (x64 cs)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\NARA) (Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Peggle Nights (HKLM-x32\...\WTA-204005d8-a720-436d-9c98-b02e919e002e) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-c543f1c1-bafe-4208-83af-bcbe4b107b1b) (Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\...\Pokki) (Version: 0.265.14.261 - Pokki)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (HKLM-x32\...\SafeZone 1.48.2066.101) (Version: 1.48.2066.101 - Avast Software) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-652002c1-99df-455e-b5fc-c10b3c5f937f) (Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-5561028f-be5f-4809-8864-9338488a4820) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.10.20 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-29] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-29] (AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2013-09-07] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-29] (AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2013-07-25] (McAfee, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-29] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2013-09-07] (Qualcomm®Atheros®)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-08-20] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-29] (AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2013-07-25] (McAfee, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F3BD575-A3E5-4461-9021-92C4D216F8A5} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {3A8BA86F-F0AC-46B7-9EAF-6C6F9018C3CF} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {3FBD2C85-2A13-44D3-83F1-BD5453A2A5DF} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-27] (Acer Incorporated)
Task: {427711F9-2130-4BCA-B78A-0D7B5040A71D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {542E1F1B-3DF9-483F-9D03-068709947C48} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-06] (Acer Incorporated)
Task: {6817B619-1DD5-4D83-98F5-5A2761C04F70} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-09-29] (AVAST Software)
Task: {6CB4A7EB-4198-4361-B5D3-2BD425FAD6F6} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {9161B3A2-BFE6-47CC-A934-1ED9C6CB6576} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {B2CAA448-1528-4657-8AC7-C7A157209525} - System32\Tasks\ALU_SelfUpgrade => C:\ProgramData\Acer\updater2\Download\52971980\D\UpgradeDownload.exe [2018-09-29] ()
Task: {B8EE0408-2591-4068-A977-0DAC72EBEC82} - System32\Tasks\SafeZone scheduled Autoupdate 1538231158 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {BAEBF5B5-4B4B-4CA8-8C94-FF1D6CB5525A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2018-09-29] (AVAST Software)
Task: {C0F2F5E0-550A-4513-A55F-F88273F261D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-29] (Google Inc.)
Task: {C2A2795A-B61B-474E-980C-66F0F2B99BE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-29] (Google Inc.)
Task: {EF7CCA48-D8DA-4AD8-A7E7-02C6EF4A1EDA} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-11-08 14:36 - 2013-07-31 04:11 - 000110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-07 11:48 - 2013-09-07 11:48 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 11:45 - 2013-09-07 11:45 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 11:52 - 2013-09-07 11:52 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-07-08 23:34 - 2013-07-08 23:34 - 004150312 _____ () C:\Program Files (x86)\Acer\Live Updater\updater.exe
2013-11-08 14:08 - 2013-09-04 01:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-09-29 14:33 - 2013-07-31 19:32 - 000716288 _____ () C:\Users\Petra\AppData\Local\Pokki\Engine\libglesv2.dll
2018-09-29 14:33 - 2013-07-31 19:32 - 000130048 _____ () C:\Users\Petra\AppData\Local\Pokki\Engine\libegl.dll
2018-09-29 16:03 - 2018-09-29 16:03 - 000123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2018-09-29 16:03 - 2018-09-29 16:03 - 000135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2018-09-29 16:14 - 2018-09-29 16:14 - 002891264 _____ () C:\Program Files\AVAST Software\Avast\defs\16042700\algo.dll
2018-09-29 16:03 - 2018-09-29 16:03 - 000479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-09-29 16:30 - 2018-09-29 16:30 - 005702288 _____ () C:\Program Files\AVAST Software\Avast\defs\18092902\algo.dll
2018-09-29 16:04 - 2018-09-29 16:04 - 040539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-09-29 16:48 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petra\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
HKU\S-1-5-21-2820705233-1879344094-2019307044-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5DB11537-1FBE-4424-96FB-8124D0989494}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{845A9684-323C-4729-987D-7F3C48E97C82}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{69968AB0-2566-4F75-ABA2-E1E0FE860A9B}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{E8C056F3-419B-4378-A010-A07A8F50FB54}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{D987ACE4-CCCD-48B2-BF28-557B6214F868}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{CC8D5160-85B1-4481-A839-25684A3AA47E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{CF2D0F22-8F86-4299-896D-77386348DD23}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2661DDEE-D466-4079-959E-05DB32A9118F}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{4EC1B73C-C132-4C63-90AE-3D3D2DEFBC59}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{CF8271C3-E879-4A24-B429-22B5FA956F5C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{3B1CA549-6EB6-4657-B1B4-59C8B8C46E4D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{328E7FDC-CBA1-4832-AD81-C900446795A7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{64039EA0-293D-42B4-9269-155551E174FD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{CC592BF6-D33E-4093-AD7C-B6D78EC03AB2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{A04110EB-A802-4C38-B52C-06EE3B5BD740}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F9F99F3F-9096-47CB-8A11-05C6A7524852}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{5E785838-9A74-4CDE-9B3E-AEDC14055AD5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{AEAEB599-2821-457E-80D5-6036FD3D9AD9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{89DA45E8-8457-4398-A938-700587F0A324}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{FB9BF1D4-0090-4394-8273-9C26844EEF62}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{D02DF9FB-D177-4040-BA28-BA9FA3164EBC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{060DC6E5-30BE-44EA-92F3-4A3BA31C9585}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{FEDA3C03-BFA0-4D36-A8B1-26710E7C57D1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F42B5B14-2288-4368-8607-1DC86F50A168}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{1DC1E266-2D3E-454A-A3BC-73FE1455B7D5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{AB613719-9C13-4EA1-B861-82FBA47E6B9F}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{A62618D8-23CD-41EF-88F5-57EF8842F86C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{75EBF5D4-B2D3-45F8-B26F-8B07C60ACDC0}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{66885397-8365-499F-814A-3C66529D54DE}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{F7437D70-AE5B-445A-8EFF-E860438C573D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{C99E3321-2C60-45C6-A416-802213D67AE3}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{5332C514-65C7-4F0A-9585-E9C7ADEE3608}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F9E8E48A-F75D-484B-85B9-66B745A4150B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{7987DD2A-B354-4FE0-AA28-58D9462EEC39}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{6E743FCF-F0D9-46A6-87FF-12F448373B3E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{0736014C-3875-44C4-9821-C35AF28D66CF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{5F352843-6113-49E3-A6C8-4803AEC181C9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{34B402B5-D42F-47C4-8EF8-3EB92C373265}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{1891A96A-ACA2-4DF8-B6FA-5DEDBA7D7C76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D2561915-9AF0-49B9-9F94-A54485B8B38F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{34824EA9-1566-49EA-8284-B6A407971C5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DF952CDC-293A-463C-A39C-27CF1FC2C746}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
FirewallRules: [{9C826F0B-2A6A-4083-859B-52793A667764}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
FirewallRules: [{E108B458-9135-4DBC-B542-27DF6A5AEFDA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{BAA7957A-492A-4E1E-800E-6EAD92A95A61}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2018 05:26:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1834

Čas spuštění: 01d458080d7f0055

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 012a6afc-c3fc-11e8-8257-201a06ab26d9

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/29/2018 05:11:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: c68

Čas spuštění: 01d45805f1b40080

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: e7ace3a2-c3f9-11e8-8257-201a06ab26d9

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/29/2018 04:57:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETULKYPC)
Description: Aplikaci FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/29/2018 04:57:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: PETULKYPC)
Description: Aplikace FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager se nespustila ve stanovenou dobu.

Error: (09/29/2018 04:26:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1120

Čas spuštění: 01d457ffa861f1ac

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 9fb77320-c3f3-11e8-8257-201a06ab26d9

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/29/2018 04:11:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1498

Čas spuštění: 01d457fd8fce5896

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 84b54771-c3f1-11e8-8257-201a06ab26d9

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/29/2018 03:56:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 171c

Čas spuštění: 01d457fb77b6ec06

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 6c912446-c3ef-11e8-8257-201a06ab26d9

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/29/2018 03:41:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 5c8

Čas spuštění: 01d457f961ab4f0d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 52c9c4e1-c3ed-11e8-8257-201a06ab26d9

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (09/29/2018 03:31:16 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: E:\Device\HarddiskVolume83

Error: (09/29/2018 03:31:01 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: E:\Device\HarddiskVolume73

Error: (09/29/2018 03:25:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {209500FC-6B45-4693-8871-6296C4843751} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/29/2018 03:22:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/29/2018 03:22:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Windows Defender bylo dosaženo časového limitu (30000 ms).

Error: (09/29/2018 03:21:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (3:02:25 PM, ‎9/‎29/‎2018) bylo neočekávané.

Error: (09/29/2018 03:04:34 PM) (Source: DCOM) (EventID: 10001) (User: PETULKYPC)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15616
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

Error: (09/29/2018 03:04:34 PM) (Source: DCOM) (EventID: 10001) (User: PETULKYPC)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15616
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) 2955U @ 1.40GHz
Percentage of memory in use: 57%
Total physical RAM: 3976.27 MB
Available physical RAM: 1706.99 MB
Total Virtual: 8072.27 MB
Available Virtual: 4447.07 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.69 GB) (Free:291.75 GB) NTFS
Drive f: () (Removable) (Total:59.97 GB) (Free:57.73 GB) FAT32

\\?\Volume{220fbc60-e8da-47a5-bbd7-6823a397c390}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.12 GB) NTFS
\\?\Volume{3ef655b9-eee5-4f48-8cb5-f285eeba8491}\ (Push Button Reset) (Fixed) (Total:17.01 GB) (Free:2.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 98DB8148)

Partition: GPT.

========================================================
Disk: 1 (Size: 60 GB) (Disk ID: 9F8A7307)
Partition 1: (Active) - (Size=60 GB) - (Type=0C)

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118267
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zúamalený PC, seká se

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
peeetulaa
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 28 říj 2011 19:29

Re: Zúamalený PC, seká se

#4 Příspěvek od peeetulaa »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-29-2018
# Duration: 00:00:10
# OS: Windows 8.1
# Cleaned: 5
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Pokki
Not Deleted C:\Users\Petra\AppData\Local\Pokki

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Deleted HKCU\Software\Pokki
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1418 octets] - [30/08/2018 11:54:05]
AdwCleaner[C00].txt - [1566 octets] - [30/08/2018 14:06:02]
AdwCleaner[S01].txt - [1360 octets] - [30/08/2018 14:19:48]
AdwCleaner[S02].txt - [1409 octets] - [19/09/2018 22:11:06]
AdwCleaner[S03].txt - [2037 octets] - [29/09/2018 19:54:25]
AdwCleaner[C03].txt - [2093 octets] - [29/09/2018 19:54:56]
AdwCleaner[S04].txt - [2044 octets] - [29/09/2018 22:17:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118267
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zúamalený PC, seká se

#5 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
peeetulaa
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 28 říj 2011 19:29

Re: Zúamalený PC, seká se

#6 Příspěvek od peeetulaa »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Petra (30-09-2018 21:56:16)
Running from C:\Users\Petra\Desktop\Programy
Windows 8.1 (X64) (2018-09-29 20:02:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2820705233-1879344094-2019307044-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2820705233-1879344094-2019307044-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2820705233-1879344094-2019307044-1003 - Limited - Enabled)
Petra (S-1-5-21-2820705233-1879344094-2019307044-1001 - Administrator - Enabled) => C:\Users\Petra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Antispyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Antispyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Aloha TriPeaks (HKLM-x32\...\WTA-01e6c099-5b39-4643-aef5-aeb3d7889d19) (Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-21b61ce0-e954-47dd-a4af-57abdf8017cb) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-0a0c80ac-a426-48e4-ac22-5430791ea036) (Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (HKLM-x32\...\WTA-0b0cb5c8-6f31-4287-8ef3-1a638ff4a06d) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-6ee8adcb-e7fb-41f4-b22d-dde52c9fc683) (Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.397 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 62.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 62.0.2 (x86 en-US)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\NARA) (Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Peggle Nights (HKLM-x32\...\WTA-204005d8-a720-436d-9c98-b02e919e002e) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-c543f1c1-bafe-4208-83af-bcbe4b107b1b) (Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-652002c1-99df-455e-b5fc-c10b3c5f937f) (Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-5561028f-be5f-4809-8864-9338488a4820) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.10.20 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2013-09-07] (Qualcomm®Atheros®)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2013-07-25] (McAfee, Inc.)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2013-09-07] (Qualcomm®Atheros®)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-08-20] (Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2013-07-25] (McAfee, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F3BD575-A3E5-4461-9021-92C4D216F8A5} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {3A8BA86F-F0AC-46B7-9EAF-6C6F9018C3CF} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {3FBD2C85-2A13-44D3-83F1-BD5453A2A5DF} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-27] (Acer Incorporated)
Task: {427711F9-2130-4BCA-B78A-0D7B5040A71D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {542E1F1B-3DF9-483F-9D03-068709947C48} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-06] (Acer Incorporated)
Task: {6CB4A7EB-4198-4361-B5D3-2BD425FAD6F6} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {9161B3A2-BFE6-47CC-A934-1ED9C6CB6576} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {EF7CCA48-D8DA-4AD8-A7E7-02C6EF4A1EDA} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-09-07 11:48 - 2013-09-07 11:48 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 11:45 - 2013-09-07 11:45 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 11:52 - 2013-09-07 11:52 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-07-08 23:34 - 2013-07-08 23:34 - 004150312 _____ () C:\Program Files (x86)\Acer\Live Updater\updater.exe
2013-11-08 14:08 - 2013-09-04 01:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petra\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5DB11537-1FBE-4424-96FB-8124D0989494}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{845A9684-323C-4729-987D-7F3C48E97C82}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{69968AB0-2566-4F75-ABA2-E1E0FE860A9B}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{E8C056F3-419B-4378-A010-A07A8F50FB54}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{D987ACE4-CCCD-48B2-BF28-557B6214F868}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{CC8D5160-85B1-4481-A839-25684A3AA47E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{CF2D0F22-8F86-4299-896D-77386348DD23}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2661DDEE-D466-4079-959E-05DB32A9118F}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{4EC1B73C-C132-4C63-90AE-3D3D2DEFBC59}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{CF8271C3-E879-4A24-B429-22B5FA956F5C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{3B1CA549-6EB6-4657-B1B4-59C8B8C46E4D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{328E7FDC-CBA1-4832-AD81-C900446795A7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{64039EA0-293D-42B4-9269-155551E174FD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{CC592BF6-D33E-4093-AD7C-B6D78EC03AB2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{A04110EB-A802-4C38-B52C-06EE3B5BD740}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F9F99F3F-9096-47CB-8A11-05C6A7524852}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{5E785838-9A74-4CDE-9B3E-AEDC14055AD5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{AEAEB599-2821-457E-80D5-6036FD3D9AD9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{89DA45E8-8457-4398-A938-700587F0A324}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{FB9BF1D4-0090-4394-8273-9C26844EEF62}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{D02DF9FB-D177-4040-BA28-BA9FA3164EBC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{060DC6E5-30BE-44EA-92F3-4A3BA31C9585}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{FEDA3C03-BFA0-4D36-A8B1-26710E7C57D1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F42B5B14-2288-4368-8607-1DC86F50A168}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{1DC1E266-2D3E-454A-A3BC-73FE1455B7D5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{AB613719-9C13-4EA1-B861-82FBA47E6B9F}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{A62618D8-23CD-41EF-88F5-57EF8842F86C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{75EBF5D4-B2D3-45F8-B26F-8B07C60ACDC0}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{66885397-8365-499F-814A-3C66529D54DE}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{F7437D70-AE5B-445A-8EFF-E860438C573D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{C99E3321-2C60-45C6-A416-802213D67AE3}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{5332C514-65C7-4F0A-9585-E9C7ADEE3608}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F9E8E48A-F75D-484B-85B9-66B745A4150B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{7987DD2A-B354-4FE0-AA28-58D9462EEC39}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{6E743FCF-F0D9-46A6-87FF-12F448373B3E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{0736014C-3875-44C4-9821-C35AF28D66CF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{5F352843-6113-49E3-A6C8-4803AEC181C9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{34B402B5-D42F-47C4-8EF8-3EB92C373265}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{55C5924B-D6F8-4E5A-BCD7-A843BB5B711B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A319ECC8-8239-42E4-A9B2-3438904DE41B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

30-09-2018 11:07:12 McAfee Vulnerability Scanner

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/30/2018 09:36:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -528.

Error: (09/30/2018 09:36:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Catalog Database (848) Catalog Database: Při otevírání souboru protokolu C:\WINDOWS\system32\CatRoot2\edb00021.log došlo k chybě -1811 (0xfffff8ed).

Error: (09/30/2018 07:22:06 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014

Error: (09/30/2018 11:10:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 930

Čas spuštění: 01d4589c1b73eb96

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 118d2090-c490-11e8-8257-201a06ab26d9

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/29/2018 10:27:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.9600.16384, časové razítko: 0x52157231
Název chybujícího modulu: jscript9.dll, verze: 11.0.9600.16384, časové razítko: 0x52158459
Kód výjimky: 0xc0000005
Posun chyby: 0x000083d0
ID chybujícího procesu: 0x7f0
Čas spuštění chybující aplikace: 0x01d4583285ed24b1
Cesta k chybující aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\jscript9.dll
ID zprávy: 14716a5b-c426-11e8-8257-201a06ab26d9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/29/2018 10:25:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.9600.16384, časové razítko: 0x52157231
Název chybujícího modulu: jscript9.dll, verze: 11.0.9600.16384, časové razítko: 0x52158459
Kód výjimky: 0xc0000005
Posun chyby: 0x000083d0
ID chybujícího procesu: 0x8e4
Čas spuštění chybující aplikace: 0x01d45832427be67a
Cesta k chybující aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\jscript9.dll
ID zprávy: bf9fa0f3-c425-11e8-8257-201a06ab26d9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (09/30/2018 09:42:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {209500FC-6B45-4693-8871-6296C4843751} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/30/2018 09:37:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba McAfee Proxy Service závisí na službě McAfee Firewall Core Service, která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.

Error: (09/30/2018 09:37:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba McAfee Personal Firewall Service závisí na službě McAfee Firewall Core Service, která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.

Error: (09/30/2018 09:37:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba McAfee Firewall Core Service přestala během spouštění reagovat.

Error: (09/30/2018 09:35:58 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x000000c2 (0x0000000000000007, 0x0000000000001205, 0x00000000247c894c, 0xfffff80001fed733). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: 093018-41062-01

Error: (09/30/2018 07:22:47 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby mcpltsvc s argumenty Není k dispozici za účelem spuštění serveru:
{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (09/30/2018 07:22:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee Platform Services neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/30/2018 07:22:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby McAfee Platform Services bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2018-09-30 21:37:38.447
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.15200.1
Předchozí verze modulu: 1.1.9700.0
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x8050800c
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) 2955U @ 1.40GHz
Percentage of memory in use: 50%
Total physical RAM: 3976.27 MB
Available physical RAM: 1969.74 MB
Total Virtual: 8072.27 MB
Available Virtual: 6044.51 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.69 GB) (Free:313.28 GB) NTFS
Drive f: () (Removable) (Total:59.97 GB) (Free:57.73 GB) FAT32

\\?\Volume{220fbc60-e8da-47a5-bbd7-6823a397c390}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.12 GB) NTFS
\\?\Volume{3ef655b9-eee5-4f48-8cb5-f285eeba8491}\ (Push Button Reset) (Fixed) (Total:17.01 GB) (Free:2.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 98DB8148)

Partition: GPT.

========================================================
Disk: 1 (Size: 60 GB) (Disk ID: 9F8A7307)
Partition 1: (Active) - (Size=60 GB) - (Type=0C)

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118267
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zúamalený PC, seká se

#7 Příspěvek od Rudy »

Toto je pouzr Addition. Ještě potřebuji vidět obsah souboru frst.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
peeetulaa
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 28 říj 2011 19:29

Re: Zúamalený PC, seká se

#8 Příspěvek od peeetulaa »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by Petra (administrator) on PETULKYPC (01-10-2018 11:22:09)
Running from C:\Users\Petra\Desktop\Programy
Loaded Profiles: Petra (Available Profiles: Petra & Administrator)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McA871A.tmp
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\mcu9064.tmp
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUACD.tmp
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm®Atheros®)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{97D679FC-521F-45AC-B27F-6D695C1617CE}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2820705233-1879344094-2019307044-1001 -> DefaultScope {71D053E3-A2AB-4C8C-A44E-C0246B791A33} URL =
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2013-07-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2013-07-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2013-07-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2013-07-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-04-25] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: aqfvqgjh.default
FF ProfilePath: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\aqfvqgjh.default [2018-10-01]
FF Extension: (User search study) - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\aqfvqgjh.default\Extensions\search-nudges@shield.mozilla.org.xpi [2018-09-30] [Legacy]
FF Extension: (Firefox Monitor) - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\aqfvqgjh.default\features\{d07351fa-5460-4758-9532-028bc38611e1}\fxmonitor@mozilla.org.xpi [2018-09-30]
FF Extension: (Telemetry coverage) - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\aqfvqgjh.default\features\{d07351fa-5460-4758-9532-028bc38611e1}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-30] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor [2018-09-29] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-09-30] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2013-07-22] (McAfee, Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-13] ()

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-09-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0035711538338826mcinstcleanup; C:\WINDOWS\TEMP\003571~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-10-08] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
U3 mfehidk01; no ImagePath
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
U3 mfencbdc01; no ImagePath
U3 mfencbdc02; no ImagePath
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 22:21 - 2013-09-23 13:49 - 000197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2018-09-30 21:46 - 2018-09-30 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-09-30 21:35 - 2018-09-30 21:35 - 187470429 _____ C:\WINDOWS\MEMORY.DMP
2018-09-30 21:35 - 2018-09-30 21:35 - 000279616 _____ C:\WINDOWS\Minidump\093018-41062-01.dmp
2018-09-30 21:35 - 2018-09-30 21:35 - 000000000 ____D C:\WINDOWS\Minidump
2018-09-30 07:55 - 2018-10-01 08:37 - 000000000 ____D C:\Windows.old
2018-09-30 07:31 - 2018-09-30 07:31 - 000262144 _____ C:\WINDOWS\system32\config\userdiff
2018-09-30 07:02 - 2018-09-30 07:03 - 000000000 ___HD C:\$SysReset
2018-09-29 22:30 - 2018-09-29 22:30 - 000000000 ____D C:\Users\Petra\AppData\Local\Acer Aspire R7 Tutorial
2018-09-29 22:28 - 2018-09-29 22:35 - 000000000 ____D C:\Users\Petra\AppData\Local\Mozilla
2018-09-29 22:28 - 2018-09-29 22:28 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Mozilla
2018-09-29 22:27 - 2018-09-29 22:27 - 000001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-29 22:27 - 2018-09-29 22:27 - 000001167 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-29 22:27 - 2018-09-29 22:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-29 22:27 - 2018-09-29 22:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-09-29 22:26 - 2018-09-29 22:26 - 037189040 _____ (Igor Pavlov) C:\Users\Petra\Downloads\Firefox Setup 62.0.2.exe
2018-09-29 22:25 - 2018-09-30 21:48 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2820705233-1879344094-2019307044-1001
2018-09-29 22:24 - 2018-09-29 22:24 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Macromedia
2018-09-29 22:21 - 2018-09-29 22:21 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-09-29 22:13 - 2018-09-29 22:13 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Synaptics
2018-09-29 22:11 - 2018-09-29 22:11 - 000001280 _____ C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
2018-09-29 22:11 - 2018-09-29 22:11 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Atheros
2018-09-29 22:10 - 2018-09-29 22:10 - 000000000 ____D C:\Users\Petra\AppData\Local\clear.fi
2018-09-29 22:08 - 2018-09-29 22:08 - 000000000 ____D C:\ProgramData\OEM_YAHOO
2018-09-29 22:07 - 2018-09-29 22:07 - 000001430 _____ C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-09-29 22:07 - 2018-09-29 22:07 - 000000020 ___SH C:\Users\Petra\ntuser.ini
2018-09-29 22:07 - 2018-09-29 22:07 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Adobe
2018-09-29 22:07 - 2018-09-29 22:07 - 000000000 ____D C:\Users\Petra\AppData\Local\VirtualStore
2018-09-29 22:01 - 2018-09-29 22:01 - 000000733 _____ C:\Users\Administrator\AppData\Local\Application.xml
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Šablony
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Poslední
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Okolní síť
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Dokumenty
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\Data aplikací
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\ProgramData\Šablony
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\ProgramData\Plocha
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\ProgramData\Dokumenty
2018-09-29 22:01 - 2018-09-29 22:01 - 000000000 _SHDL C:\ProgramData\Data aplikací
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Šablony
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Soubory cookie
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Poslední
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Okolní tiskárny
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Okolní síť
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Nabídka Start
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Dokumenty
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Documents\Obrázky
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Documents\Hudba
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Documents\Filmy
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\Data aplikací
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-29 21:59 - 2018-09-29 21:59 - 000000000 _SHDL C:\Users\Petra\AppData\Local\Data aplikací
2018-09-29 21:58 - 2018-09-30 21:39 - 000000000 ____D C:\Users\Petra
2018-09-29 21:58 - 2018-09-29 22:14 - 000000000 ____D C:\Users\Petra\AppData\Local\Pokki
2018-09-29 21:58 - 2018-09-29 22:01 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2018-09-29 21:58 - 2018-09-29 22:01 - 000028578 _____ C:\WINDOWS\diagerr.xml
2018-09-29 15:55 - 2018-09-29 15:55 - 040210008 _____ C:\Users\Petra\Downloads\vlc-3.0.4-win32.exe
2018-09-29 15:03 - 2018-09-29 22:10 - 000006598 _____ C:\Users\Petra\Desktop\Odebrané aplikace.html
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2018-09-29 14:36 - 2018-09-29 14:36 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2018-09-29 13:49 - 2018-09-29 13:53 - 085471382 _____ C:\Users\Petra\Downloads\Ulice-3527-2.10.2018.mp4.part
2018-09-29 13:49 - 2018-09-29 13:49 - 000000000 _____ C:\Users\Petra\Downloads\Ulice-3527-2.10.2018.mp4
2018-09-29 10:28 - 2018-09-29 10:43 - 103645827 _____ C:\Users\Petra\Downloads\Ulice 3527 UT (2).mp4.part
2018-09-29 10:28 - 2018-09-29 10:28 - 000000000 _____ C:\Users\Petra\Downloads\Ulice 3527 UT (2).mp4
2018-09-28 18:24 - 2018-09-28 18:27 - 415496781 _____ C:\Users\Petra\Downloads\Ulice-3526-1.10.2018.mp4
2018-09-28 18:21 - 2018-09-28 18:24 - 198741763 _____ C:\Users\Petra\Downloads\Ulice 3525 (1).mp4
2018-09-28 18:20 - 2018-09-28 18:25 - 410795208 _____ C:\Users\Petra\Downloads\Ulice 3524 (Patrik) HD.mp4
2018-09-28 17:56 - 2018-09-28 18:12 - 728278954 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(3).mkv
2018-09-28 17:47 - 2018-09-28 17:53 - 053801046 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(2).mkv.part
2018-09-28 17:47 - 2018-09-28 17:47 - 000000000 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(2).mkv
2018-09-28 17:45 - 2018-09-28 17:48 - 015861120 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p (1).mkv.crdownload
2018-09-28 17:44 - 2018-09-28 17:46 - 002904344 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(1).mkv.part
2018-09-28 17:44 - 2018-09-28 17:44 - 000000000 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p(1).mkv
2018-09-28 17:39 - 2018-09-28 17:42 - 004958398 _____ C:\Users\Petra\Downloads\Ulice 3525 .mp4.part
2018-09-28 17:39 - 2018-09-28 17:39 - 000000000 _____ C:\Users\Petra\Downloads\Ulice 3525 .mp4
2018-09-28 17:30 - 2018-09-28 17:39 - 304886554 _____ C:\Users\Petra\Downloads\Ulice 3524.mp4.part
2018-09-28 17:30 - 2018-09-28 17:30 - 000000000 _____ C:\Users\Petra\Downloads\Ulice 3524.mp4
2018-09-28 17:29 - 2018-09-28 17:39 - 464404914 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p.mkv.part
2018-09-28 17:29 - 2018-09-28 17:29 - 000000000 _____ C:\Users\Petra\Downloads\Ulice.3523.1080p.mkv
2018-09-23 13:14 - 2018-09-23 13:18 - 424162684 _____ C:\Users\Petra\Downloads\3522,Ulice,díl.35122, (25.9.2018) 3522.Serial.ČR(1).avi
2018-09-23 12:55 - 2018-09-23 13:14 - 151669878 _____ C:\Users\Petra\Downloads\3522,Ulice,díl.35122, (25.9.2018) 3522.Serial.ČR.avi.part
2018-09-23 12:55 - 2018-09-23 12:55 - 000000000 _____ C:\Users\Petra\Downloads\3522,Ulice,díl.35122, (25.9.2018) 3522.Serial.ČR.avi
2018-09-23 12:32 - 2018-09-23 12:36 - 380313265 _____ C:\Users\Petra\Downloads\Ulice 3521(1).mp4
2018-09-23 12:27 - 2018-09-23 12:30 - 148693142 _____ C:\Users\Petra\Downloads\Ulice 3521.mp4.part
2018-09-23 12:27 - 2018-09-23 12:27 - 000000000 _____ C:\Users\Petra\Downloads\Ulice 3521.mp4
2018-09-21 12:59 - 2018-09-21 13:01 - 380313265 _____ C:\Users\Petra\Downloads\Ulice 3521 .mp4
2018-09-11 10:45 - 2018-09-11 11:01 - 1981415424 _____ C:\Users\Petra\Downloads\Akta Pentagon - Skrytá válka 2017 Cz dab..avi
2018-09-11 10:44 - 2018-09-11 10:58 - 1389654016 _____ C:\Users\Petra\Downloads\Cesta za králem trollů Askeladden - I Dovregubbens hall (2017)(CZ).avi
2018-09-11 10:29 - 2018-09-11 10:42 - 1762077344 _____ C:\Users\Petra\Downloads\Thor Ragnarok.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-21 15:36 - 2013-11-08 14:15 - 000000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2013-11-08 14:15 - 000000712 _____ C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2018-10-01 11:22 - 2015-10-21 19:57 - 000000000 ____D C:\FRST
2018-10-01 10:12 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-10-01 08:11 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-01 07:34 - 2013-09-05 14:19 - 000000000 ____D C:\Users\Administrator
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 __RSD C:\WINDOWS\Media
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\WinStore
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\icsxml
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\MediaViewer
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\FileManager
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\Camera
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows Defender
2018-10-01 07:34 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-01 07:34 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-10-01 07:33 - 2013-11-08 14:13 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-10-01 07:33 - 2013-09-05 14:35 - 000000000 ____D C:\Program Files (x86)\mcafee.com
2018-10-01 07:33 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-01 07:23 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\registration
2018-10-01 07:22 - 2013-09-05 14:35 - 000000000 ____D C:\ProgramData\McAfee
2018-09-30 22:20 - 2013-09-05 14:35 - 000000000 ____D C:\Program Files\Common Files\mcafee
2018-09-30 22:19 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-09-30 21:56 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-30 21:43 - 2013-11-08 14:43 - 000739924 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-30 21:43 - 2013-11-08 14:43 - 000151610 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-30 21:43 - 2013-09-05 14:22 - 001745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-30 21:41 - 2016-11-17 16:02 - 000000000 ____D C:\Users\Petra\AppData\LocalLow\Mozilla
2018-09-30 21:40 - 2014-12-30 14:06 - 000000000 ___RD C:\Users\Petra\SkyDrive
2018-09-30 21:35 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-30 11:41 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2018-09-30 07:55 - 2013-08-22 17:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template
2018-09-29 22:19 - 2013-08-22 16:44 - 000336416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-29 22:18 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-09-29 22:17 - 2013-11-08 14:33 - 000003546 _____ C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2018-09-29 22:16 - 2013-11-08 14:33 - 000000000 ____D C:\ProgramData\Norton
2018-09-29 22:08 - 2013-09-05 15:08 - 000000000 ___HD C:\OEM
2018-09-29 22:07 - 2014-12-30 13:58 - 000000000 ____D C:\Users\Petra\AppData\Local\Packages
2018-09-29 22:07 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-09-29 22:05 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2018-09-29 22:02 - 2013-09-05 15:16 - 000000000 ___DC C:\WINDOWS\Panther
2018-09-29 22:01 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows NT
2018-09-29 22:00 - 2013-08-22 17:36 - 000000000 __RHD C:\Users\Public\Libraries
2018-09-29 19:53 - 2018-08-30 15:18 - 000000000 ____D C:\Users\Petra\Desktop\Programy
2018-09-28 18:06 - 2015-01-19 22:26 - 001997824 ___SH C:\Users\Petra\Desktop\Thumbs.db
2018-09-28 17:12 - 2017-04-26 12:41 - 000000000 ___RD C:\Users\Petra\Disk Google
2018-09-28 17:11 - 2015-01-02 17:58 - 000000000 __RDO C:\Users\Petra\OneDrive
2018-09-20 13:51 - 2015-02-04 21:42 - 000000000 ____D C:\Users\Petra\Documents\programy
2018-09-20 13:51 - 2015-01-23 20:12 - 001281536 ___SH C:\Users\Petra\Downloads\Thumbs.db
2018-09-20 13:50 - 2015-02-04 21:41 - 000000000 ____D C:\Users\Petra\Documents\Books

