Preventivní kontrola

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7844
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 11:59

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
Ran by MARTIN (18-01-2019 11:33:09)
Running from C:\Users\MARTIN\Desktop\Kontrola 15_01_2019\FABAR
Windows 10 Pro Version 1809 17763.253 (X64) (2018-12-21 23:17:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3529494443-4293947711-600217252-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3529494443-4293947711-600217252-503 - Limited - Disabled)
E2AF12C46CF047DEB725 (S-1-5-21-3529494443-4293947711-600217252-1007 - Limited - Enabled)
Guest (S-1-5-21-3529494443-4293947711-600217252-501 - Limited - Disabled)
MARTIN (S-1-5-21-3529494443-4293947711-600217252-1001 - Administrator - Enabled) => C:\Users\MARTIN
WDAGUtilityAccount (S-1-5-21-3529494443-4293947711-600217252-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image (HKLM-x32\...\{8FD2E7B8-F7F2-4121-ACAC-74BD07F4B41D}) (Version: 22.5.12510 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{8FD2E7B8-F7F2-4121-ACAC-74BD07F4B41D}Visible) (Version: 22.5.12510 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aegisub 3.2.1 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.1 - Aegisub Team)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (HKLM\...\{15DDA7AF-3E5C-49CC-B57C-8926F09405A6}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{20AB389B-8602-403C-B19B-F0A1D6C510A5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Ant Video downloader (Native messaging host) (HKLM-x32\...\{5DC7FA9A-CBBB-4FBD-B3A0-898076A454FD}) (Version: 4.1.24 - Ant.com)
AOMEI Backupper Professional (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
Ashampoo Burning Studio 18 (HKLM-x32\...\{91B33C97-AF35-C3DC-976E-8A253D817482}_is1) (Version: 18.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 15 (HKLM-x32\...\{4209F371-C86E-DC46-5245-9E069261137B}_is1) (Version: 15.00.05 - Ashampoo GmbH & Co. KG)
AVerMedia TD310 USB Pure DVB-T/T2/C 14.7.64.18 (HKLM-x32\...\AVerMedia TD310 USB Pure DVB-T/T2/C) (Version: 14.7.64.18 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boris FX Continuum Plug-ins 11 for Corel VideoStudio 2018 (HKLM\...\{4ECCA8FB-F015-4546-BBDD-86F01A6EA710}_is1) (Version: - Boris FX, Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Contents64 (HKLM\...\{6E4E6A71-CE25-4DCE-8C81-E0934234B035}) (Version: 21.0.0.68 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{2C033F91-236B-4C29-854D-5CC0F67FE7DA}) (Version: 2.9.389 - Corel corporation) Hidden
Corel VideoStudio Ultimate 2018 (HKLM-x32\...\_{BF97DEDE-1D94-4E94-826A-344D85B45DD1}) (Version: 21.4.0.165 - Corel Corporation)
Creative ASIO (USB) (HKLM-x32\...\Creative_ASIO(USB)) (Version: 1.00 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.4630.62 - CyberLink Corp.)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Easy MP3 Recorder 2.0 (HKLM-x32\...\{C551FA4D-4F3F-469E-934A-B262742A7AED}_is1) (Version: 2.0 - WordAddin Studio)
Elevated Installer (HKLM-x32\...\{68D32366-4505-43D2-A1F5-EF4B645207D6}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.1 - )
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FastStone Image Viewer 4.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
Focusrite USB 4.36.5.0 (HKLM\...\Focusrite USB_is1) (Version: 4.36.5.0 - Focusrite Audio Engineering Ltd.)
Garmin Express (HKLM-x32\...\{21a6db39-b3c0-447d-85d7-39dcf1703e3e}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{3e534d41-dcc4-4f51-9858-70dd42beb3d5}) (Version: 6.5.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{73CA3D46-6F24-43AA-ABE9-15341B96FF53}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
GENERAL V 8.0.5.6 (HKLM-x32\...\GENERAL V 8.0.5.6) (Version: - )
Graffiti x64 Corel VideoStudio 2018 (HKLM\...\{BC3DA515-5476-44BA-A064-1E241EBED92E}) (Version: 7.0.1004 - Boris FX, Inc.)
HD Tune 2.50 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
ICA (HKLM-x32\...\{BF97DEDE-1D94-4E94-826A-344D85B45DD1}) (Version: 21.0.0.68 - Corel Corporation) Hidden
IPM_VS_Pro64 (HKLM\...\{BB43C25C-CC43-447B-B258-9DAA3E9A1002}) (Version: 21.0 - Corel Corporation) Hidden
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
jetAudio 8.1.x Czech Language Pack (HKLM-x32\...\jetAudio 8.1.x Czech Language Pack) (Version: - )
jetAudio Plus (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
K-Lite Codec Pack 14.6.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.6.0 - KLCP)
Kyodai Mahjongg (HKLM-x32\...\Kyodai Mahjongg_is1) (Version: - Rene-Gilles Deberdt)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiniTool Partition Wizard 10.2.2 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.3.1 - Movavi)
Mozilla Firefox 64.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 64.0.2 (x64 cs)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla)
Mozilla Thunderbird 60.4.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.4.0 (x86 cs)) (Version: 60.4.0 - Mozilla)
MPEG Video Wizard DVD 5.0.0.110 (12/2010) (HKLM-x32\...\{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1) (Version: 5.0.0.110 - Womble Multimedia, Inc.)
MPEG Video Wizard DVD 5.0.0.110 (12/2010) (HKLM-x32\...\Mpeg Video Wizard DVD 5.0) (Version: 5.0.0.110 (12/2010) - Womble Multimedia, Inc.)
MyDVD Content Pack 1 (HKLM-x32\...\{ADCF7AE3-8E36-4B80-9460-66B74B56927F}) (Version: 1.00.0000 - Corel Corporation)
MyDVD Content Pack 2 (HKLM-x32\...\{B9987701-F119-46FA-BFF1-A8B593BFAF9E}) (Version: 1.00.0000 - Corel Corporation)
NewBlue Titler Pro 5 for Corel (HKLM-x32\...\NewBlue Titler Pro 5 for Corel) (Version: 1.0.181026 - NewBlue)
Norton Security (HKLM-x32\...\NGC) (Version: 22.16.3.21 - Symantec Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PACE License Support Win64 (HKLM\...\{15ADFA42-BA79-47e4-945F-A8A997FB990C}) (Version: 4.0.3.2024 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{15ADFA42-BA79-47e4-945F-A8A997FB990C}) (Version: 4.0.3.2024 - PACE Anti-Piracy, Inc.)
Paragon Hard Disk Manager™ 16.5 Advanced (HKLM\...\{6AF12D35-E079-44D3-957F-CA9FBF9801A5}) (Version: 10.12.1.3339 - Paragon Software) Hidden
Paragon Hard Disk Manager™ 16.5 Advanced (HKLM-x32\...\{ba2d3e09-ab19-4618-9097-15461dbef6a1}) (Version: 10.12.1.3339 - Paragon Software GmbH)
Paragon Migrate OS to SSD™ 5.0 (HKLM\...\{AAB8C140-63A4-11E6-BB29-005056C00008}) (Version: 10.1.28.154 - Paragon Software)
Paragon UIM (HKLM\...\{38FBDB20-F62D-4CD6-A04E-87FD30F3E43A}) (Version: 24.17.0.293 - Paragon Software) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.2 - pdfforge GmbH)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.1 - Power Software Ltd)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.1 - proDAD GmbH) Hidden
proDAD Mercalli 2.0 (64bit) (HKLM\...\proDAD-Mercalli-2.0) (Version: 2.0.127 - proDAD GmbH) Hidden
proDAD Route 4.0 (64bit) (HKLM\...\proDAD-HeroglyphRoute-4.0) (Version: 4.0.257.1 - proDAD GmbH) Hidden
proDAD Script 4.0 (64bit) (HKLM\...\proDAD-HeroglyphScript-4.0) (Version: 4.0.257.1 - proDAD GmbH) Hidden
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.244 - proDAD GmbH) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
R-Studio 8.7 (HKLM-x32\...\R-Studio 8.7NSIS) (Version: 8.7.170955 - R-Tools Technology Inc.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Setup (HKLM-x32\...\{73DEC847-B519-427C-BAAA-9034445703B6}) (Version: 21.0.0.68 - Corel Corporation) Hidden
Share64 (HKLM\...\{E233030D-601B-46F5-A797-771DEEDDBEE3}) (Version: 21.0.0.68 - Corel Corporation) Hidden
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.)
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Sound Blaster Omni Surround 5.1 (HKLM-x32\...\{DD0AD523-C679-4844-A9E7-F446273C43D0}) (Version: 1.01.07 - Creative Technology Limited)
Sound Blaster Omni Surround 5.1 Extras (HKLM-x32\...\{C9120656-8F23-409A-8B4D-278FEAA33856}) (Version: 1.0 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SureThing CD Labeler Deluxe (HKLM-x32\...\{4ED7D297-58F7-45C3-A9BA-A7CD6FA0D373}_is1) (Version: 5.2.689.0 - MicroVision Development, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Torrent Harvester (HKLM-x32\...\Torrent Harvester) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Tvůrce spouštěcích médií Acronis Universal Restore (HKLM-x32\...\{F262ED24-C7F2-4180-ADC8-559119C639BE}) (Version: 11.5.40067 - Acronis)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{035FFC43-55D6-4F5C-BCC5-21FED122C8B4}) (Version: 1.11.0.0 - Microsoft Corporation) Hidden
VideoStudio 3D Title Editor (HKLM\...\{7A42BE28-5371-429F-A25C-95E1AB46F20D}) (Version: 1.0.7.109 - Corel Corporation)
VideoStudio MyDVD (HKLM\...\{DAFD3107-BB9D-49EA-8CD5-03F056646FAB}) (Version: 2.0.055 - Corel Corporation) Hidden
VideoStudio MyDVD (HKLM-x32\...\{4E8ADFE2-8D92-4ACB-BD36-CCC4D0F43011}) (Version: 2.0 - Corel)
VSClassic64 (HKLM\...\{8592E7A8-CA1A-4E55-B2DD-E7A4895807B7}) (Version: 21.0.0.68 - Corel Corporation) Hidden
VSUltimate64 (HKLM\...\{DAB1A9B0-B93C-4EC2-B626-D57478981107}) (Version: 21.0.0.68 - Corel Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{6D9DC1C5-AD2B-4FE1-812B-4EB7BC51DDBD}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{17194DA0-755B-4BAA-A8C9-EC5549F7D596}) (Version: 1.4.3.13 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{6422f3d1-f66a-42ab-9726-67fca9d3964b}) (Version: 1.4.3.13 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{437D5C46-5AB0-4042-8682-0626441FF53B}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter) (Version: 11.6.1.4734 - ZJMedia Digital Technology Ltd.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-22] ()
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-22] ()
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-22] ()
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-22] ()
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2019-01-17] ()
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2018-09-15] (Microsoft Corporation)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.16.3.21\NavShExt.dll [2018-12-12] (Symantec Corporation)
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.16.3.21\NavShExt.dll [2018-12-12] (Symantec Corporation)
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2019-01-17] ()
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation)
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.16.3.21\NavShExt.dll [2018-12-12] (Symantec Corporation)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2DF4D158-8A14-4C3E-9780-5786E9665C44} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-12] (Adobe Systems Incorporated)
Task: {33DB77CC-1D5A-48B6-A1AB-537E1AAE8BC7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {48DE2FC3-6D53-42BA-AF8B-BC5BC3995A5C} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.16.3.21\SymErr.exe [2018-12-12] (Symantec Corporation)
Task: {5DB205B3-43BA-4B5A-BF83-D75EDC833979} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.16.3.21\WSCStub.exe [2018-12-12] (Symantec Corporation)
Task: {6AB9E103-BF33-44C2-BE62-7658979F3A94} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {6C53AD77-B524-4B93-BFF6-DA4E7214BC8E} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\MARTIN\Desktop\Kontrola 15_01_2019\Rouge Killer\RogueKiller_portable64.exe [2019-01-16] ()
Task: {871E3070-E991-4E2D-9C89-9CFF7662524A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-11-28] ()
Task: {9F7EACD7-BB2E-432B-9C46-B13D97C8A5BC} - System32\Tasks\Spustit SpeedFan => C:\Program Files (x86)\SpeedFan\speedfan.exe [2012-03-26] (Almico Software (www.almico.com))
Task: {A55573BD-6646-4824-91F2-9F5415442B3D} - System32\Tasks\VideoStudioUpdater => C:\Program Files\Corel\Corel VideoStudio 2018\VSNotification.exe [2018-01-04] ()
Task: {AA2E8058-DC03-4175-A1D4-09623C04817E} - System32\Tasks\Opera scheduled Autoupdate 1519238937 => C:\Program Files\Opera\launcher.exe [2019-01-09] (Opera Software)
Task: {AD235B6C-0623-4F1E-92C8-01D1FCA7C85B} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)
Task: {B926B59F-852F-4AF9-B909-E9D03A198C31} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.16.3.21\SymErr.exe [2018-12-12] (Symantec Corporation)
Task: {D0032A8E-A9EB-47DB-ACC0-A0B98BCE1369} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2018-12-12] (Symantec Corporation)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E99BA6B7-B3D7-4807-86C8-7EB85A215691} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {FB1C5700-1BB4-4BFC-BF82-13DA6C045FC4} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.16.3.21\SymErr.exe [2018-12-12] (Symantec Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2015-11-26 21:59 - 2015-11-26 21:59 - 000594432 _____ () C:\Program Files\EqualizerAPO\EqualizerAPO.dll
2012-09-18 23:34 - 2012-09-18 23:34 - 002375168 _____ () C:\Program Files\EqualizerAPO\libsndfile-1.dll
2014-03-15 22:29 - 2014-03-15 22:29 - 002604934 _____ () C:\Program Files\EqualizerAPO\libfftw3f-3.dll
2017-12-22 01:00 - 2017-12-22 01:00 - 001216760 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2018-12-10 21:12 - 2017-02-06 09:47 - 000771072 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2019-01-09 16:31 - 2019-01-09 16:31 - 006096688 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2019-01-15 16:04 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-01-15 16:04 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-06-18 20:20 - 2018-06-18 20:20 - 001747296 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
2017-12-22 00:45 - 2017-12-22 00:45 - 005825576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-17 07:05 - 2019-01-17 07:05 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-10 17:01 - 2019-01-10 17:01 - 005172224 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
2019-01-10 17:01 - 2019-01-10 17:01 - 002172928 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll
2019-01-10 17:01 - 2019-01-10 17:01 - 001795584 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneContentDataStore.dll
2018-10-31 07:19 - 2018-10-31 07:19 - 001004032 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-01-10 17:01 - 2019-01-10 17:01 - 002907136 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2018-07-11 17:22 - 2018-07-11 17:22 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-10-04 18:49 - 2018-10-04 18:50 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-13 15:38 - 2018-12-13 15:38 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-13 15:38 - 2018-12-13 15:38 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-10 20:52 - 2018-12-10 20:52 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-12-10 20:52 - 2018-12-10 20:52 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-21 22:13 - 2018-02-21 22:13 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 20:25 - 2018-11-29 20:25 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-10 20:52 - 2018-12-10 20:52 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-10 20:52 - 2018-12-10 20:52 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-12-27 16:16 - 2014-11-28 13:41 - 000089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2018-12-27 16:16 - 2014-11-28 13:40 - 000365568 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2017-12-22 00:46 - 2017-12-22 00:46 - 000585296 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2018-12-10 21:12 - 2015-06-25 13:06 - 000168768 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2017-12-22 00:45 - 2017-12-22 00:45 - 007003048 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2018-11-06 18:52 - 2018-11-06 18:52 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-06 18:52 - 2018-11-06 18:52 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-06 18:52 - 2018-11-06 18:52 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-01-15 11:10 - 2019-01-15 11:11 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-15 11:10 - 2019-01-15 11:11 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-01-15 11:10 - 2019-01-15 11:11 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-02-21 22:13 - 2018-02-21 22:14 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-16 20:27 - 2018-11-16 20:27 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-16 20:27 - 2018-11-16 20:27 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-16 22:32 - 2018-08-16 22:32 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-16 22:32 - 2018-08-16 22:32 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-03-29 21:16 - 2018-03-29 21:17 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-15 11:10 - 2019-01-15 11:11 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-16 20:27 - 2018-11-16 20:27 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-15 11:10 - 2019-01-15 11:11 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-01 10:00 - 2018-09-01 10:01 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 22:18 - 2018-07-27 22:18 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-11 14:45 - 2019-01-09 08:07 - 000688216 _____ () C:\Program Files\Opera\57.0.3098.116\opera_elf.dll
2019-01-11 14:45 - 2019-01-11 14:45 - 107562072 _____ () C:\Program Files\Opera\57.0.3098.116\opera_browser.dll
2019-01-11 14:45 - 2019-01-11 14:44 - 004991576 _____ () C:\Program Files\Opera\57.0.3098.116\libglesv2.dll
2019-01-11 14:45 - 2019-01-11 14:44 - 000116824 _____ () C:\Program Files\Opera\57.0.3098.116\libegl.dll
2019-01-02 23:04 - 2018-12-07 11:55 - 001027944 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000335728 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000106352 _____ () C:\Program Files (x86)\AOMEI Backupper\Amnet.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000040808 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000266096 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000139120 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000352104 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000499568 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000081776 _____ () C:\Program Files (x86)\AOMEI Backupper\NTLog.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000043368 _____ () C:\Program Files (x86)\AOMEI Backupper\NTHelp.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000081768 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000114544 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2019-01-02 23:04 - 2018-05-25 17:27 - 002416496 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000089960 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000073584 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000298864 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000343920 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000982888 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000175976 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000130920 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2019-01-02 23:04 - 2018-12-07 11:55 - 000728936 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2019-01-02 23:04 - 2018-12-07 11:55 - 000027496 _____ () C:\Program Files (x86)\AOMEI Backupper\NTSQLite.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000114536 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000266088 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2019-01-02 23:04 - 2018-12-07 11:54 - 000188272 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2018-06-18 19:47 - 2018-06-18 19:47 - 000414936 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 000160168 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\libevent.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 000240552 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\pcs_io.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 000042928 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\winpthreads4.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 000225312 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\zstd.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 000469416 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\archive3.dll
2018-06-18 22:42 - 2018-06-18 22:42 - 003490136 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2018-06-18 22:41 - 2018-06-18 22:41 - 001334488 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2018-06-18 22:37 - 2018-06-18 22:37 - 022782256 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2017-12-22 00:34 - 2017-12-22 00:34 - 000136736 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 000255008 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 000277538 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 002386352 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\xerces_c.dll
2019-01-17 06:55 - 2019-01-18 10:19 - 000158720 _____ () C:\Users\MARTIN\AppData\Local\Temp\sfareca00001.dll
2019-01-17 06:55 - 2019-01-18 10:19 - 000192512 _____ () C:\Users\MARTIN\AppData\Local\Temp\sfamcc00001.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2017-12-22 00:34 - 2017-12-22 00:34 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll



Reklama
Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7844
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 12:02

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:92CA596210974D5D [217]
AlternateDataStreams: C:\Users\All Users:92CA596210974D5D [217]
AlternateDataStreams: C:\ProgramData\Data aplikací:92CA596210974D5D [217]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\facebook.com -> hxxps://staticxx.facebook.com
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\facebook.net -> hxxps://connect.facebook.net
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\fbcdn.net -> hxxps://static.xx.fbcdn.net
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\google-analytics.com -> hxxps://www.google-analytics.com
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\paragon-software.com -> hxxps://bo4-fe.paragon-software.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2019-01-18 11:29 - 000000813 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\AOMEI Backupper;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\Control Panel\Desktop\\Wallpaper -> F:\Fotky\Plaváček.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "DCN-SW Printing Application.lnk"
HKLM\...\StartupApproved\StartupFolder: => "DCN-SW Server Application.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "PowerDVD15Agent"
HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrace produktu.lnk"
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\StartupApproved\Run: => "InputDirector"
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32C10555-5C92-4228-9267-C7ED635E8401}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{CFC2732D-1D6E-44A2-9DEE-EE55E6B1CB24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{84CE86DA-3FA7-40C9-BB80-6DBE6217D5CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{C4136A48-3AAE-46B7-8556-F4052C6A8D36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{DDC34677-06C2-43D6-9023-4F1D89DD1785}] => (Allow) C:2\Paragon Migrate OS\HD manager 16\Paragon-760-PEU_WinInstallSNx64_16.18.6_000.exe No File
FirewallRules: [{927E9FAB-7FA6-486E-908C-0BB157F11D79}] => (Allow) C:2\Paragon Migrate OS\HD manager 16\Paragon-760-PEU_WinInstallSNx64_16.18.6_000.exe No File
FirewallRules: [{DFB73B08-90D7-41D6-AD13-34F8523E23E5}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe ()
FirewallRules: [{758BD263-7B68-4C13-9FED-59B91EDBA5F4}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe ()
FirewallRules: [{DA76F210-69B8-4AF2-9E89-A3F58694685B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B661E943-60C5-485F-B3EC-0D3802460E2D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B2C76982-2158-4C36-86D7-11A3C7748AD8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{2D5F57BA-AC27-43E6-8A92-0235D1BBB337}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{9C51B368-05EA-4CE9-AFFF-E4A519FDA664}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe (CyberLink Corp.)
FirewallRules: [{E25C10FC-D81E-49A4-8E04-1FD659748BAA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe (CyberLink)
FirewallRules: [{C6F4B5C3-EF42-4BAC-A045-9CC1CD667F8B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe (CyberLink Corp.)
FirewallRules: [{4B96232B-8522-4FC8-8797-AD837EEB686A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe (CyberLink Corp.)
FirewallRules: [{44C6691A-D25E-4487-ABFC-9F95F438F4C5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp.)
FirewallRules: [{A4B6C884-3F27-49E2-A3C1-32E2566783E2}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (AOMEI Tech Co., Ltd.)
FirewallRules: [{E0A809B6-8E72-4598-A42F-EA751E3ECDDB}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (AOMEI Tech Co., Ltd.)
FirewallRules: [{A39C3DCA-D2F8-485F-9594-12877A1F2B65}] => (Allow) C:\Program Files\Opera\57.0.3098.110\opera.exe (Opera Software)
FirewallRules: [{FDB106F4-B59B-4DD7-98D9-F50A9A8A42FB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{A51E1380-D941-4001-8B17-BDC9D5D2E1AA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{855E32E6-2E63-4815-B839-D817A98B0E0E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe ()
FirewallRules: [{BDD5DB16-9BE5-417E-9342-A02699328375}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH)
FirewallRules: [{B9F631F2-4CDA-41DD-BA43-65D8D386A69C}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe ()
FirewallRules: [{DC03550D-50AC-4993-A873-E7BDFFBEED76}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe ()
FirewallRules: [{73A2D3CF-D122-46F2-A9CD-6E3596CD80E5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe ()
FirewallRules: [{5DF83A24-E923-40CB-8B34-BE5230A8E009}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe ()
FirewallRules: [{22419C08-CF78-4F0A-824F-4C31B3FBCD35}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe ()
FirewallRules: [{2230A6D7-8133-448D-94A2-380399D806BD}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe ()
FirewallRules: [{F94FF98A-FC8C-4E16-9D6D-A7DFB7FCF490}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe ()
FirewallRules: [{7F7DB359-5FC7-43BF-94A0-BB10C95ACA31}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH)
FirewallRules: [{A83D99A3-2647-45DF-9598-320ECD0A0B15}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe ()
FirewallRules: [{3F1D46CA-F52F-4EE6-86FC-F0B23B0579E8}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe ()
FirewallRules: [{8C9F0E15-CEE7-41FF-936F-A8AFC22FC750}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH)
FirewallRules: [{22EB5A01-13CB-4487-98C3-AA8590092EC6}] => (Allow) C:\Program Files\Opera\57.0.3098.116\opera.exe (Opera Software)
FirewallRules: [{98F36A10-6C08-4C34-ACE9-CE2D28B4BDED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{039916D0-D09D-4A3A-91DE-1AA02FE0F8AB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{E5EC8714-5F71-4AD7-9900-ADC55A0BD32A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [{BFEF3D83-1DF4-4673-8BBD-8E8610616A72}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [{E776519E-A740-4696-BE9B-CFA527CA8B93}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File
FirewallRules: [{E622A71F-6824-4902-9DE2-11487A521949}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File

==================== Restore Points =========================

16-01-2019 15:19:07 Naplánovaný kontrolní bod
16-01-2019 17:45:43 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2019 10:22:39 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (01/18/2019 10:19:25 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (01/18/2019 10:18:33 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SQLEXPRESS\Performance'. SQL Server performance counters are disabled.

Error: (01/18/2019 10:18:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service QcJSPiNEd/jK6iOhRDTk7g==._http._tcp.local. port 58082.

Error: (01/18/2019 06:06:08 AM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID '73E04CE6-C28B-4A23-A3DE-CB5E3E650493' kvůli chybě 87> (Plánovač obdržel požadavek s neplatným parametrem.).

Error: (01/17/2019 08:01:37 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (01/17/2019 06:59:28 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (01/17/2019 06:55:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service QcJSPiNEd/jK6iOhRDTk7g==._http._tcp.local. port 58082.


System errors:
=============
Error: (01/18/2019 11:29:46 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DGB63JL)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-DGB63JL\MARTIN (SID: S-1-5-21-3529494443-4293947711-600217252-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/18/2019 11:07:45 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DGB63JL)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-DGB63JL\MARTIN (SID: S-1-5-21-3529494443-4293947711-600217252-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/18/2019 10:18:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/18/2019 10:18:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/18/2019 06:05:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DGB63JL)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/18/2019 06:05:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DGB63JL)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/18/2019 06:05:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DGB63JL)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/18/2019 06:05:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DGB63JL)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2019-01-15 16:05:03.356
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\57.0.3098.116\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-15 15:34:56.536
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.16.3.21\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-15 15:34:56.470
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.16.3.21\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-15 15:34:56.399
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.16.3.21\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-15 15:34:56.323
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.16.3.21\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-11 10:22:50.534
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.16.2.22\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-11 10:22:50.466
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.16.2.22\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-11 10:22:50.391
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.16.2.22\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 44%
Total physical RAM: 8191.18 MB
Available physical RAM: 4554.73 MB
Total Virtual: 20191.18 MB
Available Virtual: 16192.9 MB

==================== Drives ================================

Drive c: (Systém) (Fixed) (Total:222.66 GB) (Free:133.79 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Filmy) (Fixed) (Total:931.51 GB) (Free:598.48 GB) NTFS
Drive f: (Data) (Fixed) (Total:309.75 GB) (Free:293.72 GB) NTFS
Drive g: (Pracovní) (Fixed) (Total:156.01 GB) (Free:145.67 GB) NTFS
Drive i: (Záloha disku S) (Fixed) (Total:1862.98 GB) (Free:479.74 GB) NTFS
Drive j: (Samsung 32G) (Removable) (Total:29.87 GB) (Free:7.27 GB) NTFS
Drive s: (Passport 2 000 GB) (Fixed) (Total:1862.98 GB) (Free:404.3 GB) NTFS

\\?\Volume{73b74f00-0000-0000-0000-90aa37000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS
\\?\Volume{73b74f00-0000-0000-0000-c0c737000000}\ () (Fixed) (Total:0.45 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 5ED740EC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 73B74F00)
Partition 1: (Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 MB) - (Type=27)
Partition 3: (Not Active) - (Size=459 MB) - (Type=27)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 48534854)
Partition 1: (Not Active) - (Size=309.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=156 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 16F2A91F)

Partition: GPT.

========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 2505C019)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 29.9 GB) (Disk ID: 64A94908)
Partition 1: (Not Active) - (Size=29.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39209
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod jaro3 » 18 led 2019 18:14

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [370688 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\MountPoints2: {0afceacc-b122-11e8-9c27-0009dd509689} - "H:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\MountPoints2: {67273a38-0fa1-11e9-9c63-0009dd509689} - "H:\WD Drive Unlock.exe" autoplay=true
GroupPolicy: Restriction ? <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3529494443-4293947711-600217252-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
AlternateDataStreams: C:\ProgramData:92CA596210974D5D [217]
AlternateDataStreams: C:\Users\All Users:92CA596210974D5D [217]
AlternateDataStreams: C:\ProgramData\Data aplikací:92CA596210974D5D [217]
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\facebook.net -> hxxps://connect.facebook.net
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\fbcdn.net -> hxxps://static.xx.fbcdn.net
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\google-analytics.com -> hxxps://www.google-analytics.com
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\paragon-software.com -> hxxps://bo4-fe.paragon-software.com

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7844
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 21:45

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
Ran by MARTIN (18-01-2019 21:38:18) Run:2
Running from C:\Users\MARTIN\Desktop\Kontrola 15_01_2019\FABAR
Loaded Profiles: MARTIN (Available Profiles: MARTIN)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [370688 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\MountPoints2: {0afceacc-b122-11e8-9c27-0009dd509689} - "H:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\MountPoints2: {67273a38-0fa1-11e9-9c63-0009dd509689} - "H:\WD Drive Unlock.exe" autoplay=true
GroupPolicy: Restriction ? <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3529494443-4293947711-600217252-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
AlternateDataStreams: C:\ProgramData:92CA596210974D5D [217]
AlternateDataStreams: C:\Users\All Users:92CA596210974D5D [217]
AlternateDataStreams: C:\ProgramData\Data aplikac�:92CA596210974D5D [217]
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\facebook.net -> hxxps://connect.facebook.net
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\fbcdn.net -> hxxps://static.xx.fbcdn.net
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\google-analytics.com -> hxxps://www.google-analytics.com
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\paragon-software.com -> hxxps://bo4-fe.paragon-software.com

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-3529494443-4293947711-600217252-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #0" => not found
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0afceacc-b122-11e8-9c27-0009dd509689} => not found
HKLM\Software\Classes\CLSID\{0afceacc-b122-11e8-9c27-0009dd509689} => not found
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67273a38-0fa1-11e9-9c63-0009dd509689} => not found
HKLM\Software\Classes\CLSID\{67273a38-0fa1-11e9-9c63-0009dd509689} => not found
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => not found
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => not found
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => not found
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => not found
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => not found
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => not found
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => not found
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => not found
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PowerISO => not found
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => not found
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => not found
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
C:\ProgramData => ":92CA596210974D5D" ADS removed successfully
"C:\Users\All Users" => ":92CA596210974D5D" ADS not found.
"C:\ProgramData\Data aplikac�" => ":92CA596210974D5D" ADS not found.
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\facebook.net => not found
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\fbcdn.net => not found
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\google-analytics.com => not found
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => not found
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\paragon-software.com => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4201960 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 583846 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 27556857 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
MARTIN => 119498 B

RecycleBin => 1431013544 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:41:11 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39209
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod jaro3 » 18 led 2019 22:52

Ještě se to ukazuje?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7844
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 23:19

Vzdal to, srab!!!! Hotovo, nebo ještě něco?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39209
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod jaro3 » 20 led 2019 15:53

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/



Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7844
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 20 led 2019 18:13

# DelFix v1.013 - Logfile created 20/01/2019 at 18:10:11
# Updated 17/04/2016 by Xplode
# Username : MARTIN - DESKTOP-DGB63JL
# Operating System : Windows 10 Enterprise (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #16 [Restore Point Created by FRST | 01/18/2019 20:08:38]
Deleted : RP #19 [Installed Acronis Universal Restore Bootable Media Builder | 01/20/2019 11:58:06]
Deleted : RP #20 [Installed Acronis Universal Restore Bootable Media Builder | 01/20/2019 12:03:27]

New restore point created !

########## - EOF - ##########

DĚKUJU !!!


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 20 hostů