VIRY.CZ

Dobrý den, na noťasu objevuji divné chování. Windows Update mi vůbec nejde spustit. Ani do Windows Defender se nedostanu. Vůbec nevím, co s tím.. Děkuji mnohokrát za pomoc

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Ivana (administrator) on DESKTOP-CPUQIHL (12-08-2018 11:45:15)
Running from C:\Users\Ivana\Downloads
Loaded Profiles: Ivana (Available Profiles: Ivana)
Platform: Windows 10 Pro Version 1803 17134.165 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiScanner.exe
(Reimage) C:\Program Files\Reimage\Reimage Repair\REI_AVIRA.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [137464 2018-07-02] (Intel)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1792014199-4145456807-672966040-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18534016 2018-07-20] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{02483b34-26a8-44a8-8c28-3e6249cda0b4}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{14ca1b2e-0e83-45d8-8e01-3faa303f359f}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{85e240c2-b712-46a0-b2e1-a8a7c1781c47}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1792014199-4145456807-672966040-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-19] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-19] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 9mjdcly9.default
FF ProfilePath: C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\9mjdcly9.default [2018-08-12]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-19] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522928 2018-06-30] (Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-07-02] (Intel)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71408 2018-05-16] (Lenovo Group Limited)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-07-13] (Lenovo.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [9037680 2018-04-25] (Reimage®)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23880 2018-03-26] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-04-21] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-01] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Huawei; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8213328 2018-01-31] (Realtek Semiconductor Corporation )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-07] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46584 2018-08-01] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-08-01] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-01] (Microsoft Corporation)
U4 ESRV_SVC_WILLAMETTE; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-12 11:45 - 2018-08-12 11:46 - 000011813 _____ C:\Users\Ivana\Downloads\FRST.txt
2018-08-12 11:44 - 2018-08-12 11:45 - 000000000 ____D C:\FRST
2018-08-12 11:41 - 2018-08-12 11:41 - 000000000 _____ C:\Users\Ivana\Downloads\FRSTLauncher.exe
2018-08-12 11:38 - 2018-08-12 11:38 - 002412544 _____ (Farbar) C:\Users\Ivana\Downloads\FRST64.exe
2018-08-10 14:52 - 2018-08-10 14:59 - 000014582 _____ C:\Users\Ivana\Desktop\10.8. 18 Predpremiery_Po cem muzi - IVANA.xlsx
2018-07-30 11:35 - 2018-07-30 15:18 - 000000000 ____D C:\Users\Ivana\Documents\DOKUMENT KUNDERA
2018-07-29 14:32 - 2018-08-12 11:30 - 000000000 ____D C:\ProgramData\Reimage Protector
2018-07-29 14:32 - 2018-07-29 14:32 - 000004352 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater
2018-07-29 14:32 - 2018-07-29 14:32 - 000001886 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2018-07-29 14:32 - 2018-07-29 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2018-07-29 14:31 - 2018-07-29 14:33 - 000000150 _____ C:\WINDOWS\Reimage.ini
2018-07-29 14:31 - 2018-07-29 14:33 - 000000000 ____D C:\rei
2018-07-29 14:31 - 2018-07-29 14:32 - 000000000 ____D C:\Program Files\Reimage
2018-07-29 14:29 - 2018-07-29 14:29 - 000605424 _____ (Reimage) C:\Users\Ivana\Downloads\ReimageRepair.exe
2018-07-29 14:14 - 2018-08-12 11:29 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-07-29 14:14 - 2018-07-29 14:14 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-07-29 14:14 - 2018-07-29 14:14 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-07-29 14:14 - 2018-07-29 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-07-29 14:14 - 2018-07-29 14:14 - 000000000 ____D C:\Program Files\CCleaner
2018-07-29 14:13 - 2018-07-29 14:13 - 000000000 ____D C:\Program Files\Google
2018-07-29 14:12 - 2018-07-30 10:38 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-29 14:12 - 2018-07-29 14:35 - 000000000 ____D C:\Users\Ivana\AppData\Local\Google
2018-07-29 14:12 - 2018-07-29 14:13 - 007417040 _____ (Malwarebytes) C:\Users\Ivana\Downloads\adwcleaner_7.2.2.exe
2018-07-29 14:11 - 2018-07-29 14:11 - 016625464 _____ (Piriform Ltd) C:\Users\Ivana\Downloads\ccsetup545.exe
2018-07-17 13:37 - 2018-07-17 13:37 - 000017566 _____ C:\Users\Ivana\Desktop\1 Václav Postránecký 5cyklus ze dne 17.7..pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-12 11:39 - 2016-08-22 17:38 - 000000000 ____D C:\Users\Ivana\AppData\Local\ClassicShell
2018-08-12 11:34 - 2017-10-26 22:24 - 000000000 ____D C:\Users\Ivana\AppData\LocalLow\Mozilla
2018-08-10 23:46 - 2018-05-24 23:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-10 15:24 - 2017-12-26 22:05 - 000000000 ____D C:\Users\Ivana\AppData\Local\Packages
2018-08-10 12:03 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-10 10:02 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-09 12:33 - 2018-03-23 13:41 - 000002270 _____ C:\Users\Ivana\Desktop\VÁCLAV POSTRÁNECKÝ 2018 – zástupce.lnk
2018-08-09 12:33 - 2018-03-23 13:40 - 000002136 _____ C:\Users\Ivana\Desktop\POLÍVKOVÁ 2018 – zástupce.lnk
2018-08-09 12:33 - 2018-03-23 13:39 - 000002241 _____ C:\Users\Ivana\Desktop\VERONIKA GAJEROVÁ 2018 – zástupce.lnk
2018-08-09 12:33 - 2018-02-05 12:16 - 000002541 _____ C:\Users\Ivana\Desktop\Word 2016.lnk
2018-08-09 12:33 - 2018-02-05 12:16 - 000002518 _____ C:\Users\Ivana\Desktop\PowerPoint 2016.lnk
2018-08-09 12:33 - 2018-02-05 12:16 - 000002513 _____ C:\Users\Ivana\Desktop\Excel 2016.lnk
2018-08-09 12:33 - 2018-02-05 12:16 - 000002439 _____ C:\Users\Ivana\Desktop\Outlook 2016.lnk
2018-08-09 12:33 - 2018-01-05 01:47 - 000002169 _____ C:\Users\Ivana\Desktop\SANDEVA SARA 2018 – zástupce.lnk
2018-08-09 12:33 - 2018-01-02 17:12 - 000002182 _____ C:\Users\Ivana\Desktop\BOUDOVÁ NELA 2018 – zástupce.lnk
2018-08-09 12:33 - 2016-08-23 12:29 - 000001452 _____ C:\Users\Ivana\Desktop\HERCI ZASTUPOVÁNÍ.lnk
2018-08-09 12:33 - 2016-08-22 17:38 - 000001283 _____ C:\Users\Ivana\Desktop\Internet Explorer.lnk
2018-08-08 08:38 - 2018-07-06 20:02 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-08-06 10:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-06 10:45 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-01 13:14 - 2018-02-18 00:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-07-31 12:01 - 2016-08-22 19:29 - 000000000 ____D C:\Users\Ivana\Documents\CASTING FOTKY VÝBĚR
2018-07-30 12:29 - 2017-01-26 17:00 - 000000000 ____D C:\Users\Ivana\Documents\ČERTOVINA POHÁDKA
2018-07-30 12:11 - 2016-08-22 19:29 - 000000000 ____D C:\Users\Ivana\Documents\HERCI ZASTUPOVÁNÍ
2018-07-30 11:08 - 2016-08-22 19:30 - 000000000 ____D C:\Users\Ivana\Documents\MOJE FOTO
2018-07-29 14:24 - 2018-05-25 00:03 - 001601516 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-29 14:24 - 2018-04-12 17:51 - 000681858 _____ C:\WINDOWS\system32\perfh005.dat
2018-07-29 14:24 - 2018-04-12 17:51 - 000136754 _____ C:\WINDOWS\system32\perfc005.dat
2018-07-29 14:17 - 2018-05-25 00:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-29 14:17 - 2017-05-30 01:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-29 14:17 - 2016-08-22 17:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-29 14:16 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-29 14:10 - 2017-12-31 13:03 - 000000000 ____D C:\Users\Ivana\AppData\Local\ElevatedDiagnostics
2018-07-29 14:02 - 2016-08-22 17:54 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-26 16:44 - 2018-07-06 19:58 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-07-26 13:47 - 2018-05-25 00:11 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1792014199-4145456807-672966040-1001
2018-07-26 13:47 - 2018-05-24 23:51 - 000002387 _____ C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-26 13:47 - 2016-08-22 12:26 - 000000000 ___RD C:\Users\Ivana\OneDrive
2018-07-19 16:07 - 2018-02-05 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-07-19 16:07 - 2016-08-22 18:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-18 12:34 - 2017-05-17 09:54 - 000000000 ____D C:\Users\Ivana\Documents\DOKONALÁ ŽENSKÁ
2018-07-17 13:24 - 2016-11-16 16:54 - 000671206 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2018-07-17 13:23 - 2016-08-22 12:59 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-24 23:46

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-10.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-12-2018
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 19
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\Temp\reimage.log
Deleted C:\Users\Ivana\AppData\Local\Temp\reimage.log
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Reimage
Deleted HKLM\Software\Reimage
Deleted HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2973 octets] - [12/08/2018 13:13:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Ivana (administrator) on DESKTOP-CPUQIHL (12-08-2018 15:50:29)
Running from C:\Users\Ivana\Desktop
Loaded Profiles: Ivana (Available Profiles: Ivana)
Platform: Windows 10 Pro Version 1803 17134.165 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.165_none_eaf410441d6d7311\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [137464 2018-07-02] (Intel)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1792014199-4145456807-672966040-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18534016 2018-07-20] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{02483b34-26a8-44a8-8c28-3e6249cda0b4}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{14ca1b2e-0e83-45d8-8e01-3faa303f359f}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{85e240c2-b712-46a0-b2e1-a8a7c1781c47}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1792014199-4145456807-672966040-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-19] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-19] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 9mjdcly9.default
FF ProfilePath: C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\9mjdcly9.default [2018-08-12]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-19] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522928 2018-06-30] (Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-07-02] (Intel)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71408 2018-05-16] (Lenovo Group Limited)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-07-13] (Lenovo.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23880 2018-03-26] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-04-21] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-01] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Huawei; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R1 MpKsl17fc6f56; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A180D457-7146-4DFC-A73C-40F98099CD54}\MpKsl17fc6f56.sys [58120 2018-08-12] (Microsoft Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8213328 2018-01-31] (Realtek Semiconductor Corporation )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-07] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46584 2018-08-01] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-08-01] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-01] (Microsoft Corporation)
U4 ESRV_SVC_WILLAMETTE; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-12 15:50 - 2018-08-12 15:51 - 000011302 _____ C:\Users\Ivana\Desktop\FRST.txt
2018-08-12 15:49 - 2018-08-12 15:50 - 002412544 _____ (Farbar) C:\Users\Ivana\Desktop\FRST64.exe
2018-08-12 13:13 - 2018-08-12 13:14 - 000000000 ____D C:\AdwCleaner
2018-08-12 13:11 - 2018-08-12 13:12 - 007417040 _____ (Malwarebytes) C:\Users\Ivana\Downloads\adwcleaner_7.2.2.exe
2018-08-12 11:57 - 2018-08-12 11:57 - 000000000 ____D C:\Users\Ivana\AppData\Local\D3DSCache
2018-08-12 11:51 - 2018-08-12 11:51 - 000000000 ____D C:\Users\Ivana\AppData\Roaming\WinRAR
2018-08-12 11:51 - 2018-08-12 11:51 - 000000000 ____D C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-08-12 11:51 - 2018-08-12 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-08-12 11:51 - 2018-08-12 11:51 - 000000000 ____D C:\Program Files (x86)\WinRAR
2018-08-12 11:47 - 2018-08-12 11:49 - 000032636 _____ C:\Users\Ivana\Downloads\Addition.txt
2018-08-12 11:45 - 2018-08-12 11:49 - 000020014 _____ C:\Users\Ivana\Downloads\FRST.txt
2018-08-12 11:44 - 2018-08-12 15:50 - 000000000 ____D C:\FRST
2018-08-10 14:52 - 2018-08-10 14:59 - 000014582 _____ C:\Users\Ivana\Desktop\10.8. 18 Predpremiery_Po cem muzi - IVANA.xlsx
2018-07-30 11:35 - 2018-07-30 15:18 - 000000000 ____D C:\Users\Ivana\Documents\DOKUMENT KUNDERA
2018-07-29 14:14 - 2018-08-12 14:15 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-07-29 14:14 - 2018-07-29 14:14 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-07-29 14:14 - 2018-07-29 14:14 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-07-29 14:14 - 2018-07-29 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-07-29 14:14 - 2018-07-29 14:14 - 000000000 ____D C:\Program Files\CCleaner
2018-07-29 14:13 - 2018-08-12 13:15 - 000000000 ____D C:\Program Files\Google
2018-07-29 14:12 - 2018-08-12 13:15 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-29 14:12 - 2018-07-29 14:35 - 000000000 ____D C:\Users\Ivana\AppData\Local\Google
2018-07-17 13:37 - 2018-07-17 13:37 - 000017566 _____ C:\Users\Ivana\Desktop\1 Václav Postránecký 5cyklus ze dne 17.7..pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-12 15:47 - 2018-05-24 23:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-12 13:26 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-12 13:23 - 2017-10-26 22:24 - 000000000 ____D C:\Users\Ivana\AppData\LocalLow\Mozilla
2018-08-12 13:21 - 2018-05-25 00:03 - 001601516 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-12 13:21 - 2018-04-12 17:51 - 000681858 _____ C:\WINDOWS\system32\perfh005.dat
2018-08-12 13:21 - 2018-04-12 17:51 - 000136754 _____ C:\WINDOWS\system32\perfc005.dat
2018-08-12 13:21 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-12 13:17 - 2018-03-23 13:41 - 000002270 _____ C:\Users\Ivana\Desktop\VÁCLAV POSTRÁNECKÝ 2018 – zástupce.lnk
2018-08-12 13:17 - 2018-03-23 13:40 - 000002136 _____ C:\Users\Ivana\Desktop\POLÍVKOVÁ 2018 – zástupce.lnk
2018-08-12 13:17 - 2018-03-23 13:39 - 000002241 _____ C:\Users\Ivana\Desktop\VERONIKA GAJEROVÁ 2018 – zástupce.lnk
2018-08-12 13:17 - 2018-02-05 12:16 - 000002541 _____ C:\Users\Ivana\Desktop\Word 2016.lnk
2018-08-12 13:17 - 2018-02-05 12:16 - 000002518 _____ C:\Users\Ivana\Desktop\PowerPoint 2016.lnk
2018-08-12 13:17 - 2018-02-05 12:16 - 000002513 _____ C:\Users\Ivana\Desktop\Excel 2016.lnk
2018-08-12 13:17 - 2018-02-05 12:16 - 000002439 _____ C:\Users\Ivana\Desktop\Outlook 2016.lnk
2018-08-12 13:17 - 2018-01-05 01:47 - 000002169 _____ C:\Users\Ivana\Desktop\SANDEVA SARA 2018 – zástupce.lnk
2018-08-12 13:17 - 2018-01-02 17:12 - 000002182 _____ C:\Users\Ivana\Desktop\BOUDOVÁ NELA 2018 – zástupce.lnk
2018-08-12 13:17 - 2016-08-23 12:29 - 000001452 _____ C:\Users\Ivana\Desktop\HERCI ZASTUPOVÁNÍ.lnk
2018-08-12 13:17 - 2016-08-22 17:38 - 000001283 _____ C:\Users\Ivana\Desktop\Internet Explorer.lnk
2018-08-12 13:16 - 2018-05-24 23:46 - 000411832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-12 13:15 - 2018-05-25 00:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-12 13:15 - 2017-05-30 01:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-12 13:15 - 2016-08-22 17:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-12 13:14 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-12 13:10 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-12 13:10 - 2016-08-22 17:54 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-12 11:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-12 11:55 - 2016-08-22 17:38 - 000000000 ____D C:\Users\Ivana\AppData\Local\ClassicShell
2018-08-10 15:24 - 2017-12-26 22:05 - 000000000 ____D C:\Users\Ivana\AppData\Local\Packages
2018-08-08 08:38 - 2018-07-06 20:02 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-08-01 13:14 - 2018-02-18 00:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-07-31 12:01 - 2016-08-22 19:29 - 000000000 ____D C:\Users\Ivana\Documents\CASTING FOTKY VÝBĚR
2018-07-30 12:29 - 2017-01-26 17:00 - 000000000 ____D C:\Users\Ivana\Documents\ČERTOVINA POHÁDKA
2018-07-30 12:11 - 2016-08-22 19:29 - 000000000 ____D C:\Users\Ivana\Documents\HERCI ZASTUPOVÁNÍ
2018-07-30 11:08 - 2016-08-22 19:30 - 000000000 ____D C:\Users\Ivana\Documents\MOJE FOTO
2018-07-29 14:10 - 2017-12-31 13:03 - 000000000 ____D C:\Users\Ivana\AppData\Local\ElevatedDiagnostics
2018-07-26 16:44 - 2018-07-06 19:58 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-07-26 13:47 - 2018-05-25 00:11 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1792014199-4145456807-672966040-1001
2018-07-26 13:47 - 2018-05-24 23:51 - 000002387 _____ C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-26 13:47 - 2016-08-22 12:26 - 000000000 ___RD C:\Users\Ivana\OneDrive
2018-07-19 16:07 - 2018-02-05 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-07-19 16:07 - 2016-08-22 18:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-18 12:34 - 2017-05-17 09:54 - 000000000 ____D C:\Users\Ivana\Documents\DOKONALÁ ŽENSKÁ
2018-07-17 13:24 - 2016-11-16 16:54 - 000671206 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2018-07-17 13:23 - 2016-08-22 12:59 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-24 23:46

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
U4 ESRV_SVC_WILLAMETTE; no ImagePath
Task: {88899924-FB00-4F88-812A-0E51A35DBEF5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Ivana (12-08-2018 17:31:11) Run:1
Running from C:\Users\Ivana\Desktop
Loaded Profiles: Ivana (Available Profiles: Ivana)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
U4 ESRV_SVC_WILLAMETTE; no ImagePath
Task: {88899924-FB00-4F88-812A-0E51A35DBEF5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\System\CurrentControlSet\Services\ESRV_SVC_WILLAMETTE" => removed successfully
ESRV_SVC_WILLAMETTE => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88899924-FB00-4F88-812A-0E51A35DBEF5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88899924-FB00-4F88-812A-0E51A35DBEF5}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 131783242 B
Java, Flash, Steam htmlcache => 21715 B
Windows/system/drivers => 1869864 B
Edge => 17751362 B
Chrome => 0 B
Firefox => 391947035 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 79448 B
NetworkService => 0 B
Ivana => 230021298 B

RecycleBin => 10650058206 B
EmptyTemp: => 10.6 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 17:34:26 ====

Smazáno. Nastala nějaká změna?

Místo Windows Update tu je nějaká aplikace WindowsUpdateElevatedInstaller, a také se nedostanu ani do nastavení počítače, k připojení k Wifi ani do Windows Defender

Zkuste tento návod přímo od MS: https://translate.google.com/translate? ... rev=search .

Napíše mi to chybovou hlášku a "Neznámé rozhraní"

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 12.08.18
Čas skenování: 19:09
Logovací soubor: 710388e6-9e52-11e8-be35-e89a8fd83e7f.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.391
Aktualizovat verzi balíku komponent: 1.0.6265
Licence: Bezplatný

-Systémová informace-
OS: Windows 10 (Build 17134.165)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-CPUQIHL\Ivana

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 358828
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 hod, 33 min, 40 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Log je OK, malware váš problém nezpůsobuje. Zkuste obnovu systému k datu, kdy korektně fungoval.

Super, děkuji moc za pomoc

VIRY.CZ

Divné chování notebooku, děkuji

Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji

Re: Divné chování notebooku, děkuji