RogueKiller Anti-Malware V14.7.3.0 [Sep 15 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits
Started in : Normal mode
User : Intel [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Signatures : 20201015_091159, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/10/19 23:13:04 (Duration : 00:11:43)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
[Adw.Gen (Malicious)] HKEY_LOCAL_MACHINE\Software\Flvto CENZURA -- N/A -> Found
[PUP.IncrediMail (Potentially Malicious)] HKEY_USERS\.DEFAULT\Software\IncrediMail -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3643734996-1694586397-727135667-1000\Software\IM -- N/A -> Found
[PUP.IncrediMail (Potentially Malicious)] HKEY_USERS\S-1-5-21-3643734996-1694586397-727135667-1000\Software\IncrediMail -- N/A -> Found
[PUP.IncrediMail (Potentially Malicious)] HKEY_USERS\S-1-5-18\Software\IncrediMail -- N/A -> Found
>>>>>> O87 - Firewall
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5A562AC0-719A-4C2C-A023-24D72DFB1F04}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\ivan\appdata\local\mozilla firefox\firefox.exe|Name=firefox.exe|Desc=firefox.exe| -> Found
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{74D2395D-D8B7-42B3-BF63-A2314D1EDCEF}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\ivan\appdata\local\mozilla firefox\firefox.exe|Name=firefox.exe|Desc=firefox.exe| -> Found
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5A562AC0-719A-4C2C-A023-24D72DFB1F04}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\ivan\appdata\local\mozilla firefox\firefox.exe|Name=firefox.exe|Desc=firefox.exe| -> Found
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{74D2395D-D8B7-42B3-BF63-A2314D1EDCEF}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\ivan\appdata\local\mozilla firefox\firefox.exe|Name=firefox.exe|Desc=firefox.exe| -> Found
>>>>>> XX - System Policies
[PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Adw.Gen (Malicious)] (shortcut) Flvto CENZURA.lnk -- C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto CENZURA.lnk => C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOY~1.EXE -> Found
[Adw.Gen (Malicious)] (folder) Flvto CENZURA -- C:\Users\Intel\AppData\Local\Flvto CENZURA -> Found
[PUP.IncrediMail (Potentially Malicious)] (folder) IncrediMail -- C:\ProgramData\IncrediMail -> Found
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
zpomalený počítač Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: zpomalený počítač
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.
Vypni antivir i firewall.RK, Mbam ap.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.
Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.
Vlož nový log z HJT + informuj o problémech
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.
Vypni antivir i firewall.RK, Mbam ap.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.
Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.
Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: zpomalený počítač
RogueKiller Anti-Malware V14.7.3.0 [Sep 15 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits
Started in : Normal mode
User : Intel [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Signatures : 20201015_091159, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2020/10/20 00:04:04 (Duration : 00:10:48)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Adw.Gen (Malicious)] HKEY_LOCAL_MACHINE\Software\Flvto CENZURA -- -> Deleted
[PUP.IncrediMail (Potentially Malicious)] HKEY_USERS\.DEFAULT\Software\IncrediMail -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3643734996-1694586397-727135667-1000\Software\IM -- -> Deleted
[PUP.IncrediMail (Potentially Malicious)] HKEY_USERS\S-1-5-21-3643734996-1694586397-727135667-1000\Software\IncrediMail -- -> Deleted
[PUP.IncrediMail (Potentially Malicious)] HKEY_USERS\S-1-5-18\Software\IncrediMail -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5A562AC0-719A-4C2C-A023-24D72DFB1F04}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{74D2395D-D8B7-42B3-BF63-A2314D1EDCEF}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5A562AC0-719A-4C2C-A023-24D72DFB1F04}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{74D2395D-D8B7-42B3-BF63-A2314D1EDCEF}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- -> Deleted
[PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Replaced (2)
[Adw.Gen (Malicious)] Flvto CENZURA.lnk -- %_Intel_appdata%\Microsoft\Windows\Start Menu\Programs\Flvto CENZURA.lnk (lnk => C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOY~1.EXE []) -> Deleted
[Adw.Gen (Malicious)] Flvto CENZURA -- %localappdata%\Flvto CENZURA -> Deleted
=> AmplitudeSharp.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\AMPLIT~1.DLL -> Deleted
=> app.manifest -- C:\Users\Intel\AppData\Local\FLVTOY~1\APP~1.MAN -> Deleted
=> CommonServiceLocator.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\COMMON~1.DLL -> Deleted
=> ControlzEx.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\CONTRO~1.DLL -> Deleted
=> Dropbox.Api.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\DROPBO~1.DLL -> Deleted
=> ffmpeg.exe -- C:\Users\Intel\AppData\Local\FLVTOY~1\FFmpeg\ffmpeg.exe -> Deleted
=> FFmpeg -- C:\Users\Intel\AppData\Local\FLVTOY~1\FFmpeg -> Deleted
=> FixerIO.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FIXERI~1.DLL -> Deleted
=> flvto 128x128 v2.ico -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTO1~1.ICO -> Deleted
=> Flvto.Analytics.Amplitude.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOA~1.DLL -> Deleted
=> Flvto.Analytics.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOA~2.DLL -> Deleted
=> Flvto.Analytics.Google.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOA~3.DLL -> Deleted
=> Flvto.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOA~4.DLL -> Deleted
=> Flvto.Caching.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOC~1.DLL -> Deleted
=> Flvto.Cloud.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOC~2.DLL -> Deleted
=> Flvto.Cloud.Dropbox.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOC~3.DLL -> Deleted
=> Flvto.Cloud.GoogleDrive.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOC~4.DLL -> Deleted
=> Flvto.Cloud.OneDrive.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL8235~1.DLL -> Deleted
=> Flvto.Common.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL4AA8~1.DLL -> Deleted
=> Flvto.Convert.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL9159~1.DLL -> Deleted
=> Flvto.Framework.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOF~1.DLL -> Deleted
=> Flvto.Framework.Wpf.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOF~2.DLL -> Deleted
=> Flvto.Grace.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOG~1.DLL -> Deleted
=> Flvto.Growth.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOG~2.DLL -> Deleted
=> Flvto.InApps.Paddle.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOI~1.DLL -> Deleted
=> Flvto.Interop.iTunes.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOI~2.DLL -> Deleted
=> Flvto.Logic.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOL~1.DLL -> Deleted
=> Flvto.Logic.dll.config -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOL~1.CON -> Deleted
=> Flvto.MediaSources.Dailymotion.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOM~1.DLL -> Deleted
=> Flvto.MediaSources.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOM~2.DLL -> Deleted
=> Flvto.MediaSources.Instagram.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOM~3.DLL -> Deleted
=> Flvto.MediaSources.Soundcloud.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOM~4.DLL -> Deleted
=> Flvto.MediaSources.Vimeo.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL6124~1.DLL -> Deleted
=> Flvto.MediaSources.YouTube.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL2B3B~1.DLL -> Deleted
=> Flvto.OperatingSystem.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOO~1.DLL -> Deleted
=> Flvto.Settings.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOS~1.DLL -> Deleted
=> Flvto.Threading.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOT~1.DLL -> Deleted
=> Flvtool.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOO~2.DLL -> Deleted
=> FlvtoYoutubeDownloader.Redesign.exe -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOY~1.EXE -> Deleted
=> FlvtoYoutubeDownloader.Redesign.exe.config -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOY~1.CON -> Deleted
=> FYDDataModel.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FYDDAT~1.DLL -> Deleted
=> FYDDataModel.dll.config -- C:\Users\Intel\AppData\Local\FLVTOY~1\FYDDAT~1.CON -> Deleted
=> GalaSoft.MvvmLight.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GALASO~1.DLL -> Deleted
=> GalaSoft.MvvmLight.Extras.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GALASO~2.DLL -> Deleted
=> GalaSoft.MvvmLight.Platform.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GALASO~3.DLL -> Deleted
=> Google.Apis.Auth.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GOOGLE~1.DLL -> Deleted
=> Google.Apis.Core.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GOOGLE~2.DLL -> Deleted
=> Google.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GOOGLE~3.DLL -> Deleted
=> Google.Apis.Drive.v3.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GOOGLE~4.DLL -> Deleted
=> Google.Apis.YouTube.v3.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GO9D29~1.DLL -> Deleted
=> Grace.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\Grace.dll -> Deleted
=> Grace.Factory.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GRACEF~1.DLL -> Deleted
=> Gu.Localization.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GULOCA~1.DLL -> Deleted
=> Gu.Wpf.Localization.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GUWPFL~1.DLL -> Deleted
=> Hardcodet.Wpf.TaskbarNotification.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\HARDCO~1.DLL -> Deleted
=> Jint.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\Jint.dll -> Deleted
=> MahApps.Metro.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MAHAPP~1.DLL -> Deleted
=> Microsoft.Graph.Core.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MICROS~1.DLL -> Deleted
=> Microsoft.IdentityModel.Clients.ActiveDirectory.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MICROS~2.DLL -> Deleted
=> Microsoft.OneDrive.Sdk.Authentication.Desktop.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MICROS~3.DLL -> Deleted
=> Microsoft.OneDrive.Sdk.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MICROS~4.DLL -> Deleted
=> Newtonsoft.Json.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\NEWTON~1.DLL -> Deleted
=> Paddle.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\PADDLE~1.DLL -> Deleted
=> policy.2.0.taglib-sharp.config -- C:\Users\Intel\AppData\Local\FLVTOY~1\POLICY~1.CON -> Deleted
=> policy.2.0.taglib-sharp.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\POLICY~1.DLL -> Deleted
=> System.Windows.Interactivity.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\SYSTEM~1.DLL -> Deleted
=> taglib-sharp.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\TAGLIB~1.DLL -> Deleted
=> Tiny.RestClient.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\TINYRE~1.DLL -> Deleted
=> Toqe.Downloader.Business.Contract.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\TOQEDO~1.DLL -> Deleted
=> Toqe.Downloader.Business.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\TOQEDO~2.DLL -> Deleted
[PUP.IncrediMail (Potentially Malicious)] IncrediMail -- %programdata%\IncrediMail -> Deleted
=> Data -- C:\PROGRA~2\INCRED~1\Data -> Deleted
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits
Started in : Normal mode
User : Intel [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Signatures : 20201015_091159, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2020/10/20 00:04:04 (Duration : 00:10:48)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Adw.Gen (Malicious)] HKEY_LOCAL_MACHINE\Software\Flvto CENZURA -- -> Deleted
[PUP.IncrediMail (Potentially Malicious)] HKEY_USERS\.DEFAULT\Software\IncrediMail -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-3643734996-1694586397-727135667-1000\Software\IM -- -> Deleted
[PUP.IncrediMail (Potentially Malicious)] HKEY_USERS\S-1-5-21-3643734996-1694586397-727135667-1000\Software\IncrediMail -- -> Deleted
[PUP.IncrediMail (Potentially Malicious)] HKEY_USERS\S-1-5-18\Software\IncrediMail -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5A562AC0-719A-4C2C-A023-24D72DFB1F04}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{74D2395D-D8B7-42B3-BF63-A2314D1EDCEF}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5A562AC0-719A-4C2C-A023-24D72DFB1F04}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{74D2395D-D8B7-42B3-BF63-A2314D1EDCEF}C:\users\ivan\appdata\local\mozilla firefox\firefox.exe -- -> Deleted
[PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Replaced (2)
[Adw.Gen (Malicious)] Flvto CENZURA.lnk -- %_Intel_appdata%\Microsoft\Windows\Start Menu\Programs\Flvto CENZURA.lnk (lnk => C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOY~1.EXE []) -> Deleted
[Adw.Gen (Malicious)] Flvto CENZURA -- %localappdata%\Flvto CENZURA -> Deleted
=> AmplitudeSharp.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\AMPLIT~1.DLL -> Deleted
=> app.manifest -- C:\Users\Intel\AppData\Local\FLVTOY~1\APP~1.MAN -> Deleted
=> CommonServiceLocator.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\COMMON~1.DLL -> Deleted
=> ControlzEx.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\CONTRO~1.DLL -> Deleted
=> Dropbox.Api.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\DROPBO~1.DLL -> Deleted
=> ffmpeg.exe -- C:\Users\Intel\AppData\Local\FLVTOY~1\FFmpeg\ffmpeg.exe -> Deleted
=> FFmpeg -- C:\Users\Intel\AppData\Local\FLVTOY~1\FFmpeg -> Deleted
=> FixerIO.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FIXERI~1.DLL -> Deleted
=> flvto 128x128 v2.ico -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTO1~1.ICO -> Deleted
=> Flvto.Analytics.Amplitude.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOA~1.DLL -> Deleted
=> Flvto.Analytics.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOA~2.DLL -> Deleted
=> Flvto.Analytics.Google.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOA~3.DLL -> Deleted
=> Flvto.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOA~4.DLL -> Deleted
=> Flvto.Caching.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOC~1.DLL -> Deleted
=> Flvto.Cloud.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOC~2.DLL -> Deleted
=> Flvto.Cloud.Dropbox.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOC~3.DLL -> Deleted
=> Flvto.Cloud.GoogleDrive.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOC~4.DLL -> Deleted
=> Flvto.Cloud.OneDrive.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL8235~1.DLL -> Deleted
=> Flvto.Common.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL4AA8~1.DLL -> Deleted
=> Flvto.Convert.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL9159~1.DLL -> Deleted
=> Flvto.Framework.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOF~1.DLL -> Deleted
=> Flvto.Framework.Wpf.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOF~2.DLL -> Deleted
=> Flvto.Grace.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOG~1.DLL -> Deleted
=> Flvto.Growth.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOG~2.DLL -> Deleted
=> Flvto.InApps.Paddle.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOI~1.DLL -> Deleted
=> Flvto.Interop.iTunes.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOI~2.DLL -> Deleted
=> Flvto.Logic.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOL~1.DLL -> Deleted
