Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku NB pomalý.

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
jansams
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 17 úno 2008 20:46

Prosím o preventivku NB pomalý.

#1 Příspěvek od jansams »

Ahoj,
prosím o preventivku. NB je hrozně pomalý a McAfee hlásí objekty v karanténě a potom restart, ale po restartu v karanténě nic není.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017
Ran by user (administrator) on USER-PC (29-06-2017 20:19:31)
Running from C:\Users\user\Desktop
Loaded Profiles: UpdatusUser & user (Available Profiles: UpdatusUser & user)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
() C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tray\ColorMunki Photo Tray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\Zps.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.8269.57841.0_x64__8wekyb3d8bbwe\onenoteim.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(forum.viry.cz) C:\Users\user\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
HKU\S-1-5-21-3194618662-1336689739-1579282525-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\MountPoints2: {b11c2f80-5c42-11e7-bf61-7c0507f7de4b} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\MountPoints2: {b11c2ff1-5c42-11e7-bf61-7c0507f7de4b} - "D:\HiSuiteDownLoader.exe"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileSyncShell64.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileSyncShell64.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileSyncShell64.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll [2017-06-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunki Gamma.lnk [2017-05-20]
ShortcutTarget: ColorMunki Gamma.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Photo\Gamma\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunkiPhotoTray.exe.lnk [2017-05-20]
ShortcutTarget: ColorMunkiPhotoTray.exe.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tray\ColorMunki Photo Tray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-06-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5b68938d-4cd4-4657-a692-36223eba29eb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{73736862-ff7f-4685-9cbc-44e4b341dbaf}: [DhcpNameServer] 192.168.11.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-3194618662-1336689739-1579282525-1002 -> DefaultScope {807C431E-5DFC-442F-9B41-234DEE63A93B} URL =
SearchScopes: HKU\S-1-5-21-3194618662-1336689739-1579282525-1002 -> {807C431E-5DFC-442F-9B41-234DEE63A93B} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (Intel Security)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll => No File
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL => No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2013-11-25] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (Intel Security)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (Intel Security)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2017-05-31] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-05-31] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
FF Extension: (RelevantKnowledge) - C:\Program Files (x86)\RelevantKnowledge\firefox [2017-06-12] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-06-29]
CHR Extension: (RelevantKnowledge) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2017-03-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [2017-03-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0250411498749813mcinstcleanup; C:\WINDOWS\TEMP\025041~1.EXE [1031928 2017-05-31] (McAfee, Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188256 2017-05-16] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.569\McCHSvc.exe [404376 2017-05-25] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.)
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [204704 2017-03-13] (TMRG, Inc.) <==== ATTENTION
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-05-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-05-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-05-26] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2015-09-18] (X-Rite Inc.)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.)
S3 colormunki; C:\WINDOWS\System32\Drivers\colormunki_x64.sys [51600 2007-10-02] (Thesycon GmbH, Germany)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.)
U3 mfencbdc01; no ImagePath
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_7b6a26f0085e5f11\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 PdiPorts; C:\WINDOWS\System32\drivers\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-29 20:19 - 2017-06-29 20:20 - 00027237 _____ C:\Users\user\Desktop\FRST.txt
2017-06-29 20:19 - 2017-06-29 20:19 - 00000000 ____D C:\FRST
2017-06-29 20:14 - 2017-06-29 20:07 - 02440704 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2017-06-29 20:14 - 2017-06-29 20:07 - 00112640 _____ (forum.viry.cz) C:\Users\user\Desktop\FRSTLauncher.exe
2017-06-29 19:59 - 2017-06-29 20:00 - 02440704 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2017-06-29 18:03 - 2017-06-29 19:03 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-06-28 16:18 - 2017-06-28 16:18 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign88766e9f11028846
2017-06-28 14:11 - 2017-06-28 14:11 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf4402f80020d63f8
2017-06-28 06:10 - 2017-06-28 06:10 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignea8a21e55bdb8454
2017-06-28 06:10 - 2017-06-28 06:10 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign0f7803a702f339d3
2017-06-27 08:50 - 2017-06-27 08:50 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigneb35c48a1dcf150f
2017-06-27 08:50 - 2017-06-27 08:50 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign7e0e53e5534ddc7c
2017-06-27 08:50 - 2017-06-27 08:50 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign189f8a4585f5bf7e
2017-06-26 20:55 - 2017-06-26 20:55 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign8fc115b111b4651f
2017-06-26 20:54 - 2017-06-26 20:54 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf0395136273066d8
2017-06-26 20:54 - 2017-06-26 20:54 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign2d762a9bf40f5273
2017-06-25 15:13 - 2017-06-25 15:13 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigne4fdafe162d610b6
2017-06-25 15:11 - 2017-06-25 15:11 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf55b90a92beb15ef
2017-06-25 15:11 - 2017-06-25 15:11 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigne6923141a9ddbaeb
2017-06-25 12:10 - 2017-06-25 12:10 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign262ff69fdbb40df7
2017-06-25 12:08 - 2017-06-25 12:08 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncdcb4a0d1ce0870b
2017-06-25 12:08 - 2017-06-25 12:08 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign4ed7e6d4c109ae03
2017-06-22 23:22 - 2017-06-22 23:22 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign42a3b013958f32e4
2017-06-22 23:15 - 2017-06-22 23:15 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign67327c14aefce31e
2017-06-22 23:15 - 2017-06-22 23:15 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign4efce7bae1285a05
2017-06-22 12:24 - 2017-06-22 12:24 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign688a09d7e6e8fb1e
2017-06-22 12:05 - 2017-06-22 12:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignb13930db03d9add8
2017-06-22 12:05 - 2017-06-22 12:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign0cfe59e39d3937fb
2017-06-22 11:21 - 2017-06-22 11:21 - 00002437 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-21 19:54 - 2017-06-21 19:54 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignea2d462f6cd3717d
2017-06-21 18:59 - 2017-06-21 18:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign80d40d678e83dc95
2017-06-21 18:59 - 2017-06-21 18:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign2a36d153f9dcae0a
2017-06-20 20:36 - 2017-06-20 20:36 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignec2e959c967adae3
2017-06-20 20:22 - 2017-06-20 20:22 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignefea6e8db4d74a16
2017-06-20 20:22 - 2017-06-20 20:22 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign682ac021fb80ae9a
2017-06-18 17:06 - 2017-06-18 17:06 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign18978258006ce560
2017-06-18 17:04 - 2017-06-18 17:04 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignb0cc6adc9ac1f9ed
2017-06-18 17:04 - 2017-06-18 17:04 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign80dd856b426af848
2017-06-15 20:39 - 2017-06-15 20:39 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigne17db4e0b1a78a4e
2017-06-15 20:36 - 2017-06-15 20:36 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign24e0932425420a7a
2017-06-15 20:36 - 2017-06-15 20:36 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign1f3ddce55cef5118
2017-06-13 09:48 - 2017-06-13 09:48 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign29fc78eb19fa2d28
2017-06-13 08:49 - 2017-06-13 08:49 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign8cbf1484e2d6b8be
2017-06-13 08:49 - 2017-06-13 08:49 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign70fd70c541f700cb
2017-06-12 23:19 - 2017-06-12 23:19 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign30f2583f6053635a
2017-06-12 23:12 - 2017-06-12 23:12 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf7407cf98c55be1a
2017-06-12 23:12 - 2017-06-12 23:12 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign3d1ac1d89b5ebb1e
2017-06-12 21:00 - 2017-06-12 21:00 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf007f23f554d5950
2017-06-12 20:59 - 2017-06-12 20:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignbdc618c08abb2987
2017-06-12 20:59 - 2017-06-12 20:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign16fb89a6201e2e49
2017-06-12 10:47 - 2017-06-12 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-06-12 10:46 - 2017-06-12 10:46 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2017-06-12 10:03 - 2017-06-12 10:03 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignd8c647ce3bac3879
2017-06-12 09:59 - 2017-06-12 09:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignde282a760fe752a9
2017-06-12 09:59 - 2017-06-12 09:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign3071318ee309ea45
2017-06-11 00:05 - 2017-06-11 00:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncec7253cc62e78cf
2017-06-10 23:59 - 2017-06-10 23:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignc568bb3fc10b94eb
2017-06-10 23:59 - 2017-06-10 23:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign836312cda8b58e45
2017-06-09 21:51 - 2017-06-09 21:51 - 00052181 _____ C:\Users\user\Desktop\výpis květen.pdf
2017-06-09 21:49 - 2017-06-09 21:49 - 00052181 _____ C:\Users\user\Downloads\194781010217_5_1132_20170531.pdf
2017-06-09 21:49 - 2017-06-09 21:49 - 00052181 _____ C:\Users\user\Downloads\194781010217_5_1132_20170531 (1).pdf
2017-06-06 21:30 - 2017-06-06 21:30 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign2716dd16f9c67b5a
2017-06-06 21:29 - 2017-06-06 21:29 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignebc15cc9da137a52
2017-06-06 21:29 - 2017-06-06 21:29 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignac47655dc296b20b
2017-06-04 19:15 - 2017-06-04 19:15 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign9d056bbddac20617
2017-06-04 19:05 - 2017-06-04 19:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign6cba0612ac986698
2017-06-04 19:05 - 2017-06-04 19:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign1405f752366eff6e
2017-06-03 17:54 - 2017-06-03 17:54 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncd79bb861d29a4a6
2017-06-03 17:53 - 2017-06-03 17:53 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf2538d166fae76f7
2017-06-03 17:53 - 2017-06-03 17:53 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign390fb0622a6847ae
2017-06-03 11:32 - 2017-06-29 17:19 - 00004222 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-06-01 19:13 - 2017-06-01 19:13 - 00011193 _____ C:\Users\user\Downloads\Tisky_Pospisilovi.xlsx
2017-05-31 19:35 - 2017-05-31 19:35 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncee47fc8c5512049
2017-05-31 19:34 - 2017-05-31 19:34 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncaa114177a0afa42
2017-05-31 19:34 - 2017-05-31 19:34 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign4238d80abd966f72

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-29 20:17 - 2014-06-06 19:44 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2017-06-29 20:03 - 2014-08-09 20:19 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2017-06-29 20:02 - 2015-01-09 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-06-29 19:53 - 2016-09-25 04:25 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-29 18:38 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-29 18:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-29 18:36 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-29 17:23 - 2016-12-30 13:59 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-06-29 17:19 - 2015-01-09 20:26 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-06-29 14:20 - 2016-05-10 11:14 - 00000000 __SHD C:\Users\user\IntelGraphicsProfiles
2017-06-28 14:12 - 2013-12-17 21:09 - 00000000 ____D C:\Users\user\Documents\Hesla
2017-06-28 06:44 - 2013-11-28 14:14 - 00002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-27 22:37 - 2016-07-17 00:25 - 01305072 _____ C:\WINDOWS\system32\perfh005.dat
2017-06-27 22:37 - 2016-07-17 00:25 - 00337746 _____ C:\WINDOWS\system32\perfc005.dat
2017-06-27 22:37 - 2016-05-10 10:31 - 03103596 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-27 22:28 - 2016-09-25 05:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-27 22:28 - 2016-09-25 04:29 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-27 22:27 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-06-25 15:46 - 2013-12-01 19:01 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2017-06-25 15:14 - 2013-11-25 16:17 - 00000000 ____D C:\Users\user\Documents\Nohejbal
2017-06-23 00:19 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-23 00:09 - 2016-12-30 14:12 - 00003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-06-23 00:02 - 2016-12-30 13:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-06-22 11:23 - 2017-01-28 10:18 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-22 11:22 - 2013-12-01 23:44 - 00000000 __RDO C:\Users\user\SkyDrive
2017-06-16 20:43 - 2017-02-15 11:45 - 00000000 ____D C:\Program Files\TrueKey
2017-06-16 20:43 - 2016-09-25 04:35 - 00000000 ____D C:\Users\UpdatusUser
2017-06-16 20:17 - 2013-07-08 22:28 - 00000000 ____D C:\ProgramData\McAfee
2017-06-16 11:09 - 2017-05-19 12:10 - 00003446 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2017-06-16 08:21 - 2013-11-24 19:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-16 08:17 - 2013-11-24 19:40 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-12 20:29 - 2017-04-22 10:25 - 00001239 _____ C:\Users\Public\Desktop\True Key.lnk
2017-06-12 20:29 - 2017-02-15 12:09 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-06-12 10:47 - 2017-02-15 12:18 - 00002020 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-06-12 10:47 - 2017-02-15 12:17 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-06-09 22:31 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-06 21:18 - 2016-05-10 13:45 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-01 19:21 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 13:06 - 2016-12-30 14:16 - 00209608 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys

==================== Files in the root of some directories =======

2014-05-30 20:16 - 2014-05-30 20:16 - 0012969 _____ () C:\Users\user\AppData\Roaming\Hodnoty oddělené čárkami (Windows).CAL
2013-12-01 20:17 - 2014-07-05 19:13 - 0001584 _____ () C:\Users\user\AppData\Roaming\USER-PC.MTBF.txt
2013-12-01 20:18 - 2014-07-05 19:44 - 0000778 _____ () C:\Users\user\AppData\Roaming\__AvidCloudManager.log
2013-12-01 20:18 - 2014-06-06 20:56 - 0000964 _____ () C:\Users\user\AppData\Roaming\__AvidCloudManagerPrevious.log
2015-02-20 18:13 - 2016-03-26 20:47 - 0001480 _____ () C:\Users\user\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2013-12-01 20:52 - 2014-06-06 20:46 - 0003584 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-01 18:58 - 2013-12-01 18:58 - 0007601 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg

Files to move or delete:
====================
C:\Users\user\WDMyCloud_win.exe


Some files in TEMP:
====================
2017-05-20 11:16 - 2017-05-20 11:16 - 0007168 _____ () C:\Users\user\AppData\Local\Temp\res1.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\user\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================
Přílohy
Addition.rar
(9.41 KiB) Staženo 178 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku NB pomalý.

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

jansams
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 17 úno 2008 20:46

Re: Prosím o preventivku NB pomalý.

#3 Příspěvek od jansams »

Díky zarychlou odpověď ... zde je log.

# AdwCleaner v6.047 - Log vytvořen 29/06/2017 v 20:57:15
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-19.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : user - USER-PC
# Spuštěno z : C:\Users\user\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: RelevantKnowledge


***** [ Složky ] *****

[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[-] Složka smazána: C:\Program Files (x86)\RelevantKnowledge
[-] Složka smazána: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle


***** [ Soubory ] *****

[-] Soubor smazán: C:\WINDOWS\SysNative\rlls.dll
[#] Soubor smazán: C:\WINDOWS\SysWOW64\rlls.dll


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[#] Klíč smazán po restartu: HKLM\SYSTEM\CurrentControlSet\services\relevantknowledge
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle


***** [ Prohlížeče ] *****

[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: mkndcbhcgphcfkkddanakjiepeknbgle


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2810 Bajty] - [29/06/2017 20:57:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [3235 Bajty] - [29/06/2017 20:54:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2956 Bajty] ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku NB pomalý.

#4 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

jansams
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 17 úno 2008 20:46

Re: Prosím o preventivku NB pomalý.

#5 Příspěvek od jansams »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017
Ran by user (administrator) on USER-PC (29-06-2017 21:56:38)
Running from C:\Users\user\Desktop
Loaded Profiles: UpdatusUser & user (Available Profiles: UpdatusUser & user)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
() C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tray\ColorMunki Photo Tray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\McCSPServiceHost.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\user\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
HKU\S-1-5-21-3194618662-1336689739-1579282525-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\MountPoints2: {b11c2f80-5c42-11e7-bf61-7c0507f7de4b} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\MountPoints2: {b11c2ff1-5c42-11e7-bf61-7c0507f7de4b} - "D:\HiSuiteDownLoader.exe"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileSyncShell64.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileSyncShell64.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileSyncShell64.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll [2017-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll [2017-06-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunki Gamma.lnk [2017-05-20]
ShortcutTarget: ColorMunki Gamma.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Photo\Gamma\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunkiPhotoTray.exe.lnk [2017-05-20]
ShortcutTarget: ColorMunkiPhotoTray.exe.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tray\ColorMunki Photo Tray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-06-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5b68938d-4cd4-4657-a692-36223eba29eb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{73736862-ff7f-4685-9cbc-44e4b341dbaf}: [DhcpNameServer] 192.168.11.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-3194618662-1336689739-1579282525-1002 -> DefaultScope {807C431E-5DFC-442F-9B41-234DEE63A93B} URL =
SearchScopes: HKU\S-1-5-21-3194618662-1336689739-1579282525-1002 -> {807C431E-5DFC-442F-9B41-234DEE63A93B} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (Intel Security)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll => No File
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL => No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2013-11-25] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (Intel Security)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (Intel Security)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2017-05-31] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-05-31] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox => not found
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2014-12-08] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-06-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188256 2017-05-16] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.569\McCHSvc.exe [404376 2017-05-25] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-05-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-05-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-05-26] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2015-09-18] (X-Rite Inc.)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.)
S3 colormunki; C:\WINDOWS\System32\Drivers\colormunki_x64.sys [51600 2007-10-02] (Thesycon GmbH, Germany)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_7b6a26f0085e5f11\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 PdiPorts; C:\WINDOWS\System32\drivers\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-29 21:56 - 2017-06-29 21:57 - 00025421 _____ C:\Users\user\Desktop\FRST.txt
2017-06-29 20:52 - 2017-06-29 20:57 - 00000000 ____D C:\AdwCleaner
2017-06-29 20:51 - 2017-06-29 20:49 - 04110280 _____ C:\Users\user\Desktop\adwcleaner_6.047.exe
2017-06-29 20:19 - 2017-06-29 20:19 - 00000000 ____D C:\FRST
2017-06-29 20:14 - 2017-06-29 20:07 - 02440704 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2017-06-29 20:14 - 2017-06-29 20:07 - 00112640 _____ (forum.viry.cz) C:\Users\user\Desktop\FRSTLauncher.exe
2017-06-29 19:59 - 2017-06-29 20:00 - 02440704 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2017-06-29 18:03 - 2017-06-29 21:03 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-06-28 16:18 - 2017-06-28 16:18 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign88766e9f11028846
2017-06-28 14:11 - 2017-06-28 14:11 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf4402f80020d63f8
2017-06-28 06:10 - 2017-06-28 06:10 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignea8a21e55bdb8454
2017-06-28 06:10 - 2017-06-28 06:10 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign0f7803a702f339d3
2017-06-27 08:50 - 2017-06-27 08:50 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigneb35c48a1dcf150f
2017-06-27 08:50 - 2017-06-27 08:50 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign7e0e53e5534ddc7c
2017-06-27 08:50 - 2017-06-27 08:50 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign189f8a4585f5bf7e
2017-06-26 20:55 - 2017-06-26 20:55 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign8fc115b111b4651f
2017-06-26 20:54 - 2017-06-26 20:54 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf0395136273066d8
2017-06-26 20:54 - 2017-06-26 20:54 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign2d762a9bf40f5273
2017-06-25 15:13 - 2017-06-25 15:13 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigne4fdafe162d610b6
2017-06-25 15:11 - 2017-06-25 15:11 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf55b90a92beb15ef
2017-06-25 15:11 - 2017-06-25 15:11 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigne6923141a9ddbaeb
2017-06-25 12:10 - 2017-06-25 12:10 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign262ff69fdbb40df7
2017-06-25 12:08 - 2017-06-25 12:08 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncdcb4a0d1ce0870b
2017-06-25 12:08 - 2017-06-25 12:08 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign4ed7e6d4c109ae03
2017-06-22 23:22 - 2017-06-22 23:22 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign42a3b013958f32e4
2017-06-22 23:15 - 2017-06-22 23:15 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign67327c14aefce31e
2017-06-22 23:15 - 2017-06-22 23:15 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign4efce7bae1285a05
2017-06-22 12:24 - 2017-06-22 12:24 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign688a09d7e6e8fb1e
2017-06-22 12:05 - 2017-06-22 12:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignb13930db03d9add8
2017-06-22 12:05 - 2017-06-22 12:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign0cfe59e39d3937fb
2017-06-22 11:21 - 2017-06-22 11:21 - 00002437 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-21 19:54 - 2017-06-21 19:54 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignea2d462f6cd3717d
2017-06-21 18:59 - 2017-06-21 18:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign80d40d678e83dc95
2017-06-21 18:59 - 2017-06-21 18:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign2a36d153f9dcae0a
2017-06-20 20:36 - 2017-06-20 20:36 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignec2e959c967adae3
2017-06-20 20:22 - 2017-06-20 20:22 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignefea6e8db4d74a16
2017-06-20 20:22 - 2017-06-20 20:22 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign682ac021fb80ae9a
2017-06-18 17:06 - 2017-06-18 17:06 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign18978258006ce560
2017-06-18 17:04 - 2017-06-18 17:04 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignb0cc6adc9ac1f9ed
2017-06-18 17:04 - 2017-06-18 17:04 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign80dd856b426af848
2017-06-15 20:39 - 2017-06-15 20:39 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigne17db4e0b1a78a4e
2017-06-15 20:36 - 2017-06-15 20:36 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign24e0932425420a7a
2017-06-15 20:36 - 2017-06-15 20:36 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign1f3ddce55cef5118
2017-06-13 09:48 - 2017-06-13 09:48 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign29fc78eb19fa2d28
2017-06-13 08:49 - 2017-06-13 08:49 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign8cbf1484e2d6b8be
2017-06-13 08:49 - 2017-06-13 08:49 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign70fd70c541f700cb
2017-06-12 23:19 - 2017-06-12 23:19 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign30f2583f6053635a
2017-06-12 23:12 - 2017-06-12 23:12 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf7407cf98c55be1a
2017-06-12 23:12 - 2017-06-12 23:12 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign3d1ac1d89b5ebb1e
2017-06-12 21:00 - 2017-06-12 21:00 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf007f23f554d5950
2017-06-12 20:59 - 2017-06-12 20:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignbdc618c08abb2987
2017-06-12 20:59 - 2017-06-12 20:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign16fb89a6201e2e49
2017-06-12 10:47 - 2017-06-12 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-06-12 10:46 - 2017-06-12 10:46 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2017-06-12 10:03 - 2017-06-12 10:03 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignd8c647ce3bac3879
2017-06-12 09:59 - 2017-06-12 09:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignde282a760fe752a9
2017-06-12 09:59 - 2017-06-12 09:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign3071318ee309ea45
2017-06-11 00:05 - 2017-06-11 00:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncec7253cc62e78cf
2017-06-10 23:59 - 2017-06-10 23:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignc568bb3fc10b94eb
2017-06-10 23:59 - 2017-06-10 23:59 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign836312cda8b58e45
2017-06-09 21:51 - 2017-06-09 21:51 - 00052181 _____ C:\Users\user\Desktop\výpis květen.pdf
2017-06-09 21:49 - 2017-06-09 21:49 - 00052181 _____ C:\Users\user\Downloads\194781010217_5_1132_20170531.pdf
2017-06-09 21:49 - 2017-06-09 21:49 - 00052181 _____ C:\Users\user\Downloads\194781010217_5_1132_20170531 (1).pdf
2017-06-06 21:30 - 2017-06-06 21:30 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign2716dd16f9c67b5a
2017-06-06 21:29 - 2017-06-06 21:29 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignebc15cc9da137a52
2017-06-06 21:29 - 2017-06-06 21:29 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignac47655dc296b20b
2017-06-04 19:15 - 2017-06-04 19:15 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign9d056bbddac20617
2017-06-04 19:05 - 2017-06-04 19:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign6cba0612ac986698
2017-06-04 19:05 - 2017-06-04 19:05 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign1405f752366eff6e
2017-06-03 17:54 - 2017-06-03 17:54 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncd79bb861d29a4a6
2017-06-03 17:53 - 2017-06-03 17:53 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsignf2538d166fae76f7
2017-06-03 17:53 - 2017-06-03 17:53 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign390fb0622a6847ae
2017-06-03 11:32 - 2017-06-29 17:19 - 00004222 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-06-01 19:13 - 2017-06-01 19:13 - 00011193 _____ C:\Users\user\Downloads\Tisky_Pospisilovi.xlsx
2017-05-31 19:35 - 2017-05-31 19:35 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncee47fc8c5512049
2017-05-31 19:34 - 2017-05-31 19:34 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsigncaa114177a0afa42
2017-05-31 19:34 - 2017-05-31 19:34 - 00000000 ____D C:\Users\user\AppData\Local\Tempzxpsign4238d80abd966f72

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-29 21:55 - 2016-09-25 04:25 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-29 21:43 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-29 21:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-29 21:03 - 2015-01-09 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-06-29 20:59 - 2016-09-25 05:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-29 20:59 - 2016-09-25 04:29 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-29 20:59 - 2016-05-10 11:14 - 00000000 __SHD C:\Users\user\IntelGraphicsProfiles
2017-06-29 20:59 - 2015-01-09 20:26 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-06-29 20:58 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-06-29 20:03 - 2014-08-09 20:19 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2017-06-29 18:38 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-29 17:23 - 2016-12-30 13:59 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-06-28 14:12 - 2013-12-17 21:09 - 00000000 ____D C:\Users\user\Documents\Hesla
2017-06-28 06:44 - 2013-11-28 14:14 - 00002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-27 22:37 - 2016-07-17 00:25 - 01305072 _____ C:\WINDOWS\system32\perfh005.dat
2017-06-27 22:37 - 2016-07-17 00:25 - 00337746 _____ C:\WINDOWS\system32\perfc005.dat
2017-06-27 22:37 - 2016-05-10 10:31 - 03103596 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-25 15:46 - 2013-12-01 19:01 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2017-06-25 15:14 - 2013-11-25 16:17 - 00000000 ____D C:\Users\user\Documents\Nohejbal
2017-06-23 00:19 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-23 00:09 - 2016-12-30 14:12 - 00003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-06-23 00:02 - 2016-12-30 13:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-06-22 11:23 - 2017-01-28 10:18 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-22 11:22 - 2013-12-01 23:44 - 00000000 __RDO C:\Users\user\SkyDrive
2017-06-16 20:43 - 2017-02-15 11:45 - 00000000 ____D C:\Program Files\TrueKey
2017-06-16 20:43 - 2016-09-25 04:35 - 00000000 ____D C:\Users\UpdatusUser
2017-06-16 20:17 - 2013-07-08 22:28 - 00000000 ____D C:\ProgramData\McAfee
2017-06-16 11:09 - 2017-05-19 12:10 - 00003446 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2017-06-16 08:21 - 2013-11-24 19:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-16 08:17 - 2013-11-24 19:40 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-12 20:29 - 2017-04-22 10:25 - 00001239 _____ C:\Users\Public\Desktop\True Key.lnk
2017-06-12 20:29 - 2017-02-15 12:09 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-06-12 10:47 - 2017-02-15 12:18 - 00002020 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-06-12 10:47 - 2017-02-15 12:17 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-06-09 22:31 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-06 21:18 - 2016-05-10 13:45 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-01 19:21 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 13:06 - 2016-12-30 14:16 - 00209608 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys

==================== Files in the root of some directories =======

2014-05-30 20:16 - 2014-05-30 20:16 - 0012969 _____ () C:\Users\user\AppData\Roaming\Hodnoty oddělené čárkami (Windows).CAL
2013-12-01 20:17 - 2014-07-05 19:13 - 0001584 _____ () C:\Users\user\AppData\Roaming\USER-PC.MTBF.txt
2013-12-01 20:18 - 2014-07-05 19:44 - 0000778 _____ () C:\Users\user\AppData\Roaming\__AvidCloudManager.log
2013-12-01 20:18 - 2014-06-06 20:56 - 0000964 _____ () C:\Users\user\AppData\Roaming\__AvidCloudManagerPrevious.log
2015-02-20 18:13 - 2016-03-26 20:47 - 0001480 _____ () C:\Users\user\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2013-12-01 20:52 - 2014-06-06 20:46 - 0003584 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-01 18:58 - 2013-12-01 18:58 - 0007601 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg

Files to move or delete:
====================
C:\Users\user\WDMyCloud_win.exe


Some files in TEMP:
====================
2017-05-20 11:16 - 2017-05-20 11:16 - 0007168 _____ () C:\Users\user\AppData\Local\Temp\res1.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\user\Desktop" je 6 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================
Přílohy
Addition.rar
(9.33 KiB) Staženo 170 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku NB pomalý.

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\MountPoints2: {b11c2f80-5c42-11e7-bf61-7c0507f7de4b} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\MountPoints2: {b11c2ff1-5c42-11e7-bf61-7c0507f7de4b} - "D:\HiSuiteDownLoader.exe"
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
SearchScopes: HKU\S-1-5-21-3194618662-1336689739-1579282525-1002 -> DefaultScope {807C431E-5DFC-442F-9B41-234DEE63A93B} URL =
SearchScopes: HKU\S-1-5-21-3194618662-1336689739-1579282525-1002 -> {807C431E-5DFC-442F-9B41-234DEE63A93B} URL =
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
U3 mfeavfk01; no ImagePath
C:\ProgramData\McAfee Security Scan
C:\Users\user\WDMyCloud_win.exe
C:\Users\user\AppData\Local\Temp
Task: {0DFFEAC1-1694-4FDA-8141-27B043CC0814} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {447735D5-2635-4D85-8AB4-206AB6B0B80B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4606020A-FC15-44A6-B289-7D8A96F2BD1E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5939BA6D-CF4B-4671-BE27-F55A4F1C2FEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {669D179C-B940-445A-ABF8-D94D99EE557D} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {73E353A4-1F1C-47E9-A89B-5E758E62B545} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {75CD1F48-04AF-4577-B3E1-F21E5A345F33} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {762043DE-482F-4F72-88E8-6A854D8093E2} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {78F74A92-F3E0-4C59-BB28-6B54B28ACE9F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9DD36CDE-5982-452B-B0AF-DB90B289142A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {A565E219-5233-4B9D-95F3-E73BF31B6FEC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B3230368-634C-4752-B520-2F5B024A740A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D73589C1-080E-4DA7-977B-800A0BBB7C97} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E3A814FD-957B-46FD-94B1-6603A5A07888} - \WPD\SqmUpload_S-1-5-21-3194618662-1336689739-1579282525-1002 -> No File <==== ATTENTION
Task: {F409BC1A-56F4-41EF-A79F-25FB80A67586} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FED8F8CE-76D9-439D-B0D2-4540629653C0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

jansams
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 17 úno 2008 20:46

Re: Prosím o preventivku NB pomalý.

#7 Příspěvek od jansams »

Zdravím, omluva, byl jsem pár dní mimo PC a NB. :|

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-07-2017
Ran by user (09-07-2017 07:45:32) Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: UpdatusUser & user (Available Profiles: UpdatusUser & user)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\MountPoints2: {b11c2f80-5c42-11e7-bf61-7c0507f7de4b} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\...\MountPoints2: {b11c2ff1-5c42-11e7-bf61-7c0507f7de4b} - "D:\HiSuiteDownLoader.exe"
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.56 9\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
SearchScopes: HKU\S-1-5-21-3194618662-1336689739-1579282525-1002 -> DefaultScope {807C431E-5DFC-442F-9B41-234DEE63A93B} URL =
SearchScopes: HKU\S-1-5-21-3194618662-1336689739-1579282525-1002 -> {807C431E-5DFC-442F-9B41-234DEE63A93B} URL =
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
U3 mfeavfk01; no ImagePath
C:\ProgramData\McAfee Security Scan
C:\Users\user\WDMyCloud_win.exe
C:\Users\user\AppData\Local\Temp
Task: {0DFFEAC1-1694-4FDA-8141-27B043CC0814} - \Micros oft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {447735D5-2635-4D85-8AB4-206AB6B0B80B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4606020A-FC15-44A6-B289-7D8A96F2BD1E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5939BA6D-CF4B-4671-BE27-F55A4F1C2FEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {669D179C-B940-445A-ABF8-D94D99EE557D} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {73E353A4-1F1C-47E9-A89B-5E758E62B545} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {75CD1F48-04AF-4577-B3E1-F21E5A345F33} - \ Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {762043DE-482F-4F72-88E8-6A854D8093E2} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {78F74A92-F3E0-4C59-BB28-6B54B28ACE9F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9DD36CDE-5982-452B-B0AF-DB90B289142A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {A565E219-5233-4B9D-95F3-E73BF31B6FEC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B3230368-634C-4752-B520-2F5B024A740A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: { D73589C1-080E-4DA7-977B-800A0BBB7C97} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E3A814FD-957B-46FD-94B1-6603A5A07888} - \WPD\SqmUpload_S-1-5-21-3194618662-1336689739-1579282525-1002 -> No File <==== ATTENTION
Task: {F409BC1A-56F4-41EF-A79F-25FB80A67586} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FED8F8CE-76D9-439D-B0D2-4540629653C0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b11c2f80-5c42-11e7-bf61-7c0507f7de4b} => key removed successfully
HKLM\Software\Classes\CLSID\{b11c2f80-5c42-11e7-bf61-7c0507f7de4b} => key not found.
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b11c2ff1-5c42-11e7-bf61-7c0507f7de4b} => key removed successfully
HKLM\Software\Classes\CLSID\{b11c2ff1-5c42-11e7-bf61-7c0507f7de4b} => key not found.
C:\Program Files\McAfee Security Scan\3.11.56 9\SSScheduler.exe => not found.

"C:\Program Files\McAfee Security Scan" folder move:

Could not move "C:\Program Files\McAfee Security Scan" => Scheduled to move on reboot.

HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3194618662-1336689739-1579282525-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{807C431E-5DFC-442F-9B41-234DEE63A93B} => key removed successfully
HKLM\Software\Classes\CLSID\{807C431E-5DFC-442F-9B41-234DEE63A93B} => key not found.
HKLM\Software\Classes\PROTOCOLS\Handler\osf => key removed successfully
HKLM\Software\Classes\CLSID\{D924BDC6-C83A-4BD5-90D0-095128A113D1} => key not found.
HKLM\System\CurrentControlSet\Services\mfeavfk01 => key removed successfully
mfeavfk01 => service removed successfully
C:\ProgramData\McAfee Security Scan => moved successfully
C:\Users\user\WDMyCloud_win.exe => moved successfully

"C:\Users\user\AppData\Local\Temp" folder move:

Could not move "C:\Users\user\AppData\Local\Temp" => Scheduled to move on reboot.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DFFEAC1-1694-4FDA-8141-27B043CC0814} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DFFEAC1-1694-4FDA-8141-27B043CC0814} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Micros oft\Windows\Setup\GWXTriggers\OnIdle-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{447735D5-2635-4D85-8AB4-206AB6B0B80B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{447735D5-2635-4D85-8AB4-206AB6B0B80B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4606020A-FC15-44A6-B289-7D8A96F2BD1E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4606020A-FC15-44A6-B289-7D8A96F2BD1E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5939BA6D-CF4B-4671-BE27-F55A4F1C2FEF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5939BA6D-CF4B-4671-BE27-F55A4F1C2FEF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{669D179C-B940-445A-ABF8-D94D99EE557D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{669D179C-B940-445A-ABF8-D94D99EE557D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Idle Detection Task => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73E353A4-1F1C-47E9-A89B-5E758E62B545} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73E353A4-1F1C-47E9-A89B-5E758E62B545} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75CD1F48-04AF-4577-B3E1-F21E5A345F33} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75CD1F48-04AF-4577-B3E1-F21E5A345F33} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{762043DE-482F-4F72-88E8-6A854D8093E2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{762043DE-482F-4F72-88E8-6A854D8093E2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78F74A92-F3E0-4C59-BB28-6B54B28ACE9F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78F74A92-F3E0-4C59-BB28-6B54B28ACE9F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DD36CDE-5982-452B-B0AF-DB90B289142A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DD36CDE-5982-452B-B0AF-DB90B289142A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A565E219-5233-4B9D-95F3-E73BF31B6FEC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A565E219-5233-4B9D-95F3-E73BF31B6FEC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3230368-634C-4752-B520-2F5B024A740A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3230368-634C-4752-B520-2F5B024A740A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ D73589C1-080E-4DA7-977B-800A0BBB7C97} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3A814FD-957B-46FD-94B1-6603A5A07888} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A814FD-957B-46FD-94B1-6603A5A07888} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3194618662-1336689739-1579282525-1002 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F409BC1A-56F4-41EF-A79F-25FB80A67586} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F409BC1A-56F4-41EF-A79F-25FB80A67586} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FED8F8CE-76D9-439D-B0D2-4540629653C0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FED8F8CE-76D9-439D-B0D2-4540629653C0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 547050045 B
Java, Flash, Steam htmlcache => 997 B
Windows/system/drivers => 266002488 B
Edge => 11547 B
Chrome => 738575999 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1791490 B
systemprofile32 => 0 B
LocalService => 35906 B
NetworkService => 24253331 B
UpdatusUser => 0 B
user => 11870408233 B

RecycleBin => 2430022615 B
EmptyTemp: => 14.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-07-2017 08:15:00)

C:\Program Files\McAfee Security Scan => Is moved successfully
C:\Users\user\AppData\Local\Temp => moved successfully

==== End of Fixlog 08:15:03 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku NB pomalý.

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

jansams
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 17 úno 2008 20:46

Re: Prosím o preventivku NB pomalý.

#9 Příspěvek od jansams »

jj, pozoruji znatelné zrychlení. Disk už tolik nepracuje a prodlevy mezi spouštěnými aplikacemi už nejsou na cigaretku. :idea: :worship:
Skvělé, jako vždy.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku NB pomalý.

#10 Příspěvek od Rudy »

Tak to jsem rád! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět