samovolné odesílání mailů

Zpráva

marco_cz · #16 Příspěvek od **marco_cz** » 17 led 2018 21:32

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.01.2018
Ran by Marek (17-01-2018 21:29:10)
Running from C:\Users\Marek\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-02 16:20:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2253546345-1451501098-3921934081-500 - Administrator - Disabled)
Guest (S-1-5-21-2253546345-1451501098-3921934081-501 - Limited - Enabled)
Marek (S-1-5-21-2253546345-1451501098-3921934081-1000 - Administrator - Enabled) => C:\Users\Marek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{0611B3CC-B5DB-4B93-ACE4-97B8F938E6B7}) (Version: 4.2.1 - Hewlett-Packard) Hidden
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.187 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVerMedia A828 USB Hybrid DVBT 1.7.64.100 (HKLM-x32\...\AVerMedia A828 USB Hybrid DVBT) (Version: 1.7.64.100 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Applications (HKLM-x32\...\{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}) (Version: 1.0.4 - AVerMedia Technologies, Inc.) Hidden
AVerMedia Applications (HKLM-x32\...\InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}) (Version: 1.0.4 - AVerMedia Technologies, Inc.)
AVerMedia Media Center Plug-ins 2.0.8.0 (HKLM-x32\...\AVerMedia Media Center Plug-ins) (Version: 2.0.8.0 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV (HKLM-x32\...\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden
AVerTV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
BufferChm (HKLM-x32\...\{687FEF8A-8597-40b4-832C-297EA3F35817}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Cobian Backup 10 (HKLM-x32\...\CobBackup10) (Version: - )
Combined Community Codec Pack 2013-11-27 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.11.27.0 - CCCP Project)
CustomerResearchQFolder (HKLM-x32\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1830 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
DeviceDiscovery (HKLM-x32\...\{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}) (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM-x32\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 41.4.80 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{3E2B7AE3-BA39-4C93-B6F5-BCF242BB9431}) (Version: 10.1.219.1 - ESET, spol. s r.o.)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
hppCLJCM1312 (HKLM-x32\...\{07B85EEC-05BD-4E6A-AAEB-502FB2473DFA}) (Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (HKLM-x32\...\{7985C7FA-B151-4BA7-B19E-1577A7B527F1}) (Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (HKLM-x32\...\{0626C86E-5A8F-4A6D-8C0A-5FF38BD2DA3A}) (Version: 005.001.00137 - Název společnosti:) Hidden
hppFonts (HKLM-x32\...\{995F2783-8311-49BF-833E-DB659774B4F6}) (Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM1312 (HKLM-x32\...\{ED498DD7-FBC1-4C67-8D9B-C9218FBC818D}) (Version: 005.001.00145 - Název společnosti:) Hidden
hppQFolderCM1312 (HKLM-x32\...\{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (HKLM-x32\...\{B59ACF5E-0FF7-44D2-B57D-E516F334AC2E}) (Version: 005.001.00140 - Název společnosti:) Hidden
hppSendFaxCM1312 (HKLM-x32\...\{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}) (Version: 005.000.00001 - Název společnosti:) Hidden
hppusgCM1312 (HKLM-x32\...\{325D1D94-4F34-46A7-A489-737C801B931D}) (Version: 1.1.0.1 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
MarketResearch (HKLM-x32\...\{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Mashinky CZ SmartSteamEmu v.15112017 (HKLM-x32\...\Mashinky CZ SmartSteamEmu v.15112017) (Version: SmartSteamEmu v.15112017 - Libbi)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.4.10 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 57.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 57.0.4 (x64 cs)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
Mozilla Thunderbird 52.5.2 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.5.2 (x86 cs)) (Version: 52.5.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1029}) (Version: 8.3.309 - Nero AG)
nLite 1.4.9.3 (HKLM-x32\...\nLite_is1) (Version: 1.4.9.3 - Dino Nuhagic (nuhi))
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Opera Stable 50.0.2762.58 (HKLM-x32\...\Opera 50.0.2762.58) (Version: 50.0.2762.58 - Opera Software)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.107.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
StarCam Clip (HKLM-x32\...\{7AEF344E-DB20-4D76-9077-30BD339DFD99}) (Version: 5.16.0.301 - )
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Standard (HKLM-x32\...\{88A5F645-7A91-433E-998E-1AEAF73AD572}) (Version: 11801.1 - STORMWARE)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{5ACE69F0-A3E8-44eb-88C1-0A841E700180}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Van Dyke Technologies IMAP Notify 1.0 (HKLM-x32\...\IMAP Notify) (Version: - )
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{CCB9B81A-167F-4832-B305-D2A0430840B3}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-10-26] (ESET)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-10-26] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-10-26] (ESET)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {349A660F-71A8-4502-8D08-5C264515E9A8} - System32\Tasks\Opera scheduled Autoupdate 1492111672 => C:\Program Files (x86)\Opera\launcher.exe [2018-01-10] (Opera Software)
Task: {36E7AF0D-DC55-47ED-BCC5-3D6EEF79EB9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {3EAE2D4A-D41E-408E-94B6-6A705E7AB6AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {404D18C4-1B45-4159-BF21-27009672F313} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-04] (Dropbox, Inc.)
Task: {43A7FB22-B682-43CC-890A-DA037C9B279C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-02] (Google Inc.)
Task: {44A5AD0D-9FF1-423C-AB05-638D8D839DA7} - System32\Tasks\{90A388B2-2ED3-4CC8-9B80-B9334D9ED52A} => C:\Users\Marek\Desktop\RSITx64.exe
Task: {71A72217-1C0D-45E1-967A-39C876156B6E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-04] (Dropbox, Inc.)
Task: {AE6B7493-F7F4-4802-9A56-44F5B8C91233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-02] (Google Inc.)
Task: {B98FB4B3-258B-4ECD-B5FC-721221F6591F} - System32\Tasks\{F2014650-C671-41FD-81C5-369AB1B5F20D} => C:\Users\Marek\Desktop\RSITx64.exe
Task: {C64073AB-A6D6-4104-AB56-4A2A7A74B8E1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {CD69B970-5508-49CB-9CC8-6F1B0B5E93FA} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2253546345-1451501098-3921934081-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2017-11-28] (Mega Limited)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-11-14 23:35 - 2017-11-09 18:24 - 000020208 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2017-08-25 06:57 - 2017-08-25 06:57 - 001213576 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2017-04-04 18:41 - 2009-12-07 06:13 - 000397312 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2017-04-04 18:41 - 2010-01-06 02:43 - 000155648 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2017-05-08 13:14 - 2017-05-08 13:14 - 000008192 ___SH () C:\Windows\SysWOW64\srvany.exe
2017-05-08 13:14 - 2017-05-08 13:14 - 000151552 ___SH () C:\Windows\kmsem\KMService.exe
2017-06-07 21:09 - 2017-11-17 22:04 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2017-04-02 20:07 - 2006-05-12 10:27 - 000831488 _____ () C:\Windows\vsnpstd3.exe
2017-08-25 06:17 - 2017-08-25 06:17 - 000575416 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2017-04-02 20:07 - 2006-06-19 10:43 - 000262144 _____ () C:\Windows\tsnpstd3.exe
2017-04-04 18:41 - 2010-06-21 22:24 - 000053248 _____ () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2017-08-17 16:51 - 2017-08-17 16:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-06-07 21:07 - 2017-11-17 22:04 - 000570368 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2016-04-13 09:38 - 2017-11-17 22:04 - 000798208 _____ () C:\ProgramData\MEGAsync\libsodium.dll
2010-06-04 17:40 - 2010-06-04 17:40 - 000012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2018-01-11 21:46 - 2018-01-08 22:15 - 000732480 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-01-11 21:46 - 2018-01-08 22:15 - 002061632 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-04 10:47 - 2018-01-08 22:15 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-04 10:47 - 2018-01-08 22:16 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-04 10:47 - 2018-01-08 22:15 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-04 10:47 - 2018-01-08 22:16 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000063296 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-05-04 10:47 - 2018-01-08 22:16 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-04 10:47 - 2018-01-08 22:16 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-21 18:19 - 2018-01-08 22:15 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-07 18:41 - 2018-01-08 22:17 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-05-17 18:54 - 2018-01-08 22:16 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-04 10:47 - 2018-01-08 22:16 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-01-11 21:46 - 2018-01-08 22:16 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-04 10:47 - 2018-01-08 22:16 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-01-11 21:46 - 2018-01-08 22:16 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-04 10:47 - 2018-01-08 22:17 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-12-29 21:27 - 2018-01-16 22:46 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 81.200.55.70 - 81.200.55.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: HP Color LaserJet CM1312 MFP Series Fax => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe "HP Color LaserJet CM1312 MFP Series Fax"
MSCONFIG\startupreg: HPUsageTracking => "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2DD60572-3B80-4157-BEE7-DD23BBAD36CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E45E6FD8-24EF-47A6-A14E-330430A40A81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{20DCB666-88F2-4F87-BC14-7327D5155408}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{E3AE89B4-96F7-41D7-99D3-F5EE68454F27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD9.EXE
FirewallRules: [{18291519-A647-4AF9-BBB0-FF7724771235}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{F00D615C-F1FD-4174-8EEA-FE475C805DBC}C:\users\marek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{56BADC70-44E9-473B-BD74-B4AA6CCA9522}C:\users\marek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{962F0798-718D-45B5-BF1A-DC1FDCCB0F15}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{275F9E9D-B529-44B9-A66C-4E948754FA90}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [TCP Query User{5A0DD41C-A69D-4C8F-9ABF-9C3A31EDC37A}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe
FirewallRules: [UDP Query User{8A82E154-6EFE-4284-9C47-18F1A2CFF0D3}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe
FirewallRules: [TCP Query User{A23B5E7E-BB43-4F4C-97EF-F8B16AF9838B}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe
FirewallRules: [UDP Query User{511CD02D-CDC1-4328-B3C3-6728F7D087F2}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe
FirewallRules: [{28514787-C5BC-4C69-9E97-A95CE29CA181}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{3F429DAB-486D-4858-A9EF-A922010244AA}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{2F171E53-8E10-446D-8F26-2D357F900779}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\ConfigWizard.exe
FirewallRules: [{C5D2BD36-95F5-4C3D-86F9-37989C0C4562}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\ConfigWizard.exe
FirewallRules: [TCP Query User{5674E8A2-DDCB-4D0C-8154-D9A06A170070}C:\mashinky cz\mashinky.exe] => (Allow) C:\mashinky cz\mashinky.exe
FirewallRules: [UDP Query User{113DC29A-2561-46A5-8972-543DCF898882}C:\mashinky cz\mashinky.exe] => (Allow) C:\mashinky cz\mashinky.exe
FirewallRules: [TCP Query User{8410F483-E819-4AE1-B182-AE05DC4B67CC}C:\users\marek\desktop\dns-323_c1_fw_v1.10_easysearch_v4.9.0.2_01272011.exe] => (Allow) C:\users\marek\desktop\dns-323_c1_fw_v1.10_easysearch_v4.9.0.2_01272011.exe
FirewallRules: [UDP Query User{F02BD9F6-2933-41EC-959E-DDC0C68FA33B}C:\users\marek\desktop\dns-323_c1_fw_v1.10_easysearch_v4.9.0.2_01272011.exe] => (Allow) C:\users\marek\desktop\dns-323_c1_fw_v1.10_easysearch_v4.9.0.2_01272011.exe
FirewallRules: [{332D3108-E412-4447-AAEC-183DD58C2491}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A49FB4D8-3177-4686-ADEA-05BEB11A3C0F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BAD8AF8D-CFE5-4475-9460-D88C25593AB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BA0E3796-353D-4778-AB0F-14435D37A7F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DCFAC6C2-45D2-46F2-ADD4-33FA242354F1}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
FirewallRules: [{4AFD38FF-73EE-4090-983E-9AF10222BE1C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FC74A21E-2226-4324-B17D-C3C184741E0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D1DAD523-35E0-4208-A6D6-F3F6B97E0080}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{B6387DE5-8BF4-412B-88B7-73B7C0ACAAD5}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe

==================== Restore Points =========================

09-01-2018 22:33:50 Windows Update
16-01-2018 18:34:36 Odebráno: Acronis True Image

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2018 09:29:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID 'C73DF26C-DA36-4B34-A03E-033834498780' kvůli chybě 2> (Soubor (složku) nebo klíč (hodnotu) v registru se nepodařilo nalézt.).

Error: (01/17/2018 09:28:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID 'E8EB23E7-2D44-49CD-BDBA-301B0BD1C9E3' kvůli chybě 2> (Soubor (složku) nebo klíč (hodnotu) v registru se nepodařilo nalézt.).

Error: (01/17/2018 09:28:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID 'C73DF26C-DA36-4B34-A03E-033834498780' kvůli chybě 2> (Soubor (složku) nebo klíč (hodnotu) v registru se nepodařilo nalézt.).

Error: (01/17/2018 09:27:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID 'C73DF26C-DA36-4B34-A03E-033834498780' kvůli chybě 2> (Soubor (složku) nebo klíč (hodnotu) v registru se nepodařilo nalézt.).

Error: (01/17/2018 09:26:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID 'E8EB23E7-2D44-49CD-BDBA-301B0BD1C9E3' kvůli chybě 2> (Soubor (složku) nebo klíč (hodnotu) v registru se nepodařilo nalézt.).

Error: (01/17/2018 09:26:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID 'C73DF26C-DA36-4B34-A03E-033834498780' kvůli chybě 2> (Soubor (složku) nebo klíč (hodnotu) v registru se nepodařilo nalézt.).

Error: (01/17/2018 09:25:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID 'C73DF26C-DA36-4B34-A03E-033834498780' kvůli chybě 2> (Soubor (složku) nebo klíč (hodnotu) v registru se nepodařilo nalézt.).

Error: (01/17/2018 09:24:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID 'E8EB23E7-2D44-49CD-BDBA-301B0BD1C9E3' kvůli chybě 2> (Soubor (složku) nebo klíč (hodnotu) v registru se nepodařilo nalézt.).

Error: (01/17/2018 09:24:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: NT AUTHORITY)
Description: Plánovač nemohl spustit úlohu >> "" s GUID 'C73DF26C-DA36-4B34-A03E-033834498780' kvůli chybě 2> (Soubor (složku) nebo klíč (hodnotu) v registru se nepodařilo nalézt.).

Error: (01/17/2018 09:23:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============
Error: (01/17/2018 09:24:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (01/17/2018 09:24:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error: (01/17/2018 08:45:10 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (01/17/2018 08:44:56 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek F: spustit nástroj chkdsk.

Error: (01/17/2018 08:44:42 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek \\?\Volume{db9dcf4a-fbbe-11e7-ab1e-806e6f6e6963} spustit nástroj chkdsk.

Error: (01/17/2018 08:43:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/17/2018 08:41:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (01/17/2018 08:41:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error: (01/17/2018 08:39:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/17/2018 08:39:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {3EB3C877-1F16-487C-9050-104DBCD66683} se v daném časovém limitu neregistroval u služby DCOM.

CodeIntegrity:
===================================
Date: 2018-01-17 21:23:23.219
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-17 20:44:47.769
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\snpstd3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-17 20:44:47.644
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\snpstd3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-17 20:39:47.309
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-17 20:39:43.066
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\snpstd3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-17 20:39:42.941
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\snpstd3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-17 20:33:01.406
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-17 19:49:27.056
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-17 19:34:25.215
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-17 19:14:27.004
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 30%
Total physical RAM: 8137.92 MB
Available physical RAM: 5654.95 MB
Total Virtual: 16274 MB
Available Virtual: 13780.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:164.62 GB) NTFS
Drive d: () (Fixed) (Total:390.62 GB) (Free:184.16 GB) NTFS
Drive e: () (Fixed) (Total:540.88 GB) (Free:540.16 GB) NTFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:292.02 GB) (Free:234.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 70E036E7)
Partition 1: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0FFEC0E4)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=466 MB) - (Type=27)
Partition 4: (Not Active) - (Size=172.8 GB) - (Type=06)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: EBB39BB7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#17 Příspěvek od **altrok** » 18 led 2018 20:53

Tohle doporucuji provest:

Error: (01/17/2018 08:45:10 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (01/17/2018 08:44:56 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek F: spustit nástroj chkdsk.

Tzn. spustit prikazovou radku jako spravce a prikazy
chkdsk g: /f
chkdsk f: /f

Znovu spustte FRST.exe/FRST64.exe
stisknete Ctrl + y (obe klavesy zaroven)
otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
kliknete na tlacitko Fix

po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
Task: {44A5AD0D-9FF1-423C-AB05-638D8D839DA7} - System32\Tasks\{90A388B2-2ED3-4CC8-9B80-B9334D9ED52A} => C:\Users\Marek\Desktop\RSITx64.exe
Task: {B98FB4B3-258B-4ECD-B5FC-721221F6591F} - System32\Tasks\{F2014650-C671-41FD-81C5-369AB1B5F20D} => C:\Users\Marek\Desktop\RSITx64.exe
File: C:\Windows\kmsem\KMService.exe
File: C:\Windows\SysWOW64\srvany.exe
2017-05-08 13:14 - 2017-05-08 13:14 - 000008192 ___SH () C:\Windows\SysWOW64\srvany.exe
2017-05-08 13:14 - 2017-05-08 13:14 - 000151552 ___SH () C:\Windows\kmsem\KMService.exe
C:\Windows\SysWOW64\srvany.exe
Folder: C:\Windows\kmsem
C:\Windows\kmsem\KMService.exe
C:\Windows\kmsem
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End

marco_cz · #18 Příspěvek od **marco_cz** » 18 led 2018 21:03

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.01.2018
Ran by Marek (18-01-2018 20:58:49) Run:1
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
Task: {44A5AD0D-9FF1-423C-AB05-638D8D839DA7} - System32\Tasks\{90A388B2-2ED3-4CC8-9B80-B9334D9ED52A} => C:\Users\Marek\Desktop\RSITx64.exe
Task: {B98FB4B3-258B-4ECD-B5FC-721221F6591F} - System32\Tasks\{F2014650-C671-41FD-81C5-369AB1B5F20D} => C:\Users\Marek\Desktop\RSITx64.exe
File: C:\Windows\kmsem\KMService.exe
File: C:\Windows\SysWOW64\srvany.exe
2017-05-08 13:14 - 2017-05-08 13:14 - 000008192 ___SH () C:\Windows\SysWOW64\srvany.exe
2017-05-08 13:14 - 2017-05-08 13:14 - 000151552 ___SH () C:\Windows\kmsem\KMService.exe
C:\Windows\SysWOW64\srvany.exe
Folder: C:\Windows\kmsem
C:\Windows\kmsem\KMService.exe
C:\Windows\kmsem
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount" => removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\System\CurrentControlSet\Services\AppMgmt" => removed successfully
AppMgmt => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44A5AD0D-9FF1-423C-AB05-638D8D839DA7} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44A5AD0D-9FF1-423C-AB05-638D8D839DA7}" => removed successfully
C:\Windows\System32\Tasks\{90A388B2-2ED3-4CC8-9B80-B9334D9ED52A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{90A388B2-2ED3-4CC8-9B80-B9334D9ED52A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B98FB4B3-258B-4ECD-B5FC-721221F6591F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B98FB4B3-258B-4ECD-B5FC-721221F6591F}" => removed successfully
C:\Windows\System32\Tasks\{F2014650-C671-41FD-81C5-369AB1B5F20D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F2014650-C671-41FD-81C5-369AB1B5F20D}" => removed successfully

========================= File: C:\Windows\kmsem\KMService.exe ========================

C:\Windows\kmsem\KMService.exe
File not signed
MD5: BCA43E19E7013331D99FF788EA6B42A0
Creation and modification date: 2017-05-08 13:14 - 2017-05-08 13:14
Size: 000151552
Attributes: --ASH
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/b075602 ... 516070174/

====== End of File: ======

========================= File: C:\Windows\SysWOW64\srvany.exe ========================

C:\Windows\SysWOW64\srvany.exe
File not signed
MD5: 4635935FC972C582632BF45C26BFCB0E
Creation and modification date: 2017-05-08 13:14 - 2017-05-08 13:14
Size: 000008192
Attributes: --ASH
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/abd4afd ... 516295596/

====== End of File: ======

C:\Windows\SysWOW64\srvany.exe => moved successfully
C:\Windows\kmsem\KMService.exe => moved successfully
"C:\Windows\SysWOW64\srvany.exe" => not found

========================= Folder: C:\Windows\kmsem ========================

====== End of Folder: ======

"C:\Windows\kmsem\KMService.exe" => not found
C:\Windows\kmsem => moved successfully

========= dir "C:\Windows\Inf" /AD =========

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 36D1-2CE5.

Věpis adres ýe C:\Windows\Inf

18.01.2018 20:22 <DIR> .
18.01.2018 20:22 <DIR> ..
12.04.2011 09:34 <DIR> .NET CLR Data
12.04.2011 09:34 <DIR> .NET CLR Networking
02.04.2017 18:07 <DIR> .NET CLR Networking 4.0.0.0
12.04.2011 09:34 <DIR> .NET Data Provider for Oracle
12.04.2011 09:34 <DIR> .NET Data Provider for SqlServer
02.04.2017 18:06 <DIR> .NET Memory Cache 4.0
12.04.2011 09:34 <DIR> .NETFramework
09.01.2018 22:35 <DIR> ASP.NET
02.04.2017 18:06 <DIR> ASP.NET_4.0.30319
09.01.2018 22:35 <DIR> aspnet_state
12.04.2011 09:34 <DIR> BITS
12.04.2011 09:34 <DIR> cs-CZ
12.04.2011 09:31 <DIR> en-US
12.04.2011 09:34 <DIR> ESENT
12.04.2011 09:34 <DIR> MSDTC
12.04.2011 09:34 <DIR> MSDTC Bridge 3.0.0.0
02.04.2017 18:07 <DIR> MSDTC Bridge 4.0.0.0
06.04.2017 20:24 <DIR> Other
12.04.2011 09:34 <DIR> PERFLIB
12.04.2011 09:34 <DIR> PNRPSvc
12.04.2011 09:34 <DIR> rdyboost
12.04.2011 09:34 <DIR> RemoteAccess
12.04.2011 09:34 <DIR> ServiceModelEndpoint 3.0.0.0
12.04.2011 09:34 <DIR> ServiceModelOperation 3.0.0.0
12.04.2011 09:34 <DIR> ServiceModelService 3.0.0.0
12.04.2011 09:34 <DIR> SMSvcHost 3.0.0.0
02.04.2017 18:07 <DIR> SMSvcHost 4.0.0.0
12.04.2011 09:34 <DIR> TAPISRV
12.04.2011 09:34 <DIR> TermService
12.04.2011 09:34 <DIR> UGatherer
12.04.2011 09:34 <DIR> UGTHRSVC
12.04.2011 09:34 <DIR> usbhub
12.04.2011 09:34 <DIR> Windows Workflow Foundation 3.0.0.0
02.04.2017 18:07 <DIR> Windows Workflow Foundation 4.0.0.0
18.01.2018 20:22 <DIR> WmiApRpl
12.04.2011 09:34 <DIR> wsearchidxpi
Soubor…: 0, Bajt…: 0
Adres ý…: 38, Volněch bajt…: 174˙398˙087˙168

========= End of CMD: =========

========= dir "C:\PROGRA~1" =========

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 36D1-2CE5.

Věpis adres ýe C:\PROGRA~1

20.11.2017 18:45 <DIR> .
20.11.2017 18:45 <DIR> ..
09.05.2017 07:09 <DIR> Common Files
02.04.2017 18:12 <DIR> DAEMON Tools Lite
02.04.2017 20:52 <DIR> DVD Maker
23.08.2017 14:26 <DIR> ESET
05.01.2018 03:18 <DIR> Internet Explorer
17.01.2018 21:45 <DIR> Java
07.05.2017 16:32 <DIR> Microsoft Analysis Services
12.04.2011 09:45 <DIR> Microsoft Games
07.05.2017 16:33 <DIR> Microsoft Office
14.06.2017 02:22 <DIR> Microsoft Silverlight
06.01.2018 12:16 <DIR> Mozilla Firefox
14.07.2009 06:32 <DIR> MSBuild
08.12.2017 18:52 <DIR> NVIDIA Corporation
20.11.2017 18:45 <DIR> Realtek
14.07.2009 06:32 <DIR> Reference Assemblies
02.04.2017 19:55 <DIR> STORMWARE
02.04.2017 20:52 <DIR> Windows Defender
12.04.2011 09:34 <DIR> Windows Mail
16.11.2017 03:16 <DIR> Windows Media Player
02.04.2017 17:20 <DIR> Windows NT
12.04.2011 09:34 <DIR> Windows Photo Viewer
21.11.2010 04:31 <DIR> Windows Portable Devices
12.04.2011 09:34 <DIR> Windows Sidebar
Soubor…: 0, Bajt…: 0
Adres ý…: 25, Volněch bajt…: 174˙398˙087˙168

========= End of CMD: =========

========= dir "C:\PROGRA~2" =========

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 36D1-2CE5.

Věpis adres ýe C:\PROGRA~2

16.01.2018 18:36 <DIR> .
16.01.2018 18:36 <DIR> ..
18.01.2018 20:09 <DIR> Acronis
02.04.2017 17:32 <DIR> Adobe
02.04.2017 17:56 <DIR> Apple Software Update
10.04.2017 20:38 <DIR> AVerMedia
19.10.2017 11:14 <DIR> Cobian Backup 10
02.04.2017 17:33 <DIR> Combined Community Codec Pack
18.01.2018 20:09 <DIR> Common Files
02.04.2017 17:52 <DIR> CyberLink
15.05.2017 18:39 <DIR> DOSBox-0.74
11.01.2018 21:46 <DIR> Dropbox
21.10.2017 16:50 <DIR> Free FLAC to MP3 Converter
02.04.2017 17:33 <DIR> Google
10.04.2017 19:00 <DIR> HP
19.07.2017 21:00 <DIR> IMAP Notify
02.04.2017 18:46 <DIR> Intel
05.01.2018 03:18 <DIR> Internet Explorer
17.01.2018 21:45 <DIR> Java
07.05.2017 16:32 <DIR> Microsoft Analysis Services
07.05.2017 16:32 <DIR> Microsoft Office
14.06.2017 02:22 <DIR> Microsoft Silverlight
04.04.2017 18:40 <DIR> Microsoft SQL Server Compact Edition
07.05.2017 16:33 <DIR> Microsoft.NET
02.04.2017 17:52 <DIR> MozBackup
06.01.2018 12:16 <DIR> Mozilla Maintenance Service
06.01.2018 12:16 <DIR> Mozilla Thunderbird
14.07.2009 06:32 <DIR> MSBuild
03.04.2017 19:50 <DIR> MSXML 4.0
02.04.2017 17:39 <DIR> Nero
07.11.2017 18:01 <DIR> nLite
08.12.2017 18:52 <DIR> NVIDIA Corporation
16.01.2018 13:40 <DIR> Opera
07.10.2017 14:01 <DIR> PopTray
06.04.2017 20:36 <DIR> QNAP
02.04.2017 17:57 <DIR> QuickTime
20.11.2017 18:37 <DIR> Realtek
14.07.2009 06:32 <DIR> Reference Assemblies
05.01.2018 08:58 <DIR> Skype
27.12.2017 19:57 <DIR> STORMWARE
16.01.2018 21:32 <DIR> TeamViewer
08.12.2017 18:53 <DIR> VulkanRT
26.04.2017 19:33 <DIR> Webteh
02.04.2017 20:52 <DIR> Windows Defender
12.04.2011 09:34 <DIR> Windows Mail
16.11.2017 03:16 <DIR> Windows Media Player
14.07.2009 06:32 <DIR> Windows NT
12.04.2011 09:34 <DIR> Windows Photo Viewer
21.11.2010 04:31 <DIR> Windows Portable Devices
12.04.2011 09:34 <DIR> Windows Sidebar
Soubor…: 0, Bajt…: 0
Adres ý…: 50, Volněch bajt…: 174˙398˙083˙072

========= End of CMD: =========

========= dir "C:\PROGRA~3" =========

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 36D1-2CE5.

Věpis adres ýe C:\PROGRA~3

18.01.2018 20:09 <DIR> Acronis
02.04.2017 19:52 <DIR> Adobe
02.04.2017 17:56 <DIR> Apple
02.04.2017 17:57 <DIR> Apple Computer
04.04.2017 18:39 <DIR> AVerMedia
04.04.2017 18:43 <DIR> AVerTV
30.07.2017 21:29 <DIR> CyberLink
02.04.2017 18:11 <DIR> DAEMON Tools Lite
04.05.2017 10:47 <DIR> Dropbox
23.08.2017 14:26 <DIR> ESET
03.04.2017 02:19 <DIR> Hewlett-Packard
03.04.2017 02:19 <DIR> HP
10.04.2017 19:01 5˙374 hpzinstall.log
30.11.2017 03:44 <DIR> MEGAsync
09.01.2018 22:34 <DIR> Microsoft Help
16.12.2017 21:00 16 mntemp
16.12.2017 21:00 <DIR> Movavi
16.12.2017 21:00 <DIR> Movavi Video Converter 16
02.04.2017 17:39 <DIR> Nero
18.01.2018 20:58 <DIR> NVIDIA
08.12.2017 18:53 <DIR> NVIDIA Corporation
07.01.2018 16:40 <DIR> Oracle
02.04.2017 19:40 <DIR> Package Cache
02.04.2017 19:55 <DIR> PDF Writer
05.01.2018 08:58 <DIR> Skype
02.04.2017 19:56 <DIR> STORMWARE
02.04.2017 17:51 <DIR> Temp
Soubor…: 2, Bajt…: 5˙390
Adres ý…: 25, Volněch bajt…: 174˙398˙083˙072

========= End of CMD: =========

========= dir "%localappdata%" =========

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 36D1-2CE5.

Věpis adres ýe C:\Users\Marek\AppData\Local

18.01.2018 20:20 <DIR> .
18.01.2018 20:20 <DIR> ..
09.11.2017 19:37 <DIR> Adobe
02.04.2017 17:51 <DIR> Ahead
02.04.2017 17:56 <DIR> Apple
06.01.2018 21:47 <DIR> Apps
04.04.2017 18:41 <DIR> AVerMedia
03.04.2017 07:08 <DIR> CEF
16.12.2017 21:00 <DIR> converter
30.07.2017 21:29 <DIR> Cyberlink
16.01.2018 15:24 <DIR> Diagnostics
02.04.2017 18:12 <DIR> Disc_Soft_Ltd
15.05.2017 18:39 <DIR> DOSBox
14.06.2017 21:33 <DIR> Dropbox
18.06.2017 00:00 <DIR> ElevatedDiagnostics
01.10.2017 10:09 <DIR> ESET
07.12.2017 20:27 126˙344 GDIPFONTCACHEV1.DAT
02.04.2017 18:59 <DIR> GHISLER
13.04.2017 20:27 <DIR> Google
11.10.2017 18:53 <DIR> Mega Limited
19.11.2017 17:51 <DIR> Microsoft
02.10.2017 22:05 <DIR> Microsoft Help
16.12.2017 21:00 <DIR> Movavi
02.04.2017 17:56 <DIR> Mozilla
16.12.2017 21:02 <DIR> NVIDIA
13.04.2017 20:27 <DIR> Opera Software
05.04.2017 16:19 <DIR> PDF Writer
02.04.2017 17:33 <DIR> Programs
11.10.2017 19:02 <DIR> Safe mirror
01.12.2017 08:16 <DIR> TeamViewer
18.01.2018 20:54 <DIR> Temp
02.04.2017 18:00 <DIR> Thunderbird
08.12.2017 22:34 <DIR> VirtualStore
16.12.2017 21:02 <DIR> _Converter
Soubor…: 1, Bajt…: 126˙344
Adres ý…: 33, Volněch bajt…: 174˙398˙078˙976

========= End of CMD: =========

========= dir "%appdata%" =========

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 36D1-2CE5.

Věpis adres ýe C:\Users\Marek\AppData\Roaming

16.01.2018 18:35 <DIR> .
16.01.2018 18:35 <DIR> ..
03.04.2017 07:08 <DIR> Adobe
02.04.2017 19:40 <DIR> Apple Computer
26.04.2017 21:18 <DIR> BSplayer
26.04.2017 19:33 <DIR> BSplayer Pro
30.07.2017 21:29 <DIR> CyberLink
02.04.2017 18:13 <DIR> DAEMON Tools Lite
04.05.2017 10:47 <DIR> Dropbox
02.04.2017 17:30 <DIR> GHISLER
02.04.2017 17:20 <DIR> Identities
02.04.2017 17:56 <DIR> Macromedia
12.04.2011 09:45 <DIR> Media Center Programs
06.01.2018 22:03 <DIR> Mediatronic
16.11.2017 15:08 <DIR> Mozilla
09.04.2017 19:54 <DIR> Nero
20.11.2017 20:50 <DIR> NVIDIA
13.04.2017 20:27 <DIR> Opera Software
02.04.2017 19:55 <DIR> PDF Writer
18.01.2018 20:52 <DIR> Skype
24.11.2017 12:27 <DIR> SmartSteamEmu
01.06.2017 19:59 <DIR> STORMWARE
02.04.2017 17:35 <DIR> Sun
02.10.2017 21:16 <DIR> TeamViewer
19.07.2017 09:13 <DIR> Thunderbird
17.01.2018 20:34 <DIR> uTorrent
Soubor…: 0, Bajt…: 0
Adres ý…: 26, Volněch bajt…: 174˙398˙078˙976

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 74428388 B
Java, Flash, Steam htmlcache => 3816 B
Windows/system/drivers => 22180 B
Edge => 0 B
Chrome => 419720039 B
Firefox => 416419638 B
Opera => 433303392 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 66356 B
LocalService => 77886 B
NetworkService => 714164 B
Marek => 153031197 B

RecycleBin => 815893 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 20:59:41 ====

#19 Příspěvek od **altrok** » 18 led 2018 21:11

Vypada to, ze koncime. Zmente si heslo do mailu a zmente si i kontrolni otazku pro reset hesla.

VIRY.CZ

samovolné odesílání mailů

Re: samovolné odesílání mailů

Re: samovolné odesílání mailů

Re: samovolné odesílání mailů

Re: samovolné odesílání mailů