=> Flvto.Logic.dll.config -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOL~1.CON -> Deleted
=> Flvto.MediaSources.Dailymotion.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOM~1.DLL -> Deleted
=> Flvto.MediaSources.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOM~2.DLL -> Deleted
=> Flvto.MediaSources.Instagram.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOM~3.DLL -> Deleted
=> Flvto.MediaSources.Soundcloud.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOM~4.DLL -> Deleted
=> Flvto.MediaSources.Vimeo.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL6124~1.DLL -> Deleted
=> Flvto.MediaSources.YouTube.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FL2B3B~1.DLL -> Deleted
=> Flvto.OperatingSystem.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOO~1.DLL -> Deleted
=> Flvto.Settings.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOS~1.DLL -> Deleted
=> Flvto.Threading.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOT~1.DLL -> Deleted
=> Flvtool.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOO~2.DLL -> Deleted
=> FlvtoYoutubeDownloader.Redesign.exe -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOY~1.EXE -> Deleted
=> FlvtoYoutubeDownloader.Redesign.exe.config -- C:\Users\Intel\AppData\Local\FLVTOY~1\FLVTOY~1.CON -> Deleted
=> FYDDataModel.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\FYDDAT~1.DLL -> Deleted
=> FYDDataModel.dll.config -- C:\Users\Intel\AppData\Local\FLVTOY~1\FYDDAT~1.CON -> Deleted
=> GalaSoft.MvvmLight.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GALASO~1.DLL -> Deleted
=> GalaSoft.MvvmLight.Extras.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GALASO~2.DLL -> Deleted
=> GalaSoft.MvvmLight.Platform.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GALASO~3.DLL -> Deleted
=> Google.Apis.Auth.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GOOGLE~1.DLL -> Deleted
=> Google.Apis.Core.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GOOGLE~2.DLL -> Deleted
=> Google.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GOOGLE~3.DLL -> Deleted
=> Google.Apis.Drive.v3.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GOOGLE~4.DLL -> Deleted
=> Google.Apis.YouTube.v3.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GO9D29~1.DLL -> Deleted
=> Grace.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\Grace.dll -> Deleted
=> Grace.Factory.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GRACEF~1.DLL -> Deleted
=> Gu.Localization.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GULOCA~1.DLL -> Deleted
=> Gu.Wpf.Localization.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\GUWPFL~1.DLL -> Deleted
=> Hardcodet.Wpf.TaskbarNotification.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\HARDCO~1.DLL -> Deleted
=> Jint.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\Jint.dll -> Deleted
=> MahApps.Metro.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MAHAPP~1.DLL -> Deleted
=> Microsoft.Graph.Core.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MICROS~1.DLL -> Deleted
=> Microsoft.IdentityModel.Clients.ActiveDirectory.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MICROS~2.DLL -> Deleted
=> Microsoft.OneDrive.Sdk.Authentication.Desktop.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MICROS~3.DLL -> Deleted
=> Microsoft.OneDrive.Sdk.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\MICROS~4.DLL -> Deleted
=> Newtonsoft.Json.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\NEWTON~1.DLL -> Deleted
=> Paddle.Apis.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\PADDLE~1.DLL -> Deleted
=> policy.2.0.taglib-sharp.config -- C:\Users\Intel\AppData\Local\FLVTOY~1\POLICY~1.CON -> Deleted
=> policy.2.0.taglib-sharp.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\POLICY~1.DLL -> Deleted
=> System.Windows.Interactivity.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\SYSTEM~1.DLL -> Deleted
=> taglib-sharp.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\TAGLIB~1.DLL -> Deleted
=> Tiny.RestClient.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\TINYRE~1.DLL -> Deleted
=> Toqe.Downloader.Business.Contract.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\TOQEDO~1.DLL -> Deleted
=> Toqe.Downloader.Business.dll -- C:\Users\Intel\AppData\Local\FLVTOY~1\TOQEDO~2.DLL -> Deleted
[PUP.IncrediMail (Potentially Malicious)] IncrediMail -- %programdata%\IncrediMail -> Deleted
=> Data -- C:\PROGRA~2\INCRED~1\Data -> Deleted
Re: zpomalený počítač
Zoek mi nešel stáhnout, na druhém počítači s desítkami šel, tak jsem ho přestěhovala sem. Jdu na to,.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: zpomalený počítač
OK, možná bude zoek trvat dlouho , třeba přes noc. Takže zítra pokračování.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: zpomalený počítač
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Intel on Łt 20.10.2020 at 0:26:10,80.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Intel\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
20.10.2020 0:31:02 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\AGEIA Technologies deleted successfully
C:\Program Files\Astro Gemini Software deleted successfully
C:\Program Files\AVS4YOU deleted successfully
C:\Program Files\Cadsoft deleted successfully
C:\Program Files\epson deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Screen+ deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~2\Canon IJ Network Tool deleted successfully
C:\PROGRA~2\Extensions deleted successfully
C:\PROGRA~2\Pinnacle Studio Plus deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully
C:\Users\Intel\AppData\Local\Facebook deleted successfully
C:\Users\Intel\AppData\Local\Mobilbonus deleted successfully
C:\Users\Intel\AppData\Local\Nikon deleted successfully
C:\Users\Intel\AppData\Local\Skype deleted successfully
C:\Users\Ivan\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BDEADE7F-C265-11D0-BCED-00A0C90AB50F} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_USERS\S-1-5-21-3643734996-1694586397-727135667-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default\prefs.js:
Added to C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default\prefs.js:
Added to C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default\prefs.js:
Added to C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
Added to C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- FireFox user.js and prefs.js backups ----
prefs_20.10.2020_0048_.backup
ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_20.10.2020_0048_.backup
ProfilePath: C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_20.10.2020_0048_.backup
ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- FireFox user.js and prefs.js backups ----
prefs_20.10.2020_0048_.backup
==== Deleting Files \ Folders ======================
C:\Program Files\AGEIA Technologies not found
C:\Program Files\Astro Gemini Software not found
C:\Program Files\AVS4YOU not found
C:\Program Files\Cadsoft not found
C:\Program Files\epson not found
C:\Program Files\Screen+ not found
C:\Users\Intel\AppData\Roaming\MP3Studio deleted
C:\Program Files\Skillbrains deleted
C:\PROGRA~2\__wdump.txt deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Guest\AppData\Local\Unity deleted
C:\Users\Guest\AppData\Local\AVAST Software deleted
C:\Users\Intel\AppData\Local\updater.log deleted
C:\Users\Intel\AppData\Local\Unity deleted
C:\Users\Ivan\AppData\Local\Unity deleted
C:\Windows\System32\Tasks\Avast TUNEUP Update deleted
C:\Users\Public\zoek.exe deleted
C:\Users\Guest\AppData\LocalLow\Unity deleted
C:\Users\Intel\AppData\LocalLow\Unity deleted
C:\Users\Ivan\AppData\LocalLow\Unity deleted
C:\Users\Intel\Desktop\MP3Studio CENZURA.lnk deleted
"C:\Users\Intel\AppData\Roaming\Enhance Timing" deleted
"C:\ProgramData\Digital Light" deleted