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2013-09-05 14:17

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118267
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zúamalený PC, seká se

#9 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
SearchScopes: HKU\S-1-5-21-2820705233-1879344094-2019307044-1001 -> DefaultScope {71D053E3-A2AB-4C8C-A44E-C0246B791A33} URL =
S2 0035711538338826mcinstcleanup; C:\WINDOWS\TEMP\003571~1.EXE [836168 2014-03-13] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
U3 mfehidk01; no ImagePath
U3 mfencbdc01; no ImagePath
U3 mfencbdc02; no ImagePath
C:\WINDOWS\LastGood.Tmp

EmptyTemp:
End
Uložte do C:\Users\Petra\Desktop\Programy jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
peeetulaa
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 28 říj 2011 19:29

Re: Zúamalený PC, seká se

#10 Příspěvek od peeetulaa »

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Petra (01-10-2018 12:41:05) Run:1
Running from C:\Users\Petra\Desktop\Programy
Loaded Profiles: Petra (Available Profiles: Petra & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
SearchScopes: HKU\S-1-5-21-2820705233-1879344094-2019307044-1001 -> DefaultScope {71D053E3-A2AB-4C8C-A44E-C0246B791A33} URL =
S2 0035711538338826mcinstcleanup; C:\WINDOWS\TEMP\003571~1.EXE [836168 2014-03-13] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
U3 mfehidk01; no ImagePath
U3 mfencbdc01; no ImagePath
U3 mfencbdc02; no ImagePath
C:\WINDOWS\LastGood.Tmp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2820705233-1879344094-2019307044-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
0035711538338826mcinstcleanup => service not found.
mfeavfk01 => service not found.
mfehidk01 => service not found.
mfencbdc01 => service not found.
mfencbdc02 => service not found.
C:\WINDOWS\LastGood.Tmp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9222807 B
Java, Flash, Steam htmlcache => 806 B
Windows/system/drivers => 3168357 B
Edge => 0 B
Chrome => 0 B
Firefox => 1089574791 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 18839 B
NetworkService => 2698 B
Petra => 48043834 B
Administrator => 19313 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:41:32 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118267
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zúamalený PC, seká se

#11 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
peeetulaa
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 28 říj 2011 19:29

Re: Zúamalený PC, seká se

#12 Příspěvek od peeetulaa »

jo už je to lepší, rychlejší a přestalo padat a samovolně se restartovat, tak snad dobrý, moc děkuji
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118267
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zúamalený PC, seká se

#13 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“