VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV atd

https://forum.viry.cz:443/viewtopic.php?t=155222

Stránka 1 z 2

odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV atd

Napsal: 27 lis 2018 23:44
od KRAKEN
FRST.rar
(23.51 KiB) Staženo 105 x
Dobrý den, prosím o kontrolu. logu. popis problemu- infikace ransomwarem s priponou Infowaitt, ten mi zasifroval pul pc, komplet preinstal windows z lenovo recovery partu. po odinstalu vlozenych win live essentials po prihlaseni do uctu hlaska server rpc nenalezen, tlacitko restart-vypnout out of order, safe mod to samý,znama posledni konfigurace- hned pri nabíhaní win loga bluescreen a restart.zachranil to bod obnovy z recovery tool,kde to heslo vzalo-chtelo a nasledne jsem si vybral bod pred odinstalem.Dale nejde zadny Av poradne, avast nejde v nouzáku, spyware terminator se jednou spusti, podruhy ne- stit vubec nejde, malwarebytes mi nesel ani jeden stit s tim, ze jen ve verzi premium a psalo mi neznamou verzi,po tydnu najednou stity dou a mam premium verzi, jako admin nemuzu ani obcas vysypat kos-to chce opravneni spravce, jak dam cancel, tak to stejne zmizí, mohl bych pokracovat... dekuji za pomoc ci info, s pozdravem---------------------------------------------- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by KRAK-HEAD (27-11-2018 23:05:06)
Running from C:\Users\KRAK-HEAD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-11-19 09:40:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-363647782-2280047221-3034038998-500 - Administrator - Disabled)
Guest (S-1-5-21-363647782-2280047221-3034038998-501 - Limited - Disabled)
KRAK-HEAD (S-1-5-21-363647782-2280047221-3034038998-1000 - Administrator - Enabled) => C:\Users\KRAK-HEAD

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Movavi Video Editor 12 (HKLM-x32\...\Movavi Video Editor 12) (Version: 12.1.0 - Movavi)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SMPlayer 18.10.0 (x64) (HKLM\...\SMPlayer) (Version: 18.10.0 - Ricardo Villalba)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.18.0 - SRS Labs, Inc.)
Total Uninstall 6.26.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.26.0 - Gavrila Martau)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xilisoft 3D Video Converter (HKU\S-1-5-21-363647782-2280047221-3034038998-1000\...\Xilisoft 3D Video Converter) (Version: 1.1.0.20170209 - Xilisoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043B3089-E85F-4BDA-8403-38F8C73C5AC7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-24] (Adobe Systems Incorporated)
Task: {6ADD0426-2C63-45C5-829B-DDE5027B164D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-27] (Piriform Ltd)
Task: {A9F91F83-6370-49F1-BA6B-737DBED66D6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {BA64886B-D4DC-4B3A-BA09-93618DCD8D85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-22] (AVAST Software)
Task: {C9654651-8AA3-49CD-89B6-62E0FED8FBBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {CAAC9BD3-549A-4215-9A04-C9CC69744FDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {D3A1E54D-3E72-4E0F-86A0-4CBA0DFAB968} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-27] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-11-02 13:58 - 2010-11-02 13:58 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-11-11 11:42 - 2010-11-11 11:42 - 000202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-11-11 11:44 - 2010-11-11 11:44 - 000156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-11-19 11:20 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-01-17 03:15 - 2010-12-16 09:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2014-08-14 12:28 - 2014-08-14 12:28 - 000100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2018-11-22 03:24 - 2018-11-22 03:24 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-27 20:24 - 2018-11-27 20:24 - 005735568 _____ () C:\Program Files\AVAST Software\Avast\defs\18112704\algo.dll
2010-11-11 11:38 - 2010-11-11 11:38 - 000161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-11-11 11:39 - 2010-11-11 11:39 - 000133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2018-11-22 03:25 - 2018-11-22 03:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KRAK-HEAD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1B5C7093-E49C-44B6-8185-910C2B443C75}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E0E18559-023B-47C6-8131-449F38CE7C0C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{DF9AB144-1CD5-4755-9342-44A0CF505CF1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64F38B5C-F0BA-4810-92A9-C90F46CABD3C}] => (Allow) LPort=2869
FirewallRules: [{94B5E4C8-0209-493A-95A3-A4B11700B8A1}] => (Allow) LPort=1900
FirewallRules: [{EEE068B0-B789-48CC-B8BC-96848D6E30CE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A068D29-985F-4C54-8E29-37AE1F767066}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{005D0EBE-F264-4A43-8EE3-001A575CB760}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2570A338-4911-4F3E-9FD2-4F4D08CDEB10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1588CB3E-9394-4949-9851-C3711F65807E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{14BDF287-D25C-460F-A040-BCF39C58ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DDE32AD9-05FE-4C9B-9A85-03F5415E7153}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{83181794-4C45-4AEC-8A45-4FDE6C9C0CEF}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{10DC1DFD-43E7-4D9E-BF03-B777BA593F91}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D69118BF-9F58-4848-8122-ADD8C6A2844E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5B83AE2A-8775-4217-8189-F29AEC3D1E66}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D3192FF2-111D-4B20-BB0A-C707249013DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6F1B6AB4-4293-4215-9DA1-B0E2AF9A029E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

24-11-2018 01:42:45 Odinstalovat s Total Uninstall "hhh"
25-11-2018 13:27:24 Konfigurováno PowerDVD
25-11-2018 20:07:05 Removed Onekey Theater
26-11-2018 01:51:54 Odinstalovat s Total Uninstall "vlc"
27-11-2018 16:50:33 Instalační služba modulů systému Windows
27-11-2018 16:56:10 Odebráno: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
27-11-2018 16:56:29 Odebráno: Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
27-11-2018 17:16:55 Odinstalovat s Total Uninstall "Power2Go"
27-11-2018 17:25:28 Odinstalovat s Total Uninstall "Microsoft Silverlight / Windows Live Remote Service / Windows Live ID Sign-in Assistant"
27-11-2018 17:27:22 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:27:31 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:27:59 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:28:09 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:29:55 Odinstalovat s Total Uninstall "Intel(R) Rapid Storage Technology"
27-11-2018 17:31:04 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:31:18 Odebráno: Windows Live Mesh ActiveX Control for Remote Connections
27-11-2018 17:34:45 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:35:28 Odinstalovat s Total Uninstall "Windows Live Essentials / D3DX10 / Junk Mail filter update / Mesh Runtime / Microsoft Applicatio
27-11-2018 17:36:07 Windows Live Essentials
27-11-2018 17:36:23 WLSetup

==================== Faulty Device Manager Devices =============

Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) WiFi Link 1000 BGN
Description: Intel(R) WiFi Link 1000 BGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/27/2018 05:40:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.

Error: (11/27/2018 05:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:36:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:31:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:31:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:11:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.


System errors:
=============
Error: (11/27/2018 06:43:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CryptSvc bylo dosaženo časového limitu (30000 ms).

Error: (11/27/2018 03:35:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/27/2018 03:35:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (11/27/2018 08:48:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:46:23, ‎27.‎11.‎2018) bylo neočekávané.

Error: (11/25/2018 06:09:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/25/2018 06:09:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (11/25/2018 06:07:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Napájení ukončena s chybou Operace byla dokončena úspěšně.
, specifickou pro službu.

Error: (11/25/2018 06:07:50 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 12291) (User: NT AUTHORITY)
Description: Službě SAM se nepodařilo spustit podproces naslouchání protokolu TCP/IP nebo SPX/IPX.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 37%
Total physical RAM: 8106.14 MB
Available physical RAM: 5043.46 MB
Total Virtual: 16210.46 MB
Available Virtual: 13284.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:654.69 GB) (Free:468.54 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.85 GB) NTFS

\\?\Volume{91c05cc6-23a0-11e4-873e-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 3CCC24D0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.7 GB) - (Type=12)

==================== End of Addition.txt ============================

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 27 lis 2018 23:55
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 28 lis 2018 00:09
od KRAKEN
# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-14.2 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-28-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\KRAK-HEAD\AppData\Local\slimware utilities inc

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [5589 octets] - [28/11/2018 00:00:16]
AdwCleaner[S00].txt - [1460 octets] - [28/11/2018 00:01:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 28 lis 2018 12:11
od Conder
:arrow: Poprosim o obidva nove logy z FRST.

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 28 lis 2018 13:25
od KRAKEN
FRST.rar
(23.36 KiB) Staženo 109 x
Ahoj, díky a tady jsou ty logy.-----------------------------------Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by KRAK-HEAD (28-11-2018 13:16:08)
Running from C:\Users\KRAK-HEAD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-11-19 09:40:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-363647782-2280047221-3034038998-500 - Administrator - Disabled)
Guest (S-1-5-21-363647782-2280047221-3034038998-501 - Limited - Disabled)
KRAK-HEAD (S-1-5-21-363647782-2280047221-3034038998-1000 - Administrator - Enabled) => C:\Users\KRAK-HEAD

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Movavi Video Editor 12 (HKLM-x32\...\Movavi Video Editor 12) (Version: 12.1.0 - Movavi)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SMPlayer 18.10.0 (x64) (HKLM\...\SMPlayer) (Version: 18.10.0 - Ricardo Villalba)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.18.0 - SRS Labs, Inc.)
Total Uninstall 6.26.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.26.0 - Gavrila Martau)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xilisoft 3D Video Converter (HKU\S-1-5-21-363647782-2280047221-3034038998-1000\...\Xilisoft 3D Video Converter) (Version: 1.1.0.20170209 - Xilisoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043B3089-E85F-4BDA-8403-38F8C73C5AC7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-24] (Adobe Systems Incorporated)
Task: {6ADD0426-2C63-45C5-829B-DDE5027B164D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-27] (Piriform Ltd)
Task: {A9F91F83-6370-49F1-BA6B-737DBED66D6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {BA64886B-D4DC-4B3A-BA09-93618DCD8D85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-22] (AVAST Software)
Task: {C9654651-8AA3-49CD-89B6-62E0FED8FBBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {CAAC9BD3-549A-4215-9A04-C9CC69744FDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {D3A1E54D-3E72-4E0F-86A0-4CBA0DFAB968} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-27] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-11-02 13:58 - 2010-11-02 13:58 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2010-11-11 11:42 - 2010-11-11 11:42 - 000202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-11-11 11:44 - 2010-11-11 11:44 - 000156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-11-19 11:20 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-01-17 03:15 - 2010-12-16 09:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2014-08-14 12:28 - 2014-08-14 12:28 - 000100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-09-28 23:19 - 2018-11-27 20:46 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-11-28 13:10 - 2018-11-28 13:10 - 005735568 _____ () C:\Program Files\AVAST Software\Avast\defs\18112804\algo.dll
2010-11-11 11:38 - 2010-11-11 11:38 - 000161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-11-11 11:39 - 2010-11-11 11:39 - 000133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2018-11-22 03:25 - 2018-11-22 03:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KRAK-HEAD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1B5C7093-E49C-44B6-8185-910C2B443C75}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E0E18559-023B-47C6-8131-449F38CE7C0C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{DF9AB144-1CD5-4755-9342-44A0CF505CF1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64F38B5C-F0BA-4810-92A9-C90F46CABD3C}] => (Allow) LPort=2869
FirewallRules: [{94B5E4C8-0209-493A-95A3-A4B11700B8A1}] => (Allow) LPort=1900
FirewallRules: [{EEE068B0-B789-48CC-B8BC-96848D6E30CE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A068D29-985F-4C54-8E29-37AE1F767066}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{005D0EBE-F264-4A43-8EE3-001A575CB760}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2570A338-4911-4F3E-9FD2-4F4D08CDEB10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1588CB3E-9394-4949-9851-C3711F65807E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{14BDF287-D25C-460F-A040-BCF39C58ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DDE32AD9-05FE-4C9B-9A85-03F5415E7153}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{83181794-4C45-4AEC-8A45-4FDE6C9C0CEF}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{10DC1DFD-43E7-4D9E-BF03-B777BA593F91}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D69118BF-9F58-4848-8122-ADD8C6A2844E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5B83AE2A-8775-4217-8189-F29AEC3D1E66}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D3192FF2-111D-4B20-BB0A-C707249013DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6F1B6AB4-4293-4215-9DA1-B0E2AF9A029E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

24-11-2018 01:42:45 Odinstalovat s Total Uninstall "hhh"
25-11-2018 13:27:24 Konfigurováno PowerDVD
25-11-2018 20:07:05 Removed Onekey Theater
26-11-2018 01:51:54 Odinstalovat s Total Uninstall "vlc"
27-11-2018 16:50:33 Instalační služba modulů systému Windows
27-11-2018 16:56:10 Odebráno: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
27-11-2018 16:56:29 Odebráno: Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
27-11-2018 17:16:55 Odinstalovat s Total Uninstall "Power2Go"
27-11-2018 17:25:28 Odinstalovat s Total Uninstall "Microsoft Silverlight / Windows Live Remote Service / Windows Live ID Sign-in Assistant"
27-11-2018 17:27:22 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:27:31 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:27:59 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:28:09 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:29:55 Odinstalovat s Total Uninstall "Intel(R) Rapid Storage Technology"
27-11-2018 17:31:04 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:31:18 Odebráno: Windows Live Mesh ActiveX Control for Remote Connections
27-11-2018 17:34:45 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:35:28 Odinstalovat s Total Uninstall "Windows Live Essentials / D3DX10 / Junk Mail filter update / Mesh Runtime / Microsoft Applicatio
27-11-2018 17:36:07 Windows Live Essentials
27-11-2018 17:36:23 WLSetup

==================== Faulty Device Manager Devices =============

Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) WiFi Link 1000 BGN
Description: Intel(R) WiFi Link 1000 BGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/27/2018 05:40:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.

Error: (11/27/2018 05:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:36:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:31:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:31:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:11:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.


System errors:
=============
Error: (11/28/2018 12:55:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (2:54:46, ‎28.‎11.‎2018) bylo neočekávané.

Error: (11/28/2018 12:04:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WPDBusEnum bylo dosaženo časového limitu (30000 ms).

Error: (11/28/2018 12:04:02 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby SysMain bylo dosaženo časového limitu (30000 ms).

Error: (11/28/2018 12:02:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Live ID Sign-in Assistant neuspěla při spuštění v důsledku následující chyby:
Přesměrování bylo ukončeno.

Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/28/2018 12:02:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 30%
Total physical RAM: 8106.14 MB
Available physical RAM: 5660.37 MB
Total Virtual: 16210.46 MB
Available Virtual: 13849.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:654.69 GB) (Free:467.02 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.85 GB) NTFS

\\?\Volume{91c05cc6-23a0-11e4-873e-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 3CCC24D0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.7 GB) - (Type=12)

==================== End of Addition.txt ============================

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 28 lis 2018 23:29
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\791a98816d22a12ec581

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
U1 aswbdisk; no ImagePath
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
U2 CLKMSVC10_3A60B698; no ImagePath
U2 CLKMSVC10_C3B3B687; no ImagePath
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService; no ImagePath
U2 IAStorDataMgrSvc; no ImagePath
U2 idealife Update Service; no ImagePath
U3 IGRS; no ImagePath
U2 IviRegMgr; no ImagePath
U2 nvUpdatusService; no ImagePath
U2 Oasis2Service; no ImagePath
U2 PCCarerServic; no ImagePath
U2 ReadyComm.DirectRouter; no ImagePath
U2 RichVideo; no ImagePath
U2 SoftwareService; no ImagePath
U2 Stereo Service; no ImagePath
2018-11-22 03:15 - 2018-11-22 03:15 - 000000016 _____ C:\ProgramData\mntemp
2018-11-19 11:50 - 2018-11-19 11:55 - 000000000 ____D C:\791a98816d22a12ec581

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 29 lis 2018 06:33
od KRAKEN
screen-shot-11-29-18-at-05-30-.png
screen-shot-11-29-18-at-05-30-.png (164.95 KiB) Zobrazeno 1978 x
zDRAVIM, PAR SLOV JEN-PODLE NAVODU Z TOHO NOTEPADU TO NESLO ULOZIT NA PLOCHU, UVIDITE NA SCRENNSHOTU, PO ROZKLIKU PLOCHY TO NENI ASI VUBEC PLOCHA, KAM BYCH TO MEL ULOZIT-JEN NEJAKE SYSTEMOVE SLOZKY. UKLADAT MUZU JEN S TOU PRIPONOU-HVEZDICKOU,COZ JE ASI VIR NEBO CHYBA, NEHLEDE NA TO, ZE PO TOM ULOZENI VIZ NAVOD SEM TO NA PLOSE NENASEL-ANI NA VEREJNY,VYTVORIL SEM TEDA NA PLOSE NORMALNE TEXTOVEJ DOKUMENT, SNAD SEM NEUDELAL NECO SPATNE, ALE TOHLE JE JEDEN Z PROBLEMU.DALE PAK PO RESTARTU TO HNED CHTELO HESLO SPRAVCE PRO FRST-SNAD OK,DIKY-----------------------Fix result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by KRAK-HEAD (29-11-2018 05:36:19) Run:1
Running from C:\Users\KRAK-HEAD\Desktop
Loaded Profiles: KRAK-HEAD (Available Profiles: KRAK-HEAD)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\791a98816d22a12ec581

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
U1 aswbdisk; no ImagePath
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
U2 CLKMSVC10_3A60B698; no ImagePath
U2 CLKMSVC10_C3B3B687; no ImagePath
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService; no ImagePath
U2 IAStorDataMgrSvc; no ImagePath
U2 idealife Update Service; no ImagePath
U3 IGRS; no ImagePath
U2 IviRegMgr; no ImagePath
U2 nvUpdatusService; no ImagePath
U2 Oasis2Service; no ImagePath
U2 PCCarerServic; no ImagePath
U2 ReadyComm.DirectRouter; no ImagePath
U2 RichVideo; no ImagePath
U2 SoftwareService; no ImagePath
U2 Stereo Service; no ImagePath
2018-11-22 03:15 - 2018-11-22 03:15 - 000000016 _____ C:\ProgramData\mntemp
2018-11-19 11:50 - 2018-11-19 11:55 - 000000000 ____D C:\791a98816d22a12ec581

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 10
Average :
Sum : 9772776
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= Folder: C:\791a98816d22a12ec581 ========================

2018-11-19 11:50 - 2018-11-19 11:55 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c
2018-11-19 11:50 - 2018-11-19 11:55 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lt-lt
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lt-lt\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lv-lv
2018-11-19 11:50 - 2018-11-19 11:50 - 000008213 ____A [3D69ACB861B4B5EE5A51F53511E4A46F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lv-lv\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\lv-lv\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nb-no
2018-11-19 11:50 - 2018-11-19 11:50 - 000008057 ____A [907ABAD952F588FD8EDA8A3030B2BB84] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nb-no\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nb-no\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nl-nl
2018-11-19 11:50 - 2018-11-19 11:50 - 000008353 ____A [3993F3E68ED66A8AC36BEA2CD685F22C] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nl-nl\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017991 ____A [510C85E3080FFF63A95972A72A950026] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\nl-nl\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pl-pl
2018-11-19 11:50 - 2018-11-19 11:50 - 000008886 ____A [96C11BE47ABF472591C05D95086811F1] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pl-pl\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000018368 ____A [3C7EF585ECC71912743BBE60D55DA0CD] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pl-pl\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-br
2018-11-19 11:50 - 2018-11-19 11:50 - 000008228 ____A [FD22F3F2948177A475560C5028A451F8] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-br\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017744 ____A [C1EAC28F978D831F54CA3B0EDA08D133] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-br\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-pt
2018-11-19 11:50 - 2018-11-19 11:50 - 000008508 ____A [3D628C9D2CD5BAEEAC62D6A283360C44] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-pt\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000018233 ____A [4EC05E9AFE4BBDFC538548A1ADB40666] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\pt-pt\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ro-ro
2018-11-19 11:50 - 2018-11-19 11:50 - 000008329 ____A [D1F92FB26ED97978DA73B1A3410BA169] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ro-ro\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ro-ro\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ru-ru
2018-11-19 11:50 - 2018-11-19 11:50 - 000008403 ____A [95AF4816A32ED4ED180074DA582CD3D5] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ru-ru\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017780 ____A [4EC28CBC1D3BA3BF96A8737C633EE2EE] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\ru-ru\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sk-sk
2018-11-19 11:50 - 2018-11-19 11:50 - 000008420 ____A [E554FF0D270C75F52A7FE13B80420419] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sk-sk\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sk-sk\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sl-si
2018-11-19 11:50 - 2018-11-19 11:50 - 000008415 ____A [701B06587D5D2364C5DF894F002376C3] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sl-si\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sl-si\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sr-latn-cs
2018-11-19 11:50 - 2018-11-19 11:50 - 000008364 ____A [7A4EDBF4234EFA629B3774468EF9FA94] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sr-latn-cs\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sr-latn-cs\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sv-se
2018-11-19 11:50 - 2018-11-19 11:50 - 000008195 ____A [4C83A15AADF09DA88B163659C6CEF60B] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sv-se\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017752 ____A [907379578C028CDFC857F354BC68AD10] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\sv-se\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\th-th
2018-11-19 11:50 - 2018-11-19 11:50 - 000007734 ____A [37BD51DEE034F3FDD49506DA451C36F2] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\th-th\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\th-th\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\tr-tr
2018-11-19 11:50 - 2018-11-19 11:50 - 000007984 ____A [EDE6335EBE230E248B09CC7C072B4D7C] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\tr-tr\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000017538 ____A [A5E99768FBB83112F7FC247767FF18B6] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\tr-tr\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\uk-ua
2018-11-19 11:50 - 2018-11-19 11:50 - 000008636 ____A [E38CFD3A683C476EC42733BDD7D2C34C] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\uk-ua\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000004751 ____A [89AAD19BA2304D0518D29DD2C4FC348F] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\uk-ua\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-cn
2018-11-19 11:50 - 2018-11-19 11:50 - 000006514 ____A [D77E5149B8A6C90E81024B0B9D357C99] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-cn\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000015978 ____A [1F835A0C7D33B049A201BF11883EA1D1] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-cn\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-hk
2018-11-19 11:50 - 2018-11-19 11:50 - 000006452 ____A [30A14BEDB27F784E164470769358B215] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-hk\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000016040 ____A [45D23AF64E9F710A787C8F33EB1044EA] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-hk\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-tw
2018-11-19 11:50 - 2018-11-19 11:50 - 000006452 ____A [30A14BEDB27F784E164470769358B215] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-tw\readmesp_client.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000016040 ____A [45D23AF64E9F710A787C8F33EB1044EA] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\readme\zh-tw\readmesp_server.htm
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [5588748C0B4C69CEF4FECF45245373C8] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [02661578EE1429FB655A4EA022F65942] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005632 ____A [D08CF5B462E24943D7A59C10DA284FD4] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [EF964A74AA39977A3344EC3082760247] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ro-ro\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru
2018-11-19 11:50 - 2018-11-19 11:50 - 000321536 ____A [F99E3F90A11BBF9B78CB47E0DB7F0ECA] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [65625DE6164B193E3BCED49F38FC5E1F] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [659D7AFB87730741284E4FBE693289E8] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [FE937E21C62EAA764C24D417D9953D9B] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\ru-ru\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [F0FEB07D5E303B05C2458C9260A27B90] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [B9E6F26B23305ED35FE54E4C36039DFB] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [5843ED096A6A0166CB39B3D240384ECA] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [A4550AAA3606699E83373EF3ECEA6D38] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sk-sk\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [6E20C43C57D635004023C4F1C219EBD1] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [E54DFBBC63FEE62B803A558F7B72B0D2] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [FC1B5EFBCAE7D0EEB03B178C43C8217A] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000022016 ____A [9C26F6B567BCA7190BCB2579CAD54B1E] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sl-si\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [5CC6F6C17A61A97461B836A1A7A51163] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [0141D4C078470F4801FE6D8C8413CF2F] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [F7A160344603C4CD2D06F18F8648BF30] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [01C247CD80A6A5B58D6DB24D7BEB923C] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sr-latn-cs\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se
2018-11-19 11:50 - 2018-11-19 11:50 - 000316928 ____A [EBED628E994B044BBBBFBD69DD1BEF5C] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [419B829B1F8D8B7DC4655AEF097D0B89] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [2B4770B6A01F6955B262BCE1D0118DBC] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000020992 ____A [F96CE95E3EA04EB6E76E0F81AC34E19F] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\sv-se\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [EA4ADF7C1B1952D5A09E6F1568ACF739] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [0561EB958EE362FACD698ECE186B6CAE] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004608 ____A [6FEC6BEAA1462F24A0B2B2A60CB80A14] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000019968 ____A [775757CC081AC4A21DB6B13C29821060] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\th-th\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr
2018-11-19 11:50 - 2018-11-19 11:50 - 000303616 ____A [AB268BBA74DC2526705BB3BEA3BCFDF2] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [54118B207E7FE22A00FF83004C32108E] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [151EF27D7EC8C94A0DBE8149351E9DEA] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000020480 ____A [8B54BC867C045F6E56E6E19549F1463C] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\tr-tr\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua
2018-11-19 11:50 - 2018-11-19 11:50 - 000292352 ____A [41C3B6A9660DF20353FC746A046B8862] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000004096 ____A [303C06C9D1566F4884F5B5DA7FCCC1C1] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000005120 ____A [693C85E7406FF3BE876CC1E745B3DAC2] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000021504 ____A [67F50AB07824810478FE4CD1A6EB952B] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\uk-ua\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn
2018-11-19 11:50 - 2018-11-19 11:50 - 000161280 ____A [C998FC455B195D869AFAB6E9201E850C] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003072 ____A [B9E66F728B95CCD2B6CF515AEBFFBA2F] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003584 ____A [FA8DBACE98DA5639DEA6DAFA25C8F505] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000012288 ____A [96CB46DDA10349F41C2F871CE7FC561E] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-cn\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk
2018-11-19 11:50 - 2018-11-19 11:50 - 000160256 ____A [1E67085E180153A3484EE2A39106FD3E] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003072 ____A [C049D101F549803C2EEC27E7ADAD6B47] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003584 ____A [7EEF1A1C2A96A1EA8D10BC61AEB637E6] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000012800 ____A [E591EAB25649CB0CCFB7EAA1BBD99561] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-hk\spwizui.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000000000 ____D [00000000000000000000000000000000] () C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw
2018-11-19 11:50 - 2018-11-19 11:50 - 000160256 ____A [BF5397FE08C6AE731C963BFA4D88FDC2] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw\acres.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003072 ____A [77D1E9BD4D10C2728934069A88C58043] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw\spcmsg.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000003584 ____A [F68A78E2A30858C03AC972BD0A916F35] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw\sperror.dll.mui
2018-11-19 11:50 - 2018-11-19 11:50 - 000012800 ____A [00EF4BF5CC68205E0F8128F476F4F5DE] (Microsoft Corporation) C:\791a98816d22a12ec581\2f1cdccfff824419ae1c3f0e6f5a3e0c\zh-tw\spwizui.dll.mui

====== End of Folder: ======

HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\btwaudio => removed successfully
btwaudio => service removed successfully
HKLM\System\CurrentControlSet\Services\btwavdt => removed successfully
btwavdt => service removed successfully
HKLM\System\CurrentControlSet\Services\btwl2cap => removed successfully
btwl2cap => service removed successfully
HKLM\System\CurrentControlSet\Services\btwrchid => removed successfully
btwrchid => service removed successfully
HKLM\System\CurrentControlSet\Services\CLKMSVC10_3A60B698 => removed successfully
CLKMSVC10_3A60B698 => service removed successfully
HKLM\System\CurrentControlSet\Services\CLKMSVC10_C3B3B687 => removed successfully
CLKMSVC10_C3B3B687 => service removed successfully
HKLM\System\CurrentControlSet\Services\clwvd => removed successfully
clwvd => service removed successfully
HKLM\System\CurrentControlSet\Services\DriverService => removed successfully
DriverService => service removed successfully
HKLM\System\CurrentControlSet\Services\IAStorDataMgrSvc => removed successfully
IAStorDataMgrSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\idealife Update Service => removed successfully
idealife Update Service => service removed successfully
HKLM\System\CurrentControlSet\Services\IGRS => removed successfully
IGRS => service removed successfully
HKLM\System\CurrentControlSet\Services\IviRegMgr => removed successfully
IviRegMgr => service removed successfully
HKLM\System\CurrentControlSet\Services\nvUpdatusService => removed successfully
nvUpdatusService => service removed successfully
HKLM\System\CurrentControlSet\Services\Oasis2Service => removed successfully
Oasis2Service => service removed successfully
HKLM\System\CurrentControlSet\Services\PCCarerServic => removed successfully
PCCarerServic => service removed successfully
HKLM\System\CurrentControlSet\Services\ReadyComm.DirectRouter => removed successfully
ReadyComm.DirectRouter => service removed successfully
HKLM\System\CurrentControlSet\Services\RichVideo => removed successfully
RichVideo => service removed successfully
HKLM\System\CurrentControlSet\Services\SoftwareService => removed successfully
SoftwareService => service removed successfully
HKLM\System\CurrentControlSet\Services\Stereo Service => removed successfully
Stereo Service => service removed successfully
C:\ProgramData\mntemp => moved successfully
C:\791a98816d22a12ec581 => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10454696 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 3570 B
Edge => 0 B
Chrome => 141646 B
Firefox => 74367614 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 18312 B
systemprofile32 => 692 B
LocalService => 66228 B
NetworkService => 66228 B
KRAK-HEAD => 26507204 B

RecycleBin => 5824 B
EmptyTemp: => 114.5 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-11-2018 05:40:32)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 05:40:32 ====

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 29 lis 2018 13:33
od Conder
:arrow: Ano, aj toto je spravne.

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 29 lis 2018 19:32
od KRAKEN
sfcdetails.rar
(1.81 KiB) Staženo 101 x
THNX 4 INFO, PC SE CHOVA ZDANLIVE NORMALNE-ZCELA STEJNE, NA SPYWARE TERMINATOR SE DA POZOROVAT, ZE NENI. JEDEN PRIKLAD VIDITELNE ZMENY-PRI ZAVIRANI STALE NEFUNKCNIHO RESIDENTNIHO STITU, KTERY NABIHA PRI STARTUPU DOLE Z LISTY WINDOWS UZ TO NECHCE HESLO K DEAKTIVACI, VÍC JSEM NEZAZNAMENAL,DEKUJI ZA POMOC A PRIKLADAM TEN ZZIP.

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 29 lis 2018 22:29
od Conder
:arrow: Spyware Terminator odporucam odinstalovat, je to aj zbytocnost, kedze uz tam je nainstalovany Avast.

:arrow: Nasledne poprosim o nove logy z FRST.

:arrow: Su s PC este nejake ine problemy?

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 29 lis 2018 23:35
od KRAKEN
FRST.rar
(23.08 KiB) Staženo 96 x
Problemy žádné zaznamenané.prikladam logy a dotaz, zda-li mohu uz ted pomocí Adwcleaneru odstranit ty dvě PUP infekce, které mám v karanténě, pokud to tedy pujde, nerad předbíhám, jen abych na to nezapomněl.Děkuji mnohokrát-----------------------------Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by KRAK-HEAD (29-11-2018 23:22:52)
Running from C:\Users\KRAK-HEAD\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-11-19 09:40:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-363647782-2280047221-3034038998-500 - Administrator - Disabled)
Guest (S-1-5-21-363647782-2280047221-3034038998-501 - Limited - Disabled)
KRAK-HEAD (S-1-5-21-363647782-2280047221-3034038998-1000 - Administrator - Enabled) => C:\Users\KRAK-HEAD

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
Gadwin PrintScreen (64-Bit) (HKLM\...\{9D41A5E9-499A-4B98-8F05-CAB1C879E046}) (Version: 5.8.5.0 - Gadwin Systems)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Earth Pro (HKLM\...\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}) (Version: 7.3.2.5495 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Movavi Video Editor 12 (HKLM-x32\...\Movavi Video Editor 12) (Version: 12.1.0 - Movavi)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SMPlayer 18.10.0 (x64) (HKLM\...\SMPlayer) (Version: 18.10.0 - Ricardo Villalba)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.18.0 - SRS Labs, Inc.)
Subtitle Edit 3.5.1 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.5.1.1 - Nikse)
Total Uninstall 6.26.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.26.0 - Gavrila Martau)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xilisoft 3D Video Converter (HKU\S-1-5-21-363647782-2280047221-3034038998-1000\...\Xilisoft 3D Video Converter) (Version: 1.1.0.20170209 - Xilisoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043B3089-E85F-4BDA-8403-38F8C73C5AC7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-24] (Adobe Systems Incorporated)
Task: {6ADD0426-2C63-45C5-829B-DDE5027B164D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-27] (Piriform Ltd)
Task: {A9F91F83-6370-49F1-BA6B-737DBED66D6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {BA64886B-D4DC-4B3A-BA09-93618DCD8D85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-22] (AVAST Software)
Task: {C9654651-8AA3-49CD-89B6-62E0FED8FBBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {CAAC9BD3-549A-4215-9A04-C9CC69744FDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.)
Task: {D3A1E54D-3E72-4E0F-86A0-4CBA0DFAB968} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-27] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-11-02 13:58 - 2010-11-02 13:58 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-11-11 11:42 - 2010-11-11 11:42 - 000202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-11-11 11:44 - 2010-11-11 11:44 - 000156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-11-19 11:20 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2011-01-17 03:15 - 2010-12-16 09:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-14 12:28 - 2014-08-14 12:28 - 000100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2014-08-14 12:31 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-09-28 23:19 - 2018-11-27 20:46 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-29 16:10 - 2018-11-29 16:10 - 005793424 _____ () C:\Program Files\AVAST Software\Avast\defs\18112904\algo.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-22 03:24 - 2018-11-22 03:24 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2010-11-11 11:38 - 2010-11-11 11:38 - 000161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-11-11 11:39 - 2010-11-11 11:39 - 000133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2018-11-22 03:25 - 2018-11-22 03:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-11-29 05:36 - 000000035 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-363647782-2280047221-3034038998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KRAK-HEAD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1B5C7093-E49C-44B6-8185-910C2B443C75}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E0E18559-023B-47C6-8131-449F38CE7C0C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{DF9AB144-1CD5-4755-9342-44A0CF505CF1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64F38B5C-F0BA-4810-92A9-C90F46CABD3C}] => (Allow) LPort=2869
FirewallRules: [{94B5E4C8-0209-493A-95A3-A4B11700B8A1}] => (Allow) LPort=1900
FirewallRules: [{EEE068B0-B789-48CC-B8BC-96848D6E30CE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A068D29-985F-4C54-8E29-37AE1F767066}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{005D0EBE-F264-4A43-8EE3-001A575CB760}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2570A338-4911-4F3E-9FD2-4F4D08CDEB10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1588CB3E-9394-4949-9851-C3711F65807E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{14BDF287-D25C-460F-A040-BCF39C58ACE0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DDE32AD9-05FE-4C9B-9A85-03F5415E7153}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{83181794-4C45-4AEC-8A45-4FDE6C9C0CEF}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{10DC1DFD-43E7-4D9E-BF03-B777BA593F91}C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\krak-head\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D69118BF-9F58-4848-8122-ADD8C6A2844E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5B83AE2A-8775-4217-8189-F29AEC3D1E66}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D3192FF2-111D-4B20-BB0A-C707249013DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6F1B6AB4-4293-4215-9DA1-B0E2AF9A029E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

26-11-2018 01:51:54 Odinstalovat s Total Uninstall "vlc"
27-11-2018 16:50:33 Instalační služba modulů systému Windows
27-11-2018 16:56:10 Odebráno: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
27-11-2018 16:56:29 Odebráno: Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
27-11-2018 17:16:55 Odinstalovat s Total Uninstall "Power2Go"
27-11-2018 17:25:28 Odinstalovat s Total Uninstall "Microsoft Silverlight / Windows Live Remote Service / Windows Live ID Sign-in Assistant"
27-11-2018 17:27:22 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:27:31 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:27:59 Odinstalovat s Total Uninstall "Microsoft SQL Server 2005 Compact Edition [ENU]"
27-11-2018 17:28:09 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
27-11-2018 17:29:55 Odinstalovat s Total Uninstall "Intel(R) Rapid Storage Technology"
27-11-2018 17:31:04 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:31:18 Odebráno: Windows Live Mesh ActiveX Control for Remote Connections
27-11-2018 17:34:45 Odinstalovat s Total Uninstall "Windows Live Mesh ActiveX Control for Remote Connections"
27-11-2018 17:35:28 Odinstalovat s Total Uninstall "Windows Live Essentials / D3DX10 / Junk Mail filter update / Mesh Runtime / Microsoft Applicatio
27-11-2018 17:36:07 Windows Live Essentials
27-11-2018 17:36:23 WLSetup
29-11-2018 03:11:27 Odinstalovat s Total Uninstall "SUBTITLE EDITOR"
29-11-2018 04:14:19 Installed Gadwin PrintScreen (64-Bit)
29-11-2018 05:23:28 Installed Gadwin PrintScreen (64-Bit)
29-11-2018 05:24:15 Installed Gadwin PrintScreen (64-Bit)
29-11-2018 05:36:20 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) WiFi Link 1000 BGN
Description: Intel(R) WiFi Link 1000 BGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/27/2018 05:40:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.

Error: (11/27/2018 05:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:36:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:31:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:31:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Intel AHCI Controller.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/27/2018 05:11:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-363647782-2280047221-3034038998-1000}/>.


System errors:
=============
Error: (11/29/2018 06:56:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/29/2018 06:49:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/29/2018 06:49:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/29/2018 05:36:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/29/2018 05:36:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 29%
Total physical RAM: 8106.14 MB
Available physical RAM: 5706.35 MB
Total Virtual: 16210.46 MB
Available Virtual: 13864 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:654.69 GB) (Free:462.67 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.85 GB) NTFS

\\?\Volume{91c05cc6-23a0-11e4-873e-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 3CCC24D0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.7 GB) - (Type=12)

==================== End of Addition.txt ============================

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 01 pro 2018 01:52
od Conder
:arrow: Ano, to sa moze zmazat hocikedy. Kazdopadne polozky v karantene su uz neskodne a na konci by sme karantenu zmazali pri upratovani po pouzitych nastrojoch.

:arrow: Spusti este tento fixlist:

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\ProgramData\czchsjpj.srw
VirusTotal: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
VirusTotal: C:\ProgramData\agent.1542852426.bdinstall.v2.bin
File: C:\ProgramData\czchsjpj.srw
File: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
File: C:\ProgramData\agent.1542852426.bdinstall.v2.bin

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 01 pro 2018 02:59
od KRAKEN
DĚKUJI A POSÍLÁM LOG--------------------------------------------------------------------------Fix result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by KRAK-HEAD (01-12-2018 02:46:27) Run:2
Running from C:\Users\KRAK-HEAD\Desktop
Loaded Profiles: KRAK-HEAD (Available Profiles: KRAK-HEAD)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\ProgramData\czchsjpj.srw
VirusTotal: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
VirusTotal: C:\ProgramData\agent.1542852426.bdinstall.v2.bin
File: C:\ProgramData\czchsjpj.srw
File: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
File: C:\ProgramData\agent.1542852426.bdinstall.v2.bin

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\ProgramData\czchsjpj.srw => (3) Error
VirusTotal: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin => (3) Error
VirusTotal: C:\ProgramData\agent.1542852426.bdinstall.v2.bin => (3) Error

========================= File: C:\ProgramData\czchsjpj.srw ========================

C:\ProgramData\czchsjpj.srw
File not signed
MD5: 273C64DE251AC5CE7B095E7414A93705
Creation and modification date: 2018-11-22 20:12 - 2018-11-22 20:12
Size: 000005051
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin ========================

C:\ProgramData\agent.uninstall.1542853243.bdinstall.v2.bin
File not signed
MD5: 61AB55B79C635D9C776778B7C522AF90
Creation and modification date: 2018-11-22 03:20 - 2018-11-22 03:20
Size: 000123856
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\ProgramData\agent.1542852426.bdinstall.v2.bin ========================

C:\ProgramData\agent.1542852426.bdinstall.v2.bin
File not signed
MD5: 2D47196BBAF3D133D937177AA0F285D0
Creation and modification date: 2018-11-22 03:07 - 2018-11-22 03:07
Size: 000103892
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MBAMService => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13257302 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 11090 B
Edge => 0 B
Chrome => 141793 B
Firefox => 18029527 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
systemprofile32 => 692 B
LocalService => 66228 B
NetworkService => 0 B
KRAK-HEAD => 1515011 B

RecycleBin => 0 B
EmptyTemp: => 39.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 02:47:13 ====

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 02 pro 2018 04:54
od Conder
:arrow: Vyzera to OK.

:arrow: Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update.

Re: odinstal w-live-essent.-nemoznost prihlaseni,NEFUNKCNÍAV

Napsal: 03 pro 2018 19:04
od KRAKEN
ZDRAVÍM.RÁD BYCH TO S DÍKY UZAVREL-NO PRI TE INSTALACI UPDATU SE VYSKYTLY PROBLEMY,KTERE BYCH RAD POPSAL, JESTLI NEVITE, KDE BY MOHL BYT ZAKOPANY PES.181 UPDATU SE STAHOVALO 4 HODINY-WINDOWS MI BEHEM TOHO SILNE ZAMRZALY,CHVILI JSEM UZ MYSLEL NA TVRDY RESTART.NO V 98 PROCENTECH MI TO PRI PRIPOJENÍ SHODILO UPLNE WINDOWS,TAK TEDY PAK SEM JE ZAPNUL S HLASKOU, ZE WIN NEBYLY UKONCENY SPRAVNE A PRIHLASIL SE. LISTA WINDOWS UPDATE NASLEDNE HLASILA UPDATUJ A ZAHAJILA STAHOVANI JAKOBY ZAS OD ZACATKU-RIKAM TO NE-TAK JSEM TO CHTEL ZASTAVIT A WINDOWS ZCELA ZAMRZLY,POUZIL JSEM TEDY TVRDY RESTART, NACEZ VINDOWS MI SPUSTILI KONTROLU KONZISTENCE DISKU-DAL SEM OK. NASLEDNE NA LISTE UPDATU UZ BYLO INSTALOVAT AKTUALIZACE,COZ JSEM PROVEDL, PO INTALACI TECH UPDATU MI WINDOWS SPADLY ZNOVA,OPET HLASKA NEBYLO UKONCENO NORMALNE, NEKTERE AKTUALIZACE NEBYLO MOZNE NAINSTALOVAT- MELI TO BYT 3, NO ZA CHVILI BEZ PRIPOJENI K NETU UZ TO PSALO POTREBU 9 AKTUALIZACI. K NEKOLIKA Z NICH BYLO NUTNE OPETOVNE PRIPOJENI K NETU-PRESNE K OSMI MYSLIM-VSE JSEM DOINSTALOVAL, jinak vse funguje asi jak má- no z tohohle jsem se prisaham málem zbláznil.nechám stranou své domnenky a prosím vás moc o radu, nebo alespon zkusit jeden log, abych mohl v klidu usnout,nepovazuji to za standardni chování systému, moc dekuji..
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz