Re: prosím o kontrolu a pomoc s nepravidelným spouštěním cmd.exe
Napsal: 01 lis 2018 22:58
Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by milos (01-11-2018 22:52:37) Run:1
Running from C:\Users\milos\Desktop
Loaded Profiles: milos (Available Profiles: milos & Mcx1-PC-MILOS & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2159431264-1780102058-234311758-1001 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=29500&geo=US&ver=22.14.2.13&locale=cs_US&guid=01FD7C42-0CD3-45A1-8654-90604D15EDDD&doi=2018-07-29&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2159431264-1780102058-234311758-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2159431264-1780102058-234311758-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms} &o=APN11913&l=dis&prt=NGC&chn=29500&geo=US&ver=22.14.2.13&locale=cs_US&guid=01FD7C42-0CD3-45A1-8654-90604D15EDDD&doi=2018-07-29&gct=kwd&qsrc=2869
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Security\Engine\22.16.0.247\coIEPlg.dll [2018-10-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Security\Engine32\22.16.0.247\coIEPlg.dll [2018-10-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2159431264-1780102058-234311758-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Security\Engine\22.16.0.247\coIEPlg.dll [2018-10-05] (Symantec Corporation)
FF Extension: (No Name) - C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\translator@zoli.bod.xpi [not found]
FF Extension: (No Name) - C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\s3download@statusbar.xpi [not found]
FF Extension: (No Name) - C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [not found]
FF Extension: (No Name) - C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [not found]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - D:\Program Files\Norton Security\Engine\22.16.0.247\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - D:\Program Files\Norton Security\Engine\22.16.0.247\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
C:\WINDOWS\system32\SET2982.tmp
C:\Users\milos\AppData\Local\oobelibMkey.log
C:\Users\milos\AppData\Local\Resmon.ResmonCfg
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-2159431264-1780102058-234311758-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2159431264-1780102058-234311758-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-2159431264-1780102058-234311758-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => removed successfully
HKLM\Software\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
"HKU\S-1-5-21-2159431264-1780102058-234311758-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\translator@zoli.bod.xpi => path removed successfully
C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\s3download@statusbar.xpi => path removed successfully
C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi => path removed successfully
C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi => path removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully
C:\WINDOWS\system32\SET2982.tmp => moved successfully
C:\Users\milos\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\milos\AppData\Local\Resmon.ResmonCfg => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42586860 B
Java, Flash, Steam htmlcache => 441 B
Windows/system/drivers => 0 B
Edge => 1536 B
Chrome => 5491308 B
Firefox => 1080617950 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
milos => 2423123 B
Mcx1-PC-MILOS => 0 B
Administrator => 17391 B
DefaultAppPool => 0 B
RecycleBin => 1941542056 B
EmptyTemp: => 2.9 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-11-2018 22:57:26)
Result of scheduled keys to remove after reboot:
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
==== End of Fixlog 22:57:27 ====
Ran by milos (01-11-2018 22:52:37) Run:1
Running from C:\Users\milos\Desktop
Loaded Profiles: milos (Available Profiles: milos & Mcx1-PC-MILOS & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2159431264-1780102058-234311758-1001 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=29500&geo=US&ver=22.14.2.13&locale=cs_US&guid=01FD7C42-0CD3-45A1-8654-90604D15EDDD&doi=2018-07-29&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2159431264-1780102058-234311758-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2159431264-1780102058-234311758-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms} &o=APN11913&l=dis&prt=NGC&chn=29500&geo=US&ver=22.14.2.13&locale=cs_US&guid=01FD7C42-0CD3-45A1-8654-90604D15EDDD&doi=2018-07-29&gct=kwd&qsrc=2869
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Security\Engine\22.16.0.247\coIEPlg.dll [2018-10-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Security\Engine32\22.16.0.247\coIEPlg.dll [2018-10-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2159431264-1780102058-234311758-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Security\Engine\22.16.0.247\coIEPlg.dll [2018-10-05] (Symantec Corporation)
FF Extension: (No Name) - C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\translator@zoli.bod.xpi [not found]
FF Extension: (No Name) - C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\s3download@statusbar.xpi [not found]
FF Extension: (No Name) - C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [not found]
FF Extension: (No Name) - C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [not found]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - D:\Program Files\Norton Security\Engine\22.16.0.247\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - D:\Program Files\Norton Security\Engine\22.16.0.247\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
C:\WINDOWS\system32\SET2982.tmp
C:\Users\milos\AppData\Local\oobelibMkey.log
C:\Users\milos\AppData\Local\Resmon.ResmonCfg
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-2159431264-1780102058-234311758-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2159431264-1780102058-234311758-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-2159431264-1780102058-234311758-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => removed successfully
HKLM\Software\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
"HKU\S-1-5-21-2159431264-1780102058-234311758-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\translator@zoli.bod.xpi => path removed successfully
C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\s3download@statusbar.xpi => path removed successfully
C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi => path removed successfully
C:\Users\milos\AppData\Roaming\Mozilla\Firefox\Profiles\s1amq8tc.default-1354039466817\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi => path removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully
C:\WINDOWS\system32\SET2982.tmp => moved successfully
C:\Users\milos\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\milos\AppData\Local\Resmon.ResmonCfg => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42586860 B
Java, Flash, Steam htmlcache => 441 B
Windows/system/drivers => 0 B
Edge => 1536 B
Chrome => 5491308 B
Firefox => 1080617950 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
milos => 2423123 B
Mcx1-PC-MILOS => 0 B
Administrator => 17391 B
DefaultAppPool => 0 B
RecycleBin => 1941542056 B
EmptyTemp: => 2.9 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-11-2018 22:57:26)
Result of scheduled keys to remove after reboot:
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
HKLM\Software\Wow6432Node\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => could not remove. Access Denied.
==== End of Fixlog 22:57:27 ====