"C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe" deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\IntelFfl2.dat" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pam.db" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pamcore.db" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pampub.db" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\pam.db" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\IvanFfl2.dat" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\Ivan\kv_pam.db" not deleted
"C:\Program Files\CyberPower PowerPanel Personal Edition" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\Ivan" not deleted
==== Orphaned Tasks deleted from Registry ======================
Avast TUNEUP Update deleted
Opera N deleted
Opera N Saturday deleted
Opera N Sunday deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- __MSG_avastAppShortName__ - %ProfilePath%\extensions\sp@avast.com.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi
ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default
- Undetermined - C:\Program Files\Mozilla Sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Undetermined - C:\Program Files\Mozilla Sunbird\extensions\calendar-timezones@mozilla.org
- Undetermined - C:\Program Files\Mozilla Sunbird\extensions\talkback@mozilla.org
ProfilePath: C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default
- __MSG_avastAppShortName__ - %ProfilePath%\extensions\sp@avast.com.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi
- Noia Fox - %ProfilePath%\extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Noia 4 - %ProfilePath%\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
==== Firefox Plugins ======================
==== Chromium Look ======================
Google Chrome Version: 86.0.4240.75
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx[]
ihcjicgdanjaechkgeegckofjjedodee - No path found[]
Seznam doplněk - Email - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam doplněk - Esko- - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Seznam doplněk - Esko - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Tipli do prohlĂĹľeÄŤe - Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp
https //calendar.google.com/calendar/u/0/r?ta - Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmnpbhaoegkldddcnjlpmlokokcbkmk
Malwarebytes Browser Guard - Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee
Chrome Media Router - Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Seznam doplněk - Email - Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Chrome Media Router - Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Chromium Startpages ======================
C:\Users\Intel\Appdata\Roaming\Opera Software\Opera Stable\Preferences
"startup_urls": [ "https://calendar.google.com/calendar/render?tab=wc#main_7" ],
==== Chromium Fix ======================
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bgjpfhpjcgdppjbgnpnjllokbmcdllig deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dbnfnbehhjknomdbfhcobpgpphnlnikp deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmnpbhaoegkldddcnjlpmlokokcbkmk deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.farmerama.cz/"
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.farmerama.cz/"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{0B1D3EBC-FC3A-4D6F-8E4B-B2BAFA2E8AA4} - http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{1172AE2C-39F2-4FA8-A37B-C5B353AC64E1} - http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
HKCU\SearchScopes\{30F713B3-FB22-45E5-B2C0-FA1CB8351124} - http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\SearchScopes\{9B1CB922-C6AB-42FB-B04F-E32D81D291F5} - http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{C39EF198-85EB-4558-A6F7-67800A91B78F} - http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{E7A2C2F0-67AB-4FEB-B32C-0FC66851BD47} - http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{EB43BE7B-0DC1-44D4-9025-F56404DE9895} - http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
HKCU\SearchScopes\{EC23F09E-2025-4082-9E42-CC2D30F4B290} - http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
==== Reset Google Chrome ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Guest\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Intel\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Guest\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Intel\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
==== Empty IE Cache ======================
C:\Users\Intel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Guest\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Intel\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2422 folders=724 10450387403 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Intel\AppData\Local\Temp will be emptied at reboot
C:\Users\Ivan\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Intel\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Intel\AppData\Local\AVAST Software\APM\IntelFfl2.dat" not found
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pam.db" not found
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pamcore.db" not found
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pampub.db" not found
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\pam.db" not found
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\IvanFfl2.dat" not found
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\Ivan\kv_pam.db" not found
"C:\Program Files\CyberPower PowerPanel Personal Edition" not found
"C:\Users\Intel\AppData\Local\AVAST Software" not found
"C:\Users\Ivan\AppData\Local\AVAST Software" not found
==== EOF on Łt 20.10.2020 at 1:42:13,22 ======================
Tool run by Intel on Łt 20.10.2020 at 0:26:10,80.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Intel\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
20.10.2020 0:31:02 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\AGEIA Technologies deleted successfully
C:\Program Files\Astro Gemini Software deleted successfully
C:\Program Files\AVS4YOU deleted successfully
C:\Program Files\Cadsoft deleted successfully
C:\Program Files\epson deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Screen+ deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~2\Canon IJ Network Tool deleted successfully
C:\PROGRA~2\Extensions deleted successfully
C:\PROGRA~2\Pinnacle Studio Plus deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully
C:\Users\Intel\AppData\Local\Facebook deleted successfully
C:\Users\Intel\AppData\Local\Mobilbonus deleted successfully
C:\Users\Intel\AppData\Local\Nikon deleted successfully
C:\Users\Intel\AppData\Local\Skype deleted successfully
C:\Users\Ivan\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BDEADE7F-C265-11D0-BCED-00A0C90AB50F} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_USERS\S-1-5-21-3643734996-1694586397-727135667-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{17E113E6-CD0E-4045-B154-65F0E57959EF} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default\prefs.js:
Added to C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default\prefs.js:
Added to C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default\prefs.js:
Added to C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
Added to C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- FireFox user.js and prefs.js backups ----
prefs_20.10.2020_0048_.backup
ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_20.10.2020_0048_.backup
ProfilePath: C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_20.10.2020_0048_.backup
ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- FireFox user.js and prefs.js backups ----
prefs_20.10.2020_0048_.backup
==== Deleting Files \ Folders ======================
C:\Program Files\AGEIA Technologies not found
C:\Program Files\Astro Gemini Software not found
C:\Program Files\AVS4YOU not found
C:\Program Files\Cadsoft not found
C:\Program Files\epson not found
C:\Program Files\Screen+ not found
C:\Users\Intel\AppData\Roaming\MP3Studio deleted
C:\Program Files\Skillbrains deleted
C:\PROGRA~2\__wdump.txt deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Guest\AppData\Local\Unity deleted
C:\Users\Guest\AppData\Local\AVAST Software deleted
C:\Users\Intel\AppData\Local\updater.log deleted
C:\Users\Intel\AppData\Local\Unity deleted
C:\Users\Ivan\AppData\Local\Unity deleted
C:\Windows\System32\Tasks\Avast TUNEUP Update deleted
C:\Users\Public\zoek.exe deleted
C:\Users\Guest\AppData\LocalLow\Unity deleted
C:\Users\Intel\AppData\LocalLow\Unity deleted
C:\Users\Ivan\AppData\LocalLow\Unity deleted
C:\Users\Intel\Desktop\MP3Studio CENZURA.lnk deleted
"C:\Users\Intel\AppData\Roaming\Enhance Timing" deleted
"C:\ProgramData\Digital Light" deleted
"C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe" deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\IntelFfl2.dat" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pam.db" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pamcore.db" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pampub.db" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\pam.db" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\IvanFfl2.dat" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\Ivan\kv_pam.db" not deleted
"C:\Program Files\CyberPower PowerPanel Personal Edition" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\Ivan" not deleted
==== Orphaned Tasks deleted from Registry ======================
Avast TUNEUP Update deleted
Opera N deleted
Opera N Saturday deleted
Opera N Sunday deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\52ix8gjg.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- __MSG_avastAppShortName__ - %ProfilePath%\extensions\sp@avast.com.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi
ProfilePath: C:\Users\Intel\AppData\Roaming\Mozilla\Sunbird\Profiles\8r8xrm5b.default
- Undetermined - C:\Program Files\Mozilla Sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Undetermined - C:\Program Files\Mozilla Sunbird\extensions\calendar-timezones@mozilla.org
- Undetermined - C:\Program Files\Mozilla Sunbird\extensions\talkback@mozilla.org
ProfilePath: C:\Users\Intel\AppData\Roaming\Thunderbird\Profiles\jcy1spo5.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
ProfilePath: C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\q4hz1ugu.default
- __MSG_avastAppShortName__ - %ProfilePath%\extensions\sp@avast.com.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi
- Noia Fox - %ProfilePath%\extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Noia 4 - %ProfilePath%\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
==== Firefox Plugins ======================
==== Chromium Look ======================
Google Chrome Version: 86.0.4240.75
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx[]
ihcjicgdanjaechkgeegckofjjedodee - No path found[]
Seznam doplněk - Email - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam doplněk - Esko- - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Seznam doplněk - Esko - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Tipli do prohlĂĹľeÄŤe - Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp
https //calendar.google.com/calendar/u/0/r?ta - Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmnpbhaoegkldddcnjlpmlokokcbkmk
Malwarebytes Browser Guard - Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee
Chrome Media Router - Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Seznam doplněk - Email - Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Chrome Media Router - Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Chromium Startpages ======================
C:\Users\Intel\Appdata\Roaming\Opera Software\Opera Stable\Preferences
"startup_urls": [ "https://calendar.google.com/calendar/render?tab=wc#main_7" ],
==== Chromium Fix ======================
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bgjpfhpjcgdppjbgnpnjllokbmcdllig deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm deleted successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dbnfnbehhjknomdbfhcobpgpphnlnikp deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmnpbhaoegkldddcnjlpmlokokcbkmk deleted successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.farmerama.cz/"
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.farmerama.cz/"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{0B1D3EBC-FC3A-4D6F-8E4B-B2BAFA2E8AA4} - http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{1172AE2C-39F2-4FA8-A37B-C5B353AC64E1} - http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
HKCU\SearchScopes\{30F713B3-FB22-45E5-B2C0-FA1CB8351124} - http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\SearchScopes\{9B1CB922-C6AB-42FB-B04F-E32D81D291F5} - http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{C39EF198-85EB-4558-A6F7-67800A91B78F} - http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{E7A2C2F0-67AB-4FEB-B32C-0FC66851BD47} - http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
HKCU\SearchScopes\{EB43BE7B-0DC1-44D4-9025-F56404DE9895} - http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
HKCU\SearchScopes\{EC23F09E-2025-4082-9E42-CC2D30F4B290} - http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
==== Reset Google Chrome ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Guest\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Intel\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Guest\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Intel\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
==== Empty IE Cache ======================
C:\Users\Intel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Guest\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Intel\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\Intel\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2422 folders=724 10450387403 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Intel\AppData\Local\Temp will be emptied at reboot
C:\Users\Ivan\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Intel\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Intel\AppData\Local\AVAST Software\APM\IntelFfl2.dat" not found
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pam.db" not found
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pamcore.db" not found
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\kv_pampub.db" not found
"C:\Users\Intel\AppData\Local\AVAST Software\APM\Intel\pam.db" not found
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\IvanFfl2.dat" not found
"C:\Users\Ivan\AppData\Local\AVAST Software\APM\Ivan\kv_pam.db" not found
"C:\Program Files\CyberPower PowerPanel Personal Edition" not found
"C:\Users\Intel\AppData\Local\AVAST Software" not found
"C:\Users\Ivan\AppData\Local\AVAST Software" not found
==== EOF on Łt 20.10.2020 at 1:42:13,22 ======================
Re: zpomalený počítač
zapoměla jsem, že mám avast vypnutý jen na hodinu, takže nevím, jestli to proběhlo v pořádku 
Jdu na další
Jdu na další
Re: zpomalený počítač
Informace o kontroly
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 20.10.2020 10:05:34
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:00:37
Zkontrolované objekty : 1276
Zjištěné objekty : 3
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 7 x86
Procesor : 4X Intel(R) Core(TM) i3-2125 CPU @ 3.30GHz
Režim systému BIOS : Legacy
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 1202037734DB7B316C3474
Odhalení
MD5 :
Stav : Zkontrolováno
Objekt : software\microsoft\internet explorer\abouturls
Vydavatel :
Velikost : 0
Odhalení : MaliciousSetting about:newtab
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : http://www.mesto-nymburk.cz/
Vydavatel :
Velikost : 0
Odhalení : Hijack:Browser/ChromeStartupUrl
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : https://www.farmerama.cz/
Vydavatel :
Velikost : 0
Odhalení : Hijack:Browser/InternetExplorerHomepage
Akce : Vymazat
-----------------------------------------------------------------------
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 20.10.2020 10:05:34
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:00:37
Zkontrolované objekty : 1276
Zjištěné objekty : 3
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 7 x86
Procesor : 4X Intel(R) Core(TM) i3-2125 CPU @ 3.30GHz
Režim systému BIOS : Legacy
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 1202037734DB7B316C3474
Odhalení
MD5 :
Stav : Zkontrolováno
Objekt : software\microsoft\internet explorer\abouturls
Vydavatel :
Velikost : 0
Odhalení : MaliciousSetting about:newtab
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : http://www.mesto-nymburk.cz/
Vydavatel :
Velikost : 0
Odhalení : Hijack:Browser/ChromeStartupUrl
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : https://www.farmerama.cz/
Vydavatel :
Velikost : 0
Odhalení : Hijack:Browser/InternetExplorerHomepage
Akce : Vymazat
-----------------------------------------------------------------------
Re: zpomalený počítač
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26
Platform: x32 Windows 7 (Home Premium), 6.1.7601.24544, Service Pack: 1
Time: 20.10.2020 - 11:02 (UTC+02:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: Intel (group: Administrator) on INTEL-PC, FirstRun: yes
Chrome: 86.0.4240.75
Internet Explorer: 11.0.9600.19597
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
3 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe
1 C:\Program Files\CCleaner\CCleaner.exe
1 C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
1 C:\Program Files\Canon\IJPLM\ijplmsvc.exe
1 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
1 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
1 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
1 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
1 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
1 C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Program Files\Windows Sidebar\sidebar.exe
1 C:\Users\Intel\Desktop\HiJackThis.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\StikyNot.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
12 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskeng.exe
2 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [URL] = http://www.google.com/search?q={searchTerms} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0B1D3EBC-FC3A-4D6F-8E4B-B2BAFA2E8AA4}: [URL] = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454 - Firmy.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1172AE2C-39F2-4FA8-A37B-C5B353AC64E1}: [SuggestionsURL_JSON] = http://www.zbozi.cz/suggest/zbozi?phrase={searchTerms}&result=firefox - Zboží.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1172AE2C-39F2-4FA8-A37B-C5B353AC64E1}: [URL] = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454 - Zboží.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{30F713B3-FB22-45E5-B2C0-FA1CB8351124}: [URL] = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454 - Mapy.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: [SuggestionsURLFallback] = http://api.bing.com/qsml.aspx?query={searchTerms}&market={Language}&pc=AV01&form=AVASDF&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}§ionHeight={ie:sectionHeigh - Microsoft (Bing)
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9B1CB922-C6AB-42FB-B04F-E32D81D291F5}: [URL] = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454 - Novinky.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C39EF198-85EB-4558-A6F7-67800A91B78F}: [URL] = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454 - Encyklopedie Seznam
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E7A2C2F0-67AB-4FEB-B32C-0FC66851BD47}: [URL] = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454 - Seznam TV Program
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EB43BE7B-0DC1-44D4-9025-F56404DE9895}: [SuggestionsURL_JSON] = http://slovnik.seznam.cz/suggest/en_cz?phrase={searchTerms}&result=firefox - Slovník EN/CZ
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EB43BE7B-0DC1-44D4-9025-F56404DE9895}: [URL] = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454 - Slovník EN/CZ
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC23F09E-2025-4082-9E42-CC2D30F4B290}: [SuggestionsURL_JSON] = http://slovnik.seznam.cz/suggest/cz_en?phrase={searchTerms}&result=firefox - Slovník CZ/EN
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC23F09E-2025-4082-9E42-CC2D30F4B290}: [URL] = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454 - Slovník CZ/EN
O2 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O3 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner.exe /MONITOR
O4 - HKCU\..\Run: [Google Update] = C:\Users\Intel\AppData\Local\Google\Update\1.3.36.32\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] = C:\Windows\System32\StikyNot.exe
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [GrooveMonitor] = C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] = C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [PowerPanel Personal Edition User Interaction] = C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe (file missing)
O4 - HKLM\..\Run: [USBToolTip] = C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Session Manager: [BootExecute] = sdnclean.exe (file missing)
O4 - MSConfig\startupfolder: C:^Users^Intel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [backup] => C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr (2020/07/28)
O4 - MSConfig\startupreg: ABBYY Screenshot Reader Bonus [command] = C:\Program Files\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe -autorun (HKCU) (2020/07/28)
O4 - MSConfig\startupreg: Adobe Reader Synchronizer [command] = C:\Program Files\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe (HKCU) (2020/07/28)
O4 - MSConfig\startupreg: CanonQuickMenu [command] = C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon (HKLM) (2020/07/28)
O4 - Win9x BAT: C:\AutoExec.bat => SET PATH=C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\&Add animation to IncrediMail Style Box: (default) = C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm (file missing)
O17 - DHCP DNS 1: 10.0.1.138
O18 - HKLM\Software\Classes\Protocols\Handler\skype4com: [CLSID] = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O21 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O22 - Task (.job): Defraggler Volume C Task.job - C:\Program Files\Defraggler\df.exe "C:" /ts /user "Intel" /appPath "C:\Program Files\Defraggler"
O22 - Task: (disabled) Adobe Flash Player NPAPI Notifier - C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_414_Plugin.exe -check plugin
O22 - Task: (disabled) Adobe Flash Player PPAPI Notifier - C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe -check pepperplugin
O22 - Task: (disabled) Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) Opera scheduled Autoupdate 1457645462 - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: (disabled) {03C8C398-CD03-4DB1-A224-5813808E2A52} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {0A574EDC-32C2-47EF-96A9-FA616CFA785B} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {0A6411D2-33A2-4C88-8D0F-28127D72E1C1} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {1415C3A2-AA1E-4060-B300-736D2E421B35} - C:\Program Files\Screen+\Screen+.exe (file missing)
O22 - Task: (disabled) {24F1CEA6-9A3E-4FB4-823B-5ED22A31E3E8} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {276E1618-6400-4E6A-BCDA-144C04E1B4D3} - C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\
O22 - Task: (disabled) {36CC4BAD-7313-4C8B-A7F2-B89E00E69D28} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {40AAC2AC-20D9-4F1B-88B9-FCC655B4B7FF} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {5170504A-A7E5-4E36-8A88-2A693DDA13AA} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {59ED6C61-EC5A-4EB8-88FA-FEA0F6FD070E} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {961F100F-6E99-40C9-8AB4-B57B1E187EE2} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {9D26F6B1-A005-4BDA-98A6-EDB941D330FF} - C:\Windows\system32\pcalua.exe -a C:\Users\Intel\Desktop\dotnetfx35.exe -d C:\Users\Intel\Desktop
O22 - Task: (disabled) {A408080A-5030-429E-801B-A8553F9D60FD} - C:\Windows\system32\pcalua.exe -a C:\Windows\unvise32qt.exe -c C:\Windows\system32\QuickTime\Uninstall.log
O22 - Task: (disabled) {B5BAAB5D-18CF-4B17-9D0C-07C70D655307} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {BB556B1C-A743-44E2-823B-C5F42F39BB91} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {D2F00E8C-3566-4324-A441-D8F419774BB7} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {D344807B-C1EC-4C3F-8737-049BAE86D346} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\AdorageI-SAL\uninstall.exe" -d "C:\Program Files\AdorageI-SAL"
O22 - Task: (disabled) {DDD1000A-1A31-4420-8F87-71D18386A6A1} - C:\Windows\system32\pcalua.exe -a C:\Users\Intel\Desktop\STAŽENÉ\FacebookGameroom.exe -d C:\Users\Intel\Desktop\STAŽENÉ
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: AMHelper - C:\Program Files\Zemana\AntiMalware\AntiMalware.exe /UPDATE
O22 - Task: Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: Defraggler Volume C Task - C:\Program Files\Defraggler\df.exe "C:" /ts /user "Intel" /appPath "C:\Program Files\Defraggler"
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: GoogleUpdateTaskUserS-1-5-21-3643734996-1694586397-727135667-1000Core - C:\Users\Intel\AppData\Local\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskUserS-1-5-21-3643734996-1694586397-727135667-1000UA - C:\Users\Intel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: \AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (file missing)
O22 - Task: \AVAST Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Microsoft\Windows\Defrag\ScheduledDefrag - C:\Windows\system32\defrag.exe \\?\Volume{952cff50-59a8-11e2-a253-002522cc5db0}\ -e (Microsoft)
O23 - Service R2: ABBYY FineReader 9.0 Sprint Licensing Service - (ABBYY.Licensing.FineReader.Sprint.9.0) - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -service
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (IJPLMSVC) - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: EPSON V3 Service4(04) - (EPSON_PM_RPCV4_04) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service R2: EPSON V5 Service4(04) - (EPSON_EB_RPCV4_04) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service R2: EpsonBidirectionalService - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\Windows\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R2: NVIDIA Update Service Daemon - (nvUpdatusService) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service S2: Microsoft .NET Framework NGEN v4.0.30319_X86 - (clr_optimization_v4.0.30319_32) - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
O23 - Service S2: PowerPanel Personal Edition Service - (ppped) - C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe (file missing)
O23 - Service S2: Služba Google Update (gupdate) - (gupdate) - C:\Program Files\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\86.0.4240.75\elevation_service.exe
O23 - Service S3: InstallDriver Table Manager - (IDriverT) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service S3: RogueKiller RTP - (rkrtservice) - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service S3: Služba Google Update (gupdatem) - (gupdatem) - C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
Debug information:
- 20.10.2020 11:02:12 - IsWinServiceFileName - #457 (This key is already associated with an element of this collection) LastDllError = 0 File: C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
--
End of file - Time spent: 16,1 sec. - 35854 bytes, CRC32: FFFFFFFF. Sign: 鯨
Platform: x32 Windows 7 (Home Premium), 6.1.7601.24544, Service Pack: 1
Time: 20.10.2020 - 11:02 (UTC+02:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: Intel (group: Administrator) on INTEL-PC, FirstRun: yes
Chrome: 86.0.4240.75
Internet Explorer: 11.0.9600.19597
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
3 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe
1 C:\Program Files\CCleaner\CCleaner.exe
1 C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
1 C:\Program Files\Canon\IJPLM\ijplmsvc.exe
1 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
1 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
1 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
1 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
1 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
1 C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Program Files\Windows Sidebar\sidebar.exe
1 C:\Users\Intel\Desktop\HiJackThis.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\StikyNot.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
12 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskeng.exe
2 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [URL] = http://www.google.com/search?q={searchTerms} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0B1D3EBC-FC3A-4D6F-8E4B-B2BAFA2E8AA4}: [URL] = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454 - Firmy.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1172AE2C-39F2-4FA8-A37B-C5B353AC64E1}: [SuggestionsURL_JSON] = http://www.zbozi.cz/suggest/zbozi?phrase={searchTerms}&result=firefox - Zboží.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1172AE2C-39F2-4FA8-A37B-C5B353AC64E1}: [URL] = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454 - Zboží.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{30F713B3-FB22-45E5-B2C0-FA1CB8351124}: [URL] = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454 - Mapy.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: [SuggestionsURLFallback] = http://api.bing.com/qsml.aspx?query={searchTerms}&market={Language}&pc=AV01&form=AVASDF&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}§ionHeight={ie:sectionHeigh - Microsoft (Bing)
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9B1CB922-C6AB-42FB-B04F-E32D81D291F5}: [URL] = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454 - Novinky.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C39EF198-85EB-4558-A6F7-67800A91B78F}: [URL] = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454 - Encyklopedie Seznam
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E7A2C2F0-67AB-4FEB-B32C-0FC66851BD47}: [URL] = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454 - Seznam TV Program
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EB43BE7B-0DC1-44D4-9025-F56404DE9895}: [SuggestionsURL_JSON] = http://slovnik.seznam.cz/suggest/en_cz?phrase={searchTerms}&result=firefox - Slovník EN/CZ
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EB43BE7B-0DC1-44D4-9025-F56404DE9895}: [URL] = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454 - Slovník EN/CZ
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC23F09E-2025-4082-9E42-CC2D30F4B290}: [SuggestionsURL_JSON] = http://slovnik.seznam.cz/suggest/cz_en?phrase={searchTerms}&result=firefox - Slovník CZ/EN
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC23F09E-2025-4082-9E42-CC2D30F4B290}: [URL] = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454 - Slovník CZ/EN
O2 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O3 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner.exe /MONITOR
O4 - HKCU\..\Run: [Google Update] = C:\Users\Intel\AppData\Local\Google\Update\1.3.36.32\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] = C:\Windows\System32\StikyNot.exe
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [GrooveMonitor] = C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] = C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [PowerPanel Personal Edition User Interaction] = C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe (file missing)
O4 - HKLM\..\Run: [USBToolTip] = C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Session Manager: [BootExecute] = sdnclean.exe (file missing)
O4 - MSConfig\startupfolder: C:^Users^Intel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [backup] => C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr (2020/07/28)
O4 - MSConfig\startupreg: ABBYY Screenshot Reader Bonus [command] = C:\Program Files\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe -autorun (HKCU) (2020/07/28)
O4 - MSConfig\startupreg: Adobe Reader Synchronizer [command] = C:\Program Files\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe (HKCU) (2020/07/28)
O4 - MSConfig\startupreg: CanonQuickMenu [command] = C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon (HKLM) (2020/07/28)
O4 - Win9x BAT: C:\AutoExec.bat => SET PATH=C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\&Add animation to IncrediMail Style Box: (default) = C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm (file missing)
O17 - DHCP DNS 1: 10.0.1.138
O18 - HKLM\Software\Classes\Protocols\Handler\skype4com: [CLSID] = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O21 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O22 - Task (.job): Defraggler Volume C Task.job - C:\Program Files\Defraggler\df.exe "C:" /ts /user "Intel" /appPath "C:\Program Files\Defraggler"
O22 - Task: (disabled) Adobe Flash Player NPAPI Notifier - C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_414_Plugin.exe -check plugin
O22 - Task: (disabled) Adobe Flash Player PPAPI Notifier - C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe -check pepperplugin
O22 - Task: (disabled) Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) Opera scheduled Autoupdate 1457645462 - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: (disabled) {03C8C398-CD03-4DB1-A224-5813808E2A52} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {0A574EDC-32C2-47EF-96A9-FA616CFA785B} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {0A6411D2-33A2-4C88-8D0F-28127D72E1C1} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {1415C3A2-AA1E-4060-B300-736D2E421B35} - C:\Program Files\Screen+\Screen+.exe (file missing)
O22 - Task: (disabled) {24F1CEA6-9A3E-4FB4-823B-5ED22A31E3E8} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {276E1618-6400-4E6A-BCDA-144C04E1B4D3} - C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\
O22 - Task: (disabled) {36CC4BAD-7313-4C8B-A7F2-B89E00E69D28} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {40AAC2AC-20D9-4F1B-88B9-FCC655B4B7FF} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {5170504A-A7E5-4E36-8A88-2A693DDA13AA} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {59ED6C61-EC5A-4EB8-88FA-FEA0F6FD070E} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {961F100F-6E99-40C9-8AB4-B57B1E187EE2} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {9D26F6B1-A005-4BDA-98A6-EDB941D330FF} - C:\Windows\system32\pcalua.exe -a C:\Users\Intel\Desktop\dotnetfx35.exe -d C:\Users\Intel\Desktop
O22 - Task: (disabled) {A408080A-5030-429E-801B-A8553F9D60FD} - C:\Windows\system32\pcalua.exe -a C:\Windows\unvise32qt.exe -c C:\Windows\system32\QuickTime\Uninstall.log
O22 - Task: (disabled) {B5BAAB5D-18CF-4B17-9D0C-07C70D655307} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {BB556B1C-A743-44E2-823B-C5F42F39BB91} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {D2F00E8C-3566-4324-A441-D8F419774BB7} - G:\RQMONEY\rqMoney.exe (file missing)
O22 - Task: (disabled) {D344807B-C1EC-4C3F-8737-049BAE86D346} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\AdorageI-SAL\uninstall.exe" -d "C:\Program Files\AdorageI-SAL"
O22 - Task: (disabled) {DDD1000A-1A31-4420-8F87-71D18386A6A1} - C:\Windows\system32\pcalua.exe -a C:\Users\Intel\Desktop\STAŽENÉ\FacebookGameroom.exe -d C:\Users\Intel\Desktop\STAŽENÉ
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: AMHelper - C:\Program Files\Zemana\AntiMalware\AntiMalware.exe /UPDATE
O22 - Task: Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: Defraggler Volume C Task - C:\Program Files\Defraggler\df.exe "C:" /ts /user "Intel" /appPath "C:\Program Files\Defraggler"
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: GoogleUpdateTaskUserS-1-5-21-3643734996-1694586397-727135667-1000Core - C:\Users\Intel\AppData\Local\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskUserS-1-5-21-3643734996-1694586397-727135667-1000UA - C:\Users\Intel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: \AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (file missing)
O22 - Task: \AVAST Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Microsoft\Windows\Defrag\ScheduledDefrag - C:\Windows\system32\defrag.exe \\?\Volume{952cff50-59a8-11e2-a253-002522cc5db0}\ -e (Microsoft)
O23 - Service R2: ABBYY FineReader 9.0 Sprint Licensing Service - (ABBYY.Licensing.FineReader.Sprint.9.0) - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -service
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (IJPLMSVC) - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: EPSON V3 Service4(04) - (EPSON_PM_RPCV4_04) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service R2: EPSON V5 Service4(04) - (EPSON_EB_RPCV4_04) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service R2: EpsonBidirectionalService - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\Windows\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R2: NVIDIA Update Service Daemon - (nvUpdatusService) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service S2: Microsoft .NET Framework NGEN v4.0.30319_X86 - (clr_optimization_v4.0.30319_32) - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
O23 - Service S2: PowerPanel Personal Edition Service - (ppped) - C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe (file missing)
O23 - Service S2: Služba Google Update (gupdate) - (gupdate) - C:\Program Files\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\86.0.4240.75\elevation_service.exe
O23 - Service S3: InstallDriver Table Manager - (IDriverT) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service S3: RogueKiller RTP - (rkrtservice) - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service S3: Služba Google Update (gupdatem) - (gupdatem) - C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
Debug information:
- 20.10.2020 11:02:12 - IsWinServiceFileName - #457 (This key is already associated with an element of this collection) LastDllError = 0 File: C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
--
End of file - Time spent: 16,1 sec. - 35854 bytes, CRC32: FFFFFFFF. Sign: 鯨
Re: zpomalený počítač
Počítač viditelně zrychlil, problémy mám ještě s hrou v HTML 5. Hra často zamrzne a s ní celý počítač. Tarif internetu mám 100 mega, stahuju většinou tak 70 mega, což by mělo stačit. Ve flash běží vše v poho. Asi počítač nestíhá náročnější HTML.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: zpomalený počítač
Stáhni si HJT , ten cos dal není ten.
https://sourceforge.net/projects/hjt/fi ... e/download
a dej nový log z něj.
Stáhni si Memtest
http://www.stahuj.cz/utility_a_ostatni/ ... i/memtest/
Políčko , ve kterém je napsáno:
All unused RAM ponech.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
https://sourceforge.net/projects/hjt/fi ... e/download
a dej nový log z něj.
Stáhni si Memtest
http://www.stahuj.cz/utility_a_ostatni/ ... i/memtest/
Políčko , ve kterém je napsáno:
All unused RAM ponech.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 8 hostů