nefunkcni winupdate

Zpráva

kuk · #1 Příspěvek od **kuk** » 30 kvě 2019 11:46

prosim o kontrolu, nefunkcni win update - nestahuji se a neinstaluji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Inst at 2019-05-30 12:42:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 164 GB (69%) free of 238 GB
Total RAM: 3499 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:45, on 30.5.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19375)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Inst\Desktop\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\Inst.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\74.0.3729.169\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\Windows\system32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe

--
End of file - 6367 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-18 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-18 194424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2019-04-01 645456]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-05-27 226184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Svátky a výročí"=C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe [2006-04-28 1019904]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2018-09-10 13797712]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-05-30 12:42:41 ----D---- C:\rsit
2019-05-30 12:42:41 ----D---- C:\Program Files\trend micro
2019-05-28 15:02:28 ----D---- C:\Windows\SoftwareDistribution
2019-05-28 14:55:01 ----D---- C:\Windows\system32\catroot2
2019-05-28 14:33:47 ----A---- C:\Windows\system32\aswBoot.exe
2019-05-28 12:52:03 ----D---- C:\Windows\CheckSur
2019-05-28 12:29:37 ----D---- C:\Windows\softwaredistribution.old
2019-05-28 12:05:41 ----N---- C:\bootsqm.dat
2019-05-27 14:49:41 ----A---- C:\Windows\system32\urlmon.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\occache.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-05-27 14:49:41 ----A---- C:\Windows\system32\msfeeds.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\jsproxy.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\jscript9diag.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\inseng.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\ieUnatt.exe
2019-05-27 14:49:41 ----A---- C:\Windows\system32\iernonce.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-05-27 14:49:41 ----A---- C:\Windows\system32\iedkcs32.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\ieapfltr.dll
2019-05-27 14:49:41 ----A---- C:\Windows\system32\ie4uinit.exe
2019-05-27 14:49:41 ----A---- C:\Windows\system32\dxtmsft.dll
2019-05-27 14:49:40 ----A---- C:\Windows\system32\wininet.dll
2019-05-27 14:49:40 ----A---- C:\Windows\system32\webcheck.dll
2019-05-27 14:49:40 ----A---- C:\Windows\system32\msrating.dll
2019-05-27 14:49:40 ----A---- C:\Windows\system32\iesetup.dll
2019-05-27 14:49:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-05-27 14:49:39 ----A---- C:\Windows\system32\ieui.dll
2019-05-27 14:49:39 ----A---- C:\Windows\system32\ieframe.dll
2019-05-27 14:49:39 ----A---- C:\Windows\system32\dxtrans.dll
2019-05-27 14:49:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-05-27 14:49:38 ----A---- C:\Windows\system32\mshtmled.dll
2019-05-27 14:49:38 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-05-27 14:49:38 ----A---- C:\Windows\system32\iertutil.dll
2019-05-27 14:49:37 ----A---- C:\Windows\system32\mshtml.dll
2019-05-27 14:49:37 ----A---- C:\Windows\system32\jscript9.dll
2019-05-27 14:49:36 ----A---- C:\Windows\system32\vbscript.dll
2019-05-27 14:49:36 ----A---- C:\Windows\system32\jscript.dll
2019-05-27 14:15:59 ----D---- C:\Users\Inst\AppData\Roaming\AVAST Software
2019-05-27 14:14:51 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2019-05-27 14:14:51 ----A---- C:\Windows\system32\drivers\aswStm.sys
2019-05-27 14:14:51 ----A---- C:\Windows\system32\drivers\aswSP.sys
2019-05-27 14:14:51 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2019-05-27 14:14:50 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2019-05-27 14:14:50 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2019-05-27 14:14:50 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2019-05-27 14:14:49 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2019-05-27 14:14:49 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2019-05-27 14:14:49 ----A---- C:\Windows\system32\drivers\aswbuniv.sys
2019-05-27 14:14:49 ----A---- C:\Windows\system32\drivers\aswbidsh.sys
2019-05-27 14:14:48 ----A---- C:\Windows\system32\drivers\aswbidsdriver.sys
2019-05-27 14:14:45 ----D---- C:\Program Files\Common Files\AVAST Software
2019-05-27 14:13:12 ----D---- C:\Program Files\AVAST Software
2019-05-27 14:09:53 ----D---- C:\ProgramData\AVAST Software
2019-05-27 14:00:38 ----A---- C:\Windows\system32\avgremoverx.exe

======List of files/folders modified in the last 1 month======

2019-05-30 12:42:41 ----RD---- C:\Program Files
2019-05-30 12:35:47 ----D---- C:\Windows\Temp
2019-05-30 12:35:34 ----D---- C:\Windows\system32\config
2019-05-30 12:32:48 ----A---- C:\Windows\system32\rpcnetp.exe
2019-05-30 12:32:46 ----A---- C:\Windows\system32\rpcnet.dll
2019-05-30 12:30:01 ----SHD---- C:\System Volume Information
2019-05-30 12:21:13 ----D---- C:\Windows\system32\drivers
2019-05-30 12:19:16 ----D---- C:\Windows\system32\LogFiles
2019-05-30 12:19:12 ----A---- C:\Windows\system32\rpcnetp.dll
2019-05-30 11:11:39 ----D---- C:\Windows\inf
2019-05-28 15:02:41 ----D---- C:\Windows
2019-05-28 14:55:01 ----D---- C:\Windows\System32
2019-05-28 14:34:13 ----D---- C:\Windows\system32\Tasks
2019-05-28 14:34:12 ----D---- C:\Windows\winsxs
2019-05-27 14:51:49 ----D---- C:\Windows\system32\en-US
2019-05-27 14:51:49 ----D---- C:\Windows\system32\cs-CZ
2019-05-27 14:51:49 ----D---- C:\Program Files\Internet Explorer
2019-05-27 14:41:25 ----D---- C:\Windows\system32\catroot2.old
2019-05-27 14:14:45 ----D---- C:\Program Files\Common Files
2019-05-27 14:09:53 ----HD---- C:\ProgramData
2019-05-27 14:06:55 ----D---- C:\Windows\Minidump
2019-05-27 14:06:55 ----D---- C:\Windows\debug
2019-05-27 14:02:29 ----D---- C:\Program Files\AVG
2019-05-27 14:02:28 ----D---- C:\Program Files\Common Files\AVG
2019-05-27 14:00:37 ----D---- C:\Windows\system32\DriverStore
2019-05-27 13:49:53 ----D---- C:\Windows\Prefetch
2019-05-24 23:03:21 ----D---- C:\Vlasta
2019-05-20 22:03:43 ----D---- C:\Users\Inst\AppData\Roaming\vlc
2019-05-15 21:48:10 ----D---- C:\Windows\Microsoft.NET
2019-05-15 21:46:38 ----RSD---- C:\Windows\assembly
2019-05-15 12:08:23 ----D---- C:\Windows\system32\MRT
2019-05-15 12:05:55 ----AC---- C:\Windows\system32\MRT.exe
2019-05-15 12:04:22 ----SHD---- C:\Windows\Installer
2019-05-15 12:03:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-05-14 14:08:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2019-05-14 14:08:28 ----D---- C:\Windows\system32\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-05-27 171520]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-05-27 56296]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-05-27 72800]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-05-30 312248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-05-27 173232]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-05-27 225608]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-05-27 40688]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-05-27 100984]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-05-27 783024]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-05-27 403680]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-05-27 139352]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-05-27 166848]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2016-11-02 34072]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2015-08-09 4124432]
R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2013-03-12 56432]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2014-12-10 584920]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2018-02-10 52928]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2012-12-27 614624]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2018-02-10 51904]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2018-02-10 52928]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2015-04-30 20256]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 128704]
S3 WINUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.SYS [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2018-03-26 47200]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-05-27 359864]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-09 300976]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 583680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-05-28 5584416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-09 107848]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
S2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2016-03-08 79568]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-05-14 335416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\74.0.3729.169\elevation_service.exe [2019-05-21 1055728]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-09 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-05-17 104960]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 637912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

#2 Příspěvek od **Conder** » 30 kvě 2019 12:40

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

kuk · #3 Příspěvek od **kuk** » 30 kvě 2019 12:45

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-30-2019
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 3
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKCU\Software\distromatic
Deleted HKLM\Software\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1477 octets] - [30/05/2019 13:43:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Conder** » 30 kvě 2019 16:25

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

kuk · #5 Příspěvek od **kuk** » 31 kvě 2019 07:14

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-05-2019
Ran by Inst (administrator) on INST-PC (LENOVO 10DR000YMC) (31-05-2019 08:13:10)
Running from C:\Users\Inst\Desktop
Loaded Profiles: Inst (Available Profiles: Inst)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [226184 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3326357192-1067385374-1587017670-1000\...\Run: [] => [X]
HKU\S-1-5-21-3326357192-1067385374-1587017670-1000\...\Run: [Svátky a výročí] => C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe [1019904 2006-04-28] (Igor Gottwald - OKsoftware) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-23] (Google LLC -> Google Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1ACC2217-01A3-438C-BD39-0D3227E0F552} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: {2690BB25-3988-453F-BFBC-A5EEB34B9E6D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {48B4AFAE-0F68-43FD-B3A7-3B3B25A8315E} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
Task: {57C237CC-7D7A-45EE-A099-CC7422D9AA78} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3326357192-1067385374-1587017670-1000
Task: {5C99810F-7494-460D-9D5B-44B41DEFCD15} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-10-09] (Google Inc -> Google Inc.)
Task: {5F4416FE-2FDC-4505-AA88-AC16128F0645} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2394504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {A3410F26-A767-4416-883C-D47A23726756} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
Task: {A902C7B7-938B-4832-B8BB-D8A65C134621} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {B2A35C03-2435-4549-8554-5027FEE295D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-10-09] (Google Inc -> Google Inc.)
Task: {C6135508-8440-4851-AAEA-F84A107CB777} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {D44B8BFA-E966-46D9-9515-5A725E153DE9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DF54564F-97E6-4142-92E5-76457D17E084} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1951312 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.11.224.1 217.11.224.2 8.8.8.8
Tcpip\..\Interfaces\{3C85A73A-B71F-40E0-9807-897C768AC975}: [DhcpNameServer] 217.11.224.1 217.11.224.2 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3326357192-1067385374-1587017670-1000 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default [2019-05-31]
CHR Extension: (Prezentace) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-04]
CHR Extension: (Dokumenty) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-04]
CHR Extension: (Disk Google) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-24]
CHR Extension: (YouTube) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-09]
CHR Extension: (Vyhledávání Google) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-09]
CHR Extension: (Adobe Acrobat) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-08]
CHR Extension: (Tabulky) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Inst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Profile: C:\Users\Inst\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-27]
CHR HKU\S-1-5-21-3326357192-1067385374-1587017670-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5584416 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [359864 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [288688 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [300976 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [583680 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [637912 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S2 rpcnet; C:\Windows\system32\rpcnet.exe [79568 2016-03-08] (Absolute Software Corp. -> Absolute Software Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [173232 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225608 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171520 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56296 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139352 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403680 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [166848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312248 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 ICCWDT; C:\Windows\System32\DRIVERS\ICCWDT.sys [34072 2016-11-02] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-03-12] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-09-28] () [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [20256 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (NGO -> MBB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-31 08:13 - 2019-05-31 08:13 - 000016244 _____ C:\Users\Inst\Desktop\FRST.txt
2019-05-31 08:12 - 2019-05-31 08:13 - 000000000 ____D C:\FRST
2019-05-31 08:09 - 2019-05-31 08:09 - 001794560 _____ (Farbar) C:\Users\Inst\Desktop\FRST.exe
2019-05-30 13:42 - 2019-05-30 13:42 - 007025360 _____ (Malwarebytes) C:\Users\Inst\Desktop\adwcleaner_7.3.exe
2019-05-30 12:42 - 2019-05-30 12:42 - 001107968 _____ C:\Users\Inst\Desktop\RSIT.exe
2019-05-30 12:42 - 2019-05-30 12:42 - 000000000 ____D C:\rsit
2019-05-30 12:42 - 2019-05-30 12:42 - 000000000 ____D C:\Program Files\trend micro
2019-05-28 14:33 - 2019-05-27 14:18 - 000311176 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-28 12:52 - 2019-05-28 12:52 - 000000000 ____D C:\Windows\CheckSur
2019-05-28 12:29 - 2019-05-28 13:20 - 000000000 ____D C:\Windows\softwaredistribution.old
2019-05-27 14:49 - 2019-05-18 03:27 - 000348984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-05-27 14:49 - 2019-05-17 06:17 - 020279296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-27 14:49 - 2019-05-17 06:11 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-05-27 14:49 - 2019-05-17 06:11 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-05-27 14:49 - 2019-05-17 06:00 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-27 14:49 - 2019-05-17 06:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-05-27 14:49 - 2019-05-17 05:59 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-05-27 14:49 - 2019-05-17 05:59 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-05-27 14:49 - 2019-05-17 05:58 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-05-27 14:49 - 2019-05-17 05:56 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-27 14:49 - 2019-05-17 05:53 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-05-27 14:49 - 2019-05-17 05:53 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-05-27 14:49 - 2019-05-17 05:51 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-05-27 14:49 - 2019-05-17 05:50 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-27 14:49 - 2019-05-17 05:50 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-05-27 14:49 - 2019-05-17 05:50 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-05-27 14:49 - 2019-05-17 05:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-05-27 14:49 - 2019-05-17 05:44 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-05-27 14:49 - 2019-05-17 05:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-05-27 14:49 - 2019-05-17 05:37 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-05-27 14:49 - 2019-05-17 05:37 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-05-27 14:49 - 2019-05-17 05:36 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-05-27 14:49 - 2019-05-17 05:34 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-05-27 14:49 - 2019-05-17 05:33 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-05-27 14:49 - 2019-05-17 05:32 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-05-27 14:49 - 2019-05-17 05:31 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-05-27 14:49 - 2019-05-17 05:28 - 004493312 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-27 14:49 - 2019-05-17 05:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-05-27 14:49 - 2019-05-17 05:24 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-05-27 14:49 - 2019-05-17 05:23 - 013682176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-27 14:49 - 2019-05-17 05:23 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-05-27 14:49 - 2019-05-17 05:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-05-27 14:49 - 2019-05-17 05:23 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-05-27 14:49 - 2019-05-17 05:05 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-27 14:49 - 2019-05-17 05:01 - 001323008 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-27 14:49 - 2019-05-17 05:00 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-05-27 14:15 - 2019-05-28 14:34 - 000002003 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2019-05-27 14:15 - 2019-05-27 14:15 - 000000000 ____D C:\Users\Inst\AppData\Roaming\AVAST Software
2019-05-27 14:15 - 2019-05-27 14:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-05-27 14:14 - 2019-05-30 12:21 - 000312248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-27 14:14 - 2019-05-27 14:19 - 000403680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-27 14:14 - 2019-05-27 14:19 - 000166848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-05-27 14:14 - 2019-05-27 14:19 - 000139352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-27 14:14 - 2019-05-27 14:19 - 000100984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-27 14:14 - 2019-05-27 14:19 - 000072800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-27 14:14 - 2019-05-27 14:19 - 000040688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-27 14:14 - 2019-05-27 14:18 - 000783024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-27 14:14 - 2019-05-27 14:18 - 000225608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-27 14:14 - 2019-05-27 14:18 - 000173232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-27 14:14 - 2019-05-27 14:18 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-27 14:14 - 2019-05-27 14:18 - 000056296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-27 14:14 - 2019-05-27 14:14 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-05-27 14:13 - 2019-05-27 14:13 - 000000000 ____D C:\Program Files\AVAST Software
2019-05-27 14:09 - 2019-05-27 14:14 - 000000000 ____D C:\ProgramData\AVAST Software
2019-05-27 14:00 - 2019-05-27 14:00 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgremoverx.exe
2019-05-27 13:52 - 2019-05-27 13:52 - 000000020 _____ C:\Users\Inst\Desktop\avast.txt
2019-05-27 13:51 - 2019-05-27 13:56 - 350799536 _____ (AVAST Software) C:\Users\Inst\Desktop\avast_pro_antivirus_setup.exe
2019-05-27 13:51 - 2019-05-27 13:52 - 000001832 _____ C:\Users\Inst\Desktop\licence.avastlic
2019-05-27 13:49 - 2019-05-27 13:49 - 012356568 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Inst\Desktop\avgclear.exe
2019-05-23 00:01 - 2019-05-23 00:01 - 000001865 _____ C:\Users\Inst\Desktop\003-1981 kresl, springel, soukup – zástupce.lnk
2019-05-18 23:28 - 2019-05-18 23:28 - 001573687 _____ C:\Users\Inst\Desktop\Návod k použití CZ.pdf
2019-05-09 22:27 - 2019-05-09 22:27 - 000000060 _____ C:\Users\Inst\Desktop\A+B déčko.url
2019-05-09 22:12 - 2019-05-09 22:12 - 000001531 _____ C:\Users\Inst\Desktop\2019 navrh zmeny stanov (per rollam) – zástupce.lnk
2019-05-07 17:32 - 2019-05-07 17:32 - 000000056 _____ C:\Users\Inst\Desktop\A+B pohádky.url

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-31 03:23 - 2009-07-14 06:34 - 000020464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-31 03:23 - 2009-07-14 06:34 - 000020464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-30 13:44 - 2016-03-08 15:08 - 000079568 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2019-05-30 13:44 - 2016-03-08 14:49 - 000017408 _____ C:\Windows\system32\rpcnetp.exe
2019-05-30 13:44 - 2015-10-09 03:26 - 000000000 __SHD C:\Users\Inst\IntelGraphicsProfiles
2019-05-30 13:44 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-30 13:43 - 2015-11-11 11:25 - 000000000 ____D C:\AdwCleaner
2019-05-30 13:34 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2019-05-30 12:19 - 2016-03-08 14:50 - 000017408 _____ C:\Windows\system32\rpcnetp.dll
2019-05-30 11:11 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-05-28 15:03 - 2016-08-23 22:21 - 000000000 ____D C:\Users\Inst\AppData\Local\ElevatedDiagnostics
2019-05-28 10:08 - 2018-01-19 00:12 - 000000000 _____ C:\Windows\system32\last.dump
2019-05-27 14:41 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\catroot2.old
2019-05-27 14:06 - 2016-03-09 00:05 - 000000000 ____D C:\Windows\Minidump
2019-05-27 14:06 - 2015-11-11 14:08 - 000000000 ____D C:\Users\Inst\AppData\Local\CrashDumps
2019-05-27 14:02 - 2018-01-23 14:44 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-05-27 14:02 - 2015-10-12 11:04 - 000000000 ____D C:\Program Files\AVG
2019-05-27 14:02 - 2015-10-12 11:03 - 000000000 ____D C:\Users\Inst\AppData\Local\Avg
2019-05-24 23:03 - 2015-10-12 10:07 - 000000000 ____D C:\Vlasta
2019-05-23 11:59 - 2015-10-09 16:42 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-20 22:03 - 2015-10-09 16:45 - 000000000 ____D C:\Users\Inst\AppData\Roaming\vlc
2019-05-16 09:54 - 2009-07-14 06:53 - 000032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-05-15 12:08 - 2015-10-08 15:14 - 000000000 ____D C:\Windows\system32\MRT
2019-05-15 12:05 - 2015-10-08 15:14 - 129361720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-15 12:03 - 2011-04-12 03:37 - 000689978 _____ C:\Windows\system32\perfh005.dat
2019-05-15 12:03 - 2011-04-12 03:37 - 000150694 _____ C:\Windows\system32\perfc005.dat
2019-05-15 12:03 - 2010-11-20 23:01 - 001603596 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-15 11:19 - 2015-11-10 12:45 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-14 14:08 - 2015-10-09 16:41 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-05-14 14:08 - 2015-10-09 16:41 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-05-14 14:08 - 2015-10-09 16:41 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-05 11:53 - 2019-01-04 20:36 - 002186437 _____ C:\Users\Inst\Desktop\O2.pdf

==================== Files in the root of some directories =======

2018-04-03 23:31 - 2018-04-03 23:31 - 000000000 ____H () C:\Users\Inst\AppData\Local\BITCCB0.tmp
2015-12-26 17:47 - 2015-12-26 17:48 - 000003584 _____ () C:\Users\Inst\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-26 17:49 - 2015-12-26 17:49 - 000000092 _____ () C:\Users\Inst\AppData\Local\fusioncache.dat
2016-02-21 16:48 - 2016-02-21 16:48 - 000000017 _____ () C:\Users\Inst\AppData\Local\resmon.resmoncfg
2018-04-03 23:31 - 2018-04-03 23:31 - 000000000 _____ () C:\Users\Inst\AppData\Local\{C3515BBD-CF5A-4713-B294-57B1DBC1C6D0}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-05-24 20:15
==================== End of FRST.txt ============================

kuk · #6 Příspěvek od **kuk** » 31 kvě 2019 07:15

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-05-2019
Ran by Inst (31-05-2019 08:13:28)
Running from C:\Users\Inst\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2015-10-08 11:06:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3326357192-1067385374-1587017670-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3326357192-1067385374-1587017670-1004 - Limited - Enabled)
Guest (S-1-5-21-3326357192-1067385374-1587017670-501 - Limited - Disabled)
Inst (S-1-5-21-3326357192-1067385374-1587017670-1000 - Administrator - Enabled) => C:\Users\Inst

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

123 Free Solitaire (HKLM\...\123 Free Solitaire) (Version: - )
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Anti-Twin (Installation 12.10.2015) (HKLM\...\Anti-Twin 2015-10-12 14.25.00) (Version: - Joerg Rosenthal, Germany)
Avast Pro Antivirus (HKLM\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Centrum zařízení Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Java 8 Update 211 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.67.1226.2012 - Realtek)
SolSuite (HKLM\...\SolSuite) (Version: SolSuite 2005 - TreeCardGames.com)
Sudoku 1.17 (HKLM\...\Sudoku_is1) (Version: 1.17 - Sudoku)
Svátky a výročí (HKLM\...\{CB28705C-ED60-499A-90DE-E8BC41F75B65}) (Version: 2.09.0115 - Igor Gottwald - OKsoftware)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Uninstall Magic Solitaire (HKLM\...\{DD7894BC-3E28-4F58-A67C-D2000C989D77}_is1) (Version: 1.0.000 - Play sp. z o.o.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Zoner Photo Studio 13 (HKLM\...\ZonerPhotoStudio13_CZ_is1) (Version: 13.0.1.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3326357192-1067385374-1587017670-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3326357192-1067385374-1587017670-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 13\Program32\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1_S-1-5-21-3326357192-1067385374-1587017670-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 13\Program32\SHELLEXT.DLL [2011-06-08] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers2_S-1-5-21-3326357192-1067385374-1587017670-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 13\Program32\SHELLEXT.DLL [2011-06-08] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers4_S-1-5-21-3326357192-1067385374-1587017670-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 13\Program32\SHELLEXT.DLL [2011-06-08] (ZONER software, a.s. -> ZONER software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2017-04-26 20:50 - 2016-10-04 17:12 - 000049664 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-02-13 12:41 - 2013-02-13 12:41 - 000583680 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2003-02-20 20:19 - 2003-02-20 20:19 - 000253952 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
2003-02-21 05:42 - 2003-02-21 05:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3326357192-1067385374-1587017670-1000\...\amazon.com -> hxxps://amazon.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2018-12-03 18:52 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3326357192-1067385374-1587017670-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Inst\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 217.11.224.1 - 217.11.224.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2148CB6B-4C2E-43E0-A755-B93DB2D9A966}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{18FDA8FC-167C-49E7-951C-6FA83586B7E9}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{95D0AAF1-85F3-43F5-AC5A-04E106697434}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D04B0FE2-FACA-48FD-8451-9894F18D5FBF}] => (Allow) LPort=26675
FirewallRules: [{2E6F9761-551C-403D-B7A5-1D5D42FD26E2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{282A8A7A-693D-4B2F-AEEC-9005E8CE0B04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C25F37B6-9051-427D-A575-54AE4BA9B782}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

30-05-2019 12:20:21 Windows Update
30-05-2019 12:29:59 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/30/2019 01:44:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/30/2019 12:48:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSIT.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1518

Čas spuštění: 01d516d466e8369d

Čas ukončení: 15

Cesta k aplikaci: C:\Users\Inst\Desktop\RSIT.exe

ID hlášení:

Error: (05/30/2019 12:32:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/30/2019 12:19:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/30/2019 12:04:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/30/2019 12:03:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/30/2019 12:02:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/30/2019 11:19:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============
Error: (05/30/2019 01:43:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (05/30/2019 01:43:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WMI Performance Adapter byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (05/30/2019 01:43:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/30/2019 01:43:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (05/30/2019 01:43:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/30/2019 01:43:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/30/2019 01:43:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Stavová služba ASP.NET byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/30/2019 01:43:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

CodeIntegrity:
===================================

Date: 2018-02-03 23:48:16.140
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sfc_os.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: LENOVO FCKT57AUS 07/10/2014
Motherboard: LENOVO
Processor: Intel(R) Core(TM) i3-4150 CPU @ 3.50GHz
Percentage of memory in use: 66%
Total physical RAM: 3499.05 MB
Available physical RAM: 1176.56 MB
Total Virtual: 6996.46 MB
Available Virtual: 4744.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:160.93 GB) NTFS

\\?\Volume{d4e806af-6ddd-11e5-b571-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 13EFF905)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#7 Příspěvek od **Conder** » 31 kvě 2019 18:53

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv

HKU\S-1-5-21-3326357192-1067385374-1587017670-1000\...\Run: [] => [X]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1ACC2217-01A3-438C-BD39-0D3227E0F552} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: {48B4AFAE-0F68-43FD-B3A7-3B3B25A8315E} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
SearchScopes: HKU\S-1-5-21-3326357192-1067385374-1587017670-1000 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = 
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
2019-05-30 12:42 - 2019-05-30 12:42 - 001107968 _____ C:\Users\Inst\Desktop\RSIT.exe
2019-05-30 12:42 - 2019-05-30 12:42 - 000000000 ____D C:\rsit
2019-05-30 12:42 - 2019-05-30 12:42 - 000000000 ____D C:\Program Files\trend micro
2019-05-28 12:29 - 2019-05-28 13:20 - 000000000 ____D C:\Windows\softwaredistribution.old
2019-05-27 14:02 - 2018-01-23 14:44 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-05-27 14:02 - 2015-10-12 11:04 - 000000000 ____D C:\Program Files\AVG
2019-05-27 14:02 - 2015-10-12 11:03 - 000000000 ____D C:\Users\Inst\AppData\Local\Avg
2018-04-03 23:31 - 2018-04-03 23:31 - 000000000 ____H () C:\Users\Inst\AppData\Local\BITCCB0.tmp
2015-12-26 17:49 - 2015-12-26 17:49 - 000000092 _____ () C:\Users\Inst\AppData\Local\fusioncache.dat
2018-04-03 23:31 - 2018-04-03 23:31 - 000000000 _____ () C:\Users\Inst\AppData\Local\{C3515BBD-CF5A-4713-B294-57B1DBC1C6D0}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

kuk · #8 Příspěvek od **kuk** » 03 čer 2019 07:27

Fix result of Farbar Recovery Scan Tool (x86) Version: 01-06-2019
Ran by Inst (03-06-2019 08:23:19) Run:1
Running from C:\Users\Inst\Desktop
Loaded Profiles: Inst (Available Profiles: Inst)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv

HKU\S-1-5-21-3326357192-1067385374-1587017670-1000\...\Run: [] => [X]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1ACC2217-01A3-438C-BD39-0D3227E0F552} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: {48B4AFAE-0F68-43FD-B3A7-3B3B25A8315E} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
SearchScopes: HKU\S-1-5-21-3326357192-1067385374-1587017670-1000 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
2019-05-30 12:42 - 2019-05-30 12:42 - 001107968 _____ C:\Users\Inst\Desktop\RSIT.exe
2019-05-30 12:42 - 2019-05-30 12:42 - 000000000 ____D C:\rsit
2019-05-30 12:42 - 2019-05-30 12:42 - 000000000 ____D C:\Program Files\trend micro
2019-05-28 12:29 - 2019-05-28 13:20 - 000000000 ____D C:\Windows\softwaredistribution.old
2019-05-27 14:02 - 2018-01-23 14:44 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-05-27 14:02 - 2015-10-12 11:04 - 000000000 ____D C:\Program Files\AVG
2019-05-27 14:02 - 2015-10-12 11:03 - 000000000 ____D C:\Users\Inst\AppData\Local\Avg
2018-04-03 23:31 - 2018-04-03 23:31 - 000000000 ____H () C:\Users\Inst\AppData\Local\BITCCB0.tmp
2015-12-26 17:49 - 2015-12-26 17:49 - 000000092 _____ () C:\Users\Inst\AppData\Local\fusioncache.dat
2018-04-03 23:31 - 2018-04-03 23:31 - 000000000 _____ () C:\Users\Inst\AppData\Local\{C3515BBD-CF5A-4713-B294-57B1DBC1C6D0}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 42
Average :
Sum : 386707558
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox]
[HKLM\SOFTWARE\Policies\Mozilla\Firefox\Certificates]
"ImportEnterpriseRoots"="1"

=== End of ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]
"PreshutdownTimeout"="57600000"
"DisplayName"="Windows Update"
"ImagePath"="%systemroot%\system32\svchost.exe -k netsvcs"
"Description"="Umožňuje zjišťovat, stahovat a instalovat aktualizace systému Windows a dalších programů. Pokud je tato služba zakázána, uživatelé tohoto počítače nebudou moci používat web Windows Update ani funkci a (the data entry has 110 more characters)."
"ObjectName"="LocalSystem"
"ErrorControl"="1"
"Start"="2"
"DelayedAutoStart"="1"
"Type"="32"
"DependOnService"="rpcss"
"ServiceSidType"="1"
"RequiredPrivileges"="SeAuditPrivilege*SeCreateGlobalPrivilege*SeCreatePageFilePrivilege*SeTcbPrivilege*SeAssignPrimaryTokenPrivilege*SeImpersonatePrivilege*SeIncreaseQuotaPrivilege"
"FailureActions"="80510100000000000000000003000000140000000100000060ea000000000000000000000000000000000000"
[HKLM\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters]
"ServiceDll"="C:\Windows\system32\wuaueng.dll"
"ServiceMain"="WUServiceMain"
"ServiceDllUnloadOnStop"="1"
[HKLM\SYSTEM\CurrentControlSet\Services\wuauserv\Security]
"Security"="010014807800000084000000140000003000000002001c000100000002801400ff000f000101000000000001000000000200480003000000000014009d00020001010000000000050b00000000001800ff010f0001020000000000052000000020020000 (the data entry has 88 more characters)."

=== End of ExportKey ===
"HKU\S-1-5-21-3326357192-1067385374-1587017670-1000\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1ACC2217-01A3-438C-BD39-0D3227E0F552}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1ACC2217-01A3-438C-BD39-0D3227E0F552}" => removed successfully.
C:\Windows\System32\Tasks\Antivirus Emergency Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Antivirus Emergency Update" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{48B4AFAE-0F68-43FD-B3A7-3B3B25A8315E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48B4AFAE-0F68-43FD-B3A7-3B3B25A8315E}" => removed successfully.
C:\Windows\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully.
"HKU\S-1-5-21-3326357192-1067385374-1587017670-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"Chrome StartupUrls" => removed successfully.
"Chrome DefaultSearchURL" => removed successfully.
"Chrome DefaultSearchKeyword" => removed successfully.
"Chrome DefaultSuggestURL" => removed successfully.
C:\Users\Inst\Desktop\RSIT.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Windows\softwaredistribution.old => moved successfully
C:\Program Files\Common Files\AVG => moved successfully
C:\Program Files\AVG => moved successfully
C:\Users\Inst\AppData\Local\Avg => moved successfully
C:\Users\Inst\AppData\Local\BITCCB0.tmp => moved successfully
C:\Users\Inst\AppData\Local\fusioncache.dat => moved successfully
C:\Users\Inst\AppData\Local\{C3515BBD-CF5A-4713-B294-57B1DBC1C6D0} => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23664145 B
Java, Flash, Steam htmlcache => 1316 B
Windows/system/drivers => 2160 B
Edge => 0 B
Chrome => 177330501 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 166213 B
LocalService => 0 B
NetworkService => 72068 B
Inst => 34770245 B

RecycleBin => 2476 B
EmptyTemp: => 233.1 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 08:23:33 ====

#9 Příspěvek od **Conder** » 03 čer 2019 20:05

Spusti kontrolu integrity systemovych suborov:

Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
Skopiruj a spusti prikaz:
Kód: Vybrat vše
```
sfc /scannow
```

Po dokonceni skopiruj a spusti tento prikaz:

Kód: Vybrat vše

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"

Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
Restartuj PC a napis ako sa chova PC

Potom otestuj aj ci funguje Windows Update

kuk · #10 Příspěvek od **kuk** » 04 čer 2019 07:49

bohuzel update stale nejede, kod chyby je 80073712

#11 Příspěvek od **Conder** » 04 čer 2019 22:07

Sken sfc nasiel niektore poskodene subory, ale nedokazal ich opravit. Skusime SFCFix.

Stiahni SFCFix: https://www.sysnative.com/niemiro/apps/SFCFix.exe

Uloz idealne na plochu a spusti ako spravca
Stlac 3-krat lubovolnu klavesu pre pokracovanie
Na vyzvu napis "y" (ypsilon bez uvodzoviek) a stlac enter
Pockaj na dokoncenie (moze trvat aj vyse polhodiny)
Po dokonceni by sa mal otvorit log, jeho obsah vloz do dalsej odpovede

kuk · #12 Příspěvek od **kuk** » 05 čer 2019 08:02

SFCFix version 3.0.1.0 by niemiro.
Start time: 2019-06-05 09:00:29.073
Microsoft Windows 7 Service Pack 1 - x86
Not using a script file.

AutoAnalysis::
WARNING: Manifest damage on component "x86_microsoft-windows-capi2-certs_31bf3856ad364e35_6.1.7601.23471_none_c4dbb02c0bb8e6fb". See CBS logfile for more details.

CORRUPT: C:\Windows\winsxs\x86_microsoft-windows-mulanttsvoiceenudsk_31bf3856ad364e35_6.1.7600.16385_none_0f51daf70520cd99\M1033DSK.CSD
CORRUPT: C:\Windows\winsxs\x86_microsoft-windows-o..calmediadisc-wizard_31bf3856ad364e35_6.1.7601.23656_none_1cf352debf637aa8\DVDMaker.exe

SUMMARY: Some corruptions could not be fixed automatically. Seek advice from helper or sysnative.com.
CBS & SFC total detected corruption count: 9
CBS & SFC total unimportant corruption count: 0
CBS & SFC total fixed corruption count: 0
SURT total detected corruption count: 7
SURT total unimportant corruption count: 0
SURT total fixed corruption count: 0
AutoAnalysis:: directive completed successfully.

Successfully processed all directives.

Failed to generate a complete zip file. Upload aborted.

SFCFix version 3.0.1.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2019-06-05 09:02:21.371
----------------------EOF-----------------------

#13 Příspěvek od **Conder** » 05 čer 2019 15:49

Stiahni a nainstaluj tento balik (: https://www.microsoft.com/en-us/downloa ... px?id=3132 (na vybere jazyka nezalezi)

Nasledne spusti znovu SFCFix podla predchadzajuceho postupu a posli novy log

kuk · #14 Příspěvek od **kuk** » 06 čer 2019 07:41

SFCFix version 3.0.1.0 by niemiro.
Start time: 2019-06-06 08:40:46.506
Microsoft Windows 7 Service Pack 1 - x86
Not using a script file.

AutoAnalysis::
WARNING: Manifest damage on component "x86_microsoft-windows-capi2-certs_31bf3856ad364e35_6.1.7601.23471_none_c4dbb02c0bb8e6fb". See CBS logfile for more details.

SUMMARY: Some corruptions could not be fixed automatically. Seek advice from helper or sysnative.com.
CBS & SFC total detected corruption count: 4
CBS & SFC total unimportant corruption count: 0
CBS & SFC total fixed corruption count: 0
SURT total detected corruption count: 11
SURT total unimportant corruption count: 0
SURT total fixed corruption count: 0
AutoAnalysis:: directive completed successfully.

Successfully processed all directives.
SFCFix version 3.0.1.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2019-06-06 08:41:18.682
----------------------EOF-----------------------

#15 Příspěvek od **Conder** » 08 čer 2019 16:31

Pardon za zdrzanie.

PC vyzera cisty co sa tyka malware. Zda sa, ze problem s Windows Update je sposobeny tym, ze su poskodene niektore systemove subory, ktore nedokaze opravit ani samotny Windows pomcou SFC ani program SFCFix v ramci automatickeho skenu.

Ak vies anglicky (aspon zaklady), odporucam sa obratit na forum vyvojara SFCFix: https://www.sysnative.com/forums/, kde by ti mohli pomoct vyriesit tento problem. Postupuj este raz podla tychto instrukcii: https://www.sysnative.com/forums/thread ... ions.4736/

Ak nevies anglicky alebo by bol s niecim problem, tak sa mi ozvi na e-mail (dole v podpise) a nasmerujem ta.

VIRY.CZ

nefunkcni winupdate

nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate

Re: nefunkcni winupdate