VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu, zasekaný notebook

https://forum.viry.cz:443/viewtopic.php?t=152727

Stránka 1 z 1

Prosím o kontrolu logu, zasekaný notebook

Napsal: 20 srp 2017 17:35
od Bruce
Dobrý den,

poprosím Vás o nahlédnutí a případně pomoc s noťasem.
Dostal jsem od přítelkyně noťas, ať se na něj mrknu, potřeboval by údajně "poléčit"

Bohužel notebook je na tom tak, že nemám antivir a bohužel nejde spustit žádný exe. soubor v normálním režimu. Je na tom poměrně špatně.
Pokud se najde nějaká hodná duše a mrkne na můj problém, budu velice rád.

Viz. níže přikládám log, který se mi podařil udělat v nouzovém režimu.


Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zuzik at 2017-08-20 18:25:56
Microsoft Windows 10 Home
System drive C: has 403 GB (44%) free of 911 GB
Total RAM: 8104 MB (87% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-24 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-24 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10 335232]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-12-15 2304688]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Zuzik\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-08-11 1536208]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~2\Lenovo\Power2Go\CLMP3Enc.ACM
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-08-20 18:12:06 ----D---- C:\rsit
2017-08-20 18:12:06 ----D---- C:\Program Files (x86)\trend micro
2017-08-20 18:09:04 ----D---- C:\ProgramData\AVAST Software
2017-08-20 18:07:15 ----A---- C:\WINDOWS\ntbtlog.txt

======List of files/folders modified in the last 1 month======

2017-08-20 18:25:07 ----D---- C:\WINDOWS\Temp
2017-08-20 18:25:07 ----D---- C:\WINDOWS\Tasks
2017-08-20 18:22:37 ----D---- C:\WINDOWS\Prefetch
2017-08-20 18:20:38 ----D---- C:\WINDOWS\System32
2017-08-20 18:12:06 ----RD---- C:\Program Files (x86)
2017-08-20 18:11:16 ----RD---- C:\Program Files
2017-08-20 18:09:04 ----HD---- C:\ProgramData
2017-08-20 18:07:15 ----D---- C:\Windows
2017-08-20 18:03:28 ----D---- C:\WINDOWS\CbsTemp
2017-08-20 17:31:16 ----AD---- C:\Program Files (x86)\Opera
2017-08-13 18:11:51 ----D---- C:\Windows10Upgrade
2017-08-13 18:10:19 ----D---- C:\WINDOWS\AppReadiness
2017-08-11 19:24:01 ----SHDC---- C:\WINDOWS\Installer
2017-08-11 19:24:01 ----SHD---- C:\Config.Msi
2017-08-11 19:22:50 ----D---- C:\WINDOWS\SysWOW64
2017-08-11 18:30:50 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys []
R0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys []
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys []
R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys []
R0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys []
R0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys []
R1 MPCKpt;MPCKpt; C:\WINDOWS\system32\DRIVERS\MPCKpt.sys []
R3 ACPIVPC;@oem26.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys []
R3 MEIx64;@oem19.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys []
R3 mfeaack;McAfee Inc. mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys []
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys []
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys []
S1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys []
S1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys []
S2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys []
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys []
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys []
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys []
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys []
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys []
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys []
S3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys []
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys []
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys []
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys []
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys []
S3 ibtusb;@oem38.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys []
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys []
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys []
S3 IntcDAud;@oem8.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys []
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys []
S3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys []
S3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys []
S3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys []
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys []
S3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys []
S3 nvvad_WaveExtensible;@oem6.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [2016-04-01 382456]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe []
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
S2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-11-16 683696]
S2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
S2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-07-18 4412104]
S2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22 152216]
S2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-04-23 599864]
S2 iBtSiva;Intel Bluetooth Service; c:\windows\syswow64\ibtsiva.exe [2014-03-11 121288]
S2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe []
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-05-28 389680]
S2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe []
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S2 LsvUIService;LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [2014-05-28 70416]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-11-28 1872808]
S2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe []
S2 McBootDelayStartSvc;McAfee Boot Delay Start Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-04-23 599864]
S2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [2016-04-18 1903320]
S2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-04-23 599864]
S2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2016-04-23 599864]
S2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2016-04-23 599864]
S2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2016-04-23 599864]
S2 ModuleCoreService;McAfee Module Core Service; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [2016-04-21 1424352]
S2 MPCProtectService;MPC Core Protect Service; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [2016-09-06 355808]
S2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-04-23 599864]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe []
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_102ed3;Hostitel synchronizace_102ed3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_104f22;Hostitel synchronizace_104f22; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_111f23;Hostitel synchronizace_111f23; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_14e81a;Hostitel synchronizace_14e81a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_15b7d45;Hostitel synchronizace_15b7d45; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_15de7c51;Hostitel synchronizace_15de7c51; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_26d176;Hostitel synchronizace_26d176; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_2c68914;Hostitel synchronizace_2c68914; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_2c6eb6;Hostitel synchronizace_2c6eb6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_314667;Hostitel synchronizace_314667; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_34f42a;Hostitel synchronizace_34f42a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_444fa2;Hostitel synchronizace_444fa2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_445135;Hostitel synchronizace_445135; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_50294a;Hostitel synchronizace_50294a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_5a85a;Hostitel synchronizace_5a85a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_5c8c5;Hostitel synchronizace_5c8c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_5ce96;Hostitel synchronizace_5ce96; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_5d21d;Hostitel synchronizace_5d21d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_5e380;Hostitel synchronizace_5e380; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_5f386;Hostitel synchronizace_5f386; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_64271;Hostitel synchronizace_64271; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_64c22;Hostitel synchronizace_64c22; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_64f46;Hostitel synchronizace_64f46; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_698f6;Hostitel synchronizace_698f6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_6df3a;Hostitel synchronizace_6df3a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_6f136;Hostitel synchronizace_6f136; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_71f9e;Hostitel synchronizace_71f9e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_76b3944b;Hostitel synchronizace_76b3944b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_79948;Hostitel synchronizace_79948; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_79ea4;Hostitel synchronizace_79ea4; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_7a1d1;Hostitel synchronizace_7a1d1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_81b2c;Hostitel synchronizace_81b2c; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_831cf;Hostitel synchronizace_831cf; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_855eb4;Hostitel synchronizace_855eb4; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_946cc;Hostitel synchronizace_946cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_9898e;Hostitel synchronizace_9898e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_a8f6d;Hostitel synchronizace_a8f6d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_ae4c1;Hostitel synchronizace_ae4c1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_b70f73;Hostitel synchronizace_b70f73; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_ca564;Hostitel synchronizace_ca564; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_cb57e;Hostitel synchronizace_cb57e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_d748a;Hostitel synchronizace_d748a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_dfc07;Hostitel synchronizace_dfc07; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_e80c0;Hostitel synchronizace_e80c0; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_fc501;Hostitel synchronizace_fc501; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_fd137;Hostitel synchronizace_fd137; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 PEFService;Intel Security PEF Service; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-04-21 1029856]
S2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
S2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
S2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-05-28 288240]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe []
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22 152216]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-11-26 194032]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 McAWFwk;McAfee Activation Service; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [2013-07-30 334608]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2016-04-20 795528]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_102ed3;Služba zasílání zpráv_102ed3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_104f22;Služba zasílání zpráv_104f22; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_111f23;Služba zasílání zpráv_111f23; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_14e81a;Služba zasílání zpráv_14e81a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_15b7d45;Služba zasílání zpráv_15b7d45; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_15de7c51;Služba zasílání zpráv_15de7c51; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_26d176;Služba zasílání zpráv_26d176; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_2c68914;Služba zasílání zpráv_2c68914; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_2c6eb6;Služba zasílání zpráv_2c6eb6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_314667;Služba zasílání zpráv_314667; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_34f42a;Služba zasílání zpráv_34f42a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_444fa2;Služba zasílání zpráv_444fa2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_445135;Služba zasílání zpráv_445135; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_50294a;Služba zasílání zpráv_50294a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_5a85a;Služba zasílání zpráv_5a85a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_5ce96;Služba zasílání zpráv_5ce96; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_5d21d;Služba zasílání zpráv_5d21d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_5e380;Služba zasílání zpráv_5e380; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_5f386;Služba zasílání zpráv_5f386; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_64271;Služba zasílání zpráv_64271; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_64c22;Služba zasílání zpráv_64c22; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_64f46;Služba zasílání zpráv_64f46; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_698f6;Služba zasílání zpráv_698f6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_6df3a;Služba zasílání zpráv_6df3a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_6f136;Služba zasílání zpráv_6f136; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_71f9e;Služba zasílání zpráv_71f9e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_76b3944b;Služba zasílání zpráv_76b3944b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_79ea4;Služba zasílání zpráv_79ea4; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_7a1d1;Služba zasílání zpráv_7a1d1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_81b2c;Služba zasílání zpráv_81b2c; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_831cf;Služba zasílání zpráv_831cf; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_855eb4;Služba zasílání zpráv_855eb4; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_946cc;Služba zasílání zpráv_946cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_9898e;Služba zasílání zpráv_9898e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_a8f6d;Služba zasílání zpráv_a8f6d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_ae4c1;Služba zasílání zpráv_ae4c1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_b70f73;Služba zasílání zpráv_b70f73; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_ca564;Služba zasílání zpráv_ca564; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_cb57e;Služba zasílání zpráv_cb57e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_d748a;Služba zasílání zpráv_d748a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_dfc07;Služba zasílání zpráv_dfc07; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_e80c0;Služba zasílání zpráv_e80c0; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_fc501;Služba zasílání zpráv_fc501; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_fd137;Služba zasílání zpráv_fd137; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2016-03-07 232688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-09-05 209104]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-05-28 308720]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_102ed3;Data kontaktů_102ed3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_104f22;Data kontaktů_104f22; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_111f23;Data kontaktů_111f23; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_14e81a;Data kontaktů_14e81a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_15b7d45;Data kontaktů_15b7d45; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_15de7c51;Data kontaktů_15de7c51; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_26d176;Data kontaktů_26d176; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_2c68914;Data kontaktů_2c68914; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_2c6eb6;Data kontaktů_2c6eb6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_314667;Data kontaktů_314667; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_34f42a;Data kontaktů_34f42a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_444fa2;Data kontaktů_444fa2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_445135;Data kontaktů_445135; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_50294a;Data kontaktů_50294a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_5a85a;Data kontaktů_5a85a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_5ce96;Data kontaktů_5ce96; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_5d21d;Data kontaktů_5d21d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_5e380;Data kontaktů_5e380; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_5f386;Data kontaktů_5f386; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_64271;Data kontaktů_64271; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_64c22;Data kontaktů_64c22; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_64f46;Data kontaktů_64f46; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_698f6;Data kontaktů_698f6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_6df3a;Data kontaktů_6df3a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_6f136;Data kontaktů_6f136; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_71f9e;Data kontaktů_71f9e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_76b3944b;Data kontaktů_76b3944b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_79ea4;Data kontaktů_79ea4; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_7a1d1;Data kontaktů_7a1d1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_81b2c;Data kontaktů_81b2c; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_831cf;Data kontaktů_831cf; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_855eb4;Data kontaktů_855eb4; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_946cc;Data kontaktů_946cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_9898e;Data kontaktů_9898e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_a8f6d;Data kontaktů_a8f6d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_ae4c1;Data kontaktů_ae4c1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_b70f73;Data kontaktů_b70f73; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_ca564;Data kontaktů_ca564; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_cb57e;Data kontaktů_cb57e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_d748a;Data kontaktů_d748a; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_dfc07;Data kontaktů_dfc07; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2016-04-23 599864]

-----------------EOF-----------------

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 21 srp 2017 16:35
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 21 srp 2017 17:13
od Bruce
Dobrý večer,

děkuji :)

Viz. níže zasílám:

# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 21 16:10:59 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: MPCProtectService


***** [ Folders ] *****

Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
Deleted: C:\Users\Zuzik\AppData\Roaming\qksee
Deleted: C:\Users\Public\Documents\\dmp
Deleted: C:\Program Files (x86)\OLBPre
Deleted: C:\Users\Zuzik\AppData\Roaming\eCyber
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
Deleted: C:\Users\Zuzik\AppData\Roaming\WinZiper
Deleted: C:\Users\Zuzik\AppData\Roaming\MCorp
Deleted: C:\ProgramData\Pokki
Deleted: C:\Users\All Users\Pokki
Deleted: C:\Users\Default\AppData\Local\Pokki
Deleted: C:\Users\Default User\AppData\Local\Pokki
Deleted: C:\Users\Zuzik\AppData\Local\Pokki
Deleted: C:\Program Files (x86)\MPC Cleaner
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
Deleted: C:\Users\Zuzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop
Deleted: C:\Users\Zuzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MPC Desktop
Deleted: C:\Program Files (x86)\QQBrowser
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Deleted: C:\Program Files (x86)\gmsd_re_004010007


***** [ Files ] *****

Deleted: C:\Users\Zuzik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\qksee.lnk
Deleted: C:\Windows\SysNative\drivers\MPCKpt.sys
Deleted: C:\Users\Public\Desktop\MPC Cleaner.lnk
Deleted: C:\Users\Public\Desktop\MPC Desktop.lnk
Deleted: C:\Users\Public\Desktop\MPC AdCleaner.lnk


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Browser Updater Task(Core)
Deleted: LaunchPreSignup
Deleted: WinTaske
Deleted: ACGPro Update


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\qkseeSvc
Deleted: [Key] - HKLM\SOFTWARE\qksee
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.slunecnice.cz
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OLBPre
Deleted: [Key] - HKLM\SOFTWARE\hdcode
Deleted: [Key] - HKU\S-1-5-21-587952562-1052095502-2304995429-1001\Software\Pokki
Deleted: [Key] - HKU\S-1-5-21-587952562-1052095502-2304995429-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Deleted: [Key] - HKCU\Software\Pokki
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Deleted: [Key] - HKU\S-1-5-21-587952562-1052095502-2304995429-1001\Software\Microsoft\Tinstalls
Deleted: [Key] - HKCU\Software\Microsoft\Tinstalls
Deleted: [Key] - HKLM\SOFTWARE\MPC
Deleted: [Key] - HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Deleted: [Key] - HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Deleted: [Key] - HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Deleted: [Key] - HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Deleted: [Key] - HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
Deleted: [Key] - HKU\S-1-5-21-587952562-1052095502-2304995429-1001\Software\INSTALLPATH\STATUS
Deleted: [Key] - HKCU\Software\INSTALLPATH\STATUS
Deleted: [Key] - HKLM\SOFTWARE\MaxPower
Deleted: [Key] - HKLM\SOFTWARE\WinZiper
Deleted: [Key] - HKLM\SOFTWARE\MPC AdCleaner
Deleted: [Key] - HKLM\SOFTWARE\MPC Desktop
Deleted: [Key] - HKLM\SOFTWARE\GAMESDESKTOP
Deleted: [Key] - HKLM\SOFTWARE\yessearchesSoftware
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.001
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.7z
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.arj
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.bz2
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.bzip2
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.cab
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.cpio
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.deb
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.dmg
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.fat
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.gz
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.gzip
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.hfs
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.iso
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.lha
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.lzh
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.lzma
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.ntfs
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.rar
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.rpm
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.squashfs
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.swm
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.tar
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.taz
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.tbz
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.tbz2
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.tgz
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.tpz
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.txz
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.vhd
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.wim
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.xar
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.xz
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.z
Deleted: [Key] - HKLM\SOFTWARE\Classes\WinZippers.zip


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [8825 B] - [2017/8/21 16:9:20]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 21 srp 2017 17:53
od Rudy
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 21 srp 2017 19:22
od Bruce
Přikládám :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Zuzik (administrator) on ZUZANKA (21-08-2017 20:18:34)
Running from C:\Users\Zuzik\Desktop
Loaded Profiles: Zuzik (Available Profiles: Zuzik & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> dwm.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
Failed to access process -> WmiPrvSE.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-05-28] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-05-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-05-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-12-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-12-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2269360 2015-12-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-05-28] (Lenovo(beijing) Limited)
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\...\MountPoints2: {b27a21d1-0af6-11e7-82e1-e82aea76daa3} - "E:\HiSuiteDownLoader.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-587952562-1052095502-2304995429-1001] => 127.0.0.1:18159
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5145078d-d5c4-4834-8b28-1aca64ef37b5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c70c5ce0-bb6b-4656-8e3f-67d12664e85e}: [DhcpNameServer] 169.254.94.224

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-587952562-1052095502-2304995429-1001 -> DefaultScope {0DDA5369-37CC-48CD-A224-E4D839C06ED4} URL =
SearchScopes: HKU\S-1-5-21-587952562-1052095502-2304995429-1001 -> {0DDA5369-37CC-48CD-A224-E4D839C06ED4} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-24] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-24] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-24] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-587952562-1052095502-2304995429-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-24] (Google Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-05-24] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-05-24] (McAfee, Inc.)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-06-28] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-05-24] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-12-15] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-05-24] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-12-15] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://tgmgo.com"
CHR Profile: C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default [2017-08-21]
CHR Extension: (Prezentace Google) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-12]
CHR Extension: (Dokumenty Google) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-12]
CHR Extension: (Disk Google) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-12]
CHR Extension: (YouTube) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-12]
CHR Extension: (Tabulky Google) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Pirsma) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\okbojfdmdfielknjpganihbcbjaehgef [2016-11-10]
CHR Extension: (Gmail) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Zuzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4412104 2017-07-18] (Microsoft Corporation)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] ()
S2 iBtSiva; c:\windows\syswow64\ibtsiva.exe [121288 2014-03-11] (Intel Corporation)
S2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-05-28] (Lenovo(beijing) Limited)
S2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-05-28] (Lenovo(beijing) Limited)
S2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-05-28] (Lenovo)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
S2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-11-28] (Maxthon)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [0 2016-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.)
S2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] ()
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [1903320 2016-04-18] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] ()
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] ()
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [795528 2016-04-20] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] ()
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] ()
S2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] ()
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-03-07] ()
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-04-01] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [277744 2016-03-07] (McAfee, Inc.)
S2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1424352 2016-04-21] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] ()
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
S2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1029856 2016-04-21] (Intel Security, Inc.)
S2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-26] (PointGrab LTD)
S2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-26] (PointGrab LTD)
S2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-05-28] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-05-28] (Lenovo)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-05-28] (Lenovo)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S2 MPCProtectService; "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe" [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-03-11] (McAfee, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
S3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2016-03-11] (McAfee, Inc.)
S3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-03-11] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-03-11] (McAfee, Inc.)
S3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-03-11] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [842536 2016-03-11] (McAfee, Inc.)
S3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-03-11] (McAfee, Inc.)
R1 MPCKpt; C:\WINDOWS\System32\DRIVERS\MPCKpt.sys [60136 2016-09-06] (DotC United Inc) <==== ATTENTION
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-29] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WIMMount; C:\WINDOWS\System32\drivers\wimmount.sys [35680 2016-01-27] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-21 20:18 - 2017-08-21 20:18 - 000020301 _____ C:\Users\Zuzik\Desktop\FRST.txt
2017-08-21 20:18 - 2017-08-21 20:18 - 000000000 ____D C:\FRST
2017-08-21 20:11 - 2017-08-21 20:11 - 001792512 _____ (Farbar) C:\Users\Zuzik\Desktop\FRST.exe
2017-08-21 20:09 - 2017-08-21 20:10 - 002395648 _____ (Farbar) C:\Users\Zuzik\Desktop\FRST64.exe
2017-08-21 20:04 - 2017-08-21 20:04 - 000015327 _____ C:\Users\Zuzik\Desktop\LM.bat
2017-08-21 20:02 - 2017-08-21 20:02 - 000112640 _____ (forum.viry.cz) C:\Users\Zuzik\Downloads\Nepotvrzeno 10201.crdownload
2017-08-21 19:41 - 2017-08-21 20:04 - 000029696 _____ C:\Users\Zuzik\AppData\Local\MSGBOX.EXE
2017-08-21 18:06 - 2017-08-21 18:10 - 000000000 ____D C:\AdwCleaner
2017-08-20 18:51 - 2017-08-20 18:51 - 000000000 ____D C:\Users\Zuzik\AppData\Local\ElevatedDiagnostics
2017-08-20 18:12 - 2017-08-20 18:12 - 000000000 ____D C:\rsit
2017-08-20 18:12 - 2017-08-20 18:12 - 000000000 ____D C:\Program Files (x86)\trend micro
2017-08-20 18:11 - 2017-08-21 19:46 - 000000000 ____D C:\Program Files\CCleaner
2017-08-20 18:11 - 2017-08-20 18:12 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-20 18:11 - 2017-08-20 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-08-20 18:09 - 2017-08-20 18:09 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-20 18:08 - 2017-08-21 20:17 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-08-20 18:07 - 2017-08-21 20:18 - 001614838 _____ C:\WINDOWS\ntbtlog.txt
2017-08-20 17:53 - 2017-08-21 20:07 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-08-20 17:46 - 2017-08-20 17:46 - 006948656 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online (3).exe
2017-08-20 17:42 - 2017-08-20 17:43 - 001792512 _____ (Farbar) C:\Users\Zuzik\Downloads\FRST.exe
2017-08-20 17:41 - 2017-08-20 17:41 - 001107968 _____ C:\Users\Zuzik\Desktop\RSIT.exe
2017-08-20 17:38 - 2017-08-20 17:38 - 006948656 _____ (AVAST Software) C:\Users\Zuzik\Downloads\avast_free_antivirus_setup_online (2).exe
2017-08-20 17:36 - 2017-08-20 17:36 - 000001280 _____ C:\Users\Zuzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-20 17:36 - 2017-08-20 17:36 - 000000000 ____D C:\Users\Zuzik\AppData\Local\Mozilla Firefox
2017-08-20 17:36 - 2017-08-20 17:36 - 000000000 ____D C:\Users\Zuzik\AppData\Local\Mozilla
2017-08-20 17:35 - 2017-08-20 17:35 - 000245824 _____ (Mozilla) C:\Users\Zuzik\Downloads\Firefox Installer.exe
2017-08-20 17:31 - 2017-08-20 17:31 - 009791816 _____ (Piriform Ltd) C:\Users\Zuzik\Downloads\ccsetup533.exe
2017-08-11 18:10 - 2017-08-11 18:10 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-587952562-1052095502-2304995429-1001
2017-07-26 12:03 - 2017-08-13 18:11 - 000000822 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-21 20:15 - 2015-10-30 08:28 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2017-08-21 20:14 - 2016-01-27 03:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-21 20:11 - 2015-10-30 09:11 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-21 19:59 - 2016-01-27 02:36 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-21 19:59 - 2014-09-11 19:06 - 000000000 __SHD C:\Users\Zuzik\IntelGraphicsProfiles
2017-08-21 19:58 - 2016-01-27 02:54 - 000879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-21 19:44 - 2016-09-13 23:59 - 000000000 ____D C:\Users\Zuzik\Desktop\Plocha
2017-08-21 19:20 - 2016-01-21 01:21 - 000000000 ____D C:\Program Files (x86)\Opera
2017-08-20 17:31 - 2017-07-09 09:36 - 000001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2017-08-20 17:31 - 2017-03-04 18:53 - 000003954 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1453332213
2017-08-20 17:29 - 2016-06-27 07:26 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{250FB67C-97DE-4019-815E-3BF9849049AF}
2017-08-20 14:19 - 2015-10-29 17:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-20 14:15 - 2015-10-29 17:12 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-20 09:40 - 2015-11-26 06:16 - 000000000 ____D C:\Users\Zuzik\AppData\Local\Adobe
2017-08-19 23:51 - 2016-01-27 02:41 - 000000000 ____D C:\Users\Zuzik
2017-08-17 18:35 - 2016-02-26 18:52 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-13 18:11 - 2017-06-04 22:08 - 000000000 ____D C:\Windows10Upgrade
2017-08-13 18:10 - 2015-10-30 09:24 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-13 18:10 - 2015-10-30 09:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-11 19:24 - 2015-11-26 06:20 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-08-11 19:23 - 2015-11-26 06:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-11 18:33 - 2017-07-04 21:26 - 000000000 ____D C:\Program Files\rempl
2017-08-11 18:10 - 2016-01-27 16:05 - 000002398 _____ C:\Users\Zuzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-11 18:10 - 2014-09-11 16:05 - 000000000 __RDO C:\Users\Zuzik\OneDrive

==================== Files in the root of some directories =======

2017-04-14 16:16 - 2017-04-14 16:16 - 007639040 _____ () C:\Program Files (x86)\GUT41CD.tmp
2017-08-21 19:41 - 2017-08-21 20:04 - 000029696 _____ () C:\Users\Zuzik\AppData\Local\MSGBOX.EXE
2016-01-27 02:37 - 2016-01-27 02:37 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2016-09-17 23:03 - 2016-09-17 23:03 - 000467968 _____ (Realtek Semiconductor Corp.) C:\Users\Zuzik\AppData\Local\Temp\COMAP.EXE
2017-07-04 21:01 - 2017-07-26 12:03 - 006457520 _____ (Microsoft Corporation) C:\Users\Zuzik\AppData\Local\Temp\Windows10Upgrade.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe
[2016-06-25 23:28] - [2016-04-23 06:18] - 000585728 _____ (Microsoft Corporation) 5C156EC4E44E30331BCC865A3B61D839

C:\WINDOWS\system32\wininit.exe
[2016-06-25 23:28] - [2016-04-23 07:06] - 000291360 _____ (Microsoft Corporation) C1C81AAF533552B3C4D9F11A5FF97700

C:\WINDOWS\explorer.exe
[2016-07-13 19:14] - [2016-07-01 06:33] - 004515256 _____ (Microsoft Corporation) E396258CFD8F84E8F2C24930E6D88C67

C:\WINDOWS\SysWOW64\explorer.exe
[2016-07-13 19:25] - [2016-07-01 06:19] - 004074160 _____ (Microsoft Corporation) B6113983ED77D6FE99BDEE461E7BE004

C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\SysWOW64\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll
[2016-06-25 23:28] - [2016-04-23 07:00] - 001399224 _____ (Microsoft Corporation) F5F7CE3E32536F1A37FB3972F27A814F

C:\WINDOWS\SysWOW64\User32.dll
[2016-06-25 23:27] - [2016-04-23 07:00] - 001337240 _____ (Microsoft Corporation) E7BD4D15CDC5A1E162256CFADCA92344

C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\SysWOW64\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\dnsapi.dll
[2016-04-17 19:52] - [2016-03-29 12:11] - 000686976 _____ (Microsoft Corporation) 9A3E17CDB177913C2A111C80F3D0DBB4

C:\WINDOWS\SysWOW64\dnsapi.dll
[2016-04-17 19:52] - [2016-03-29 11:28] - 000535080 _____ (Microsoft Corporation) 6A7ACABAE92C837F5C1330188EAE36AE

C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2017-01-01 00:05

==================== End of FRST.txt ============================

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 21 srp 2017 20:35
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\...\MountPoints2: {b27a21d1-0af6-11e7-82e1-e82aea76daa3} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-587952562-1052095502-2304995429-1001 -> DefaultScope {0DDA5369-37CC-48CD-A224-E4D839C06ED4} URL =
SearchScopes: HKU\S-1-5-21-587952562-1052095502-2304995429-1001 -> {0DDA5369-37CC-48CD-A224-E4D839C06ED4} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-24] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-24] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-24] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-587952562-1052095502-2304995429-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-24] (Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Program Files (x86)\GUT41CD.tmp
C:\Users\Zuzik\AppData\Local\Temp
ContextMenuHandlers1: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {42E04B3C-9D57-4F3C-9DD6-2B3873A7C192} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {529C6B9A-9B3E-444C-B557-2510839C281E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5B02FCED-BAC9-41EE-8F44-DF674D4DC2A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7670AEF9-3630-4A36-A821-84264DBCFB1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7B98490E-9ABC-404D-BB31-2ECC250128DB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {7CE73F4D-291B-4004-8D7C-B20DF274C8FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {871CEF81-5D1F-4F94-8843-A6CB92752780} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {88CE74D9-D5C8-4B97-99DD-0D5AA52FD339} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8CB769EE-0C6D-45DF-8BA5-75DCE34AABA6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DB4D7004-B51E-49C1-8FDA-88FDEF873D45} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E3FFCD7D-5207-4C34-9151-B0BE975D8A23} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E8CB3D19-3CB0-43D9-9613-707ED5346676} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA86708D-D16B-49F9-AADE-6BD629EBB37D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {ED75D79B-F3CF-44DD-96D8-791897BE3A05} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22] (Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 21 srp 2017 20:53
od Bruce
Přikládám:

Děkuji :)

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Zuzik (21-08-2017 21:48:55) Run:1
Running from C:\Users\Zuzik\Desktop
Loaded Profiles: Zuzik (Available Profiles: Zuzik & Administrator)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART <==== ATTENTION
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\...\MountPoints2: {b27a21d1-0af6-11e7-82e1-e82aea76daa3} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-587952562-1052095502-2304995429-1001 -> DefaultScope {0DDA5369-37CC-48CD-A224-E4D839C06ED4} URL =
SearchScopes: HKU\S-1-5-21-587952562-1052095502-2304995429-1001 -> {0DDA5369-37CC-48CD-A224-E4D839C06ED4} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-24] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-24] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-24] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-587952562-1052095502-2304995429-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-24] (Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Program Files (x86)\GUT41CD.tmp
C:\Users\Zuzik\AppData\Local\Temp
ContextMenuHandlers1: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {42E04B3C-9D57-4F3C-9DD6-2B3873A7C192} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {529C6B9A-9B3E-444C-B557-2510839C281E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5B02FCED-BAC9-41EE-8F44-DF674D4DC2A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7670AEF9-3630-4A36-A821-84264DBCFB1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7B98490E-9ABC-404D-BB31-2ECC250128DB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {7CE73F4D-291B-4004-8D7C-B20DF274C8FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {871CEF81-5D1F-4F94-8843-A6CB92752780} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {88CE74D9-D5C8-4B97-99DD-0D5AA52FD339} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8CB769EE-0C6D-45DF-8BA5-75DCE34AABA6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DB4D7004-B51E-49C1-8FDA-88FDEF873D45} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E3FFCD7D-5207-4C34-9151-B0BE975D8A23} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E8CB3D19-3CB0-43D9-9613-707ED5346676} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA86708D-D16B-49F9-AADE-6BD629EBB37D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {ED75D79B-F3CF-44DD-96D8-791897BE3A05} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22] (Google Inc.)

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #0 => value not found.
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b27a21d1-0af6-11e7-82e1-e82aea76daa3} => key removed successfully
HKLM\Software\Classes\CLSID\{b27a21d1-0af6-11e7-82e1-e82aea76daa3} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key removed successfully
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0DDA5369-37CC-48CD-A224-E4D839C06ED4} => key removed successfully
HKLM\Software\Classes\CLSID\{0DDA5369-37CC-48CD-A224-E4D839C06ED4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key removed successfully
HKU\S-1-5-21-587952562-1052095502-2304995429-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Program Files (x86)\GUT41CD.tmp => moved successfully
C:\Users\Zuzik\AppData\Local\Temp => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => key removed successfully
HKLM\Software\Classes\CLSID\_{B41DB860-64E4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\_{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => key removed successfully
HKLM\Software\Classes\CLSID\_{B41DB860-64E4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\_{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42E04B3C-9D57-4F3C-9DD6-2B3873A7C192} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42E04B3C-9D57-4F3C-9DD6-2B3873A7C192} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{529C6B9A-9B3E-444C-B557-2510839C281E} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{529C6B9A-9B3E-444C-B557-2510839C281E} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B02FCED-BAC9-41EE-8F44-DF674D4DC2A1} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B02FCED-BAC9-41EE-8F44-DF674D4DC2A1} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7670AEF9-3630-4A36-A821-84264DBCFB1C} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7670AEF9-3630-4A36-A821-84264DBCFB1C} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B98490E-9ABC-404D-BB31-2ECC250128DB} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B98490E-9ABC-404D-BB31-2ECC250128DB} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-URT => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CE73F4D-291B-4004-8D7C-B20DF274C8FE} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CE73F4D-291B-4004-8D7C-B20DF274C8FE} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{871CEF81-5D1F-4F94-8843-A6CB92752780} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{871CEF81-5D1F-4F94-8843-A6CB92752780} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88CE74D9-D5C8-4B97-99DD-0D5AA52FD339} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88CE74D9-D5C8-4B97-99DD-0D5AA52FD339} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CB769EE-0C6D-45DF-8BA5-75DCE34AABA6} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CB769EE-0C6D-45DF-8BA5-75DCE34AABA6} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB4D7004-B51E-49C1-8FDA-88FDEF873D45} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB4D7004-B51E-49C1-8FDA-88FDEF873D45} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3FFCD7D-5207-4C34-9151-B0BE975D8A23} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3FFCD7D-5207-4C34-9151-B0BE975D8A23} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8CB3D19-3CB0-43D9-9613-707ED5346676} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8CB3D19-3CB0-43D9-9613-707ED5346676} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA86708D-D16B-49F9-AADE-6BD629EBB37D} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA86708D-D16B-49F9-AADE-6BD629EBB37D} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED75D79B-F3CF-44DD-96D8-791897BE3A05} => key could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED75D79B-F3CF-44DD-96D8-791897BE3A05} => key could not remove. Access Denied.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key could not remove. Access Denied.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19725420 B
Java, Flash, Steam htmlcache => 2207 B
Windows/system/drivers => 174967447 B
Edge => 1770715 B
Chrome => 212067482 B
Firefox => 0 B
Opera => 24978048 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 219295 B
systemprofile32 => 826643 B
LocalService => 41838 B
NetworkService => 3491520 B
Zuzik => 135184496 B
Administrator => 17716 B

RecycleBin => 3466212817 B
EmptyTemp: => 3.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-08-2017 21:52:18)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42E04B3C-9D57-4F3C-9DD6-2B3873A7C192} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42E04B3C-9D57-4F3C-9DD6-2B3873A7C192} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{529C6B9A-9B3E-444C-B557-2510839C281E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{529C6B9A-9B3E-444C-B557-2510839C281E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B02FCED-BAC9-41EE-8F44-DF674D4DC2A1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B02FCED-BAC9-41EE-8F44-DF674D4DC2A1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7670AEF9-3630-4A36-A821-84264DBCFB1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7670AEF9-3630-4A36-A821-84264DBCFB1C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B98490E-9ABC-404D-BB31-2ECC250128DB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B98490E-9ABC-404D-BB31-2ECC250128DB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-URT => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CE73F4D-291B-4004-8D7C-B20DF274C8FE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CE73F4D-291B-4004-8D7C-B20DF274C8FE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{871CEF81-5D1F-4F94-8843-A6CB92752780} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{871CEF81-5D1F-4F94-8843-A6CB92752780} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88CE74D9-D5C8-4B97-99DD-0D5AA52FD339} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88CE74D9-D5C8-4B97-99DD-0D5AA52FD339} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CB769EE-0C6D-45DF-8BA5-75DCE34AABA6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CB769EE-0C6D-45DF-8BA5-75DCE34AABA6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB4D7004-B51E-49C1-8FDA-88FDEF873D45} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB4D7004-B51E-49C1-8FDA-88FDEF873D45} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3FFCD7D-5207-4C34-9151-B0BE975D8A23} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3FFCD7D-5207-4C34-9151-B0BE975D8A23} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8CB3D19-3CB0-43D9-9613-707ED5346676} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8CB3D19-3CB0-43D9-9613-707ED5346676} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA86708D-D16B-49F9-AADE-6BD629EBB37D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA86708D-D16B-49F9-AADE-6BD629EBB37D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED75D79B-F3CF-44DD-96D8-791897BE3A05} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED75D79B-F3CF-44DD-96D8-791897BE3A05} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully

==== End of Fixlog 21:52:20 ====

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 21 srp 2017 21:06
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 21 srp 2017 21:25
od Bruce
Dalo by se říct, že se zatím nic nezměnilo.
- exe soubory vykazují tuto chybu (chyba systemu souboru 1073741792)
- v prohlížeči skáčou pořád reklamní okna viz:

Obrázek

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 22 srp 2017 16:07
od Rudy
Zkuste obnovu systému k datu, kdy korektně fungoval.

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 22 srp 2017 17:34
od Bruce
Bohužel přítelkyně nemá zapnutou obnovu dat. Patří mezi "nepořádné" uživatele.

Nechce se mi formátovat noťas, ale bude vůbec nějaké jiné východisko :???:

Re: Prosím o kontrolu logu, zasekaný notebook

Napsal: 22 srp 2017 18:00
od Rudy
Tak to bude problém. Potom jedině obnova do továrního nastavení. Budete ale muset provést zálohu vlastních dat (dokumenty, obrázky, hudba, videa atd.). Toto je systémová chyba.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz