Dobrý den, prosím o kontrolu. logu. popis problemu- infikace ransomwarem s priponou Infowaitt, ten mi zasifroval pul pc, komplet preinstal windows z lenovo recovery partu. po odinstalu vlozenych win live essentials po prihlaseni do uctu hlaska server rpc nenalezen, tlacitko restart-vypnout out of order, safe mod to samý,znama posledni konfigurace- hned pri nabíhaní win loga bluescreen a restart.zachranil to bod obnovy z recovery tool,kde to heslo vzalo-chtelo a nasledne jsem si vybral bod pred odinstalem.Dale nejde zadny Av poradne, avast nejde v nouzáku, spyware terminator se jednou spusti, podruhy ne- stit vubec nejde, malwarebytes mi nesel ani jeden stit s tim, ze jen ve verzi premium a psalo mi neznamou verzi,po tydnu najednou stity dou a mam premium verzi, jako admin nemuzu ani obcas vysypat kos-to chce opravneni spravce, jak dam cancel, tak to stejne zmizí, mohl bych pokracovat... dekuji za pomoc ci info, s pozdravem---------------------------------------------- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by KRAK-HEAD (27-11-2018 23:05:06)
Running from C:\Users\KRAK-HEAD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-11-19 09:40:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-363647782-2280047221-3034038998-500 - Administrator - Disabled)
Guest (S-1-5-21-363647782-2280047221-3034038998-501 - Limited - Disabled)
KRAK-HEAD (S-1-5-21-363647782-2280047221-3034038998-1000 - Administrator - Enabled) => C:\Users\KRAK-HEAD
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Movavi Video Editor 12 (HKLM-x32\...\Movavi Video Editor 12) (Version: 12.1.0 - Movavi)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SMPlayer 18.10.0 (x64) (HKLM\...\SMPlayer) (Version: 18.10.0 - Ricardo Villalba)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.18.0 - SRS Labs, Inc.)
Total Uninstall 6.26.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.26.0 - Gavrila Martau)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xilisoft 3D Video Converter (HKU\S-1-5-21-363647782-2280047221-3034038998-1000\...\Xilisoft 3D Video Converter) (Version: 1.1.0.20170209 - Xilisoft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043B3089-E85F-4BDA-8403-38F8C73C5AC7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-24] (Adobe Systems Incorporated)
Task: {6ADD0426-2C63-45C5-829B-DDE5027B164D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-27] (Piriform Ltd)
Task: {A9F91F83-6370-49F1-BA6B-737DBED66D6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {BA64886B-D4DC-4B3A-BA09-93618DCD8D85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-22] (AVAST Software)
Task: {C9654651-8AA3-49CD-89B6-62E0FED8FBBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {CAAC9BD3-549A-4215-9A04-C9CC69744FDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {D3A1E54D-3E72-4E0F-86A0-4CBA0DFAB968} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-27] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-11-02 13:58 - 2010-11-02 13:58 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-11-11 11:42 - 2010-11-11 11:42 - 000202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-11-11 11:44 - 2010-11-11 11:44 - 000156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-11-19 11:20 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-01-17 03:15 - 2010-12-16 09:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2014-08-14 12:28 - 2014-08-14 12:28 - 000100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2018-11-22 03:24 - 2018-11-22 03:24 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-27 20:24 - 2018-11-27 20:24 - 005735568 _____ () C:\Program Files\AVAST Software\Avast\defs\18112704\algo.dll
2010-11-11 11:38 - 2010-11-11 11:38 - 000161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-11-11 11:39 - 2010-11-11 11:39 - 000133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2018-11-22 03:25 - 2018-11-22 03:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KRAK-HEAD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1B5C7093-E49C-44B6-8185-910C2B443C75}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E0E18559-023B-47C6-8131-449F38CE7C0C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{DF9AB144-1CD5-4755-9342-44A0CF505CF1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64F38B5C-F0BA-4810-92A9-C90F46CABD3C}] => (Allow) LPort=2869
FirewallRules: [{94B5E4C8-0209-493A-95A3-A4B11700B8A1}] => (Allow) LPort=1900
FirewallRules: [{EEE068B0-B789-48CC-B8BC-96848D6E30CE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A068D29-985F-4C54-8E29-37AE1F767066}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{005D0EBE-F264-4A43-8EE3-001A575CB760}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2570A338-4911-4F3E-9FD2-4F4D08CDEB10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1588CB3E-9394-4949-9851-C3711F65807E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{14BDF287-D25C-460F-A040-BCF39C58ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DDE32AD9-05FE-4C9B-9A85-03F5415E7153}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{83181794-4C45-4AEC-8A45-4FDE6C9C0CEF}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{10DC1DFD-43E7-4D9E-BF03-B777BA593F91}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D69118BF-9F58-4848-8122-ADD8C6A2844E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5B83AE2A-8775-4217-8189-F29AEC3D1E66}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D3192FF2-111D-4B20-BB0A-C707249013DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6F1B6AB4-4293-4215-9DA1-B0E2AF9A029E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
24-11-2018 01:42:45 Odinstalovat s Total Uninstall "hhh"
25-11-2018 13:27:24 Konfigurováno PowerDVD
25-11-2018 20:07:05 Removed Onekey Theater
26-11-2018 01:51:54 Odinstalovat s Total Uninstall "vlc"
27-11-2018 16:50:33 Instalační služba modulů systému Windows
27-11-2018 16:56:10 Odebráno: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
27-11-2018 16:56:29 Odebráno: Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
27-11-2018 17:16:55 Odinstalovat s Total Uninstall "Power2Go"
27-11-2018 17:25:28 Odinstalovat s Total Uninstall "Microsoft Silverlight / Windows Live Remote Service / Windows Live ID Sign-in Assistant"
27-11-2018 17:27:22 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:27:31 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:27:59 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:28:09 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:29:55 Odinstalovat s Total Uninstall "Intel(R) Rapid Storage Technology"
27-11-2018 17:31:04 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:31:18 Odebráno: Windows Live Mesh ActiveX Control for Remote Connections
27-11-2018 17:34:45 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:35:28 Odinstalovat s Total Uninstall "Windows Live Essentials / D3DX10 / Junk Mail filter update / Mesh Runtime / Microsoft Applicatio
27-11-2018 17:36:07 Windows Live Essentials
27-11-2018 17:36:23 WLSetup
==================== Faulty Device Manager Devices =============
Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Intel(R) WiFi Link 1000 BGN
Description: Intel(R) WiFi Link 1000 BGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2018 05:40:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
Error: (11/27/2018 05:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:36:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:11:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
System errors:
=============
Error: (11/27/2018 06:43:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CryptSvc bylo dosaženo časového limitu (30000 ms).
Error: (11/27/2018 03:35:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/27/2018 03:35:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.
Error: (11/27/2018 08:48:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:46:23, 27.11.2018) bylo neočekávané.
Error: (11/25/2018 06:09:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/25/2018 06:09:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.
Error: (11/25/2018 06:07:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Napájení ukončena s chybou Operace byla dokončena úspěšně.
, specifickou pro službu.
Error: (11/25/2018 06:07:50 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 12291) (User: NT AUTHORITY)
Description: Službě SAM se nepodařilo spustit podproces naslouchání protokolu TCP/IP nebo SPX/IPX.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 37%
Total physical RAM: 8106.14 MB
Available physical RAM: 5043.46 MB
Total Virtual: 16210.46 MB
Available Virtual: 13284.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:654.69 GB) (Free:468.54 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.85 GB) NTFS
\\?\Volume{91c05cc6-23a0-11e4-873e-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 3CCC24D0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.7 GB) - (Type=12)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV atd
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-14.2 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-28-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\KRAK-HEAD\AppData\Local\slimware utilities inc
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [5589 octets] - [28/11/2018 00:00:16]
AdwCleaner[S00].txt - [1460 octets] - [28/11/2018 00:01:05]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-14.2 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-28-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\KRAK-HEAD\AppData\Local\slimware utilities inc
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [5589 octets] - [28/11/2018 00:00:16]
AdwCleaner[S00].txt - [1460 octets] - [28/11/2018 00:01:05]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
Poprosim o obidva nove logy z FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
Ahoj, díky a tady jsou ty logy.-----------------------------------Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by KRAK-HEAD (28-11-2018 13:16:08)
Running from C:\Users\KRAK-HEAD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-11-19 09:40:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-363647782-2280047221-3034038998-500 - Administrator - Disabled)
Guest (S-1-5-21-363647782-2280047221-3034038998-501 - Limited - Disabled)
KRAK-HEAD (S-1-5-21-363647782-2280047221-3034038998-1000 - Administrator - Enabled) => C:\Users\KRAK-HEAD
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Movavi Video Editor 12 (HKLM-x32\...\Movavi Video Editor 12) (Version: 12.1.0 - Movavi)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SMPlayer 18.10.0 (x64) (HKLM\...\SMPlayer) (Version: 18.10.0 - Ricardo Villalba)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.18.0 - SRS Labs, Inc.)
Total Uninstall 6.26.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.26.0 - Gavrila Martau)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xilisoft 3D Video Converter (HKU\S-1-5-21-363647782-2280047221-3034038998-1000\...\Xilisoft 3D Video Converter) (Version: 1.1.0.20170209 - Xilisoft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043B3089-E85F-4BDA-8403-38F8C73C5AC7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-24] (Adobe Systems Incorporated)
Task: {6ADD0426-2C63-45C5-829B-DDE5027B164D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-27] (Piriform Ltd)
Task: {A9F91F83-6370-49F1-BA6B-737DBED66D6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {BA64886B-D4DC-4B3A-BA09-93618DCD8D85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-22] (AVAST Software)
Task: {C9654651-8AA3-49CD-89B6-62E0FED8FBBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {CAAC9BD3-549A-4215-9A04-C9CC69744FDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {D3A1E54D-3E72-4E0F-86A0-4CBA0DFAB968} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-27] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-11-02 13:58 - 2010-11-02 13:58 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2010-11-11 11:42 - 2010-11-11 11:42 - 000202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-11-11 11:44 - 2010-11-11 11:44 - 000156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-11-19 11:20 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-01-17 03:15 - 2010-12-16 09:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2014-08-14 12:28 - 2014-08-14 12:28 - 000100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-09-28 23:19 - 2018-11-27 20:46 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-11-28 13:10 - 2018-11-28 13:10 - 005735568 _____ () C:\Program Files\AVAST Software\Avast\defs\18112804\algo.dll
2010-11-11 11:38 - 2010-11-11 11:38 - 000161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-11-11 11:39 - 2010-11-11 11:39 - 000133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2018-11-22 03:25 - 2018-11-22 03:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KRAK-HEAD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1B5C7093-E49C-44B6-8185-910C2B443C75}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E0E18559-023B-47C6-8131-449F38CE7C0C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{DF9AB144-1CD5-4755-9342-44A0CF505CF1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64F38B5C-F0BA-4810-92A9-C90F46CABD3C}] => (Allow) LPort=2869
FirewallRules: [{94B5E4C8-0209-493A-95A3-A4B11700B8A1}] => (Allow) LPort=1900
FirewallRules: [{EEE068B0-B789-48CC-B8BC-96848D6E30CE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A068D29-985F-4C54-8E29-37AE1F767066}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{005D0EBE-F264-4A43-8EE3-001A575CB760}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2570A338-4911-4F3E-9FD2-4F4D08CDEB10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1588CB3E-9394-4949-9851-C3711F65807E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{14BDF287-D25C-460F-A040-BCF39C58ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DDE32AD9-05FE-4C9B-9A85-03F5415E7153}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{83181794-4C45-4AEC-8A45-4FDE6C9C0CEF}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{10DC1DFD-43E7-4D9E-BF03-B777BA593F91}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D69118BF-9F58-4848-8122-ADD8C6A2844E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5B83AE2A-8775-4217-8189-F29AEC3D1E66}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D3192FF2-111D-4B20-BB0A-C707249013DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6F1B6AB4-4293-4215-9DA1-B0E2AF9A029E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
24-11-2018 01:42:45 Odinstalovat s Total Uninstall "hhh"
25-11-2018 13:27:24 Konfigurováno PowerDVD
25-11-2018 20:07:05 Removed Onekey Theater
26-11-2018 01:51:54 Odinstalovat s Total Uninstall "vlc"
27-11-2018 16:50:33 Instalační služba modulů systému Windows
27-11-2018 16:56:10 Odebráno: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
27-11-2018 16:56:29 Odebráno: Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
27-11-2018 17:16:55 Odinstalovat s Total Uninstall "Power2Go"
27-11-2018 17:25:28 Odinstalovat s Total Uninstall "Microsoft Silverlight / Windows Live Remote Service / Windows Live ID Sign-in Assistant"
27-11-2018 17:27:22 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:27:31 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:27:59 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:28:09 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:29:55 Odinstalovat s Total Uninstall "Intel(R) Rapid Storage Technology"
27-11-2018 17:31:04 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:31:18 Odebráno: Windows Live Mesh ActiveX Control for Remote Connections
27-11-2018 17:34:45 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:35:28 Odinstalovat s Total Uninstall "Windows Live Essentials / D3DX10 / Junk Mail filter update / Mesh Runtime / Microsoft Applicatio
27-11-2018 17:36:07 Windows Live Essentials
27-11-2018 17:36:23 WLSetup
==================== Faulty Device Manager Devices =============
Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Intel(R) WiFi Link 1000 BGN
Description: Intel(R) WiFi Link 1000 BGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2018 05:40:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
Error: (11/27/2018 05:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:36:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:11:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
System errors:
=============
Error: (11/28/2018 12:55:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (2:54:46, 28.11.2018) bylo neočekávané.
Error: (11/28/2018 12:04:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WPDBusEnum bylo dosaženo časového limitu (30000 ms).
Error: (11/28/2018 12:04:02 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby SysMain bylo dosaženo časového limitu (30000 ms).
Error: (11/28/2018 12:02:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Live ID Sign-in Assistant neuspěla při spuštění v důsledku následující chyby:
Přesměrování bylo ukončeno.
Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 30%
Total physical RAM: 8106.14 MB
Available physical RAM: 5660.37 MB
Total Virtual: 16210.46 MB
Available Virtual: 13849.88 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:654.69 GB) (Free:467.02 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.85 GB) NTFS
\\?\Volume{91c05cc6-23a0-11e4-873e-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 3CCC24D0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.7 GB) - (Type=12)
==================== End of Addition.txt ============================
Ran by KRAK-HEAD (28-11-2018 13:16:08)
Running from C:\Users\KRAK-HEAD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-11-19 09:40:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-363647782-2280047221-3034038998-500 - Administrator - Disabled)
Guest (S-1-5-21-363647782-2280047221-3034038998-501 - Limited - Disabled)
KRAK-HEAD (S-1-5-21-363647782-2280047221-3034038998-1000 - Administrator - Enabled) => C:\Users\KRAK-HEAD
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Movavi Video Editor 12 (HKLM-x32\...\Movavi Video Editor 12) (Version: 12.1.0 - Movavi)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SMPlayer 18.10.0 (x64) (HKLM\...\SMPlayer) (Version: 18.10.0 - Ricardo Villalba)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.18.0 - SRS Labs, Inc.)
Total Uninstall 6.26.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.26.0 - Gavrila Martau)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xilisoft 3D Video Converter (HKU\S-1-5-21-363647782-2280047221-3034038998-1000\...\Xilisoft 3D Video Converter) (Version: 1.1.0.20170209 - Xilisoft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043B3089-E85F-4BDA-8403-38F8C73C5AC7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-24] (Adobe Systems Incorporated)
Task: {6ADD0426-2C63-45C5-829B-DDE5027B164D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-27] (Piriform Ltd)
Task: {A9F91F83-6370-49F1-BA6B-737DBED66D6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {BA64886B-D4DC-4B3A-BA09-93618DCD8D85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-22] (AVAST Software)
Task: {C9654651-8AA3-49CD-89B6-62E0FED8FBBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {CAAC9BD3-549A-4215-9A04-C9CC69744FDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {D3A1E54D-3E72-4E0F-86A0-4CBA0DFAB968} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-27] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-11-02 13:58 - 2010-11-02 13:58 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2010-11-11 11:42 - 2010-11-11 11:42 - 000202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-11-11 11:44 - 2010-11-11 11:44 - 000156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-11-19 11:20 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-01-17 03:15 - 2010-12-16 09:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2014-08-14 12:28 - 2014-08-14 12:28 - 000100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-09-28 23:19 - 2018-11-27 20:46 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-11-28 13:10 - 2018-11-28 13:10 - 005735568 _____ () C:\Program Files\AVAST Software\Avast\defs\18112804\algo.dll
2010-11-11 11:38 - 2010-11-11 11:38 - 000161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-11-11 11:39 - 2010-11-11 11:39 - 000133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2018-11-22 03:25 - 2018-11-22 03:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KRAK-HEAD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1B5C7093-E49C-44B6-8185-910C2B443C75}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E0E18559-023B-47C6-8131-449F38CE7C0C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{DF9AB144-1CD5-4755-9342-44A0CF505CF1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64F38B5C-F0BA-4810-92A9-C90F46CABD3C}] => (Allow) LPort=2869
FirewallRules: [{94B5E4C8-0209-493A-95A3-A4B11700B8A1}] => (Allow) LPort=1900
FirewallRules: [{EEE068B0-B789-48CC-B8BC-96848D6E30CE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A068D29-985F-4C54-8E29-37AE1F767066}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{005D0EBE-F264-4A43-8EE3-001A575CB760}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2570A338-4911-4F3E-9FD2-4F4D08CDEB10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1588CB3E-9394-4949-9851-C3711F65807E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{14BDF287-D25C-460F-A040-BCF39C58ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DDE32AD9-05FE-4C9B-9A85-03F5415E7153}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{83181794-4C45-4AEC-8A45-4FDE6C9C0CEF}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{10DC1DFD-43E7-4D9E-BF03-B777BA593F91}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D69118BF-9F58-4848-8122-ADD8C6A2844E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5B83AE2A-8775-4217-8189-F29AEC3D1E66}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D3192FF2-111D-4B20-BB0A-C707249013DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6F1B6AB4-4293-4215-9DA1-B0E2AF9A029E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
24-11-2018 01:42:45 Odinstalovat s Total Uninstall "hhh"
25-11-2018 13:27:24 Konfigurováno PowerDVD
25-11-2018 20:07:05 Removed Onekey Theater
26-11-2018 01:51:54 Odinstalovat s Total Uninstall "vlc"
27-11-2018 16:50:33 Instalační služba modulů systému Windows
27-11-2018 16:56:10 Odebráno: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
27-11-2018 16:56:29 Odebráno: Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
27-11-2018 17:16:55 Odinstalovat s Total Uninstall "Power2Go"
27-11-2018 17:25:28 Odinstalovat s Total Uninstall "Microsoft Silverlight / Windows Live Remote Service / Windows Live ID Sign-in Assistant"
27-11-2018 17:27:22 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:27:31 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:27:59 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:28:09 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:29:55 Odinstalovat s Total Uninstall "Intel(R) Rapid Storage Technology"
27-11-2018 17:31:04 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:31:18 Odebráno: Windows Live Mesh ActiveX Control for Remote Connections
27-11-2018 17:34:45 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:35:28 Odinstalovat s Total Uninstall "Windows Live Essentials / D3DX10 / Junk Mail filter update / Mesh Runtime / Microsoft Applicatio
27-11-2018 17:36:07 Windows Live Essentials
27-11-2018 17:36:23 WLSetup
==================== Faulty Device Manager Devices =============
Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Intel(R) WiFi Link 1000 BGN
Description: Intel(R) WiFi Link 1000 BGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2018 05:40:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
Error: (11/27/2018 05:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:36:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:11:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
System errors:
=============
Error: (11/28/2018 12:55:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (2:54:46, 28.11.2018) bylo neočekávané.
Error: (11/28/2018 12:04:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WPDBusEnum bylo dosaženo časového limitu (30000 ms).
Error: (11/28/2018 12:04:02 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby SysMain bylo dosaženo časového limitu (30000 ms).
Error: (11/28/2018 12:02:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Live ID Sign-in Assistant neuspěla při spuštění v důsledku následující chyby:
Přesměrování bylo ukončeno.
Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 30%
Total physical RAM: 8106.14 MB
Available physical RAM: 5660.37 MB
Total Virtual: 16210.46 MB
Available Virtual: 13849.88 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:654.69 GB) (Free:467.02 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.85 GB) NTFS
\\?\Volume{91c05cc6-23a0-11e4-873e-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 3CCC24D0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.7 GB) - (Type=12)
==================== End of Addition.txt ============================
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum Folder: C:\791a98816d22a12ec581 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ U1 aswbdisk; no ImagePath S3 btwaudio; system32\drivers\btwaudio.sys [X] S3 btwavdt; system32\DRIVERS\btwavdt.sys [X] S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X] S3 btwrchid; system32\DRIVERS\btwrchid.sys [X] U2 CLKMSVC10_3A60B698; no ImagePath U2 CLKMSVC10_C3B3B687; no ImagePath S3 clwvd; system32\DRIVERS\clwvd.sys [X] U2 DriverService; no ImagePath U2 IAStorDataMgrSvc; no ImagePath U2 idealife Update Service; no ImagePath U3 IGRS; no ImagePath U2 IviRegMgr; no ImagePath U2 nvUpdatusService; no ImagePath U2 Oasis2Service; no ImagePath U2 PCCarerServic; no ImagePath U2 ReadyComm.DirectRouter; no ImagePath U2 RichVideo; no ImagePath U2 SoftwareService; no ImagePath U2 Stereo Service; no ImagePath 2018-11-22 03:15 - 2018-11-22 03:15 - 000000016 _____ C:\ProgramData\mntemp 2018-11-19 11:50 - 2018-11-19 11:55 - 000000000 ____D C:\791a98816d22a12ec581 Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
- screen-shot-11-29-18-at-05-30-.png (164.95 KiB) Zobrazeno 1560 x
Ran by KRAK-HEAD (29-11-2018 05:36:19) Run:1
Running from C:\Users\KRAK-HEAD\Desktop
Loaded Profiles: KRAK-HEAD (Available Profiles: KRAK-HEAD)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\791a98816d22a12ec581
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
U1 aswbdisk; no ImagePath
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
U2 CLKMSVC10_3A60B698; no ImagePath
U2 CLKMSVC10_C3B3B687; no ImagePath
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService; no ImagePath
U2 IAStorDataMgrSvc; no ImagePath
U2 idealife Update Service; no ImagePath
U3 IGRS; no ImagePath
U2 IviRegMgr; no ImagePath
U2 nvUpdatusService; no ImagePath
U2 Oasis2Service; no ImagePath
U2 PCCarerServic; no ImagePath
U2 ReadyComm.DirectRouter; no ImagePath
U2 RichVideo; no ImagePath
U2 SoftwareService; no ImagePath
U2 Stereo Service; no ImagePath
2018-11-22 03:15 - 2018-11-22 03:15 - 000000016 _____ C:\ProgramData\mntemp
2018-11-19 11:50 - 2018-11-19 11:55 - 000000000 ____D C:\791a98816d22a12ec581
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 10
Average :
Sum : 9772776
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= Folder: C:\791a98816d22a12ec581 ========================
2018-11-19 11:50 - 2018-11-19 11:55 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c
2018-11-19 11:50 - 2018-11-19 11:55 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lt-lt
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lt-lt\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lv-lv
2018-11-19 11:50 - 2018-11-19 11:50 - 000008213 ____A [3D69ACB861B4B5EE5A51F53511E4A46F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lv-lv\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lv-lv\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nb-no
2018-11-19 11:50 - 2018-11-19 11:50 - 000008057 ____A [907ABAD952F588FD8EDA8A3030B2BB84] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nb-no\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nb-no\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nl-nl
2018-11-19 11:50 - 2018-11-19 11:50 - 000008353 ____A [3993F3E68ED66A8AC36BEA2CD685F22C] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nl-nl\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017991 ____A [510C85E3080FFF63A95972A72A950026] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nl-nl\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pl-pl
2018-11-19 11:50 - 2018-11-19 11:50 - 000008886 ____A [96C11BE47ABF472591C05D95086811F1] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pl-pl\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000018368 ____A [3C7EF585ECC71912743BBE60D55DA0CD] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pl-pl\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-br
2018-11-19 11:50 - 2018-11-19 11:50 - 000008228 ____A [FD22F3F2948177A475560C5028A451F8] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-br\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017744 ____A [C1EAC28F978D831F54CA3B0EDA08D133] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-br\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-pt
2018-11-19 11:50 - 2018-11-19 11:50 - 000008508 ____A [3D628C9D2CD5BAEEAC62D6A283360C44] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-pt\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000018233 ____A [4EC05E9AFE4BBDFC538548A1ADB40666] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-pt\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ro-ro
2018-11-19 11:50 - 2018-11-19 11:50 - 000008329 ____A [D1F92FB26ED97978DA73B1A3410BA169] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ro-ro\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ro-ro\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ru-ru
2018-11-19 11:50 - 2018-11-19 11:50 - 000008403 ____A [95AF4816A32ED4ED180074DA582CD3D5] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ru-ru\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017780 ____A [4EC28CBC1D3BA3BF96A8737C633EE2EE] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ru-ru\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sk-sk
2018-11-19 11:50 - 2018-11-19 11:50 - 000008420 ____A [E554FF0D270C75F52A7FE13B80420419] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sk-sk\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sk-sk\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sl-si
2018-11-19 11:50 - 2018-11-19 11:50 - 000008415 ____A [701B06587D5D2364C5DF894F002376C3] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sl-si\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sl-si\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sr-latn-cs
2018-11-19 11:50 - 2018-11-19 11:50 - 000008364 ____A [7A4EDBF4234EFA629B3774468EF9FA94] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sr-latn-cs\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sr-latn-cs\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sv-se
2018-11-19 11:50 - 2018-11-19 11:50 - 000008195 ____A [4C83A15AADF09DA88B163659C6CEF60B] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sv-se\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017752 ____A [907379578C028CDFC857F354BC68AD10] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sv-se\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\th-th
2018-11-19 11:50 - 2018-11-19 11:50 - 000007734 ____A [37BD51DEE034F3FDD49506DA451C36F2] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\th-th\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\th-th\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\tr-tr
2018-11-19 11:50 - 2018-11-19 11:50 - 000007984 ____A [EDE6335EBE230E248B09CC7C072B4D7C] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\tr-tr\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017538 ____A [A5E99768FBB83112F7FC247767FF18B6] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\tr-tr\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\uk-ua
2018-11-19 11:50 - 2018-11-19 11:50 - 000008636 ____A [E38CFD3A683C476EC42733BDD7D2C34C] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\uk-ua\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\uk-ua\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-cn
2018-11-19 11:50 - 2018-11-19 11:50 - 000006514 ____A [D77E5149B8A6C90E81024B0B9D357C99] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-cn\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000015978 ____A [1F835A0C7D33B049A201BF11883EA1D1] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-cn\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-hk
2018-11-19 11:50 - 2018-11-19 11:50 - 000006452 ____A [30A14BEDB27F784E164470769358B215] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-hk\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000016040 ____A [45D23AF64E9F710A787C8F33EB1044EA] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-hk\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-tw
2018-11-19 11:50 - 2018-11-19 11:50 - 000006452 ____A [30A14BEDB27F784E164470769358B215] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-tw\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000016040 ____A [45D23AF64E9F710A787C8F33EB1044EA] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-tw\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [5588748C0B4C69CEF4FECF45245373C8] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [02661578EE1429FB655A4EA022F65942] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005632 ____A [D08CF5B462E24943D7A59C10DA284FD4] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [EF964A74AA39977A3344EC3082760247] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru
2018-11-19 11:50 - 2018-11-19 11:50 - 000321536 ____A [F99E3F90A11BBF9B78CB47E0DB7F0ECA] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [65625DE6164B193E3BCED49F38FC5E1F] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [659D7AFB87730741284E4FBE693289E8] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [FE937E21C62EAA764C24D417D9953D9B] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [F0FEB07D5E303B05C2458C9260A27B90] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [B9E6F26B23305ED35FE54E4C36039DFB] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [5843ED096A6A0166CB39B3D240384ECA] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [A4550AAA3606699E83373EF3ECEA6D38] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [6E20C43C57D635004023C4F1C219EBD1] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [E54DFBBC63FEE62B803A558F7B72B0D2] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [FC1B5EFBCAE7D0EEB03B178C43C8217A] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000022016 ____A [9C26F6B567BCA7190BCB2579CAD54B1E] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [5CC6F6C17A61A97461B836A1A7A51163] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [0141D4C078470F4801FE6D8C8413CF2F] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [F7A160344603C4CD2D06F18F8648BF30] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [01C247CD80A6A5B58D6DB24D7BEB923C] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se
2018-11-19 11:50 - 2018-11-19 11:50 - 000316928 ____A [EBED628E994B044BBBBFBD69DD1BEF5C] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [419B829B1F8D8B7DC4655AEF097D0B89] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [2B4770B6A01F6955B262BCE1D0118DBC] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000020992 ____A [F96CE95E3EA04EB6E76E0F81AC34E19F] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [EA4ADF7C1B1952D5A09E6F1568ACF739] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [0561EB958EE362FACD698ECE186B6CAE] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004608 ____A [6FEC6BEAA1462F24A0B2B2A60CB80A14] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000019968 ____A [775757CC081AC4A21DB6B13C29821060] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr
2018-11-19 11:50 - 2018-11-19 11:50 - 000303616 ____A [AB268BBA74DC2526705BB3BEA3BCFDF2] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [54118B207E7FE22A00FF83004C32108E] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [151EF27D7EC8C94A0DBE8149351E9DEA] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000020480 ____A [8B54BC867C045F6E56E6E19549F1463C] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [41C3B6A9660DF20353FC746A046B8862] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [303C06C9D1566F4884F5B5DA7FCCC1C1] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [693C85E7406FF3BE876CC1E745B3DAC2] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [67F50AB07824810478FE4CD1A6EB952B] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn
2018-11-19 11:50 - 2018-11-19 11:50 - 000161280 ____A [C998FC455B195D869AFAB6E9201E850C] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003072 ____A [B9E66F728B95CCD2B6CF515AEBFFBA2F] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003584 ____A [FA8DBACE98DA5639DEA6DAFA25C8F505] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000012288 ____A [96CB46DDA10349F41C2F871CE7FC561E] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk
2018-11-19 11:50 - 2018-11-19 11:50 - 000160256 ____A [1E67085E180153A3484EE2A39106FD3E] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003072 ____A [C049D101F549803C2EEC27E7ADAD6B47] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003584 ____A [7EEF1A1C2A96A1EA8D10BC61AEB637E6] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000012800 ____A [E591EAB25649CB0CCFB7EAA1BBD99561] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw
2018-11-19 11:50 - 2018-11-19 11:50 - 000160256 ____A [BF5397FE08C6AE731C963BFA4D88FDC2] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003072 ____A [77D1E9BD4D10C2728934069A88C58043] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003584 ____A [F68A78E2A30858C03AC972BD0A916F35] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000012800 ____A [00EF4BF5CC68205E0F8128F476F4F5DE] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw\spwizui.dll.mui
====== End of Folder: ======
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\btwaudio => removed successfully
btwaudio => service removed successfully
HKLM\System\CurrentControlSet\Services\btwavdt => removed successfully
btwavdt => service removed successfully
HKLM\System\CurrentControlSet\Services\btwl2cap => removed successfully
btwl2cap => service removed successfully
HKLM\System\CurrentControlSet\Services\btwrchid => removed successfully
btwrchid => service removed successfully
HKLM\System\CurrentControlSet\Services\CLKMSVC10_3A60B698 => removed successfully
CLKMSVC10_3A60B698 => service removed successfully
HKLM\System\CurrentControlSet\Services\CLKMSVC10_C3B3B687 => removed successfully
CLKMSVC10_C3B3B687 => service removed successfully
HKLM\System\CurrentControlSet\Services\clwvd => removed successfully
clwvd => service removed successfully
HKLM\System\CurrentControlSet\Services\DriverService => removed successfully
DriverService => service removed successfully
HKLM\System\CurrentControlSet\Services\IAStorDataMgrSvc => removed successfully
IAStorDataMgrSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\idealife Update Service => removed successfully
idealife Update Service => service removed successfully
HKLM\System\CurrentControlSet\Services\IGRS => removed successfully
IGRS => service removed successfully
HKLM\System\CurrentControlSet\Services\IviRegMgr => removed successfully
IviRegMgr => service removed successfully
HKLM\System\CurrentControlSet\Services\nvUpdatusService => removed successfully
nvUpdatusService => service removed successfully
HKLM\System\CurrentControlSet\Services\Oasis2Service => removed successfully
Oasis2Service => service removed successfully
HKLM\System\CurrentControlSet\Services\PCCarerServic => removed successfully
PCCarerServic => service removed successfully
HKLM\System\CurrentControlSet\Services\ReadyComm.DirectRouter => removed successfully
ReadyComm.DirectRouter => service removed successfully
HKLM\System\CurrentControlSet\Services\RichVideo => removed successfully
RichVideo => service removed successfully
HKLM\System\CurrentControlSet\Services\SoftwareService => removed successfully
SoftwareService => service removed successfully
HKLM\System\CurrentControlSet\Services\Stereo Service => removed successfully
Stereo Service => service removed successfully
C:\ProgramData\mntemp => moved successfully
C:\791a98816d22a12ec581 => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10454696 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 3570 B
Edge => 0 B
Chrome => 141646 B
Firefox => 74367614 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 18312 B
systemprofile32 => 692 B
LocalService => 66228 B
NetworkService => 66228 B
KRAK-HEAD => 26507204 B
RecycleBin => 5824 B
EmptyTemp: => 114.5 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-11-2018 05:40:32)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
==== End of Fixlog 05:40:32 ====
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
Ano, aj toto je spravne. Spusti kontrolu integrity systemovych suborov:
- Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
- Skopiruj a spusti prikaz:
Kód: Vybrat vše
sfc /scannow - Po dokonceni skopiruj a spusti tento prikaz:
Kód: Vybrat vše
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" - Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
- Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
THNX 4 INFO, PC SE CHOVA ZDANLIVE NORMALNE-ZCELA STEJNE, NA SPYWARE TERMINATOR SE DA POZOROVAT, ZE NENI. JEDEN PRIKLAD VIDITELNE ZMENY-PRI ZAVIRANI STALE NEFUNKCNIHO RESIDENTNIHO STITU, KTERY NABIHA PRI STARTUPU DOLE Z LISTY WINDOWS UZ TO NECHCE HESLO K DEAKTIVACI, VÍC JSEM NEZAZNAMENAL,DEKUJI ZA POMOC A PRIKLADAM TEN ZZIP.
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
Spyware Terminator odporucam odinstalovat, je to aj zbytocnost, kedze uz tam je nainstalovany Avast. Nasledne poprosim o nove logy z FRST. Su s PC este nejake ine problemy?Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
Problemy žádné zaznamenané.prikladam logy a dotaz, zda-li mohu uz ted pomocí Adwcleaneru odstranit ty dvě PUP infekce, které mám v karanténě, pokud to tedy pujde, nerad předbíhám, jen abych na to nezapomněl.Děkuji mnohokrát-----------------------------Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by KRAK-HEAD (29-11-2018 23:22:52)
Running from C:\Users\KRAK-HEAD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-11-19 09:40:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-363647782-2280047221-3034038998-500 - Administrator - Disabled)
Guest (S-1-5-21-363647782-2280047221-3034038998-501 - Limited - Disabled)
KRAK-HEAD (S-1-5-21-363647782-2280047221-3034038998-1000 - Administrator - Enabled) => C:\Users\KRAK-HEAD
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
Gadwin PrintScreen (64-Bit) (HKLM\...\{9D41A5E9-499A-4B98-8F05-CAB1C879E046}) (Version: 5.8.5.0 - Gadwin Systems)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Movavi Video Editor 12 (HKLM-x32\...\Movavi Video Editor 12) (Version: 12.1.0 - Movavi)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SMPlayer 18.10.0 (x64) (HKLM\...\SMPlayer) (Version: 18.10.0 - Ricardo Villalba)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.18.0 - SRS Labs, Inc.)
Subtitle Edit 3.5.1 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.5.1.1 - Nikse)
Total Uninstall 6.26.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.26.0 - Gavrila Martau)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xilisoft 3D Video Converter (HKU\S-1-5-21-363647782-2280047221-3034038998-1000\...\Xilisoft 3D Video Converter) (Version: 1.1.0.20170209 - Xilisoft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043B3089-E85F-4BDA-8403-38F8C73C5AC7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-24] (Adobe Systems Incorporated)
Task: {6ADD0426-2C63-45C5-829B-DDE5027B164D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-27] (Piriform Ltd)
Task: {A9F91F83-6370-49F1-BA6B-737DBED66D6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {BA64886B-D4DC-4B3A-BA09-93618DCD8D85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-22] (AVAST Software)
Task: {C9654651-8AA3-49CD-89B6-62E0FED8FBBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {CAAC9BD3-549A-4215-9A04-C9CC69744FDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {D3A1E54D-3E72-4E0F-86A0-4CBA0DFAB968} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-27] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-11-02 13:58 - 2010-11-02 13:58 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-11-11 11:42 - 2010-11-11 11:42 - 000202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-11-11 11:44 - 2010-11-11 11:44 - 000156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-11-19 11:20 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2011-01-17 03:15 - 2010-12-16 09:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-14 12:28 - 2014-08-14 12:28 - 000100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-09-28 23:19 - 2018-11-27 20:46 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-29 16:10 - 2018-11-29 16:10 - 005793424 _____ () C:\Program Files\AVAST Software\Avast\defs\18112904\algo.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2010-11-11 11:38 - 2010-11-11 11:38 - 000161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-11-11 11:39 - 2010-11-11 11:39 - 000133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2018-11-22 03:25 - 2018-11-22 03:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2018-11-29 05:36 - 000000035 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KRAK-HEAD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1B5C7093-E49C-44B6-8185-910C2B443C75}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E0E18559-023B-47C6-8131-449F38CE7C0C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{DF9AB144-1CD5-4755-9342-44A0CF505CF1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64F38B5C-F0BA-4810-92A9-C90F46CABD3C}] => (Allow) LPort=2869
FirewallRules: [{94B5E4C8-0209-493A-95A3-A4B11700B8A1}] => (Allow) LPort=1900
FirewallRules: [{EEE068B0-B789-48CC-B8BC-96848D6E30CE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A068D29-985F-4C54-8E29-37AE1F767066}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{005D0EBE-F264-4A43-8EE3-001A575CB760}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2570A338-4911-4F3E-9FD2-4F4D08CDEB10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1588CB3E-9394-4949-9851-C3711F65807E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{14BDF287-D25C-460F-A040-BCF39C58ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DDE32AD9-05FE-4C9B-9A85-03F5415E7153}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{83181794-4C45-4AEC-8A45-4FDE6C9C0CEF}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{10DC1DFD-43E7-4D9E-BF03-B777BA593F91}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D69118BF-9F58-4848-8122-ADD8C6A2844E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5B83AE2A-8775-4217-8189-F29AEC3D1E66}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D3192FF2-111D-4B20-BB0A-C707249013DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6F1B6AB4-4293-4215-9DA1-B0E2AF9A029E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
26-11-2018 01:51:54 Odinstalovat s Total Uninstall "vlc"
27-11-2018 16:50:33 Instalační služba modulů systému Windows
27-11-2018 16:56:10 Odebráno: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
27-11-2018 16:56:29 Odebráno: Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
27-11-2018 17:16:55 Odinstalovat s Total Uninstall "Power2Go"
27-11-2018 17:25:28 Odinstalovat s Total Uninstall "Microsoft Silverlight / Windows Live Remote Service / Windows Live ID Sign-in Assistant"
27-11-2018 17:27:22 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:27:31 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:27:59 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:28:09 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:29:55 Odinstalovat s Total Uninstall "Intel(R) Rapid Storage Technology"
27-11-2018 17:31:04 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:31:18 Odebráno: Windows Live Mesh ActiveX Control for Remote Connections
27-11-2018 17:34:45 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:35:28 Odinstalovat s Total Uninstall "Windows Live Essentials / D3DX10 / Junk Mail filter update / Mesh Runtime / Microsoft Applicatio
27-11-2018 17:36:07 Windows Live Essentials
27-11-2018 17:36:23 WLSetup
29-11-2018 03:11:27 Odinstalovat s Total Uninstall "SUBTITLE EDITOR"
29-11-2018 04:14:19 Installed Gadwin PrintScreen (64-Bit)
29-11-2018 05:23:28 Installed Gadwin PrintScreen (64-Bit)
29-11-2018 05:24:15 Installed Gadwin PrintScreen (64-Bit)
29-11-2018 05:36:20 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Intel(R) WiFi Link 1000 BGN
Description: Intel(R) WiFi Link 1000 BGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2018 05:40:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
Error: (11/27/2018 05:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:36:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:11:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
System errors:
=============
Error: (11/29/2018 06:56:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/29/2018 06:49:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (11/29/2018 06:49:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/29/2018 05:36:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 29%
Total physical RAM: 8106.14 MB
Available physical RAM: 5706.35 MB
Total Virtual: 16210.46 MB
Available Virtual: 13864 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:654.69 GB) (Free:462.67 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.85 GB) NTFS
\\?\Volume{91c05cc6-23a0-11e4-873e-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 3CCC24D0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.7 GB) - (Type=12)
==================== End of Addition.txt ============================
Ran by KRAK-HEAD (29-11-2018 23:22:52)
Running from C:\Users\KRAK-HEAD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-11-19 09:40:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-363647782-2280047221-3034038998-500 - Administrator - Disabled)
Guest (S-1-5-21-363647782-2280047221-3034038998-501 - Limited - Disabled)
KRAK-HEAD (S-1-5-21-363647782-2280047221-3034038998-1000 - Administrator - Enabled) => C:\Users\KRAK-HEAD
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
Gadwin PrintScreen (64-Bit) (HKLM\...\{9D41A5E9-499A-4B98-8F05-CAB1C879E046}) (Version: 5.8.5.0 - Gadwin Systems)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Movavi Video Editor 12 (HKLM-x32\...\Movavi Video Editor 12) (Version: 12.1.0 - Movavi)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SMPlayer 18.10.0 (x64) (HKLM\...\SMPlayer) (Version: 18.10.0 - Ricardo Villalba)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.18.0 - SRS Labs, Inc.)
Subtitle Edit 3.5.1 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.5.1.1 - Nikse)
Total Uninstall 6.26.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.26.0 - Gavrila Martau)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xilisoft 3D Video Converter (HKU\S-1-5-21-363647782-2280047221-3034038998-1000\...\Xilisoft 3D Video Converter) (Version: 1.1.0.20170209 - Xilisoft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043B3089-E85F-4BDA-8403-38F8C73C5AC7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-24] (Adobe Systems Incorporated)
Task: {6ADD0426-2C63-45C5-829B-DDE5027B164D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-27] (Piriform Ltd)
Task: {A9F91F83-6370-49F1-BA6B-737DBED66D6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {BA64886B-D4DC-4B3A-BA09-93618DCD8D85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-22] (AVAST Software)
Task: {C9654651-8AA3-49CD-89B6-62E0FED8FBBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {CAAC9BD3-549A-4215-9A04-C9CC69744FDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {D3A1E54D-3E72-4E0F-86A0-4CBA0DFAB968} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-27] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-11-02 13:58 - 2010-11-02 13:58 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-11-11 11:42 - 2010-11-11 11:42 - 000202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-11-11 11:44 - 2010-11-11 11:44 - 000156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-11-19 11:20 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2011-01-17 03:15 - 2010-12-16 09:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-14 12:28 - 2014-08-14 12:28 - 000100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-09-28 23:19 - 2018-11-27 20:46 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-29 16:10 - 2018-11-29 16:10 - 005793424 _____ () C:\Program Files\AVAST Software\Avast\defs\18112904\algo.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2010-11-11 11:38 - 2010-11-11 11:38 - 000161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-11-11 11:39 - 2010-11-11 11:39 - 000133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2018-11-22 03:25 - 2018-11-22 03:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2018-11-29 05:36 - 000000035 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KRAK-HEAD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1B5C7093-E49C-44B6-8185-910C2B443C75}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E0E18559-023B-47C6-8131-449F38CE7C0C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{DF9AB144-1CD5-4755-9342-44A0CF505CF1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64F38B5C-F0BA-4810-92A9-C90F46CABD3C}] => (Allow) LPort=2869
FirewallRules: [{94B5E4C8-0209-493A-95A3-A4B11700B8A1}] => (Allow) LPort=1900
FirewallRules: [{EEE068B0-B789-48CC-B8BC-96848D6E30CE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A068D29-985F-4C54-8E29-37AE1F767066}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{005D0EBE-F264-4A43-8EE3-001A575CB760}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2570A338-4911-4F3E-9FD2-4F4D08CDEB10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1588CB3E-9394-4949-9851-C3711F65807E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{14BDF287-D25C-460F-A040-BCF39C58ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DDE32AD9-05FE-4C9B-9A85-03F5415E7153}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{83181794-4C45-4AEC-8A45-4FDE6C9C0CEF}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{10DC1DFD-43E7-4D9E-BF03-B777BA593F91}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D69118BF-9F58-4848-8122-ADD8C6A2844E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5B83AE2A-8775-4217-8189-F29AEC3D1E66}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D3192FF2-111D-4B20-BB0A-C707249013DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6F1B6AB4-4293-4215-9DA1-B0E2AF9A029E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
26-11-2018 01:51:54 Odinstalovat s Total Uninstall "vlc"
27-11-2018 16:50:33 Instalační služba modulů systému Windows
27-11-2018 16:56:10 Odebráno: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
27-11-2018 16:56:29 Odebráno: Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
27-11-2018 17:16:55 Odinstalovat s Total Uninstall "Power2Go"
27-11-2018 17:25:28 Odinstalovat s Total Uninstall "Microsoft Silverlight / Windows Live Remote Service / Windows Live ID Sign-in Assistant"
27-11-2018 17:27:22 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:27:31 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:27:59 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:28:09 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:29:55 Odinstalovat s Total Uninstall "Intel(R) Rapid Storage Technology"
27-11-2018 17:31:04 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:31:18 Odebráno: Windows Live Mesh ActiveX Control for Remote Connections
27-11-2018 17:34:45 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:35:28 Odinstalovat s Total Uninstall "Windows Live Essentials / D3DX10 / Junk Mail filter update / Mesh Runtime / Microsoft Applicatio
27-11-2018 17:36:07 Windows Live Essentials
27-11-2018 17:36:23 WLSetup
29-11-2018 03:11:27 Odinstalovat s Total Uninstall "SUBTITLE EDITOR"
29-11-2018 04:14:19 Installed Gadwin PrintScreen (64-Bit)
29-11-2018 05:23:28 Installed Gadwin PrintScreen (64-Bit)
29-11-2018 05:24:15 Installed Gadwin PrintScreen (64-Bit)
29-11-2018 05:36:20 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Intel(R) WiFi Link 1000 BGN
Description: Intel(R) WiFi Link 1000 BGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2018 05:40:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
Error: (11/27/2018 05:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:36:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:31:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/27/2018 05:11:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.
System errors:
=============
Error: (11/29/2018 06:56:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/29/2018 06:49:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (11/29/2018 06:49:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/29/2018 05:36:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 29%
Total physical RAM: 8106.14 MB
Available physical RAM: 5706.35 MB
Total Virtual: 16210.46 MB
Available Virtual: 13864 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:654.69 GB) (Free:462.67 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.85 GB) NTFS
\\?\Volume{91c05cc6-23a0-11e4-873e-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 3CCC24D0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.7 GB) - (Type=12)
==================== End of Addition.txt ============================
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
Ano, to sa moze zmazat hocikedy. Kazdopadne polozky v karantene su uz neskodne a na konci by sme karantenu zmazali pri upratovani po pouzitych nastrojoch. Spusti este tento fixlist: Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: VirusTotal: C:\ProgramData\czchsjpj.srw VirusTotal: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin VirusTotal: C:\ProgramData\agent.1542852426.bdinstall.v2.bin File: C:\ProgramData\czchsjpj.srw File: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin File: C:\ProgramData\agent.1542852426.bdinstall.v2.bin HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
DĚKUJI A POSÍLÁM LOG--------------------------------------------------------------------------Fix result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by KRAK-HEAD (01-12-2018 02:46:27) Run:2
Running from C:\Users\KRAK-HEAD\Desktop
Loaded Profiles: KRAK-HEAD (Available Profiles: KRAK-HEAD)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
VirusTotal: C:\ProgramData\czchsjpj.srw
VirusTotal: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
VirusTotal: C:\ProgramData\agent.1542852426.bdinstall.v2.bin
File: C:\ProgramData\czchsjpj.srw
File: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
File: C:\ProgramData\agent.1542852426.bdinstall.v2.bin
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\ProgramData\czchsjpj.srw => (3) Error
VirusTotal: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin => (3) Error
VirusTotal: C:\ProgramData\agent.1542852426.bdinstall.v2.bin => (3) Error
========================= File: C:\ProgramData\czchsjpj.srw ========================
C:\ProgramData\czchsjpj.srw
File not signed
MD5: 273C64DE251AC5CE7B095E7414A93705
Creation and modification date: 2018-11-22 20:12 - 2018-11-22 20:12
Size: 000005051
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin ========================
C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
File not signed
MD5: 61AB55B79C635D9C776778B7C522AF90
Creation and modification date: 2018-11-22 03:20 - 2018-11-22 03:20
Size: 000123856
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\ProgramData\agent.1542852426.bdinstall.v2.bin ========================
C:\ProgramData\agent.1542852426.bdinstall.v2.bin
File not signed
MD5: 2D47196BBAF3D133D937177AA0F285D0
Creation and modification date: 2018-11-22 03:07 - 2018-11-22 03:07
Size: 000103892
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MBAMService => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13257302 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 11090 B
Edge => 0 B
Chrome => 141793 B
Firefox => 18029527 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
systemprofile32 => 692 B
LocalService => 66228 B
NetworkService => 0 B
KRAK-HEAD => 1515011 B
RecycleBin => 0 B
EmptyTemp: => 39.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 02:47:13 ====
Ran by KRAK-HEAD (01-12-2018 02:46:27) Run:2
Running from C:\Users\KRAK-HEAD\Desktop
Loaded Profiles: KRAK-HEAD (Available Profiles: KRAK-HEAD)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
VirusTotal: C:\ProgramData\czchsjpj.srw
VirusTotal: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
VirusTotal: C:\ProgramData\agent.1542852426.bdinstall.v2.bin
File: C:\ProgramData\czchsjpj.srw
File: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
File: C:\ProgramData\agent.1542852426.bdinstall.v2.bin
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\ProgramData\czchsjpj.srw => (3) Error
VirusTotal: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin => (3) Error
VirusTotal: C:\ProgramData\agent.1542852426.bdinstall.v2.bin => (3) Error
========================= File: C:\ProgramData\czchsjpj.srw ========================
C:\ProgramData\czchsjpj.srw
File not signed
MD5: 273C64DE251AC5CE7B095E7414A93705
Creation and modification date: 2018-11-22 20:12 - 2018-11-22 20:12
Size: 000005051
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin ========================
C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
File not signed
MD5: 61AB55B79C635D9C776778B7C522AF90
Creation and modification date: 2018-11-22 03:20 - 2018-11-22 03:20
Size: 000123856
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
========================= File: C:\ProgramData\agent.1542852426.bdinstall.v2.bin ========================
C:\ProgramData\agent.1542852426.bdinstall.v2.bin
File not signed
MD5: 2D47196BBAF3D133D937177AA0F285D0
Creation and modification date: 2018-11-22 03:07 - 2018-11-22 03:07
Size: 000103892
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MBAMService => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13257302 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 11090 B
Edge => 0 B
Chrome => 141793 B
Firefox => 18029527 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
systemprofile32 => 692 B
LocalService => 66228 B
NetworkService => 0 B
KRAK-HEAD => 1515011 B
RecycleBin => 0 B
EmptyTemp: => 39.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 02:47:13 ====
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
Vyzera to OK. Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV
ZDRAVÍM.RÁD BYCH TO S DÍKY UZAVREL-NO PRI TE INSTALACI UPDATU SE VYSKYTLY PROBLEMY,KTERE BYCH RAD POPSAL, JESTLI NEVITE, KDE BY MOHL BYT ZAKOPANY PES.181 UPDATU SE STAHOVALO 4 HODINY-WINDOWS MI BEHEM TOHO SILNE ZAMRZALY,CHVILI JSEM UZ MYSLEL NA TVRDY RESTART.NO V 98 PROCENTECH MI TO PRI PRIPOJENÍ SHODILO UPLNE WINDOWS,TAK TEDY PAK SEM JE ZAPNUL S HLASKOU, ZE WIN NEBYLY UKONCENY SPRAVNE A PRIHLASIL SE. LISTA WINDOWS UPDATE NASLEDNE HLASILA UPDATUJ A ZAHAJILA STAHOVANI JAKOBY ZAS OD ZACATKU-RIKAM TO NE-TAK JSEM TO CHTEL ZASTAVIT A WINDOWS ZCELA ZAMRZLY,POUZIL JSEM TEDY TVRDY RESTART, NACEZ VINDOWS MI SPUSTILI KONTROLU KONZISTENCE DISKU-DAL SEM OK. NASLEDNE NA LISTE UPDATU UZ BYLO INSTALOVAT AKTUALIZACE,COZ JSEM PROVEDL, PO INTALACI TECH UPDATU MI WINDOWS SPADLY ZNOVA,OPET HLASKA NEBYLO UKONCENO NORMALNE, NEKTERE AKTUALIZACE NEBYLO MOZNE NAINSTALOVAT- MELI TO BYT 3, NO ZA CHVILI BEZ PRIPOJENI K NETU UZ TO PSALO POTREBU 9 AKTUALIZACI. K NEKOLIKA Z NICH BYLO NUTNE OPETOVNE PRIPOJENI K NETU-PRESNE K OSMI MYSLIM-VSE JSEM DOINSTALOVAL, jinak vse funguje asi jak má- no z tohohle jsem se prisaham málem zbláznil.nechám stranou své domnenky a prosím vás moc o radu, nebo alespon zkusit jeden log, abych mohl v klidu usnout,nepovazuji to za standardni chování systému, moc dekuji..
Přispějete na provoz fóra?