Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Schnebel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 20 kvě 2020 21:40

Kontrola logu

#1 Příspěvek od Schnebel »

Prosim o kontrolu logu. PC je pomale, nektere programy se obcas nespusti. Momentalne uz 2 dny Save Wizard. Zda se mi, ze od vcera je i problem s WMI
Dekuji

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
durchgeführt von Andy (Administrator) auf WOHNZIMMER-PC (SAMSUNG ELECTRONICS CO., LTD. 350V5C/351V5C/3540VC/3440VC) (20-05-2020 22:32:22)
Gestartet von C:\Users\Vera\Desktop
Geladene Profile: Andy
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Atheros) [Datei ist nicht signiert] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\SETA7F5.tmp
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\SETB481.tmp
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\SETB66C.tmp
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicShellService.exe
(IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Atheros Communications) [Datei ist nicht signiert] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-06-17] (Qualcomm Atheros -> Atheros Communications) [Datei ist nicht signiert]
HKU\S-1-5-21-51485986-1242316386-3765208359-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-02] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.exe: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\firefox.exe: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\81.0.4053.113\Installer\chrmstp.exe [2020-05-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-06-17] (Qualcomm Atheros -> Qualcomm®Atheros®) [Datei ist nicht signiert]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-06-17] (Qualcomm Atheros -> Qualcomm®Atheros®) [Datei ist nicht signiert]
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0CDFFF77-73EC-44F9-A64F-6CFDF015FA5B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {10382642-2284-4D04-A49A-3C20F49C5B3E} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [876320 2016-07-05] (Samsung Electronics CO., LTD. -> SEC)
Task: {144FBC04-B433-491A-9440-9016E28DF3EB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
Task: {1768D42F-A72D-4C69-8BE4-D9194089968E} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {195A5950-E4FE-4F5B-A699-9110E9CFE30D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-11-02] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1D7BDDD0-B68E-4639-A511-4B9C7682335E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {27BCA622-4726-48A0-9026-F8076FD66BA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {40F04851-E6E5-42A2-8D88-AF91A5F0D9BC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-11-02] (Piriform Software Ltd -> Piriform Ltd)
Task: {4A9B0CDB-B693-4FDC-9C0A-9F4054F89E8D} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [1829856 2016-08-27] (Byte Technologies LLC -> Byte Technologies LLC) <==== ACHTUNG
Task: {4C7BE5F4-4048-4A47-9471-E815A8BAADAC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {4D136291-AFBC-4CFA-9791-680A8ED9A76F} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [1829856 2016-08-27] (Byte Technologies LLC -> Byte Technologies LLC) <==== ACHTUNG
Task: {50FA9A47-1F82-49ED-A80F-1825911AE000} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {53A0CF1E-43B8-44A1-9F89-3F0A49544865} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [3148800 2015-08-18] (Samsung Electronics CO., LTD.) [Datei ist nicht signiert]
Task: {669DE7DF-26D2-4EA2-B648-DDDCAC42F08E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
Task: {6DC3B6B2-D2E2-4D1D-84BD-DD85CAAABBA0} - System32\Tasks\Opera scheduled Autoupdate 1533969164 => C:\Users\Vera\AppData\Local\Programs\Opera\launcher.exe
Task: {6E326EE8-2FDD-49BE-88C5-8C78EEB0C5C1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {6FA11511-81F2-4F6D-9BB6-030FB4F4A61E} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {782A08FF-BECC-460A-BC0C-29D530D76DBF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {7EAA24CB-F4F2-4626-B26B-20839FA506BE} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2623808 2015-06-19] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {85ECC0C0-BFD6-4DEA-B1D0-5601E7FF08E0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {B312A61A-5D9B-4EA3-8499-19DC7E082C82} - System32\Tasks\{CDB204DD-6843-4021-8D0B-9238738DAA69} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/ru/abandoninstall?source=lightinstaller&page=tsInstall
Task: {BC5F1F0E-0BAA-4D36-AF6D-7B5991D58AF9} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [3602632 2017-04-26] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {BCD45EE7-AEC7-4260-80C7-8F1980107C54} - System32\Tasks\Opera scheduled assistant Autoupdate 1547875605 => C:\Users\Vera\AppData\Local\Programs\Opera\launcher.exe
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {D7D20954-8D91-4BFA-8076-683F9492AA7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {E43EABEE-757D-43DD-A93C-623079A5D3CC} - \Updater35382.exe -> Keine Datei <==== ACHTUNG
Task: {F4D97F2E-F6D1-47CF-9193-F51C0A456FAF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50727;https=127.0.0.1:50727
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{62CD270C-C407-47EB-A235-357656FAC14C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{75B1F1F0-5217-4DC5-A3EA-8DC52DACDF06}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_40&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0DtC0EtAyB0EtBzy0CtN0D0Tzu0StCyBtAyBtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyCtBzyyEtDtBzztGtAzyyC0BtGzz0F0A0FtGtDtB0EyBtG0D0B0AtBtCtD0D0FyDyCtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyEtC0Azz0B0AtGyCtAtD0FtGyEtBtD0AtG0BtDyD0AtG0FzztA0D0CzztD0D0EyDzytC2QtN0A0LzutB%26cr%3D1104790376%26a%3Dwbf_anvsft_16_40%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_40&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0DtC0EtAyB0EtBzy0CtN0D0Tzu0StCyBtAyBtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyCtBzyyEtDtBzztGtAzyyC0BtGzz0F0A0FtGtDtB0EyBtG0D0B0AtBtCtD0D0FyDyCtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyEtC0Azz0B0AtGyCtAtD0FtGyEtBtD0AtG0BtDyD0AtG0FzztA0D0CzztD0D0EyDzytC2QtN0A0LzutB%26cr%3D1104790376%26a%3Dwbf_anvsft_16_40%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-51485986-1242316386-3765208359-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_40&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0DtC0EtAyB0EtBzy0CtN0D0Tzu0StCyBtAyBtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyCtBzyyEtDtBzztGtAzyyC0BtGzz0F0A0FtGtDtB0EyBtG0D0B0AtBtCtD0D0FyDyCtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyEtC0Azz0B0AtGyCtAtD0FtGyEtBtD0AtG0BtDyD0AtG0FzztA0D0CzztD0D0EyDzytC2QtN0A0LzutB%26cr%3D1104790376%26a%3Dwbf_anvsft_16_40%26os_ver%3D6.3%26os%3DWindows%2B8.1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_40&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0DtC0EtAyB0EtBzy0CtN0D0Tzu0StCyBtAyBtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyCtBzyyEtDtBzztGtAzyyC0BtGzz0F0A0FtGtDtB0EyBtG0D0B0AtBtCtD0D0FyDyCtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyEtC0Azz0B0AtGyCtAtD0FtGyEtBtD0AtG0BtDyD0AtG0FzztA0D0CzztD0D0EyDzytC2QtN0A0LzutB%26cr%3D1104790376%26a%3Dwbf_anvsft_16_40%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_40&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0DtC0EtAyB0EtBzy0CtN0D0Tzu0StCyBtAyBtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyCtBzyyEtDtBzztGtAzyyC0BtGzz0F0A0FtGtDtB0EyBtG0D0B0AtBtCtD0D0FyDyCtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyEtC0Azz0B0AtGyCtAtD0FtGyEtBtD0AtG0BtDyD0AtG0FzztA0D0CzztD0D0EyDzytC2QtN0A0LzutB%26cr%3D1104790376%26a%3Dwbf_anvsft_16_40%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV0NAlhEGQwRbQAIAwtcFQAQJRQBBA8SDFFBdApcBQhHQAMadx9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_40&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0DtC0EtAyB0EtBzy0CtN0D0Tzu0StCyBtAyBtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyCtBzyyEtDtBzztGtAzyyC0BtGzz0F0A0FtGtDtB0EyBtG0D0B0AtBtCtD0D0FyDyCtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyEtC0Azz0B0AtGyCtAtD0FtGyEtBtD0AtG0BtDyD0AtG0FzztA0D0CzztD0D0EyDzytC2QtN0A0LzutB%26cr%3D1104790376%26a%3Dwbf_anvsft_16_40%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_40&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0DtC0EtAyB0EtBzy0CtN0D0Tzu0StCyBtAyBtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyCtBzyyEtDtBzztGtAzyyC0BtGzz0F0A0FtGtDtB0EyBtG0D0B0AtBtCtD0D0FyDyCtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyEtC0Azz0B0AtGyCtAtD0FtGyEtBtD0AtG0BtDyD0AtG0FzztA0D0CzztD0D0EyDzytC2QtN0A0LzutB%26cr%3D1104790376%26a%3Dwbf_anvsft_16_40%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-51485986-1242316386-3765208359-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_40&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0DtC0EtAyB0EtBzy0CtN0D0Tzu0StCyBtAyBtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyCtBzyyEtDtBzztGtAzyyC0BtGzz0F0A0FtGtDtB0EyBtG0D0B0AtBtCtD0D0FyDyCtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyEtC0Azz0B0AtGyCtAtD0FtGyEtBtD0AtG0BtDyD0AtG0FzztA0D0CzztD0D0EyDzytC2QtN0A0LzutB%26cr%3D1104790376%26a%3Dwbf_anvsft_16_40%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-51485986-1242316386-3765208359-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_40&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0DtC0EtAyB0EtBzy0CtN0D0Tzu0StCyBtAyBtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StDyCtBzyyEtDtBzztGtAzyyC0BtGzz0F0A0FtGtDtB0EyBtG0D0B0AtBtCtD0D0FyDyCtB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyCyEtC0Azz0B0AtGyCtAtD0FtGyEtBtD0AtG0BtDyD0AtG0FzztA0D0CzztD0D0EyDzytC2QtN0A0LzutB%26cr%3D1104790376%26a%3Dwbf_anvsft_16_40%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-51485986-1242316386-3765208359-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV0NAlhEGQwRbQAIAwtcFQAQJRQBBA8SDFFBdApcBQhHQAMadx9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-51485986-1242316386-3765208359-1001 -> {A52E5F2B-4B2A-46FC-8583-C22CA56C4413} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-10-28] (IvoSoft) [Datei ist nicht signiert]
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2012-10-28] (IvoSoft) [Datei ist nicht signiert]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-10-28] (IvoSoft) [Datei ist nicht signiert]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2012-10-28] (IvoSoft) [Datei ist nicht signiert]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-10-28] (IvoSoft) [Datei ist nicht signiert]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-10-28] (IvoSoft) [Datei ist nicht signiert]
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://212.4.145.127/activex/AMC.cab

FireFox:
========
FF DefaultProfile: f4msr434.default-1523802840242
FF ProfilePath: C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\f4msr434.default-1523802840242 [2020-05-20]
FF Extension: (Avast Online Security) - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\f4msr434.default-1523802840242\Extensions\wrc@avast.com.xpi [2020-03-18]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Vera\AppData\Roaming\mozilla\plugins\npPxPlay.dll [2015-09-19]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default [2020-05-20]
CHR Notifications: Default -> hxxps://grclip.com; hxxps://manualidades.facilisimo.com
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRghHdVpZVAFIExgacFsKTA1EElAOeVwOAhQVQwEQJF0JV1hHGAIFIk0FA1oDB0VXfV5bFElXTwhxJUpNDU0CaUBB"
CHR StartupUrls: Default -> "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRghHdVpZVAFIExgacFsKTA1EElAOeVwOAhQVQwEQJF0JV1hHGAIFIk0FA1oDB0VXfV5bFElXTwhxJUpNDU0CaUBB"
CHR Extension: (Präsentationen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-06]
CHR Extension: (Docs) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-06]
CHR Extension: (Google Drive) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-13]
CHR Extension: (YouTube) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-13]
CHR Extension: (Google-Suche) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-13]
CHR Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-05-02]
CHR Extension: (Tabellen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-06]
CHR Extension: (Avast Online Security) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-29]
CHR Extension: (Results Hub) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok [2016-05-03] [UpdateUrl:hxxp://cdn.results-hub.com/update] <==== ACHTUNG
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-09]
CHR Extension: (Google Mail) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-06]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - <kein Path/update_url>
CHR HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - <kein Path/update_url>

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [322176 2014-06-17] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-01] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-01] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.0.4053.113\elevation_service.exe [954600 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [63488 2012-10-28] (IvoSoft) [Datei ist nicht signiert]
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593664 2015-06-19] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation -> Intel Corporation)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [297288 2018-04-12] (Byte Technologies LLC -> Byte Technologies LLC.) <==== ACHTUNG
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [181312 2015-09-19] () [Datei ist nicht signiert]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Sony Mobile Communications -> Avanquest Software) [Datei ist nicht signiert]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182120 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3298208 2017-10-11] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13255184 2020-05-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176632 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-06-17] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205880 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234560 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178760 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175704 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [501472 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851592 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460992 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235488 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319120 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athw8x.sys [3680256 2013-06-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 BTATH_HID; C:\WINDOWS\system32\DRIVERS\btath_hid.sys [223432 2014-06-17] (Qualcomm Atheros -> Qualcomm Atheros)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
R3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [136040 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2014-07-08] (Sony Mobile Communications AB -> Sony Mobile Communications)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Samsung Electronics CO., LTD. -> Windows (R) Win 7 DDK provider)
R3 RTL8168; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek )
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [X]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [X]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [X]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [X]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2020-05-20 22:32 - 2020-05-20 22:33 - 000037667 _____ C:\Users\Vera\Desktop\FRST.txt
2020-05-20 22:31 - 2020-05-20 22:32 - 000000000 ____D C:\FRST
2020-05-20 22:27 - 2020-05-20 22:27 - 002286080 _____ (Farbar) C:\Users\Vera\Desktop\FRST64.exe
2020-05-20 21:46 - 2020-05-20 21:46 - 000000017 _____ C:\Users\Vera\AppData\Local\resmon.resmoncfg
2020-05-20 21:16 - 2020-05-20 21:48 - 000002082 _____ C:\Users\Vera\Desktop\Save Wizard for PS4 MAX.lnk
2020-05-20 20:28 - 2020-05-20 20:31 - 000000000 ____D C:\WINDOWS\LastGood
2020-05-20 20:25 - 2020-05-20 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-05-20 20:24 - 2020-05-20 20:24 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-05-20 20:24 - 2020-05-20 20:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-05-20 20:23 - 2014-11-17 22:17 - 000672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-20 20:23 - 2014-11-14 08:54 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-05-20 18:55 - 2020-05-20 18:55 - 000000000 ___RD C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2020-05-20 13:01 - 2020-05-20 13:01 - 000501472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-05-20 13:01 - 2020-05-20 13:01 - 000337560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-05-20 13:01 - 2020-05-20 13:01 - 000235488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-05-20 13:01 - 2020-05-20 13:01 - 000175704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-05-20 12:49 - 2020-05-20 12:49 - 000000000 ____D C:\WINDOWS\softwaredistribution.bak1
2020-05-20 12:41 - 2020-05-20 12:41 - 000000000 ____D C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DataPower
2020-05-20 12:41 - 2020-05-20 12:41 - 000000000 ____D C:\Program Files (x86)\DataPower
2020-05-20 12:10 - 2020-05-11 07:53 - 005267456 _____ C:\Users\Vera\Desktop\swps4max.msi
2020-05-20 11:56 - 2020-05-20 11:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-05-20 11:49 - 2020-05-20 11:49 - 003529400 _____ C:\Users\Vera\Downloads\swps4max (2).zip
2020-05-20 11:49 - 2020-05-20 11:49 - 003529400 _____ C:\Users\Vera\Downloads\swps4max (1).zip
2020-05-20 11:42 - 2020-05-20 12:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-05-20 11:42 - 2020-05-20 11:42 - 000000000 ____D C:\Users\Vera\AppData\Local\TeamViewer
2020-05-20 11:41 - 2020-05-20 19:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-05-20 11:41 - 2020-05-20 11:41 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-05-20 11:41 - 2020-05-20 11:41 - 000001043 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2020-05-20 11:41 - 2020-05-20 11:41 - 000001043 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2020-05-20 11:41 - 2020-05-20 11:41 - 000000000 ____D C:\Users\Vera\AppData\Roaming\TeamViewer
2020-05-20 11:23 - 2020-05-20 11:23 - 026705416 _____ (TeamViewer Germany GmbH) C:\Users\Vera\Downloads\TeamViewer_Setup (1).exe
2020-05-20 11:18 - 2020-05-20 11:18 - 026705416 _____ (TeamViewer Germany GmbH) C:\Users\Vera\Downloads\TeamViewer_Setup.exe
2020-05-17 17:08 - 2020-04-30 05:49 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-05-17 17:08 - 2020-04-30 05:22 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-05-17 17:08 - 2020-04-30 04:55 - 001756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-05-17 17:08 - 2020-04-30 04:43 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-05-17 17:08 - 2020-04-30 04:40 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2020-05-17 17:08 - 2020-04-30 04:37 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2020-05-17 17:08 - 2020-04-30 04:33 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-05-17 17:08 - 2020-04-16 08:04 - 022365896 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-17 17:08 - 2020-04-16 08:04 - 003118032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-05-17 17:08 - 2020-04-16 08:04 - 001368592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-05-17 17:08 - 2020-04-16 08:04 - 000722496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-05-17 17:08 - 2020-04-16 08:04 - 000642488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-05-17 17:08 - 2020-04-16 08:00 - 000374024 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-05-17 17:08 - 2020-04-16 07:15 - 025755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-05-17 17:08 - 2020-04-16 06:30 - 019795840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-05-17 17:08 - 2020-04-16 06:29 - 000561400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-05-17 17:08 - 2020-04-16 06:29 - 000493736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-05-17 17:08 - 2020-04-16 06:25 - 000316368 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-05-17 17:08 - 2020-04-16 05:40 - 002911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-17 17:08 - 2020-04-16 05:38 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-05-17 17:08 - 2020-04-16 05:31 - 020291072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-05-17 17:08 - 2020-04-16 05:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-17 17:08 - 2020-04-16 05:28 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-05-17 17:08 - 2020-04-16 05:27 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-05-17 17:08 - 2020-04-16 05:27 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-05-17 17:08 - 2020-04-16 05:25 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-05-17 17:08 - 2020-04-16 05:14 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-05-17 17:08 - 2020-04-16 05:11 - 002304000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-05-17 17:08 - 2020-04-16 05:07 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-17 17:08 - 2020-04-16 05:06 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-05-17 17:08 - 2020-04-16 05:05 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-05-17 17:08 - 2020-04-16 05:04 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-05-17 17:08 - 2020-04-16 05:03 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-17 17:08 - 2020-04-16 04:59 - 001994240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-05-17 17:08 - 2020-04-16 04:59 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-05-17 17:08 - 2020-04-16 04:54 - 015478272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-05-17 17:08 - 2020-04-16 04:53 - 003258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-05-17 17:08 - 2020-04-16 04:53 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2020-05-17 17:08 - 2020-04-16 04:51 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-05-17 17:08 - 2020-04-16 04:50 - 001384960 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-05-17 17:08 - 2020-04-16 04:49 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2020-05-17 17:08 - 2020-04-16 04:49 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-05-17 17:08 - 2020-04-16 04:48 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-05-17 17:08 - 2020-04-16 04:43 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-05-17 17:08 - 2020-04-16 04:41 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-05-17 17:08 - 2020-04-16 04:41 - 002471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-05-17 17:08 - 2020-04-16 04:40 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-05-17 17:08 - 2020-04-16 04:39 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-05-17 17:08 - 2020-04-16 04:39 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-05-17 17:08 - 2020-04-16 04:38 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-05-17 17:08 - 2020-04-16 04:38 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-05-17 17:08 - 2020-04-16 04:37 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-05-17 17:08 - 2020-04-16 04:35 - 013861376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-05-17 17:08 - 2020-04-16 04:35 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-17 17:08 - 2020-04-16 04:32 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-05-17 17:08 - 2020-04-16 04:30 - 014533632 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-17 17:08 - 2020-04-16 04:28 - 000902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-05-17 17:08 - 2020-04-16 04:27 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-17 17:08 - 2020-04-16 04:26 - 012880384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-05-17 17:08 - 2020-04-16 04:26 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-17 17:08 - 2020-04-16 04:26 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-17 17:08 - 2020-04-16 04:24 - 007799296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-05-17 17:08 - 2020-04-16 04:23 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-17 17:08 - 2020-04-16 04:22 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-05-17 17:08 - 2020-04-16 04:20 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-05-17 17:08 - 2020-04-16 04:20 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2020-05-17 17:08 - 2020-04-16 04:19 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-05-17 17:08 - 2020-04-16 04:18 - 005271552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-05-17 17:08 - 2020-04-16 04:16 - 001341952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-05-17 17:08 - 2020-04-16 04:15 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-05-17 17:08 - 2020-04-16 04:15 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-05-17 17:08 - 2020-04-16 04:14 - 001727488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-05-17 17:08 - 2020-04-16 04:11 - 001546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-05-17 17:08 - 2020-04-16 04:11 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-05-17 17:08 - 2020-04-16 04:11 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-05-17 17:08 - 2020-04-16 04:07 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-05-17 17:08 - 2020-04-16 04:05 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-05-17 17:08 - 2020-04-14 09:33 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2020-05-17 17:08 - 2020-04-14 09:03 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2020-05-17 17:08 - 2020-04-11 20:42 - 007362296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-17 17:08 - 2020-04-11 20:41 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-05-17 17:08 - 2020-04-11 20:39 - 001542696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-05-17 17:08 - 2020-04-11 20:29 - 001737720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-17 17:08 - 2020-04-11 19:31 - 001501096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-05-17 17:08 - 2020-04-11 19:04 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-17 17:08 - 2020-04-11 17:55 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2020-05-17 17:08 - 2020-04-11 17:53 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-05-17 17:08 - 2020-04-11 17:48 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-05-17 17:08 - 2020-04-11 17:47 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-05-17 17:08 - 2020-04-11 17:23 - 001317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-05-17 17:08 - 2020-04-11 17:22 - 001103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-05-17 17:08 - 2020-04-11 02:12 - 002446576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-05-17 17:08 - 2020-04-11 02:12 - 000428784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-05-17 17:08 - 2020-04-09 15:36 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-05-17 17:08 - 2020-04-07 21:30 - 000988472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-05-17 17:08 - 2020-04-07 21:28 - 000857320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-05-17 17:08 - 2020-04-07 15:55 - 003330048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-05-17 17:08 - 2020-04-07 15:51 - 003636224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-05-17 17:08 - 2020-04-04 18:06 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-05-17 17:08 - 2020-04-04 18:01 - 001572864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-05-17 17:08 - 2020-04-04 17:50 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-05-02 16:50 - 2020-05-02 16:50 - 000046918 _____ C:\Users\Vera\Downloads\myMAGicTV.zip
2020-04-24 02:22 - 2020-04-24 02:22 - 000166760 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2020-04-24 02:22 - 2020-04-24 02:22 - 000136040 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2020-05-20 22:12 - 2017-01-28 18:02 - 000000000 ____D C:\Users\Vera\AppData\LocalLow\Mozilla
2020-05-20 21:53 - 2012-12-08 17:43 - 000003594 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-51485986-1242316386-3765208359-1001
2020-05-20 21:52 - 2012-12-15 20:26 - 000000000 ____D C:\Users\Vera\AppData\Local\ElevatedDiagnostics
2020-05-20 21:49 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2020-05-20 21:49 - 2012-10-16 11:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-05-20 21:42 - 2014-03-18 12:03 - 001772686 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-20 21:42 - 2014-03-18 11:25 - 000745148 _____ C:\WINDOWS\system32\perfh007.dat
2020-05-20 21:42 - 2014-03-18 11:25 - 000152704 _____ C:\WINDOWS\system32\perfc007.dat
2020-05-20 21:40 - 2014-06-02 19:37 - 000000000 ____D C:\Users\Vera\AbiSuite
2020-05-20 21:38 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-20 21:38 - 2012-12-08 17:27 - 000000000 ____D C:\Users\Vera\AppData\Local\Packages
2020-05-20 21:37 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-20 21:37 - 2012-12-08 17:29 - 000000000 ____D C:\Users\Vera\AppData\Local\CrashDumps
2020-05-20 20:31 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-20 19:06 - 2015-05-15 22:28 - 000000000 ____D C:\WINDOWS\Minidump
2020-05-20 18:59 - 2014-06-29 18:52 - 000003946 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6269819E-D1FA-45C6-BA31-1669402CE496}
2020-05-20 18:58 - 2019-01-30 20:23 - 000000000 ____D C:\Users\Vera\Downloads\opera autoupdate
2020-05-20 18:58 - 2016-10-03 15:30 - 000000000 ____D C:\Program Files\ByteFence
2020-05-20 18:53 - 2014-06-29 14:00 - 000000000 ____D C:\Users\Vera
2020-05-20 18:53 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-20 18:53 - 2013-01-17 20:32 - 000000000 ____D C:\Temp
2020-05-20 13:02 - 2017-08-16 18:37 - 000003910 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-05-20 13:01 - 2016-05-14 06:55 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-05-20 13:01 - 2013-03-15 19:51 - 000319120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-05-20 13:01 - 2013-03-15 19:51 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-05-20 13:01 - 2013-02-10 19:07 - 000460992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-05-20 13:01 - 2013-02-10 19:07 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-05-20 13:00 - 2019-05-27 20:56 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-05-20 13:00 - 2019-05-27 20:56 - 000178760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-05-20 13:00 - 2019-05-27 20:56 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-05-20 13:00 - 2019-05-27 20:56 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-05-20 13:00 - 2018-02-06 20:44 - 000205880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-05-20 13:00 - 2013-02-10 19:06 - 000851592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-05-20 12:01 - 2016-05-14 04:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-20 12:01 - 2013-08-22 16:44 - 000338048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-20 11:56 - 2016-05-14 04:15 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-05-19 20:54 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2020-05-19 20:34 - 2020-04-16 20:54 - 000004312 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1547875605
2020-05-19 20:31 - 2012-10-16 13:01 - 000000000 ____D C:\ProgramData\WinClon
2020-05-19 18:39 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2020-05-19 14:40 - 2013-08-14 18:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-19 14:33 - 2012-12-13 18:29 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-19 14:12 - 2018-08-11 08:32 - 000004102 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1533969164
2020-05-17 17:10 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-05-17 16:38 - 2019-06-10 13:35 - 000003732 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-05-17 16:38 - 2019-06-10 13:35 - 000003150 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-05-17 16:38 - 2018-11-01 15:05 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-05-17 16:38 - 2018-11-01 15:05 - 000002398 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-05-17 16:38 - 2018-11-01 15:05 - 000002398 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-05-17 16:37 - 2016-10-31 21:11 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-09 12:09 - 2018-02-06 21:08 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-09 12:09 - 2018-02-06 21:08 - 000002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-09 12:09 - 2018-02-06 21:08 - 000002195 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-06 06:31 - 2019-12-16 07:35 - 000000000 ____D C:\Users\Vera\Desktop\Bewerbungen
2020-04-30 06:24 - 2014-03-18 11:53 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2014-05-04 14:12 - 2010-01-26 11:11 - 000444283 _____ () C:\Program Files (x86)\Common Files\WinPcapNmap.exe
2014-04-11 23:02 - 2014-04-11 23:02 - 000000044 _____ () C:\Users\Vera\AppData\Roaming\WB.CFG
2014-01-05 07:36 - 2018-11-23 19:52 - 000009728 _____ () C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-17 17:12 - 2015-05-17 17:16 - 000029696 _____ () C:\Users\Vera\AppData\Local\MSGBOX.EXE
2017-10-10 19:10 - 2017-10-10 19:10 - 000001548 _____ () C:\Users\Vera\AppData\Local\recently-used.xbel
2020-05-20 21:46 - 2020-05-20 21:46 - 000000017 _____ () C:\Users\Vera\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)


LastRegBack: 2020-05-20 19:06
==================== Ende von FRST.txt ========================
Přílohy
Addition.zip
(12.7 KiB) Staženo 67 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#2 Příspěvek od JaRon »

ahoj,
vycisti PC najprv s MBAM a potom s ADWCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Schnebel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 20 kvě 2020 21:40

Re: Kontrola logu

#3 Příspěvek od Schnebel »

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 21.05.20
Scan-Zeit: 08:04
Protokolldatei: f0a49e1c-9b28-11ea-984f-50b7c360a46a.json

-Softwaredaten-
Version: 3.8.3.2965
Komponentenversion: 1.0.613
Version des Aktualisierungspakets: 1.0.16254
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Wohnzimmer-PC\Andy

-Scan-Übersicht-
Scan-Typ: Benutzerdefinierter Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 419176
Erkannte Bedrohungen: 150
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 12 Std., 31 Min., 18 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 1
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCE.EXE, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254

Modul: 2
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCEGUI.DLL, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCE.EXE, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254

Registrierungsschlüssel: 38
PUP.Optional.ByteFence, HKLM\SOFTWARE\CLASSES\*\SHELL\ByteFence File Scan, Keine Aktion durch Benutzer, [1000], [391313],1.0.16254
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Keine Aktion durch Benutzer, [431], [183362],1.0.16254
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Keine Aktion durch Benutzer, [431], [183362],1.0.16254
PUP.Optional.SearchManager, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Keine Aktion durch Benutzer, [431], [183362],1.0.16254
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Keine Aktion durch Benutzer, [240], [182757],1.0.16254
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Keine Aktion durch Benutzer, [240], [182757],1.0.16254
PUP.Optional.WinYahoo, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Keine Aktion durch Benutzer, [240], [182757],1.0.16254
PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211D4A5-48D0-47F5-A7CD-81E861470F7F}, Keine Aktion durch Benutzer, [27], [246105],1.0.16254
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211D4A5-48D0-47F5-A7CD-81E861470F7F}, Keine Aktion durch Benutzer, [27], [246105],1.0.16254
PUP.Optional.Yontoo, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}, Keine Aktion durch Benutzer, [27], [246105],1.0.16254
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Keine Aktion durch Benutzer, [27], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Keine Aktion durch Benutzer, [27], [-1],0.0.0
PUP.Optional.InstallCore, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\CSASTATS\ic, Keine Aktion durch Benutzer, [497], [586068],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELL\ByteFence Folder Scan, Keine Aktion durch Benutzer, [1000], [823186],1.0.16254
PUP.Optional.BDYahoo, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A52E5F2B-4B2A-46FC-8583-C22CA56C4413}, Keine Aktion durch Benutzer, [6527], [235700],1.0.16254
PUP.Optional.InstallCore, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\PRODUCTSETUP, Keine Aktion durch Benutzer, [497], [481004],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\ByteFence, Keine Aktion durch Benutzer, [1000], [388723],1.0.16254
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Keine Aktion durch Benutzer, [1625], [243667],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, Keine Aktion durch Benutzer, [1000], [823187],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, Keine Aktion durch Benutzer, [1000], [823187],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\WOW6432NODE\ByteFence, Keine Aktion durch Benutzer, [1000], [388723],1.0.16254
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr, Keine Aktion durch Benutzer, [485], [244209],1.0.16254
PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E43EABEE-757D-43DD-A93C-623079A5D3CC}, Keine Aktion durch Benutzer, [2753], [186805],1.0.16254
PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E43EABEE-757D-43DD-A93C-623079A5D3CC}, Keine Aktion durch Benutzer, [2753], [186805],1.0.16254
PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Updater35382.exe, Keine Aktion durch Benutzer, [2753], [186805],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence, Keine Aktion durch Benutzer, [1000], [388725],1.0.16254
PUP.Optional.ResultsHub, HKLM\SOFTWARE\WOW6432NODE\RESULTSHUB, Keine Aktion durch Benutzer, [3], [242324],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ByteFence, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4D136291-AFBC-4CFA-9791-680A8ED9A76F}, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{4D136291-AFBC-4CFA-9791-680A8ED9A76F}, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ByteFence Scan, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4A9B0CDB-B693-4FDC-9C0A-9F4054F89E8D}, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{4A9B0CDB-B693-4FDC-9C0A-9F4054F89E8D}, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}, Keine Aktion durch Benutzer, [27], [160140],1.0.16254
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}, Keine Aktion durch Benutzer, [27], [160140],1.0.16254
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Keine Aktion durch Benutzer, [27], [160141],1.0.16254
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Keine Aktion durch Benutzer, [27], [160141],1.0.16254
PUP.Optional.ChipDe, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DesktopIconAmazon, Keine Aktion durch Benutzer, [586], [557991],1.0.16254

Registrierungswert: 19
PUP.Optional.WinYahoo, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Keine Aktion durch Benutzer, [240], [182757],1.0.16254
PUP.Optional.Yontoo, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}|URL, Keine Aktion durch Benutzer, [27], [246105],1.0.16254
PUP.Optional.BDYahoo, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A52E5F2B-4B2A-46FC-8583-C22CA56C4413}|URL, Keine Aktion durch Benutzer, [6527], [235700],1.0.16254
PUP.Optional.BrowserProtect, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TABBEDBROWSING|BPROTECTSHOWTABSWELCOME, Keine Aktion durch Benutzer, [1019], [538248],1.0.16254
PUP.Optional.InstallCore, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\PRODUCTSETUP|TB, Keine Aktion durch Benutzer, [497], [481004],1.0.16254
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|HOSTS-BG.EXE, Keine Aktion durch Benutzer, [1938], [260099],1.0.16254
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Keine Aktion durch Benutzer, [240], [182758],1.0.16254
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Keine Aktion durch Benutzer, [240], [182758],1.0.16254
PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}|URL, Keine Aktion durch Benutzer, [27], [246106],1.0.16254
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Keine Aktion durch Benutzer, [485], [244208],1.0.16254
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Keine Aktion durch Benutzer, [485], [244208],1.0.16254
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Keine Aktion durch Benutzer, [485], [244208],1.0.16254
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Keine Aktion durch Benutzer, [485], [244208],1.0.16254
PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DONOTASKAGAIN, Keine Aktion durch Benutzer, [27], [246561],1.0.16254
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Keine Aktion durch Benutzer, [485], [244209],1.0.16254
PUP.Optional.ResultsHub, HKLM\SOFTWARE\WOW6432NODE\RESULTSHUB|CG, Keine Aktion durch Benutzer, [3], [242324],1.0.16254
PUP.Optional.ResultsHub, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME\ExtensionInstallWhitelist|1, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME\ExtensionInstallWhitelist|1, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|ndboaocbmbbnpkobeaadlhpadmihnfok, Keine Aktion durch Benutzer, [3], [301971],1.0.16254

Registrierungsdaten: 3
PUP.Optional.WinYahoo, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Keine Aktion durch Benutzer, [240], [293459],1.0.16254
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Keine Aktion durch Benutzer, [240], [293461],1.0.16254
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Keine Aktion durch Benutzer, [240], [293461],1.0.16254

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 25
PUP.Optional.ResultsHub, C:\Program Files (x86)\Common Files\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\updater, Keine Aktion durch Benutzer, [3], [179200],1.0.16254
PUP.Optional.ResultsHub, C:\Program Files (x86)\Common Files\3929cb63-cbbd-4b9c-8b92-a50fbd04e656, Keine Aktion durch Benutzer, [3], [179200],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7\resources, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugincontainer, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\2, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\3, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\5, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\6, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\8, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP, Keine Aktion durch Benutzer, [1000], [388718],1.0.16254
PUP.Optional.ByteFence, C:\ProgramData\ByteFence, Keine Aktion durch Benutzer, [1000], [388718],1.0.16254
PUP.Optional.Yontoo, C:\ProgramData\Results Hub, Keine Aktion durch Benutzer, [27], [181336],1.0.16254
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok\1.0.5821.38905_0, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NDBOAOCBMBBNPKOBEAADLHPADMIHNFOK, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\USERS\VERA\APPDATA\LOCAL\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.VBates, C:\Users\Vera\AppData\LocalLow\Company\Product\1.0, Keine Aktion durch Benutzer, [3656], [247040],1.0.16254
PUP.Optional.VBates, C:\USERS\VERA\APPDATA\LOCALLOW\COMPANY\PRODUCT, Keine Aktion durch Benutzer, [3656], [247040],1.0.16254
PUP.Optional.OpenCandy, C:\Users\Vera\AppData\Roaming\OpenCandy\2F31A6568E6E452486C78CDB68D281BF, Keine Aktion durch Benutzer, [1241], [173202],1.0.16254
PUP.Optional.OpenCandy, C:\Users\Vera\AppData\Roaming\OpenCandy\E02FB8F61BB64BB8B1092B2201519B01, Keine Aktion durch Benutzer, [1241], [173202],1.0.16254
PUP.Optional.OpenCandy, C:\Users\Vera\AppData\Roaming\OpenCandy, Keine Aktion durch Benutzer, [1241], [173202],1.0.16254

Datei: 62
PUP.Optional.Yontoo, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Keine Aktion durch Benutzer, [27], [-1],0.0.0
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Keine Aktion durch Benutzer, [27], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Keine Aktion durch Benutzer, [27], [-1],0.0.0
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCEGUI.DLL, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, C:\WINDOWS\SYSTEM32\TASKS\ByteFence, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, C:\WINDOWS\SYSTEM32\TASKS\ByteFence Scan, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, C:\USERS\VERA\APPDATA\ROAMING\Microsoft\Windows\Start Menu\ByteFence\ByteFence Anti-Malware.lnk, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCE.EXE, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\UNINSTALL.EXE, Keine Aktion durch Benutzer, [1000], [822412],1.0.16254
Generic.Malware/Suspicious, C:\PROGRAM FILES (X86)\RESULTS HUB\PRODUCTS\UNRESULTSHUBDESKTOPSEARCH.EXE, Keine Aktion durch Benutzer, [0], [392686],1.0.16254
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\temp, Keine Aktion durch Benutzer, [3], [179199],1.0.16254
PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP\hosts_backup, Keine Aktion durch Benutzer, [1000], [388718],1.0.16254
PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP\uclogfile.bin, Keine Aktion durch Benutzer, [1000], [388718],1.0.16254
PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, Keine Aktion durch Benutzer, [240], [254335],1.0.16254
PUP.Optional.Yontoo, C:\ProgramData\Results Hub\ResultsHubDesktopSearch.exe.config, Keine Aktion durch Benutzer, [27], [181336],1.0.16254
PUP.Optional.Bandoo, C:\PROGRAMDATA\{C296F8FF-A964-4BB7-814C-2DE7755A03C9}\SAVEVIDSETUPV2.RES, Keine Aktion durch Benutzer, [555], [301304],1.0.16254
PUP.Optional.ResultsHub, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\000151.log, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\000153.ldb, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\CURRENT, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\LOCK, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\LOG, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\LOG.old, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\MANIFEST-000001, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NDBOAOCBMBBNPKOBEAADLHPADMIHNFOK\1.0.5821.38905_0\MANIFEST.JSON, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok\1.0.5821.38905_0\background.js, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok\1.0.5821.38905_0\content.js, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok\1.0.5821.38905_0\icon.png, Keine Aktion durch Benutzer, [3], [301971],1.0.16254
PUP.Optional.SearchManager, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\CHROME-EXTENSION_PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ_0.LOCALSTORAGE, Keine Aktion durch Benutzer, [431], [453138],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\USERS\VERA\APPDATA\ROAMING\Microsoft\Windows\Recent\HowToRemove.lnk, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\USERS\VERA\APPDATA\LOCAL\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HOWTOREMOVE\HOWTOREMOVE.HTML, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\chromium-min.jpg, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\control panel-min-min.JPG, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\down.png, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\ff menu.JPG, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\ff search engine-min.png, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\hp-min ff.png, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\hp-min ie.png, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\search engine.gif, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\setup pages.gif, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\sp-min.png, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\start-min.jpg, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\up.png, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\bapi_ff.dat, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\bapi_ie.dat, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\cice, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\fada.cfg, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\install.log, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\lema, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\nade.dat, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\rafa, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\sica.exe, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\Sqlite3.dll, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\uninst.dat, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\uninst.exe, Keine Aktion durch Benutzer, [883], [542290],1.0.16254
PUP.Optional.VBates, C:\USERS\VERA\APPDATA\LOCALLOW\COMPANY\PRODUCT\1.0\LOCALSTORAGEIE.TXT, Keine Aktion durch Benutzer, [3656], [247040],1.0.16254
PUP.Optional.ChipDe, C:\USERS\VERA\APPDATA\ROAMING\DESKTOPICONAMAZON\DESKTOPICON-AMAZON.EXE, Keine Aktion durch Benutzer, [586], [557991],1.0.16254
PUP.Optional.OpenCandy, C:\Users\Vera\AppData\Roaming\OpenCandy\2F31A6568E6E452486C78CDB68D281BF\TUU2014-DE-15days-AID1006184.exe, Keine Aktion durch Benutzer, [1241], [173202],1.0.16254
PUP.Optional.ChipDe, C:\USERS\VERA\DOWNLOADS\PDF XCHANGE VIEWER - CHIP-INSTALLER.EXE, Keine Aktion durch Benutzer, [586], [562568],1.0.16254
PUP.Optional.Yontoo, C:\ODS.EXE.CONFIG, Keine Aktion durch Benutzer, [27], [254948],1.0.16254

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

Schnebel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 20 kvě 2020 21:40

Re: Kontrola logu

#4 Příspěvek od Schnebel »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-19.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-21-2020
# Duration: 00:00:19
# OS: Windows 8.1
# Cleaned: 76
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\3929CB63-CBBD-4B9C-8B92-A50FBD04E656
Deleted C:\Program Files (x86)\RESULTS HUB
Deleted C:\ProgramData\3929CB63-CBBD-4B9C-8B92-A50FBD04E656
Deleted C:\Users\Vera\AppData\LocalLow\COMPANY\PRODUCT
Deleted C:\Users\Vera\AppData\Roaming\DESKTOPICONAMAZON
Deleted C:\Users\Vera\AppData\Roaming\OpenCandy

***** [ Files ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Deleted C:\Users\Vera\Desktop\..\Downloads\PDF XCHANGE VIEWER - CHIP-INSTALLER.EXE
Deleted C:\ods.exe.config

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A52E5F2B-4B2A-46FC-8583-C22CA56C4413}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\csastats
Deleted HKCU\Software\dobreprogramy
Deleted HKLM\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}
Deleted HKLM\SOFTWARE\Classes\AppID\{238571b1-12e9-411c-8e56-d249dabecdd7}
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32LDR
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\explorer.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|eDealsPop
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|V-bates
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Deleted HKLM\Software\Wow6432Node\RESULTSHUB
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{238571b1-12e9-411c-8e56-d249dabecdd7}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Savevid
Deleted HKU\.DEFAULT\SOFTWARE\5f08fdbe13ee512
Deleted HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates
Deleted HKU\S-1-5-18\SOFTWARE\5f08fdbe13ee512
Deleted HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Not Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted http://searchinterneat-a.akamaihd.net/h ... pNDU0CaUBB
Deleted http://searchinterneat-a.akamaihd.net/h ... pNDU0CaUBB

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12712 octets] - [21/05/2020 21:23:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu

#5 Příspěvek od Conder »

Pardon za vstup :)

V Malwarebytes daj zmazat nalezy a posli novy log z cistenia. Ak je to mozne, este predtym nastav v Malwarebytes jazyk na slovencinu, cestinu alebo anglictinu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Schnebel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 20 kvě 2020 21:40

Re: Kontrola logu

#6 Příspěvek od Schnebel »

Jazyk je nastaveny. Rozumim tomu dobre, ze mam smazat tu zpravu o skenovani, pustit scan jeste jednou a potom sem dat novou zpravu?

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#7 Příspěvek od JaRon »

spust MBAM znovu, vsetko co najde daj zmazat a vloz po akcii novy log MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Schnebel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 20 kvě 2020 21:40

Re: Kontrola logu

#8 Příspěvek od Schnebel »

Spustila jsem scan jeste jednou, ulozila vysledky a to, co to naslo jsem smazala. Je to tak spravne?
Tady je ten ulozeny vysledek

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 22.05.20
Čas skenování: 5:43
Logovací soubor: 5aeb2d1c-9bde-11ea-a4ef-50b7c360a46a.json

-Informace o softwaru-
Verze: 3.8.3.2965
Verze komponentů: 1.0.629
Aktualizovat verzi balíku komponent: 1.0.16264
Licence: Bezplatný

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: Wohnzimmer-PC\Andy

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 417644
Zjištěné hrozby: 96
Hrozby umístěné do karantény: 92
Uplynulý čas: 12 hod, 53 min, 6 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 1
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCE.EXE, V karanténě, [1000], [822412],1.0.16264

Modul: 2
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCE.EXE, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCEGUI.DLL, V karanténě, [1000], [822412],1.0.16264

Klíč registru: 21
PUP.Optional.ByteFence, HKLM\SOFTWARE\CLASSES\*\SHELL\ByteFence File Scan, V karanténě, [1000], [391313],1.0.16264
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, V karanténě, [431], [183362],1.0.16264
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, V karanténě, [431], [183362],1.0.16264
PUP.Optional.SearchManager, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, V karanténě, [431], [183362],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELL\ByteFence Folder Scan, V karanténě, [1000], [823186],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\ByteFence, V karanténě, [1000], [388723],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, V karanténě, [1000], [823187],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, V karanténě, [1000], [823187],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\WOW6432NODE\ByteFence, V karanténě, [1000], [388723],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence, V karanténě, [1000], [388725],1.0.16264
PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E43EABEE-757D-43DD-A93C-623079A5D3CC}, V karanténě, [2753], [186805],1.0.16264
PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E43EABEE-757D-43DD-A93C-623079A5D3CC}, V karanténě, [2753], [186805],1.0.16264
PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Updater35382.exe, V karanténě, [2753], [186805],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ByteFence, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4D136291-AFBC-4CFA-9791-680A8ED9A76F}, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{4D136291-AFBC-4CFA-9791-680A8ED9A76F}, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ByteFence Scan, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4A9B0CDB-B693-4FDC-9C0A-9F4054F89E8D}, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{4A9B0CDB-B693-4FDC-9C0A-9F4054F89E8D}, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Odstranění se nezdařilo, [27], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Odstranění se nezdařilo, [27], [-1],0.0.0

Hodnota v registru: 4
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|HOSTS-BG.EXE, V karanténě, [1938], [260099],1.0.16264
PUP.Optional.ResultsHub, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME\ExtensionInstallWhitelist|1, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME\ExtensionInstallWhitelist|1, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|ndboaocbmbbnpkobeaadlhpadmihnfok, V karanténě, [3], [301971],1.0.16264

Data registrů: 3
PUP.Optional.WinYahoo, HKU\S-1-5-21-51485986-1242316386-3765208359-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Nahrazen, [240], [293459],1.0.16264
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Nahrazen, [240], [293461],1.0.16264
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Nahrazen, [240], [293461],1.0.16264

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 8
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\USERS\VERA\APPDATA\LOCAL\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}, V karanténě, [883], [542290],1.0.16264
PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP, V karanténě, [1000], [388718],1.0.16264
PUP.Optional.ByteFence, C:\ProgramData\ByteFence, V karanténě, [1000], [388718],1.0.16264
PUP.Optional.Yontoo, C:\ProgramData\Results Hub, V karanténě, [27], [181336],1.0.16264
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok\1.0.5821.38905_0, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NDBOAOCBMBBNPKOBEAADLHPADMIHNFOK, V karanténě, [3], [301971],1.0.16264

Soubor: 57
Generic.Malware/Suspicious, C:\ADWCLEANER\QUARANTINE\V1\20200521.212354\62\RESULTS HUB\PRODUCTS\UNRESULTSHUBDESKTOPSEARCH.EXE#8BBAEBBF89756B76, V karanténě, [0], [392686],1.0.16264
PUP.Optional.ByteFence, C:\WINDOWS\SYSTEM32\TASKS\ByteFence, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, C:\WINDOWS\SYSTEM32\TASKS\ByteFence Scan, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, C:\USERS\VERA\APPDATA\ROAMING\Microsoft\Windows\Start Menu\ByteFence\ByteFence Anti-Malware.lnk, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCE.EXE, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCEGUI.DLL, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\USERS\VERA\APPDATA\ROAMING\Microsoft\Windows\Recent\HowToRemove.lnk, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\USERS\VERA\APPDATA\LOCAL\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HOWTOREMOVE\HOWTOREMOVE.HTML, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\chromium-min.jpg, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\control panel-min-min.JPG, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\down.png, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\ff menu.JPG, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\ff search engine-min.png, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\hp-min ff.png, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\hp-min ie.png, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\search engine.gif, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\setup pages.gif, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\sp-min.png, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\start-min.jpg, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\HowToRemove\up.png, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\bapi_ff.dat, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\bapi_ie.dat, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\cice, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\fada.cfg, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\install.log, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\lema, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\nade.dat, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\rafa, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\sica.exe, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\Sqlite3.dll, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\uninst.dat, V karanténě, [883], [542290],1.0.16264
PUP.Optional.WinYahoo.TskLnk, C:\Users\Vera\AppData\Local\{BC368A6A-989E-E6D2-F506-C33AD16E3FA2}\uninst.exe, V karanténě, [883], [542290],1.0.16264
PUP.Optional.ChipDe, C:\ADWCLEANER\QUARANTINE\V1\20200521.212354\1\DESKTOPICONAMAZON\DESKTOPICON-AMAZON.EXE#08290A7411EBA5B3, V karanténě, [586], [557991],1.0.16264
PUP.Optional.ChipDe, C:\ADWCLEANER\QUARANTINE\V1\20200521.212354\60\PDF XCHANGE VIEWER - CHIP-INSTALLER.EXE#B6A3F447500A0AA7, V karanténě, [586], [562568],1.0.16264
PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\UNINSTALL.EXE, V karanténě, [1000], [822412],1.0.16264
PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP\hosts_backup, V karanténě, [1000], [388718],1.0.16264
PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP\uclogfile.bin, V karanténě, [1000], [388718],1.0.16264
PUP.Optional.Yontoo, C:\ProgramData\Results Hub\ResultsHubDesktopSearch.exe.config, V karanténě, [27], [181336],1.0.16264
PUP.Optional.Yontoo, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Odstranění se nezdařilo, [27], [-1],0.0.0
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Odstranění se nezdařilo, [27], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, V karanténě, [27], [-1],0.0.0
PUP.Optional.Bandoo, C:\PROGRAMDATA\{C296F8FF-A964-4BB7-814C-2DE7755A03C9}\SAVEVIDSETUPV2.RES, V karanténě, [555], [301304],1.0.16264
PUP.Optional.ResultsHub, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Nahrazen, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Nahrazen, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\000151.log, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\000153.ldb, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\CURRENT, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\LOCK, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\LOG, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\LOG.old, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ndboaocbmbbnpkobeaadlhpadmihnfok\MANIFEST-000001, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NDBOAOCBMBBNPKOBEAADLHPADMIHNFOK\1.0.5821.38905_0\MANIFEST.JSON, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok\1.0.5821.38905_0\background.js, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok\1.0.5821.38905_0\content.js, V karanténě, [3], [301971],1.0.16264
PUP.Optional.ResultsHub, C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok\1.0.5821.38905_0\icon.png, V karanténě, [3], [301971],1.0.16264
PUP.Optional.SearchManager, C:\USERS\VERA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\CHROME-EXTENSION_PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ_0.LOCALSTORAGE, V karanténě, [431], [453138],1.0.16264

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu

#9 Příspěvek od Conder »

Ano, spravne. Teraz poprosime o nove logy z FRST. Kedze jazyk systemu je nastaveny na nemcinu a my potrebujeme logy z FRST v anglictine, najprv premenuj "FRST64.exe" na "EnglishFRST64.exe" (bez uvodzoviek) a az potom ho spusti a klikni na Scan. Vysledne logy vloz do dalsej odpovede (ak sa nezmestia do jednej odpovede, mozes logy rozdelit).
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Schnebel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 20 kvě 2020 21:40

Re: Kontrola logu

#10 Příspěvek od Schnebel »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by Andy (administrator) on WOHNZIMMER-PC (SAMSUNG ELECTRONICS CO., LTD. 350V5C/351V5C/3540VC/3440VC) (23-05-2020 06:18:20)
Running from C:\Users\Vera\Desktop
Loaded Profiles: Andy
Platform: Windows 8.1 (Update) (X64) Language: Deutsch (Deutschland)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <7>
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\avast software\overseer\overseer.exe
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicShellService.exe
(IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation) [File not signed]
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-06-17] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKU\S-1-5-21-51485986-1242316386-3765208359-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-02] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191435013\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-02] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191505745\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-02] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\...\AppCompatFlags\Custom\explorer.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\81.0.4053.113\Installer\chrmstp.exe [2020-05-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-06-17] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-06-17] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0CDFFF77-73EC-44F9-A64F-6CFDF015FA5B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {10382642-2284-4D04-A49A-3C20F49C5B3E} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [876320 2016-07-05] (Samsung Electronics CO., LTD. -> SEC)
Task: {144FBC04-B433-491A-9440-9016E28DF3EB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
Task: {1768D42F-A72D-4C69-8BE4-D9194089968E} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {195A5950-E4FE-4F5B-A699-9110E9CFE30D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-11-02] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1D7BDDD0-B68E-4639-A511-4B9C7682335E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {27BCA622-4726-48A0-9026-F8076FD66BA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {40F04851-E6E5-42A2-8D88-AF91A5F0D9BC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-11-02] (Piriform Software Ltd -> Piriform Ltd)
Task: {4C7BE5F4-4048-4A47-9471-E815A8BAADAC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {50FA9A47-1F82-49ED-A80F-1825911AE000} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {53A0CF1E-43B8-44A1-9F89-3F0A49544865} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [3148800 2015-08-18] (Samsung Electronics CO., LTD.) [File not signed]
Task: {669DE7DF-26D2-4EA2-B648-DDDCAC42F08E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
Task: {6DC3B6B2-D2E2-4D1D-84BD-DD85CAAABBA0} - System32\Tasks\Opera scheduled Autoupdate 1533969164 => C:\Users\Vera\AppData\Local\Programs\Opera\launcher.exe
Task: {6E326EE8-2FDD-49BE-88C5-8C78EEB0C5C1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {6FA11511-81F2-4F6D-9BB6-030FB4F4A61E} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {782A08FF-BECC-460A-BC0C-29D530D76DBF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {7EAA24CB-F4F2-4626-B26B-20839FA506BE} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2623808 2015-06-19] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {85ECC0C0-BFD6-4DEA-B1D0-5601E7FF08E0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {B312A61A-5D9B-4EA3-8499-19DC7E082C82} - System32\Tasks\{CDB204DD-6843-4021-8D0B-9238738DAA69} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/ru/abandoninstall?source=lightinstaller&page=tsInstall
Task: {BC5F1F0E-0BAA-4D36-AF6D-7B5991D58AF9} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [3602632 2017-04-26] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {BCD45EE7-AEC7-4260-80C7-8F1980107C54} - System32\Tasks\Opera scheduled assistant Autoupdate 1547875605 => C:\Users\Vera\AppData\Local\Programs\Opera\launcher.exe
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {D7D20954-8D91-4BFA-8076-683F9492AA7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {F4D97F2E-F6D1-47CF-9193-F51C0A456FAF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50727;https=127.0.0.1:50727
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{62CD270C-C407-47EB-A235-357656FAC14C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{75B1F1F0-5217-4DC5-A3EA-8DC52DACDF06}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191434111 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191504712 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191434568 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191504918 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-51485986-1242316386-3765208359-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191435013 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191505745 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-10-28] (IvoSoft) [File not signed]
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2012-10-28] (IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-10-28] (IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2012-10-28] (IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-10-28] (IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-10-28] (IvoSoft) [File not signed]
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://212.4.145.127/activex/AMC.cab

FireFox:
========
FF DefaultProfile: f4msr434.default-1523802840242
FF ProfilePath: C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\f4msr434.default-1523802840242 [2020-05-22]
FF Extension: (Avast Online Security) - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\f4msr434.default-1523802840242\Extensions\wrc@avast.com.xpi [2020-03-18]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Vera\AppData\Roaming\mozilla\plugins\npPxPlay.dll [2015-09-19]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default [2020-05-22]
CHR Notifications: Default -> hxxps://grclip.com; hxxps://im-coder.com; hxxps://manualidades.facilisimo.com
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRghHdVpZVAFIExgacFsKTA1EElAOeVwOAhQVQwEQJF0JV1hHGAIFIk0FA1oDB0VXfV5bFElXTwhxJUpNDU0CaUBB"
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Präsentationen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-06]
CHR Extension: (Docs) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-06]
CHR Extension: (Google Drive) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-13]
CHR Extension: (YouTube) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-13]
CHR Extension: (Google-Suche) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-13]
CHR Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-05-02]
CHR Extension: (Tabellen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-06]
CHR Extension: (Avast Online Security) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-09]
CHR Extension: (Google Mail) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [322176 2014-06-17] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-01] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-01] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.0.4053.113\elevation_service.exe [954600 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [63488 2012-10-28] (IvoSoft) [File not signed]
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593664 2015-06-19] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [297288 2018-04-12] (Byte Technologies LLC -> Byte Technologies LLC.) <==== ATTENTION
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [181312 2015-09-19] () [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Sony Mobile Communications -> Avanquest Software) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182120 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3298208 2017-10-11] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13255184 2020-05-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176632 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-06-17] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205880 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234560 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178760 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175704 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [501472 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851592 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460992 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235488 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319120 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athw8x.sys [3680256 2013-06-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 BTATH_HID; C:\WINDOWS\system32\DRIVERS\btath_hid.sys [223432 2014-06-17] (Qualcomm Atheros -> Qualcomm Atheros)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
R3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [136040 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2014-07-08] (Sony Mobile Communications AB -> Sony Mobile Communications)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2020-05-22] (Malwarebytes Corporation -> Malwarebytes)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Samsung Electronics CO., LTD. -> Windows (R) Win 7 DDK provider)
R3 RTL8168; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [X]
S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [X]
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [X]
S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [X]
S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-23 06:16 - 2020-05-23 06:18 - 000032350 _____ C:\Users\Vera\Desktop\FRST.txt
2020-05-22 19:12 - 2020-05-22 19:12 - 000015809 _____ C:\Users\Vera\Desktop\Mal1.txt
2020-05-22 19:07 - 2020-05-22 19:07 - 000000000 ___RD C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2020-05-22 19:02 - 2020-05-22 19:06 - 000000306 __RSH C:\ProgramData\ntuser.pol
2020-05-22 05:26 - 2020-05-22 05:26 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-21 21:21 - 2020-05-21 21:23 - 000000000 ____D C:\AdwCleaner
2020-05-21 21:21 - 2020-05-21 21:21 - 008196784 _____ (Malwarebytes) C:\Users\Vera\Downloads\adwcleaner_8.0.4.exe
2020-05-21 07:51 - 2020-05-21 07:51 - 000000000 ____D C:\Users\Vera\AppData\Local\mbam
2020-05-21 07:49 - 2020-05-21 20:53 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-21 07:49 - 2020-05-21 07:49 - 000001843 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-21 07:49 - 2020-05-21 07:49 - 000000000 ____D C:\Users\Vera\AppData\Local\mbamtray
2020-05-21 07:49 - 2020-05-21 07:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-05-21 07:49 - 2020-05-21 07:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-21 07:48 - 2020-05-21 07:49 - 064333800 _____ (Malwarebytes ) C:\Users\Vera\Downloads\mb3-setup-1878.1878-3.8.3.2965.exe
2020-05-21 07:41 - 2020-05-21 07:41 - 001980016 _____ (Malwarebytes) C:\Users\Vera\Downloads\MBSetup (1).exe
2020-05-21 07:24 - 2020-05-21 07:24 - 001980016 _____ (Malwarebytes) C:\Users\Vera\Downloads\MBSetup.exe
2020-05-21 07:24 - 2020-05-21 07:24 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-21 00:06 - 2020-05-21 00:06 - 000000000 ____D C:\WINDOWS\system32\Repository
2020-05-20 22:31 - 2020-05-23 06:18 - 000000000 ____D C:\FRST
2020-05-20 22:27 - 2020-05-20 22:27 - 002286080 _____ (Farbar) C:\Users\Vera\Desktop\EnglishFRST64.exe
2020-05-20 21:46 - 2020-05-20 21:46 - 000000017 _____ C:\Users\Vera\AppData\Local\resmon.resmoncfg
2020-05-20 21:16 - 2020-05-20 21:48 - 000002082 _____ C:\Users\Vera\Desktop\Save Wizard for PS4 MAX.lnk
2020-05-20 20:25 - 2020-05-20 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-05-20 20:24 - 2020-05-20 20:24 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-05-20 20:24 - 2020-05-20 20:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-05-20 20:23 - 2015-10-22 19:43 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2020-05-20 20:23 - 2015-10-22 19:43 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2020-05-20 20:23 - 2015-10-22 19:43 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2020-05-20 20:23 - 2015-10-22 19:43 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2020-05-20 20:23 - 2015-10-22 18:59 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2020-05-20 20:23 - 2015-10-22 18:59 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2020-05-20 20:23 - 2015-10-22 18:59 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2020-05-20 20:23 - 2015-10-22 18:59 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2020-05-20 20:23 - 2014-11-17 22:17 - 000672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-20 20:23 - 2014-11-15 21:05 - 000801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-05-20 20:23 - 2014-11-15 08:29 - 000962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-05-20 20:23 - 2014-11-14 08:57 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-05-20 20:23 - 2014-11-14 08:54 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-05-20 20:23 - 2014-11-14 07:03 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-05-20 20:23 - 2014-11-08 04:03 - 000733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2020-05-20 20:23 - 2014-11-08 03:58 - 004837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2020-05-20 20:23 - 2014-11-08 03:49 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2020-05-20 20:23 - 2014-11-05 04:12 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2020-05-20 20:23 - 2014-11-05 04:12 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2020-05-20 20:23 - 2014-11-05 04:06 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2020-05-20 20:23 - 2014-11-05 03:39 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2020-05-20 20:23 - 2014-11-05 03:39 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2020-05-20 20:23 - 2014-11-05 03:33 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2020-05-20 20:23 - 2014-11-04 21:33 - 000058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2020-05-20 20:23 - 2014-10-21 03:59 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2020-05-20 20:23 - 2014-10-21 03:19 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2020-05-20 20:23 - 2014-10-21 02:50 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2020-05-20 20:23 - 2014-10-21 02:31 - 001574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2020-05-20 20:23 - 2014-10-21 02:31 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2020-05-20 20:23 - 2014-10-21 02:20 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2020-05-20 20:23 - 2014-10-17 06:56 - 000039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-05-20 13:01 - 2020-05-20 13:01 - 000501472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-05-20 13:01 - 2020-05-20 13:01 - 000337560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-05-20 13:01 - 2020-05-20 13:01 - 000235488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-05-20 13:01 - 2020-05-20 13:01 - 000175704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-05-20 12:49 - 2020-05-20 12:49 - 000000000 ____D C:\WINDOWS\softwaredistribution.bak1
2020-05-20 12:41 - 2020-05-20 12:41 - 000000000 ____D C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DataPower
2020-05-20 12:41 - 2020-05-20 12:41 - 000000000 ____D C:\Program Files (x86)\DataPower
2020-05-20 12:10 - 2020-05-11 07:53 - 005267456 _____ C:\Users\Vera\Desktop\swps4max.msi
2020-05-20 11:56 - 2020-05-20 11:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-05-20 11:49 - 2020-05-20 11:49 - 003529400 _____ C:\Users\Vera\Downloads\swps4max (2).zip
2020-05-20 11:49 - 2020-05-20 11:49 - 003529400 _____ C:\Users\Vera\Downloads\swps4max (1).zip
2020-05-20 11:42 - 2020-05-20 12:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-05-20 11:42 - 2020-05-20 11:42 - 000000000 ____D C:\Users\Vera\AppData\Local\TeamViewer
2020-05-20 11:41 - 2020-05-22 19:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-05-20 11:41 - 2020-05-20 11:41 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-05-20 11:41 - 2020-05-20 11:41 - 000001043 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2020-05-20 11:41 - 2020-05-20 11:41 - 000000000 ____D C:\Users\Vera\AppData\Roaming\TeamViewer
2020-05-20 11:23 - 2020-05-20 11:23 - 026705416 _____ (TeamViewer Germany GmbH) C:\Users\Vera\Downloads\TeamViewer_Setup (1).exe
2020-05-20 11:18 - 2020-05-20 11:18 - 026705416 _____ (TeamViewer Germany GmbH) C:\Users\Vera\Downloads\TeamViewer_Setup.exe
2020-05-17 17:08 - 2020-04-30 05:49 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-05-17 17:08 - 2020-04-30 05:22 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-05-17 17:08 - 2020-04-30 04:55 - 001756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-05-17 17:08 - 2020-04-30 04:43 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-05-17 17:08 - 2020-04-30 04:40 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2020-05-17 17:08 - 2020-04-30 04:37 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2020-05-17 17:08 - 2020-04-30 04:33 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-05-17 17:08 - 2020-04-16 08:04 - 022365896 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-17 17:08 - 2020-04-16 08:04 - 003118032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-05-17 17:08 - 2020-04-16 08:04 - 001368592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-05-17 17:08 - 2020-04-16 08:04 - 000722496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-05-17 17:08 - 2020-04-16 08:04 - 000642488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-05-17 17:08 - 2020-04-16 08:00 - 000374024 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-05-17 17:08 - 2020-04-16 07:15 - 025755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-05-17 17:08 - 2020-04-16 06:30 - 019795840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-05-17 17:08 - 2020-04-16 06:29 - 000561400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-05-17 17:08 - 2020-04-16 06:29 - 000493736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-05-17 17:08 - 2020-04-16 06:25 - 000316368 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-05-17 17:08 - 2020-04-16 05:40 - 002911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-17 17:08 - 2020-04-16 05:38 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-05-17 17:08 - 2020-04-16 05:31 - 020291072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-05-17 17:08 - 2020-04-16 05:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-17 17:08 - 2020-04-16 05:28 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-05-17 17:08 - 2020-04-16 05:27 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-05-17 17:08 - 2020-04-16 05:27 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-05-17 17:08 - 2020-04-16 05:25 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-05-17 17:08 - 2020-04-16 05:14 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-05-17 17:08 - 2020-04-16 05:11 - 002304000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-05-17 17:08 - 2020-04-16 05:07 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-17 17:08 - 2020-04-16 05:06 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-05-17 17:08 - 2020-04-16 05:05 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-05-17 17:08 - 2020-04-16 05:04 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-05-17 17:08 - 2020-04-16 05:03 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-17 17:08 - 2020-04-16 04:59 - 001994240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-05-17 17:08 - 2020-04-16 04:59 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-05-17 17:08 - 2020-04-16 04:54 - 015478272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-05-17 17:08 - 2020-04-16 04:53 - 003258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-05-17 17:08 - 2020-04-16 04:53 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2020-05-17 17:08 - 2020-04-16 04:51 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-05-17 17:08 - 2020-04-16 04:50 - 001384960 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-05-17 17:08 - 2020-04-16 04:49 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2020-05-17 17:08 - 2020-04-16 04:49 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-05-17 17:08 - 2020-04-16 04:48 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-05-17 17:08 - 2020-04-16 04:43 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-05-17 17:08 - 2020-04-16 04:41 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-05-17 17:08 - 2020-04-16 04:41 - 002471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-05-17 17:08 - 2020-04-16 04:40 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-05-17 17:08 - 2020-04-16 04:39 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-05-17 17:08 - 2020-04-16 04:39 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-05-17 17:08 - 2020-04-16 04:38 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-05-17 17:08 - 2020-04-16 04:38 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-05-17 17:08 - 2020-04-16 04:37 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-05-17 17:08 - 2020-04-16 04:35 - 013861376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-05-17 17:08 - 2020-04-16 04:35 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-17 17:08 - 2020-04-16 04:32 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-05-17 17:08 - 2020-04-16 04:30 - 014533632 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-17 17:08 - 2020-04-16 04:28 - 000902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-05-17 17:08 - 2020-04-16 04:27 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-17 17:08 - 2020-04-16 04:26 - 012880384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-05-17 17:08 - 2020-04-16 04:26 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-17 17:08 - 2020-04-16 04:26 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-17 17:08 - 2020-04-16 04:24 - 007799296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-05-17 17:08 - 2020-04-16 04:23 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-17 17:08 - 2020-04-16 04:22 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-05-17 17:08 - 2020-04-16 04:20 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-05-17 17:08 - 2020-04-16 04:20 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2020-05-17 17:08 - 2020-04-16 04:19 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-05-17 17:08 - 2020-04-16 04:18 - 005271552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-05-17 17:08 - 2020-04-16 04:16 - 001341952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-05-17 17:08 - 2020-04-16 04:15 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-05-17 17:08 - 2020-04-16 04:15 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-05-17 17:08 - 2020-04-16 04:14 - 001727488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-05-17 17:08 - 2020-04-16 04:11 - 001546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-05-17 17:08 - 2020-04-16 04:11 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-05-17 17:08 - 2020-04-16 04:11 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-05-17 17:08 - 2020-04-16 04:07 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-05-17 17:08 - 2020-04-16 04:05 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-05-17 17:08 - 2020-04-14 09:33 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2020-05-17 17:08 - 2020-04-14 09:03 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2020-05-17 17:08 - 2020-04-11 20:42 - 007362296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-17 17:08 - 2020-04-11 20:41 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-05-17 17:08 - 2020-04-11 20:39 - 001542696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-05-17 17:08 - 2020-04-11 20:29 - 001737720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-17 17:08 - 2020-04-11 19:31 - 001501096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-05-17 17:08 - 2020-04-11 19:04 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-17 17:08 - 2020-04-11 17:55 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2020-05-17 17:08 - 2020-04-11 17:53 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-05-17 17:08 - 2020-04-11 17:48 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-05-17 17:08 - 2020-04-11 17:47 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-05-17 17:08 - 2020-04-11 17:23 - 001317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-05-17 17:08 - 2020-04-11 17:22 - 001103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-05-17 17:08 - 2020-04-11 02:12 - 002446576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-05-17 17:08 - 2020-04-11 02:12 - 000428784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-05-17 17:08 - 2020-04-09 15:36 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-05-17 17:08 - 2020-04-07 21:30 - 000988472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-05-17 17:08 - 2020-04-07 21:28 - 000857320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-05-17 17:08 - 2020-04-07 15:55 - 003330048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-05-17 17:08 - 2020-04-07 15:51 - 003636224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-05-17 17:08 - 2020-04-04 18:06 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-05-17 17:08 - 2020-04-04 18:01 - 001572864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-05-17 17:08 - 2020-04-04 17:50 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-05-02 16:50 - 2020-05-02 16:50 - 000046918 _____ C:\Users\Vera\Downloads\myMAGicTV.zip
2020-04-24 02:22 - 2020-04-24 02:22 - 000166760 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2020-04-24 02:22 - 2020-04-24 02:22 - 000136040 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-22 19:15 - 2012-12-08 17:45 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-22 19:10 - 2012-12-08 17:43 - 000003594 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-51485986-1242316386-3765208359-1001
2020-05-22 19:08 - 2014-03-18 12:03 - 001772686 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-22 19:08 - 2014-03-18 11:25 - 000745148 _____ C:\WINDOWS\system32\perfh007.dat
2020-05-22 19:08 - 2014-03-18 11:25 - 000152704 _____ C:\WINDOWS\system32\perfc007.dat
2020-05-22 19:08 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2020-05-22 19:04 - 2018-04-15 18:08 - 000000000 ____D C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
2020-05-22 19:04 - 2016-10-03 15:30 - 000000000 ____D C:\Program Files\ByteFence
2020-05-22 19:04 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-22 19:04 - 2013-03-10 17:01 - 000000000 __HDC C:\ProgramData\{C296F8FF-A964-4BB7-814C-2DE7755A03C9}
2020-05-22 18:46 - 2012-12-08 17:29 - 000000000 ____D C:\Users\Vera\AppData\Local\CrashDumps
2020-05-22 17:49 - 2014-06-29 18:52 - 000003946 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6269819E-D1FA-45C6-BA31-1669402CE496}
2020-05-21 21:48 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2020-05-21 21:31 - 2017-08-16 18:37 - 000004168 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-05-21 21:24 - 2014-05-04 19:22 - 000000000 ____D C:\Users\Vera\AppData\LocalLow\Company
2020-05-21 20:47 - 2019-11-13 20:27 - 000000000 _____ C:\WINDOWS\system32\last.dump
2020-05-21 07:36 - 2013-08-22 16:44 - 000338048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-21 00:16 - 2014-06-29 19:32 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-05-21 00:11 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-05-21 00:08 - 2014-06-29 14:00 - 000000000 ____D C:\Users\Vera
2020-05-20 22:12 - 2017-01-28 18:02 - 000000000 ____D C:\Users\Vera\AppData\LocalLow\Mozilla
2020-05-20 21:52 - 2012-12-15 20:26 - 000000000 ____D C:\Users\Vera\AppData\Local\ElevatedDiagnostics
2020-05-20 21:49 - 2012-10-16 11:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-05-20 21:40 - 2014-06-02 19:37 - 000000000 ____D C:\Users\Vera\AbiSuite
2020-05-20 21:38 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-20 21:38 - 2012-12-08 17:27 - 000000000 ____D C:\Users\Vera\AppData\Local\Packages
2020-05-20 21:37 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-20 20:31 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-20 19:06 - 2015-05-15 22:28 - 000000000 ____D C:\WINDOWS\Minidump
2020-05-20 18:58 - 2019-01-30 20:23 - 000000000 ____D C:\Users\Vera\Downloads\opera autoupdate
2020-05-20 18:53 - 2013-01-17 20:32 - 000000000 ____D C:\Temp
2020-05-20 13:01 - 2016-05-14 06:55 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-05-20 13:01 - 2013-03-15 19:51 - 000319120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-05-20 13:01 - 2013-03-15 19:51 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-05-20 13:01 - 2013-02-10 19:07 - 000460992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-05-20 13:01 - 2013-02-10 19:07 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-05-20 13:00 - 2019-05-27 20:56 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-05-20 13:00 - 2019-05-27 20:56 - 000178760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-05-20 13:00 - 2019-05-27 20:56 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-05-20 13:00 - 2019-05-27 20:56 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-05-20 13:00 - 2018-02-06 20:44 - 000205880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-05-20 13:00 - 2013-02-10 19:06 - 000851592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-05-20 12:01 - 2016-05-14 04:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-20 11:56 - 2016-05-14 04:15 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-05-19 20:34 - 2020-04-16 20:54 - 000004312 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1547875605
2020-05-19 20:31 - 2012-10-16 13:01 - 000000000 ____D C:\ProgramData\WinClon
2020-05-19 18:39 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2020-05-19 14:40 - 2013-08-14 18:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-19 14:33 - 2012-12-13 18:29 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-19 14:12 - 2018-08-11 08:32 - 000004102 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1533969164
2020-05-17 16:38 - 2019-06-10 13:35 - 000003732 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-05-17 16:38 - 2019-06-10 13:35 - 000003150 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-05-17 16:38 - 2018-11-01 15:05 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-05-17 16:38 - 2018-11-01 15:05 - 000002398 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-05-17 16:37 - 2016-10-31 21:11 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-09 12:09 - 2018-02-06 21:08 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-09 12:09 - 2018-02-06 21:08 - 000002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-06 06:31 - 2019-12-16 07:35 - 000000000 ____D C:\Users\Vera\Desktop\Bewerbungen
2020-04-30 06:24 - 2014-03-18 11:53 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Files in the root of some directories ========

2014-05-04 14:12 - 2010-01-26 11:11 - 000444283 _____ () C:\Program Files (x86)\Common Files\WinPcapNmap.exe
2014-04-11 23:02 - 2014-04-11 23:02 - 000000044 _____ () C:\Users\Vera\AppData\Roaming\WB.CFG
2014-01-05 07:36 - 2018-11-23 19:52 - 000009728 _____ () C:\Users\Vera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-17 17:12 - 2015-05-17 17:16 - 000029696 _____ () C:\Users\Vera\AppData\Local\MSGBOX.EXE
2017-10-10 19:10 - 2017-10-10 19:10 - 000001548 _____ () C:\Users\Vera\AppData\Local\recently-used.xbel
2020-05-20 21:46 - 2020-05-20 21:46 - 000000017 _____ () C:\Users\Vera\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-05-22 05:42
==================== End of FRST.txt ========================

Schnebel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 20 kvě 2020 21:40

Re: Kontrola logu

#11 Příspěvek od Schnebel »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Andy (23-05-2020 06:18:59)
Running from C:\Users\Vera\Desktop
Windows 8.1 (Update) (X64) (2014-06-29 12:33:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-51485986-1242316386-3765208359-500 - Administrator - Disabled)
Andy (S-1-5-21-51485986-1242316386-3765208359-1001 - Administrator - Enabled) => C:\Users\Vera
Gast (S-1-5-21-51485986-1242316386-3765208359-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-51485986-1242316386-3765208359-1034 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
AllSharePlayLink (HKLM-x32\...\{CE1836A8-3F2B-49BD-8395-93DD414068D2}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
AnvSoft Photo Slideshow Maker Free 5.55 (HKLM-x32\...\AnvSoft Photo Slideshow Maker Free) (Version: 5.55 - AnvSoft, Inc.)
Any Video Converter 6.0.2 (HKLM-x32\...\Any Video Converter) (Version: 6.0.2 - Anvsoft)
Apowersoft Online Launcher Version 1.7.0 (HKU\S-1-5-21-51485986-1242316386-3765208359-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.0 - APOWERSOFT LIMITED)
Apowersoft Online Launcher Version 1.7.0 (HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191435013\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.0 - APOWERSOFT LIMITED)
Apowersoft Online Launcher Version 1.7.0 (HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191505745\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.0 - APOWERSOFT LIMITED)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 81.0.4053.113 - Die Avast Secure Browser-Autoren)
AXIS Media Control Embedded (HKLM-x32\...\AXIS Media Control Embedded) (Version: - )
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon MP210 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Classic Shell (HKLM\...\{66E2237E-2E10-48A2-B8D3-2092B8BA8484}) (Version: 3.6.2 - IvoSoft)
Content Manager 2 (HKLM-x32\...\Content Manager 2) (Version: 3.18.0.342250 - NNG Llc.)
ControlConsole API version 2.70 (HKLM-x32\...\{E6C0F5ED-B5EA-451D-8CB1-57902AA188DE}_is1) (Version: 2.70 - Enstone)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Fotogalerie (HKLM-x32\...\{B19E03EA-067C-412F-A81E-271720E601AB}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{FE8DFDD0-A543-4A83-B7A9-C411138194D5}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Malwarebytes Version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{61889FC7-9738-439A-96B3-17AF981BDDEF}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{741ECBB6-1A0B-42F1-A7BF-76222734A63A}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{7F682A00-6497-4551-A2A6-063AE667D1CF}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9846E46F-07E0-4BDF-985A-E3FBA8C15877}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 76.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 76.0.1 (x64 cs)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 76.0.1.7432 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-51485986-1242316386-3765208359-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191435013\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191505745\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.9 - Tracker Software Products Ltd)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-51485986-1242316386-3765208359-1001\...\PhotoFiltre Studio X) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191435013\...\PhotoFiltre Studio X) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191505745\...\PhotoFiltre Studio X) (Version: - )
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.326 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.2 - Samsung Electronics CO., LTD.)
Raccolta foto (HKLM-x32\...\{86CAC8DE-288A-410D-A4A4-0190060E69AE}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.1.0.3 - Samsung Electronics CO., LTD.)
S Agent (HKLM\...\{061881E0-653B-41CA-839E-2BA6569B5FEE}) (Version: 1.1.69 - Samsung Electronics Co., Ltd.) Hidden
Samsung Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Samsung Survey (HKLM-x32\...\{F1F6B58E-CF23-475C-AA96-EC658E9E50F3}) (Version: 2.0.1 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{05068BA6-4AAB-4A47-8BAD-2141F4E9C15D}) (Version: 2.2.52 - Samsung Electronics Co., Ltd.)
Save Wizard for PS4 MAX (HKLM-x32\...\{431FAE95-FB51-4FC6-BAAF-50AD4235B970}) (Version: 1.1.0.0 - DataPower)
SaveVid Plug-in (HKLM-x32\...\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981405}) (Version: 2.0.0.591 - Bandoo Media, Inc) Hidden
SaveVid Plug-in (HKLM-x32\...\SaveVid Plug-in) (Version: 2.0.0.591 - Bandoo Media, Inc)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.9.201406230908 - Sony Mobile Communications AB)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
Support Center (HKLM\...\{711DE117-767F-48A8-9864-66C525B9539F}) (Version: 2.1.1223 - Samsung Electronics CO., LTD.)
Support Center FAQ (HKLM-x32\...\{661544AE-C07F-4EAD-B187-7A217E69A426}) (Version: 1.0.17 - Samsung Electronics CO., LTD.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.5.6 - TeamViewer)
User Guide (HKLM-x32\...\{2888FDD1-5EEC-4D56-84B7-4D20DAC0E090}) (Version: 1.3.00 - Samsung Electronics CO., LTD.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoner GIF Animator 5 (HKLM-x32\...\{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}) (Version: 5.0.3000.2 - ZONER software)

Packages:
=========
Browserauswahl -> C:\WINDOWS\BrowserChoice [2014-07-01] (Microsoft Corporation)
Family Story -> C:\Program Files\WindowsApps\6E04A0BD.FamilyStory_1.1.0.98_neutral__ez4k4b2fwzhzt [2014-03-30] (SAMSUNG ELECTRONICS CO,. LTD.)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-01-12] (Microsoft Corporation)
Music Hub -> C:\Program Files\WindowsApps\6E04A0BD.MusicHub_1.0.0.44_neutral__ez4k4b2fwzhzt [2014-07-01] (SAMSUNG ELECTRONICS CO,. LTD.)
Musik -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
PhotoEditor -> C:\Program Files\WindowsApps\6E04A0BD.PhotoEditor_1.0.0.37_neutral__ez4k4b2fwzhzt [2014-02-05] (SAMSUNG ELECTRONICS CO,. LTD.)
S Camera -> C:\Program Files\WindowsApps\CyberLinkCorp.ss.SCamera_1.0.1903.26021_x86__h7cwzt5medr84 [2014-02-05] (CYBERLINKCOM)
S Gallery -> C:\Program Files\WindowsApps\CyberLinkCorp.ss.SGallery_1.0.1903.26021_x86__h7cwzt5medr84 [2014-02-05] (CYBERLINKCOM)
S Player -> C:\Program Files\WindowsApps\CyberLinkCorp.ss.SPlayer_1.0.2216.21222_x86__h7cwzt5medr84 [2014-03-30] (CYBERLINKCOM)
Spiele -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191435013_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191435013_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191505745_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191505745_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-51485986-1242316386-3765208359-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-51485986-1242316386-3765208359-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-10-28] (IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-10-28] (IvoSoft) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2014-06-17] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-19] (CyberLink -> Cyberlink)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\windows\SysWOW64\WSCM64.dll [2012-11-20] (Wondershare Software Co., Ltd. -> )
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-19] (CyberLink -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2014-06-17] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DataPower\Save Wizard for PS4 MAX\Manual - Save Wizard for PS4 MAX.lnk -> hxxp://www.savewizard.net/manuals/swps4m

==================== Loaded Modules (Whitelisted) =============

2014-06-17 09:32 - 2014-06-17 09:32 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-06-17 09:29 - 2014-06-17 09:29 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2020-05-20 13:19 - 2020-05-20 13:19 - 000016384 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\3d6fd9cf1be4c2aa79fff81f56af224e\PSIClient.ni.dll
2020-05-20 13:19 - 2020-05-20 13:19 - 000019968 _____ (Intel Corp.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\7d3191a578d4e434e23528bcaf3d13d4\IAStorCommon.ni.dll
2012-10-16 12:50 - 2012-07-09 06:46 - 000497664 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2012-10-16 12:50 - 2012-07-09 06:46 - 000269312 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2020-05-20 11:38 - 2020-05-20 11:38 - 000075264 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\46aaa6f8479137933f2d1d8ec1339237\IAStorDataMgr.ni.dll
2020-05-20 11:38 - 2020-05-20 11:38 - 000379392 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\60e18157b8187439470ba1eec1df2907\IAStorUtil.ni.dll
2020-05-20 13:20 - 2020-05-20 13:20 - 001114624 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\fa900331b99a9c6f50d366e8024651aa\IAStorViewModel.ni.dll
2020-05-20 11:38 - 2020-05-20 11:38 - 003864576 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSI\337bf2741a6bbb17843527dff5f5c67d\PSI.ni.dll
2020-05-20 13:19 - 2020-05-20 13:19 - 000643584 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PsiData\578608e0b852906e3c6afe33d9582dbb\PsiData.ni.dll
2012-10-28 10:29 - 2012-10-28 10:29 - 002004480 _____ (IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2020-05-20 13:19 - 2020-05-20 13:19 - 000027136 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\b6297fe6ccf0ee6a7b015b8dcb19e102\IAStorDataMgrSvcInterfaces.ni.dll
2014-06-17 09:35 - 2014-06-17 09:35 - 000107648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2014-06-17 09:36 - 2014-06-17 09:36 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2014-06-17 09:36 - 2014-06-17 09:36 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2014-06-17 09:36 - 2014-06-17 09:36 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GattI.dll
2014-06-17 09:36 - 2014-06-17 09:36 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2014-06-17 09:36 - 2014-06-17 09:36 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2014-06-17 09:36 - 2014-06-17 09:36 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2014-06-17 09:36 - 2014-06-17 09:36 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ModuleManager.dll
2014-06-17 09:36 - 2014-06-17 09:36 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2014-06-17 09:37 - 2014-06-17 09:37 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2014-06-17 09:37 - 2014-06-17 09:37 - 000130176 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll
2014-06-17 09:37 - 2014-06-17 09:37 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2014-06-17 09:37 - 2014-06-17 09:37 - 000116352 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.dll
2014-06-17 09:30 - 2014-06-17 09:30 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\LE\LE.dll
2014-06-17 09:31 - 2014-06-17 09:31 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dll
2014-06-17 09:32 - 2014-06-17 09:32 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2014-06-17 09:32 - 2014-06-17 09:32 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BIP\BIP.dll
2014-06-17 09:29 - 2014-06-17 09:29 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\DID\DId.dll
2014-06-17 09:29 - 2014-06-17 09:29 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FAX\Fax.dll
2014-06-17 09:31 - 2014-06-17 09:31 - 000421888 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2014-06-17 09:32 - 2014-06-17 09:32 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2014-06-17 09:26 - 2014-06-17 09:26 - 000097792 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\goep\goep.dll
2014-06-17 09:29 - 2014-06-17 09:29 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2014-06-17 09:30 - 2014-06-17 09:30 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\HumanInterfaceDevice\hid.dll
2014-06-17 09:32 - 2014-06-17 09:32 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2014-06-17 09:26 - 2014-06-17 09:26 - 000181248 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\ObjPush.dll
2014-06-17 09:32 - 2014-06-17 09:32 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2014-06-17 09:31 - 2014-06-17 09:31 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\pbap\pbap.dll
2014-06-17 09:32 - 2014-06-17 09:32 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2014-06-17 09:31 - 2014-06-17 09:31 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\sap\sap.dll
2014-06-17 09:32 - 2014-06-17 09:32 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2014-06-17 09:31 - 2014-06-17 09:31 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\spp\spp.dll
2014-06-17 09:31 - 2014-06-17 09:31 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Sync\Sync.dll
2015-06-19 15:55 - 2015-06-19 15:55 - 000022920 _____ (Samsung Electronics CO., LTD. -> Samsung Electronics Co. Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720 [131]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2020-05-22 19:04 - 000001314 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-51485986-1242316386-3765208359-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191435013\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191505745\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "BrowserPlugInHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-51485986-1242316386-3765208359-1001\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191435013\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-51485986-1242316386-3765208359-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222020191505745\...\StartupApproved\Run: => "Sony PC Companion"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{899879F1-92A8-4F41-BFDD-1280306AC034}] => (Allow) LPort=1900
FirewallRules: [{A1DA4CE0-244B-48AA-9A52-A142F5F335E3}] => (Allow) LPort=2869
FirewallRules: [{AA9C8A84-E063-4A20-8A94-4107A51A7E1C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E07EE54C-E174-49F1-ADD9-7F88063F6A58}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4B2FB6A9-83E0-4DDD-BD78-7F0CFEEFE56D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{838DDFF3-942E-4C90-9792-6DCFE3A91497}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{E97D68E4-E154-4847-B494-CBD96F52147A}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{02A6B2B5-4D54-4298-BC4E-3B603BBB03A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B2387F06-C1A2-46A9-8B4E-E6DD00F04750}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{01914EA7-4553-4184-A08D-A0FA9CBF55CD}] => (Allow) C:\Users\Vera\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [{C84204A0-E20E-4200-BE72-E76531A82605}] => (Allow) C:\Users\Vera\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{B7D994CA-1FD3-4E88-ABCC-99C8FF4DD9EB}] => (Allow) C:\Users\Vera\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{91D5E48A-BF89-4FC6-B489-5AD00FBC79EE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F1097DC4-D24B-4678-BCBE-18DF7B05FD75}] => (Allow) C:\Users\Vera\AppData\Local\Programs\Opera\68.0.3618.63\opera.exe => No File
FirewallRules: [{9782D343-9680-4155-B8C3-4EBD7751797B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DC6F9000-1454-4D78-9340-9A7492AD7C13}] => (Allow) C:\Users\Vera\AppData\Local\Programs\Opera\68.0.3618.104\opera.exe => No File
FirewallRules: [{67398891-E27A-476E-A88F-590BEF8EF982}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{12C23C84-F2F6-4097-9E4D-7FAEBDE435BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1B23CE33-4C4A-4509-89AF-B067857FFA3C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FC5895E6-2EC6-4EDD-82F0-1E0D07585C67}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

Check "VSS" service


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/22/2020 07:10:21 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.

Error: (05/22/2020 06:52:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.18460 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 810

Startzeit: 01d62fe8b60d5920

Endzeit: 0

Anwendungspfad: C:\WINDOWS\Explorer.EXE

Berichts-ID: 9bec140d-9c18-11ea-825b-50b7c360a46a

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/22/2020 06:40:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.36.9436, Zeitstempel: 0x5e559477
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.19697, Zeitstempel: 0x5e91f218
Ausnahmecode: 0xc0000142
Fehleroffset: 0x0009d452
ID des fehlerhaften Prozesses: 0x1430
Startzeit der fehlerhaften Anwendung: 0x01d63057a6879f83
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: USER32.dll
Berichtskennung: e4f7d59f-9c4a-11ea-825b-50b7c360a46a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/22/2020 06:40:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.36.9436, Zeitstempel: 0x5e559477
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.19697, Zeitstempel: 0x5e91f218
Ausnahmecode: 0xc0000142
Fehleroffset: 0x0009d452
ID des fehlerhaften Prozesses: 0x1a30
Startzeit der fehlerhaften Anwendung: 0x01d63057a6368e87
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: USER32.dll
Berichtskennung: e4f7ae8f-9c4a-11ea-825b-50b7c360a46a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/22/2020 06:40:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdobeARM.exe, Version: 1.824.36.9436, Zeitstempel: 0x5e559477
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.19697, Zeitstempel: 0x5e91f218
Ausnahmecode: 0xc0000142
Fehleroffset: 0x0009d452
ID des fehlerhaften Prozesses: 0x18d8
Startzeit der fehlerhaften Anwendung: 0x01d63057a23ed87d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Pfad des fehlerhaften Moduls: USER32.dll
Berichtskennung: e2a5fdce-9c4a-11ea-825b-50b7c360a46a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/22/2020 06:39:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostex (2040) WebCacheLocal: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\Vera\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (05/22/2020 06:39:12 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (2040) WebCacheLocal: Versuch, Datei "C:\Users\Vera\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (05/22/2020 06:38:38 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (2040) Versuch, Datei "C:\Users\Vera\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.


System errors:
=============
Error: (05/23/2020 03:58:38 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.

Error: (05/22/2020 07:05:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/22/2020 07:05:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.

Error: (05/22/2020 06:40:23 PM) (Source: Ntfs) (EventID: 138) (User: )
Description: Bei "C:\" wurde vom Transaktionsressourcen-Manager ein schwerwiegender Fehler festgestellt, und er wurde heruntergefahren. Der Fehlercode ist in den Daten enthalten.

Error: (05/22/2020 05:34:05 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "avast" mit den Argumenten "/comsvc" gestartet wurde, um den folgenden Server zu verwenden:
{6D1FB6CD-9205-365A-907A-8AB76BC52400}

Error: (05/22/2020 05:34:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "%1!s! Update-Dienst (avast)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/22/2020 05:34:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst 30000!s! Update-Dienst (avast) erreicht.

Error: (05/22/2020 08:42:41 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.


Windows Defender:
===================================
Date: 2017-01-06 20:12:11.797
Description:
Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B50B01E6-7BBB-42A2-8C14-6C2F8606A722}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2014-06-29 19:16:52.089
Description:
Von Windows Defender wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
http://go.microsoft.com/fwlink/?linkid= ... 2147686445
Name: TrojanDownloader:Win32/Filcout.A
ID: 2147686445
Schweregrad: Schwerwiegend
Kategorie: Downloadtrojaner
Pfad: file:_C:\Users\Vera\AppData\Roaming\File Scout\uninst.exe;folder:_C:\Users\Vera\AppData\Roaming\File Scout\
Erkennungsursprung: Lokaler Computer
Erkennungstyp: Konkret
Erkennungsquelle: Benutzer
Benutzer: Wohnzimmer-PC\Andy
Prozessname: Unknown
Signaturversion: AV: 1.177.1192.0, AS: 1.177.1192.0, NIS: 111.26.0.0
Modulversion: AM: 1.1.10701.0, NIS: 2.1.10502.0

Date: 2013-12-08 10:56:47.536
Description:
Von Windows Defender wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
http://go.microsoft.com/fwlink/?linkid= ... 2147683859
Name: TrojanDropper:Win32/Rotbrow.A
ID: 2147683859
Schweregrad: Schwerwiegend
Kategorie: Trojaner - Dropper
Pfad: file:_C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693};uninstall:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
Erkennungsursprung: Lokaler Computer
Erkennungstyp: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Signaturversion: AV: 1.163.1485.0, AS: 1.163.1485.0, NIS: 0.0.0.0
Modulversion: AM: 1.1.10100.0, NIS: 0.0.0.0

Date: 2013-12-08 10:55:52.358
Description:
Von Windows Defender wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
http://go.microsoft.com/fwlink/?linkid= ... 2147683859
Name: TrojanDropper:Win32/Rotbrow.A
ID: 2147683859
Schweregrad: Schwerwiegend
Kategorie: Trojaner - Dropper
Pfad: file:_C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693};uninstall:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
Erkennungsursprung: Lokaler Computer
Erkennungstyp: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Wohnzimmer-PC\Andy
Prozessname: C:\Windows\explorer.exe
Signaturversion: AV: 1.163.1485.0, AS: 1.163.1485.0, NIS: 0.0.0.0
Modulversion: AM: 1.1.10100.0, NIS: 0.0.0.0

Date: 2013-12-08 10:55:05.710
Description:
Von Windows Defender wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
http://go.microsoft.com/fwlink/?linkid= ... 2147683859
Name: TrojanDropper:Win32/Rotbrow.A
ID: 2147683859
Schweregrad: Schwerwiegend
Kategorie: Trojaner - Dropper
Pfad: file:_C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
Erkennungsursprung: Lokaler Computer
Erkennungstyp: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Wohnzimmer-PC\Andy
Prozessname: C:\Windows\explorer.exe
Signaturversion: AV: 1.163.1485.0, AS: 1.163.1485.0, NIS: 0.0.0.0
Modulversion: AM: 1.1.10100.0, NIS: 0.0.0.0

Date: 2015-11-29 14:39:33.577
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.197.2651.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.11602.0
Fehlercode: 0x8024001e
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

Date: 2015-05-15 22:49:03.668
Description:
Das Windows Defender-Modul wurde aufgrund eines unerwarteten Fehlers beendet.
Fehlertyp: Absturz
Ausnahmecode: 0xc0000005
Ressource:

Date: 2015-05-15 22:48:32.070
Description:
Das Windows Defender-Modul wurde aufgrund eines unerwarteten Fehlers beendet.
Fehlertyp: Absturz
Ausnahmecode: 0xc0000005
Ressource:

Date: 2015-05-15 22:36:22.704
Description:
Das Windows Defender-Modul wurde aufgrund eines unerwarteten Fehlers beendet.
Fehlertyp: Absturz
Ausnahmecode: 0xc0000005
Ressource:

Date: 2015-05-15 22:36:22.672
Description:
Das Windows Defender-Modul wurde aufgrund eines unerwarteten Fehlers beendet.
Fehlertyp: Absturz
Ausnahmecode: 0xc0000005
Ressource:

CodeIntegrity:
===================================

Date: 2019-03-21 21:06:39.081
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-21 21:06:38.096
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-21 21:06:37.638
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-21 21:06:37.144
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-21 21:06:36.800
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-21 21:06:36.472
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-21 21:06:36.094
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-21 21:06:35.631
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P09ABE 07/04/2013
Motherboard: SAMSUNG ELECTRONICS CO., LTD. NP350E7C-A04DE
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 68%
Total physical RAM: 6035.67 MB
Available physical RAM: 1894.61 MB
Total Virtual: 6995.68 MB
Available Virtual: 3137.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:439.59 GB) (Free:273.87 GB) NTFS

\\?\Volume{c500ad9f-31a6-4a4e-ae10-f221389142a1}\ (Windows RE tools) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS
\\?\Volume{8551092b-4948-40e0-830e-f96bcc6648bc}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
\\?\Volume{a2d68c48-91fc-4f0c-8d24-5add29092469}\ (SAMSUNG_REC2) (Fixed) (Total:23.82 GB) (Free:0.99 GB) NTFS
\\?\Volume{1b2f5637-9b1c-44e3-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5383383C)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#12 Příspěvek od JaRon »

V podstate je to OK, len skontroluj nastavenie proxy a hosts
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Schnebel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 20 kvě 2020 21:40

Re: Kontrola logu

#13 Příspěvek od Schnebel »

Dekuju. Muzu se zeptat co, kde a jak skontrolovat?

Schnebel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 20 kvě 2020 21:40

Re: Kontrola logu

#14 Příspěvek od Schnebel »

Je tady nekde moznost se poradit ohledne WMI? Pise mi to neplatne WMI tridy. Tohle uz do logu nepatri

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#15 Příspěvek od JaRon »

Proxy mas nastavene na 50727, co je dost nezvykle
Subor hosts najdes na disku a je tiez nestandardne nastaveny
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět