VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o kontrolu logu - vyskakovaci okna

https://forum.viry.cz:443/viewtopic.php?t=155514

Stránka 1 z 3

prosim o kontrolu logu - vyskakovaci okna

Napsal: 04 úno 2019 11:34
od SoonTy
Dobry den, velice Vas prosim okontrolu logu. V prohlizecich vyskakuji okna. Predem dekuji za pomoc.

log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 4-02-2019
Ran by W (administrator) on W-PC (04-02-2019 11:18:40)
Running from C:\Users\W\Desktop
Loaded Profiles: W (Available Profiles: W)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(Acresso) C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe
(Sun Microsystems, Inc.) C:\Program Files\Vivid WorkshopData ATI\jre\bin\java.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_32_0_0_114_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [atchk] => C:\Program Files\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {026bfc4a-155f-11e7-9cd1-00219b41bed2} - E:\Startme.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {8f2712a7-2e96-11e4-99ec-00219b41bed2} - F:\Viewer\ppview32.exe agaxzs\auto.ppt
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {9574b6d6-23b7-11e9-8b3a-00219b41bed2} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {ed2524cd-4450-11e7-ada3-00219b41bed2} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [msacm.l3pacm] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [msacm.aacacm] => C:\Windows\system32\AACACM.acm [294912 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-08] ( )
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1679360 2013-04-05] ()
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3649536 2013-03-17] (x264vfw project)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-29] (Google LLC -> Google Inc.)
Startup: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-01-09]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 77.236.129.130 88.86.107.235
Tcpip\..\Interfaces\{F4677CA5-C69F-417E-8AFC-6816A18C768D}: [DhcpNameServer] 77.236.129.130 88.86.107.235
ManualProxies: 0hxxp://web-quick.com/wpad.dat?d237324aa363cadab7cc6569550bd09136767860

Internet Explorer:
==================
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> DefaultScope {20AB443D-4725-4468-8421-390C3683039A} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {20AB443D-4725-4468-8421-390C3683039A} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {A6D5F998-18F9-473B-B930-4006E4F71A7B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> is enabled.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\TomTom\HOME\Profiles\r3glec6n.default [2018-06-11]
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default [2019-02-04]
FF user.js: detected! => C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default\user.js [2014-04-15]
FF Homepage: Mozilla\Firefox\Profiles\g26uf1fk.default -> hxxp://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\g26uf1fk.default -> is enabled.
FF Extension: (Seznam pro Firefox - Email) - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-12-06]
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2014-12-15] [Legacy] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3274311375-3095276521-1623220161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\W\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxp://www.volny.cz/","hxxp://www.seznam.cz/"
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-02-03]
CHR Extension: (Prezentace) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-19]
CHR Extension: (Dokumenty) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-19]
CHR Extension: (Disk Google) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-19]
CHR Extension: (Tabulky) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-19]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-19]
CHR Extension: (QR Code Generator) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2018-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-19]
CHR Extension: (Chrome Remote Desktop) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2018-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-19]
CHR Extension: (Gmail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-02]
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-19]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe [73048 2018-10-18] (Google Inc -> Google Inc.)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2017-04-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2017-04-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [247712 2012-07-25] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [100232 2012-11-08] (Hewlett-Packard Company -> HP)
R2 HPSLPSVC; C:\Users\W\AppData\Local\Temp\7zS17B2\hpslpsvc32.dll [701288 2013-07-19] (Hewlett Packard -> Hewlett-Packard Co.) <==== ATTENTION
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-12-12] (Huawei Technologies Co., Ltd. -> )
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2013-05-16] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2013-05-16] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WorkshopDBService; C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2017-06-14] (Acresso) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [382976 2010-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [422976 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [297552 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [146512 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [70720 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [14400 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [80256 2014-04-15] (Microsoft Windows -> Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [159312 2009-07-14] (Microsoft Windows -> AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [22400 2014-04-15] (Microsoft Windows -> Advanced Micro Devices)
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [76368 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [86608 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Microsoft Windows -> Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [15952 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-28] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2012-10-29] (Intel Corporation -> Intel Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [453712 2009-07-14] (Microsoft Windows -> Emulex)
R3 GMLXDFltr01; C:\Windows\System32\drivers\GMLXDFltr01.sys [17696 2016-05-27] (Microsoft Windows Hardware Compatibility Publisher -> LXD Development, Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Microsoft Windows -> Hauppauge Computer Works, Inc.)
R3 HECI; C:\Windows\System32\DRIVERS\HECI.sys [45184 2009-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [13824 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [67152 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [332160 2014-04-15] (Microsoft Windows -> Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4808192 2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [41040 2009-07-14] (Microsoft Windows -> Intel Corp./ICP vortex GmbH)
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [95824 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [89168 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [54864 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [96848 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [30800 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [235584 2009-07-14] (Microsoft Windows -> LSI Corporation, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation -> Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [16896 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Microsoft Windows -> Ralink Technology Corp.)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [21638 2008-08-22] () [File not signed]
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [44624 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18176 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [117120 2014-04-15] (Microsoft Windows -> NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [143744 2014-04-15] (Microsoft Windows -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1383488 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [106064 2009-07-14] (Microsoft Windows -> QLogic Corporation)
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [77888 2009-07-14] (Microsoft Windows -> Silicon Integrated Systems)
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [21072 2009-07-14] (Microsoft Windows -> Promise Technology)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2014-06-06] (Microsoft Windows Hardware Compatibility Publisher -> TeamViewer GmbH)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [141904 2009-07-14] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
S3 eapihdrv; \??\C:\Users\W\AppData\Local\Temp\ehdrv.sys [X] <==== ATTENTION
S1 efhdshit; \??\C:\Windows\system32\drivers\efhdshit.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S1 qjfgucbk; \??\C:\Windows\system32\drivers\qjfgucbk.sys [X]
S1 sauugxsj; \??\C:\Windows\system32\drivers\sauugxsj.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-04 11:18 - 2019-02-04 11:19 - 000027234 _____ C:\Users\W\Desktop\FRST.txt
2019-02-04 11:18 - 2019-02-04 11:18 - 001790976 _____ (Farbar) C:\Users\W\Desktop\FRST.exe
2019-02-04 11:16 - 2019-02-04 11:18 - 000000000 ____D C:\FRST
2019-02-04 11:16 - 2019-02-04 11:16 - 001790976 _____ (Farbar) C:\Users\W\Downloads\FRST.exe
2019-02-04 09:36 - 2019-02-04 09:36 - 000000000 ____D C:\Users\W\Desktop\product key viewer
2019-01-31 09:37 - 2019-01-31 09:37 - 000000953 _____ C:\Users\Public\Desktop\HiSuite.lnk
2019-01-31 09:37 - 2019-01-31 09:37 - 000000000 ____D C:\Users\W\Documents\HiSuite
2019-01-31 09:37 - 2019-01-31 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2019-01-31 09:36 - 2019-01-31 09:37 - 000000000 ____D C:\Program Files\HiSuite
2019-01-31 09:36 - 2018-12-12 11:32 - 001837296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 000851176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 000249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2019-01-31 09:35 - 2019-01-31 09:38 - 000000000 ____D C:\Users\W\AppData\Local\HiSuite

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-04 11:05 - 2014-09-02 10:34 - 000000000 ____D C:\Users\W\Documents\Soubory aplikace Outlook
2019-02-04 10:00 - 2014-04-14 11:18 - 001611044 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-04 10:00 - 2009-07-14 09:44 - 000677214 _____ C:\Windows\system32\perfh005.dat
2019-02-04 10:00 - 2009-07-14 09:44 - 000146112 _____ C:\Windows\system32\perfc005.dat
2019-02-04 10:00 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2019-02-04 08:46 - 2009-07-14 05:34 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-04 08:46 - 2009-07-14 05:34 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-04 08:38 - 2017-06-14 16:19 - 000000000 ____D C:\ProgramData\organiser
2019-02-04 08:38 - 2014-06-25 12:33 - 000000000 ____D C:\Program Files\TeamViewer
2019-02-04 08:38 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-02 14:18 - 2015-04-22 11:52 - 000000000 ____D C:\Users\W\Desktop\inz
2019-02-02 12:38 - 2015-03-19 16:06 - 000000000 ____D C:\Users\W\Documents\já
2019-01-31 10:03 - 2014-04-14 12:43 - 000000000 ____D C:\Users\W\AppData\Roaming\vlc
2019-01-29 23:50 - 2014-04-14 12:46 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-29 23:50 - 2014-04-14 12:46 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-29 13:21 - 2018-12-27 12:42 - 000987136 ___SH C:\Users\W\Documents\Thumbs.db
2019-01-23 10:22 - 2015-10-16 11:31 - 000000000 ____D C:\Users\W\Documents\_pojistky
2019-01-18 11:33 - 2015-04-13 16:42 - 000000000 ____D C:\Users\W\Documents\_PGS
2019-01-09 08:31 - 2014-04-14 13:00 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:31 - 2014-04-14 13:00 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:31 - 2014-04-14 13:00 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-09 08:00 - 2017-11-20 19:57 - 000000000 ____D C:\Program Files\CCleaner

==================== Files in the root of some directories =======

2014-10-06 14:25 - 2006-11-01 11:05 - 000154424 _____ () C:\Users\W\Volumeid.exe
2014-05-30 08:17 - 2014-05-30 08:17 - 000000089 _____ () C:\Users\W\AppData\Local\fusioncache.dat
2014-05-07 17:16 - 2015-05-22 15:45 - 000013030 _____ () C:\Users\W\AppData\Local\PDOXUSRS.NET

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-02 00:39

==================== End of FRST.txt ============================

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 04 úno 2019 15:00
od Rudy
Zdravím!
Opět firemní PC?

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 05 úno 2019 09:47
od SoonTy
Dobrý den Rudy, počítač je již můj soukromý - dostal jsem ho jako kompenzaci za nevyplacené mzdy. Momentálně jsem nezaměstnán.

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 05 úno 2019 10:13
od Rudy
OK. Spusťte tedy tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 05 úno 2019 11:15
od SoonTy
děkuji za pochopení. tady je log:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-05-2019
# Duration: 00:00:04
# OS: Windows 7 Ultimate
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Seznam.cz
Deleted C:\Users\W\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Seznam.cz

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted slunecnice.cz

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1620 octets] - [05/02/2019 10:19:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 05 úno 2019 12:15
od Rudy
Dejte nové logy FRST+Addition.

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 05 úno 2019 12:35
od SoonTy
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 4-02-2019
Ran by W (administrator) on W-PC (05-02-2019 12:29:43)
Running from C:\Users\W\Desktop
Loaded Profiles: W (Available Profiles: W)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(Acresso) C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe
(Sun Microsystems, Inc.) C:\Program Files\Vivid WorkshopData ATI\jre\bin\java.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [atchk] => C:\Program Files\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {026bfc4a-155f-11e7-9cd1-00219b41bed2} - E:\Startme.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {8f2712a7-2e96-11e4-99ec-00219b41bed2} - F:\Viewer\ppview32.exe agaxzs\auto.ppt
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {9574b6d6-23b7-11e9-8b3a-00219b41bed2} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {ed2524cd-4450-11e7-ada3-00219b41bed2} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [msacm.l3pacm] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [msacm.aacacm] => C:\Windows\system32\AACACM.acm [294912 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-08] ( )
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1679360 2013-04-05] ()
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3649536 2013-03-17] (x264vfw project)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-29] (Google LLC -> Google Inc.)
Startup: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-01-09]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 77.236.129.130 88.86.107.235
Tcpip\..\Interfaces\{F4677CA5-C69F-417E-8AFC-6816A18C768D}: [DhcpNameServer] 77.236.129.130 88.86.107.235
ManualProxies: 0hxxp://web-quick.com/wpad.dat?d237324aa363cadab7cc6569550bd09136767860

Internet Explorer:
==================
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> DefaultScope {20AB443D-4725-4468-8421-390C3683039A} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {20AB443D-4725-4468-8421-390C3683039A} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {A6D5F998-18F9-473B-B930-4006E4F71A7B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> is enabled.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\TomTom\HOME\Profiles\r3glec6n.default [2018-06-11]
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default [2019-02-05]
FF user.js: detected! => C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default\user.js [2014-04-15]
FF Homepage: Mozilla\Firefox\Profiles\g26uf1fk.default -> hxxp://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\g26uf1fk.default -> is enabled.
FF Extension: (Seznam pro Firefox - Email) - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-12-06]
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2014-12-15] [Legacy] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3274311375-3095276521-1623220161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\W\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxp://www.volny.cz/","hxxp://www.seznam.cz/"
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-02-05]
CHR Extension: (Prezentace) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-19]
CHR Extension: (Dokumenty) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-19]
CHR Extension: (Disk Google) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-19]
CHR Extension: (Tabulky) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-19]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-19]
CHR Extension: (QR Code Generator) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2018-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-19]
CHR Extension: (Chrome Remote Desktop) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2018-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-19]
CHR Extension: (Gmail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-05]
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-19]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe [73048 2018-10-18] (Google Inc -> Google Inc.)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2017-04-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2017-04-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [247712 2012-07-25] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [100232 2012-11-08] (Hewlett-Packard Company -> HP)
R2 HPSLPSVC; C:\Users\W\AppData\Local\Temp\7zS17B2\hpslpsvc32.dll [701288 2013-07-19] (Hewlett Packard -> Hewlett-Packard Co.) <==== ATTENTION
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-12-12] (Huawei Technologies Co., Ltd. -> )
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2013-05-16] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2013-05-16] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WorkshopDBService; C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2017-06-14] (Acresso) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [382976 2010-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [422976 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [297552 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [146512 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [70720 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [14400 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [80256 2014-04-15] (Microsoft Windows -> Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [159312 2009-07-14] (Microsoft Windows -> AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [22400 2014-04-15] (Microsoft Windows -> Advanced Micro Devices)
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [76368 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [86608 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Microsoft Windows -> Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [15952 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-28] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2012-10-29] (Intel Corporation -> Intel Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [453712 2009-07-14] (Microsoft Windows -> Emulex)
R3 GMLXDFltr01; C:\Windows\System32\drivers\GMLXDFltr01.sys [17696 2016-05-27] (Microsoft Windows Hardware Compatibility Publisher -> LXD Development, Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Microsoft Windows -> Hauppauge Computer Works, Inc.)
R3 HECI; C:\Windows\System32\DRIVERS\HECI.sys [45184 2009-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [13824 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [67152 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [332160 2014-04-15] (Microsoft Windows -> Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4808192 2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [41040 2009-07-14] (Microsoft Windows -> Intel Corp./ICP vortex GmbH)
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [95824 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [89168 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [54864 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [96848 2009-07-14] (Microsoft Windows -> LSI Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2019-02-05] (Malwarebytes Corporation -> Malwarebytes)
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [30800 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [235584 2009-07-14] (Microsoft Windows -> LSI Corporation, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation -> Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [16896 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Microsoft Windows -> Ralink Technology Corp.)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [21638 2008-08-22] () [File not signed]
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [44624 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18176 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [117120 2014-04-15] (Microsoft Windows -> NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [143744 2014-04-15] (Microsoft Windows -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1383488 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [106064 2009-07-14] (Microsoft Windows -> QLogic Corporation)
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [77888 2009-07-14] (Microsoft Windows -> Silicon Integrated Systems)
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [21072 2009-07-14] (Microsoft Windows -> Promise Technology)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2014-06-06] (Microsoft Windows Hardware Compatibility Publisher -> TeamViewer GmbH)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [141904 2009-07-14] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
S3 eapihdrv; \??\C:\Users\W\AppData\Local\Temp\ehdrv.sys [X] <==== ATTENTION
S1 efhdshit; \??\C:\Windows\system32\drivers\efhdshit.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S1 qjfgucbk; \??\C:\Windows\system32\drivers\qjfgucbk.sys [X]
S1 sauugxsj; \??\C:\Windows\system32\drivers\sauugxsj.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-05 12:29 - 2019-02-05 12:30 - 000026854 _____ C:\Users\W\Desktop\FRST.txt
2019-02-05 12:29 - 2019-02-05 12:29 - 000000000 ____D C:\Users\W\Desktop\čištění
2019-02-05 10:50 - 2019-02-05 10:50 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-04 11:18 - 2019-02-04 11:18 - 001790976 _____ (Farbar) C:\Users\W\Desktop\FRST.exe
2019-02-04 11:16 - 2019-02-05 12:29 - 000000000 ____D C:\FRST
2019-02-04 11:16 - 2019-02-04 11:16 - 001790976 _____ (Farbar) C:\Users\W\Downloads\FRST.exe
2019-02-04 09:36 - 2019-02-04 09:36 - 000000000 ____D C:\Users\W\Desktop\product key viewer
2019-01-31 09:37 - 2019-01-31 09:37 - 000000953 _____ C:\Users\Public\Desktop\HiSuite.lnk
2019-01-31 09:37 - 2019-01-31 09:37 - 000000000 ____D C:\Users\W\Documents\HiSuite
2019-01-31 09:37 - 2019-01-31 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2019-01-31 09:36 - 2019-01-31 09:37 - 000000000 ____D C:\Program Files\HiSuite
2019-01-31 09:36 - 2018-12-12 11:32 - 001837296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 000851176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 000249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2019-01-31 09:35 - 2019-01-31 09:38 - 000000000 ____D C:\Users\W\AppData\Local\HiSuite

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-05 12:05 - 2014-05-22 16:36 - 000000000 ____D C:\Users\W\AppData\Local\CrashDumps
2019-02-05 10:49 - 2018-10-26 09:59 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-02-05 10:30 - 2009-07-14 05:34 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-05 10:30 - 2009-07-14 05:34 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-05 10:22 - 2017-06-14 16:19 - 000000000 ____D C:\ProgramData\organiser
2019-02-05 10:22 - 2014-06-25 12:33 - 000000000 ____D C:\Program Files\TeamViewer
2019-02-05 10:21 - 2017-11-20 19:57 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 10:21 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-05 10:19 - 2018-02-23 12:50 - 000000000 ____D C:\AdwCleaner
2019-02-05 10:18 - 2014-09-02 10:34 - 000000000 ____D C:\Users\W\Documents\Soubory aplikace Outlook
2019-02-05 09:57 - 2018-12-27 12:42 - 001026048 ___SH C:\Users\W\Documents\Thumbs.db
2019-02-04 10:00 - 2014-04-14 11:18 - 001611044 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-04 10:00 - 2009-07-14 09:44 - 000677214 _____ C:\Windows\system32\perfh005.dat
2019-02-04 10:00 - 2009-07-14 09:44 - 000146112 _____ C:\Windows\system32\perfc005.dat
2019-02-04 10:00 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2019-02-02 14:18 - 2015-04-22 11:52 - 000000000 ____D C:\Users\W\Desktop\inz
2019-02-02 12:38 - 2015-03-19 16:06 - 000000000 ____D C:\Users\W\Documents\já
2019-01-31 10:03 - 2014-04-14 12:43 - 000000000 ____D C:\Users\W\AppData\Roaming\vlc
2019-01-29 23:50 - 2014-04-14 12:46 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-29 23:50 - 2014-04-14 12:46 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-23 10:22 - 2015-10-16 11:31 - 000000000 ____D C:\Users\W\Documents\_pojistky
2019-01-18 11:33 - 2015-04-13 16:42 - 000000000 ____D C:\Users\W\Documents\_PGS
2019-01-09 08:31 - 2014-04-14 13:00 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:31 - 2014-04-14 13:00 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:31 - 2014-04-14 13:00 - 000000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2014-10-06 14:25 - 2006-11-01 11:05 - 000154424 _____ () C:\Users\W\Volumeid.exe
2014-05-30 08:17 - 2014-05-30 08:17 - 000000089 _____ () C:\Users\W\AppData\Local\fusioncache.dat
2014-05-07 17:16 - 2015-05-22 15:45 - 000013030 _____ () C:\Users\W\AppData\Local\PDOXUSRS.NET

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-02 00:39

==================== End of FRST.txt ============================

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 05 úno 2019 12:56
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {026bfc4a-155f-11e7-9cd1-00219b41bed2} - E:\Startme.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {8f2712a7-2e96-11e4-99ec-00219b41bed2} - F:\Viewer\ppview32.exe agaxzs\auto.ppt
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {9574b6d6-23b7-11e9-8b3a-00219b41bed2} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {ed2524cd-4450-11e7-ada3-00219b41bed2} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 eapihdrv; \??\C:\Users\W\AppData\Local\Temp\ehdrv.sys [X] <==== ATTENTION
S1 qjfgucbk; \??\C:\Windows\system32\drivers\qjfgucbk.sys [X]
S1 sauugxsj; \??\C:\Windows\system32\drivers\sauugxsj.sys [X]
S1 efhdshit; \??\C:\Windows\system32\drivers\efhdshit.sys [X]
Task: {13630E78-B80C-4AB1-9282-190C788C6C48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-10-19] (Google Inc -> Google Inc.)
Task: {E66926FB-BD85-41C9-9CA6-5AF7ECB155F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-10-19] (Google Inc -> Google Inc.)
Task: {F938B3B5-BA02-4B80-A784-2D477BFC0854} - System32\Tasks\{9F315435-BDD6-4DBB-B011-69BF7E0CC56D} => C:\Windows\system32\pcalua.exe -a C:\Users\W\Downloads\WinSetupFromUSB-1-5.exe -d C:\Users\W\Downloads

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 05 úno 2019 15:20
od SoonTy
Fix result of Farbar Recovery Scan Tool (x86) Version: 4-02-2019
Ran by W (05-02-2019 15:12:49) Run:1
Running from C:\Users\W\Desktop
Loaded Profiles: W (Available Profiles: W)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {026bfc4a-155f-11e7-9cd1-00219b41bed2} - E:\Startme.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {8f2712a7-2e96-11e4-99ec-00219b41bed2} - F:\Viewer\ppview32.exe agaxzs\auto.ppt
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {9574b6d6-23b7-11e9-8b3a-00219b41bed2} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {ed2524cd-4450-11e7-ada3-00219b41bed2} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 eapihdrv; \??\C:\Users\W\AppData\Local\Temp\ehdrv.sys [X] <==== ATTENTION
S1 qjfgucbk; \??\C:\Windows\system32\drivers\qjfgucbk.sys [X]
S1 sauugxsj; \??\C:\Windows\system32\drivers\sauugxsj.sys [X]
S1 efhdshit; \??\C:\Windows\system32\drivers\efhdshit.sys [X]
Task: {13630E78-B80C-4AB1-9282-190C788C6C48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-10-19] (Google Inc -> Google Inc.)
Task: {E66926FB-BD85-41C9-9CA6-5AF7ECB155F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-10-19] (Google Inc -> Google Inc.)
Task: {F938B3B5-BA02-4B80-A784-2D477BFC0854} - System32\Tasks\{9F315435-BDD6-4DBB-B011-69BF7E0CC56D} => C:\Windows\system32\pcalua.exe -a C:\Users\W\Downloads\WinSetupFromUSB-1-5.exe -d C:\Users\W\Downloads

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully.
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{026bfc4a-155f-11e7-9cd1-00219b41bed2} => removed successfully.
HKLM\Software\Classes\CLSID\{026bfc4a-155f-11e7-9cd1-00219b41bed2} => not found
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f2712a7-2e96-11e4-99ec-00219b41bed2} => removed successfully.
HKLM\Software\Classes\CLSID\{8f2712a7-2e96-11e4-99ec-00219b41bed2} => not found
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9574b6d6-23b7-11e9-8b3a-00219b41bed2} => removed successfully.
HKLM\Software\Classes\CLSID\{9574b6d6-23b7-11e9-8b3a-00219b41bed2} => not found
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed2524cd-4450-11e7-ada3-00219b41bed2} => removed successfully.
HKLM\Software\Classes\CLSID\{ed2524cd-4450-11e7-ada3-00219b41bed2} => not found
"HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully.
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2} => removed successfully.
HKLM\Software\Classes\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\System\CurrentControlSet\Services\eapihdrv => removed successfully.
eapihdrv => service removed successfully.
HKLM\System\CurrentControlSet\Services\qjfgucbk => removed successfully.
qjfgucbk => service removed successfully.
HKLM\System\CurrentControlSet\Services\sauugxsj => removed successfully.
sauugxsj => service removed successfully.
HKLM\System\CurrentControlSet\Services\efhdshit => removed successfully.
efhdshit => service removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13630E78-B80C-4AB1-9282-190C788C6C48}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13630E78-B80C-4AB1-9282-190C788C6C48}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E66926FB-BD85-41C9-9CA6-5AF7ECB155F4}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E66926FB-BD85-41C9-9CA6-5AF7ECB155F4}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F938B3B5-BA02-4B80-A784-2D477BFC0854}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F938B3B5-BA02-4B80-A784-2D477BFC0854}" => removed successfully.
C:\Windows\System32\Tasks\{9F315435-BDD6-4DBB-B011-69BF7E0CC56D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9F315435-BDD6-4DBB-B011-69BF7E0CC56D}" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 166154373 B
Java, Flash, Steam htmlcache => 1308 B
Windows/system/drivers => 599771 B
Edge => 0 B
Chrome => 274150224 B
Firefox => 15135225 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83693 B
LocalService => 0 B
NetworkService => 12993713 B
W => 505192248 B

RecycleBin => 190554756 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:14:05 ====

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 05 úno 2019 15:55
od Rudy
OK. Nastala nějaká změna?

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 06 úno 2019 07:09
od SoonTy
v exploreru se množství oteviranych nechtenych stranek zmenšilo, ale oteviraji se stále. Často s instalaci updateu JAVA. u chromu se po zadani hledaneho vyrazu do radku adresy často objevi stranka secure-surf.net . když ji prepisu a zadam třeba google, tak se mi pod hlavnim panelem a listou zalozek objevi takovy panel secure search pro zadani textu. Cely panel (stranku) musim zavrit, pak otevřít novy a zase to chvilku jede

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 06 úno 2019 10:20
od Rudy
Vyčistíme ještě samotné prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... [oz]=8.1.0
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 06 úno 2019 23:06
od SoonTy
zoek se nechce koretne spustit - po zapnuti programu to pise chybu skriptu a volba Ano/Ne. Po zvolení jakékoliv mohu vložit skript, ale po spusteni skriptu to zase hodi stejnou hlasku

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 07 úno 2019 10:35
od Rudy
Zkuste to v nouz. režimu.

Re: prosim o kontrolu logu - vyskakovaci okna

Napsal: 07 úno 2019 12:46
od SoonTy
chová se to stále stejně. Zoek sputím, ale hned vyskočí okno a pak nejde ani program korektně zavřít...
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz