Dobrý den,poslední dobou se mě zpomalilo pc. Jak otevírání programů,tak načítání stránek na internetu,také procesor často jede na 100%.
Moc rosím o pomoc.Díky a posílám log.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-02-2021
Ran by ION (administrator) on ION-PC (nVidia MCP79) (06-02-2021 13:21:26)
Running from C:\Users\ION\Desktop
Loaded Profiles: ION
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\KeyDominator2\KeyDominator2\KeyDominator2.exe
() [File not signed] C:\Users\ION\AppData\Roaming\WmiApSrv.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <3>
(Easybits AS -> Easybits) C:\Windows\System32\ezSharedSvcHost.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Seagate Technology, LLC -> Seagate Technology LLC) C:\Program Files\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILQE.EXE <2>
(StarWind Software) [File not signed] C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\ION\AppData\Roaming\uTorrent\utorrent.exe
(uTorrent.CZ -> emc) [File not signed] C:\Users\ION\AppData\Roaming\uTorrent\uninstall.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [152200 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-19] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [EPPCCMON] => C:\Program Files\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILQE.EXE [260160 2013-01-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Run: [BloodyKeyboard] => C:\Program Files\KeyDominator2\KeyDominator2\KeyDominator2.exe [11374080 2017-11-02] () [File not signed]
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILQE.EXE [260160 2013-01-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\MountPoints2: {3e5b41fe-5aac-11e4-9374-7071bc8b5edc} - F:\Startme.exe
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [311296 2012-03-14] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMNPPM.DLL [363008 2011-02-01] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\EPSON XP-610 Series 32MonitorBE: C:\Windows\system32\E_FLMBLQE.DLL [142848 2013-10-22] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [476027 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-04] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
InternetURL: C:\Users\ION\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WmiApSrv.URL -> URL: file:///C:\Users\ION\AppData\Roaming\WmiApSrv.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DE44B38-6563-4D59-87AF-5ABD6ADB7474} - System32\Tasks\EPSON XP-610 Series Invitation {5143EFF3-57E6-4FC9-B5CA-DF74C90F6446} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {14030483-3891-412F-A74E-FE2F36D12ADC} - System32\Tasks\EPSON XP-610 Series Invitation {D11E5804-0C51-475B-B95B-48C1DEABA690} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {1428C674-8CD1-4016-93DE-001F834AD6C1} - System32\Tasks\EPSON XP-610 Series Update {5143EFF3-57E6-4FC9-B5CA-DF74C90F6446} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {16AAAE92-0F58-4327-9E88-F3B372264D68} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {21B5C578-6510-4940-8933-AB56C60171DC} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1531016 2020-09-17] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {2C15B83F-0603-4A7A-86D4-7C4C25147A70} - System32\Tasks\{A0D76558-4D99-471E-8D97-3587B37873ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\ION\Downloads\Net-Framework-2-0_2.0_Service_Pack 1.exe" -d C:\Users\ION\Downloads
Task: {3E65E18A-7DBF-44A6-8EB9-2DD483745818} - System32\Tasks\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795} => C:\Windows\system32\pcalua.exe -a G:\MAME\MAMEW.EXE -d G:\MAME
Task: {4DBC6E77-4938-4C53-878C-65C52841AFB4} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [175584 2020-02-19] (MiniTool Software Limited -> )
Task: {534A4B75-E2C3-414C-9CA0-A46E7629F4EE} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {55EFAB53-4A8B-46EB-813A-6652E6E5345E} - System32\Tasks\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B} => C:\Windows\system32\pcalua.exe -a "H:\Half Life 2 CZ Dabing New\d1 Half Life 2.exe" -d "H:\Half Life 2 CZ Dabing New"
Task: {5AC12548-9430-4F31-93BD-A37FA0428E6A} - System32\Tasks\{2E005387-9D53-48ED-97D9-42B1999BB624} => C:\Windows\system32\pcalua.exe -a D:\Downloads\WindowsPhone.exe -d D:\Downloads
Task: {5AC807DF-4C9E-4C41-8472-F47ED7594CCD} - System32\Tasks\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {6E132C3D-599C-4C77-8FCA-36A6BA05699D} - System32\Tasks\EPSON XP-610 Series Update {D11E5804-0C51-475B-B95B-48C1DEABA690} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {7696A6E2-3F94-47CE-88A8-F7A9E4890736} - System32\Tasks\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {7BBAC243-35C6-4877-92FF-05B5C3B3065A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {82CE5246-3BB7-4261-9CB2-23A56520242A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {88175706-154B-44BB-BBA7-266901676E83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {A134FB69-8FD3-4A44-96C5-7707889A099C} - System32\Tasks\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => C:\Users\ION\Downloads\SBTA_PCDRV_L13_1_02_0001.exe
Task: {AD3D39BA-3E3E-4391-9D09-548F39B3EE3F} - System32\Tasks\SmartShare => C:\Program Files\LG Software\LG Smart Share\SmartShareStart.exe
Task: {BCA8E1D1-4AB9-42C9-9B44-C0D2E29076FE} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4099720 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {BCB83E86-39D2-43A3-A9B3-E103C923C632} - System32\Tasks\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Downloads\NetFx20SP2_x86.exe -d C:\Users\ION\Downloads
Task: {E3ED774B-22CC-4E4C-8E03-B85F08D8528D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {FA127C18-44D3-4170-97A9-F6D758EF6E0F} - System32\Tasks\{9DC1B5CF-F174-4C5C-8EB7-D93C4533368A} => C:\Windows\system32\pcalua.exe -a "C:\Users\ION\PROGRAMY DO KOMPU\O&O Defrag Professional Edition 16.0.183 + CZ\cestiny\cestina x32.exe" -d "C:\Users\ION\PROGRAMY DO KOMPU\O&O Defrag Professional Edition 16.0.183 + CZ\cestiny"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {5143EFF3-57E6-4FC9-B5CA-DF74C90F6446}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {D11E5804-0C51-475B-B95B-48C1DEABA690}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {5143EFF3-57E6-4FC9-B5CA-DF74C90F6446}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLQE.EXE:/EXE:{5143EFF3-57E6-4FC9-B5CA-DF74C90F6446} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {D11E5804-0C51-475B-B95B-48C1DEABA690}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLQE.EXE:/EXE:{D11E5804-0C51-475B-B95B-48C1DEABA690} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.99.1
Tcpip\..\Interfaces\{24792F38-6935-4BB3-868B-978EA733A681}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{7B5ADB18-9219-4522-BA6F-DF00278BD8BB}: [DhcpNameServer] 192.168.99.1
Chrome:
=======
CHR Profile: C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default [2021-02-06]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://best.aliexpress.com; hxxps://fastshare.cz; hxxps://fr.aliexpress.com; hxxps://m.gearbest.com; hxxps://makro-cz.os.tc; hxxps://prokliky.cz; hxxps://promotion.geekbuying.com; hxxps://www.aliexpress.com; hxxps://www.banggood.com; hxxps://www.cafago.com; hxxps://www.eva.cz; hxxps://www.facebook.com; hxxps://www.geekbuying.com; hxxps://www.hamty.cz; hxxps://www.instagram.com; hxxps://www.ketomix.cz; hxxps://www.lyke.cz; hxxps://www.mall.cz; hxxps://www.nej-ceny.cz; hxxps://www.netflix.com; hxxps://www.svetandroida.cz; hxxps://www.wish.com
CHR HomePage: Default -> mysearch.avg.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://ndibdjnfmopecpmkdieinmbadjfpblof/pages/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR Extension: (Prezentace) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-11]
CHR Extension: (Dokumenty) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-11]
CHR Extension: (Disk Google) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Seznam doplněk - Email) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-07]
CHR Extension: (YouTube) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-11]
CHR Extension: (Tampermonkey) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-10-11]
CHR Extension: (Adobe Acrobat) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-16]
CHR Extension: (Tabulky) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (AVG Secure Search) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2020-01-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-07]
CHR Extension: (Gmail) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\ION\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [564120 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [331400 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7616960 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 ezSharedSvc; C:\Windows\System32\ezSharedSvcHost.exe [505360 2015-10-24] (Easybits AS -> Easybits)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [387616 2009-08-10] (NVIDIA Corporation -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-07-04] (Mixbyte Inc -> Freemake)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-08-10] (NVIDIA Corporation -> )
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2014-10-11] (Even Balance, Inc. -> )
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [210432 2006-11-06] (Nokia.) [File not signed]
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [34824 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [176648 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [284304 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [204944 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [90256 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [40520 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [149032 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [378120 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [28408 2020-06-19] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [93976 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [72624 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [691416 2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [394744 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [161448 2021-01-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [276600 2021-01-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [77520 2016-03-10] (ITE Tech. Inc. -> ITE Tech. Inc.)
R3 ITECIRfilter; C:\Windows\System32\DRIVERS\ITECIRfilter.sys [34000 2016-03-10] (ITE Tech. Inc. -> ITE Tech. Inc.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
S3 KYEKBPRO; C:\Windows\System32\Drivers\KYEKBPRO.sys [18944 2011-10-14] () [File not signed]
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [42592 2014-06-17] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [24608 2009-11-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvsmu; C:\Windows\System32\DRIVERS\nvsmu.sys [17920 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2019-11-08] (MiniTool Solution Ltd -> )
R3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [166912 2009-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [372224 2009-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2014-02-25] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [1103992 2021-01-15] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
U3 a8ist5bk; C:\Windows\System32\Drivers\a8ist5bk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 GPCIDrv; \??\C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-06 13:21 - 2021-02-06 13:23 - 000023993 _____ C:\Users\ION\Desktop\FRST.txt
2021-02-06 13:21 - 2021-02-06 13:22 - 000000000 ____D C:\FRST
2021-02-06 13:18 - 2021-02-06 13:18 - 001989632 _____ (Farbar) C:\Users\ION\Desktop\FRST.exe
2021-02-06 11:50 - 2021-02-06 11:50 - 000011847 _____ C:\Users\ION\Downloads\[SkT]Muzeme_byt_hrdinove___We_Can_Be_Heroes_(2020)(CZ)[WebRip][1080p].torrent
2021-02-06 09:29 - 2021-02-06 09:29 - 000104019 _____ C:\Users\ION\Downloads\[SkT]Elysium_(2013)(CZ_EN)[2160p][HEVC]_=_CSFD_66%.torrent
2021-02-05 17:41 - 2021-02-05 17:41 - 000525202 _____ C:\Users\ION\Downloads\repository.auramod-1.0.5 (1).zip
2021-02-05 17:41 - 2021-02-05 17:41 - 000525202 _____ C:\Users\ION\Desktop\repository.auramod-1.0.5 (1).zip
2021-02-05 16:51 - 2021-02-05 16:51 - 000012657 _____ C:\Users\ION\Downloads\[SkT]WandaVision_S01E05_[WebRip][720p]_=_CSFD_78% (1).torrent
2021-02-05 16:48 - 2021-02-05 16:48 - 000012657 _____ C:\Users\ION\Downloads\[SkT]WandaVision_S01E05_[WebRip][720p]_=_CSFD_78%.torrent
2021-02-05 16:46 - 2021-02-05 16:46 - 000165195 _____ C:\Users\ION\Downloads\[SkT]WandaVision_S01E05_[WebRip][1080p]_=_CSFD_78%.torrent
2021-02-04 19:20 - 2021-02-04 19:20 - 000201847 _____ C:\Users\ION\Downloads\[TreZzoR]Wallpapers HQ.torrent
2021-02-03 16:05 - 2021-02-03 16:05 - 000014884 _____ C:\Users\ION\Downloads\[SkT]Vsichni_moji_pratele_jsou_mrtvi___Wszyscy_moi_przyjaciele_nie_zyja_2020_1080p_WEB_DL_CZ_PL_.torrent
2021-02-03 16:02 - 2021-02-03 16:02 - 000015273 _____ C:\Users\ION\Downloads\[SkT]Kosmo_(komplet_5dielny,1080p,CZ)_=_CSFD_78%.torrent
2021-02-03 15:55 - 2021-02-03 15:55 - 000015432 _____ C:\Users\ION\Downloads\[TreZzoR]Ulice 3984 .torrent
2021-02-02 19:51 - 2021-02-02 19:51 - 000713249 _____ C:\Users\ION\Downloads\script.module.resolveurl-master.zip
2021-02-02 19:50 - 2021-02-02 19:50 - 000609818 _____ C:\Users\ION\Downloads\TRZ11.zip
2021-02-02 17:47 - 2021-02-02 17:47 - 000020370 _____ C:\Users\ION\Downloads\[TreZzoR]Ulice 3983 (1).torrent
2021-02-02 17:44 - 2021-02-02 17:44 - 000020370 _____ C:\Users\ION\Downloads\[TreZzoR]Ulice 3983.torrent
2021-02-01 16:33 - 2021-02-01 16:33 - 000147721 _____ C:\Users\ION\Downloads\[SkT]Triggered_(2020)[WebRip][1080p]_=_CSFD_51%.torrent
2021-01-29 17:24 - 2021-01-29 17:24 - 000134383 _____ C:\Users\ION\Downloads\[SkT]WandaVision_S01E03_[WebRip][1080p]_=_CSFD_77%.torrent
2021-01-29 17:23 - 2021-01-29 17:23 - 000139546 _____ C:\Users\ION\Downloads\[SkT]WandaVision_S01E04_[WebRip][1080p]_=_CSFD_76%.torrent
2021-01-29 17:20 - 2021-01-29 17:20 - 000018598 _____ C:\Users\ION\Downloads\[SkT]Easy_Gif_Animator_PRO_6.torrent
2021-01-26 17:12 - 2021-01-26 17:12 - 000020588 _____ C:\Users\ION\Downloads\[SkT]Maxim_Turbulenc_-_Raketou_na_Mars_(2019)[FLAC].torrent
2021-01-25 16:38 - 2021-01-25 16:38 - 000012204 _____ C:\Users\ION\Downloads\[SkT]Glary_Malware_Hunter_Pro_1.119.0.712_Viacjazycne.torrent
2021-01-24 15:56 - 2021-01-24 15:56 - 000022467 _____ C:\Users\ION\Downloads\[TreZzoR]Autogen - dema - live.torrent
2021-01-24 12:46 - 2021-01-24 12:46 - 000011337 _____ C:\Users\ION\Downloads\[TreZzoR]Zivot na jine planete.torrent
2021-01-24 12:44 - 2021-01-24 12:44 - 000015551 _____ C:\Users\ION\Downloads\[TreZzoR]Vlada Safranek - Velryba [2006].torrent
2021-01-24 12:43 - 2021-01-24 12:43 - 000011999 _____ C:\Users\ION\Downloads\[TreZzoR]Vlada Safranek - Buccaneer (2011).torrent
2021-01-24 09:29 - 2021-01-24 09:29 - 000013435 _____ C:\Users\ION\Downloads\[SkT]Falco_-_Exquisite_(2016)[FLAC].torrent
2021-01-24 09:27 - 2021-01-24 09:27 - 000068423 _____ C:\Users\ION\Downloads\[SkT]Monster_Hunter_(2020)[CAM].torrent
2021-01-23 21:49 - 2021-01-23 21:49 - 000010568 _____ C:\Users\ION\Downloads\[SkT]Zdenek_Izer_-_Bezva_parta_2_aneb_Manas_a_revoluce_(1995,_2000,_2008)(CZ).torrent
2021-01-23 21:45 - 2021-01-23 21:45 - 000011708 _____ C:\Users\ION\Downloads\[SkT]Zdenek_Izer_-_Bezva_parta_1_aneb_Manas_ve_fabrice_(1994,_2000,_2008)(CZ).torrent
2021-01-23 10:20 - 2021-01-23 10:20 - 000013400 _____ C:\Users\ION\Downloads\[SkT]Falco_-_Der_Kommissar_-_Best_Of_(2007)[FLAC].torrent
2021-01-22 19:40 - 2021-01-22 19:40 - 000012966 _____ C:\Users\ION\Downloads\[SkT]Tajemstvi-stare-bambitky-(2011)(CZ)[1080p][TVRip]-=-CSFD-68%.torrent
2021-01-22 19:34 - 2021-01-22 19:34 - 000020789 _____ C:\Users\ION\Downloads\[TreZzoR]Tajemstvi stare bambitky HD.torrent
2021-01-22 19:33 - 2021-01-22 19:33 - 000010864 _____ C:\Users\ION\Downloads\[TreZzoR]TVrip-Tajemstvi stare bambitky (2011) DVB-TRip CZ.torrent
2021-01-20 16:21 - 2021-01-20 16:21 - 000131001 _____ C:\Users\ION\Downloads\[SkT]Don't_Tell_a_Soul_(2020)[(WebRip][1080p]_=_CSFD_66%.torrent
2021-01-17 16:49 - 2021-01-17 16:51 - 000001530 _____ C:\Users\ION\Desktop\GTA V CZ v.1.51 Redux v.1.9.txt
2021-01-16 17:54 - 2021-01-16 17:54 - 000034464 _____ C:\Users\ION\Downloads\[SkT]Slnecny_cirkus__Toruk_-_prvy_let___Cirque_du_Soleil__Toruk_(2016)(DE_FR)[TvRip]_=_CSFD_67% (1).torrent
2021-01-16 17:53 - 2021-01-16 17:53 - 000034464 _____ C:\Users\ION\Downloads\[SkT]Slnecny_cirkus__Toruk_-_prvy_let___Cirque_du_Soleil__Toruk_(2016)(DE_FR)[TvRip]_=_CSFD_67%.torrent
2021-01-15 18:56 - 2021-01-15 18:56 - 000000000 ____D C:\Users\ION\AppData\Roaming\Tencent
2021-01-15 18:55 - 2021-01-15 18:58 - 001103992 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2021-01-15 18:35 - 2021-01-15 18:35 - 000444405 _____ C:\Users\ION\Downloads\[SkT]GTA_5___Grand_Theft_Auto_V_[v_1.0.2189_1.52]_(2015)_.torrent
2021-01-15 18:34 - 2021-01-15 18:34 - 000698069 _____ C:\Users\ION\Downloads\[TreZzoR]GTA V CZ v.1.51 Redux v.1.9.torrent
2021-01-15 18:11 - 2021-01-15 18:12 - 000096779 _____ C:\Users\ION\Downloads\[TreZzoR]Me.jmeno.je.prostata.2020.1080i.HDTV.H264.DD2.0-GarGG.torrent
2021-01-13 19:59 - 2021-01-13 19:59 - 000027048 _____ C:\Users\ION\Downloads\[SkT]Evzen_Bocek_-serie_Aristokratka.torrent
2021-01-13 19:53 - 2021-01-13 19:53 - 000008466 _____ C:\Users\ION\Downloads\[SkT]WifiInfoView_2.67_Portable.torrent
2021-01-09 17:42 - 2021-01-09 17:42 - 000015887 _____ C:\Users\ION\Downloads\[SkT]Breeder_(2020)_1080p_WEB_DL.torrent
2021-01-09 17:37 - 2021-01-09 17:37 - 000011150 _____ C:\Users\ION\Downloads\[SkT]Konjunkcia_Jupitera_A_Saturna_-_Casozber.torrent
2021-01-07 18:50 - 2021-01-07 18:50 - 000008640 _____ C:\Users\ION\Downloads\[SkT]IsMyLcdOK_4.34_Portable.torrent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-06 13:24 - 2020-02-06 19:24 - 000000917 _____ C:\Windows\Tasks\EPSON XP-610 Series Update {5143EFF3-57E6-4FC9-B5CA-DF74C90F6446}.job
2021-02-06 13:24 - 2020-02-06 19:24 - 000000731 _____ C:\Windows\Tasks\EPSON XP-610 Series Invitation {5143EFF3-57E6-4FC9-B5CA-DF74C90F6446}.job
2021-02-06 13:24 - 2014-02-25 15:00 - 000000000 ____D C:\Users\ION\AppData\Roaming\uTorrent
2021-02-06 13:06 - 2019-06-16 18:06 - 000000917 _____ C:\Windows\Tasks\EPSON XP-610 Series Update {D11E5804-0C51-475B-B95B-48C1DEABA690}.job
2021-02-06 13:06 - 2019-06-16 18:06 - 000000731 _____ C:\Windows\Tasks\EPSON XP-610 Series Invitation {D11E5804-0C51-475B-B95B-48C1DEABA690}.job
2021-02-06 12:37 - 2015-03-29 17:50 - 000000000 ____D C:\ProgramData\AVG
2021-02-06 12:29 - 2017-04-01 17:42 - 000004162 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2021-02-06 12:27 - 2017-10-28 19:33 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2021-02-06 12:27 - 2016-06-23 15:21 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2021-02-06 12:26 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-06 11:59 - 2009-07-14 05:34 - 000010144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-02-06 11:59 - 2009-07-14 05:34 - 000010144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-02-06 10:42 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF
2021-02-05 02:48 - 2018-12-11 20:38 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 02:48 - 2018-12-11 20:38 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-04 21:50 - 2018-12-11 20:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-03 16:15 - 2014-02-12 17:02 - 001572880 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-03 16:15 - 2009-07-14 09:44 - 000652910 _____ C:\Windows\system32\perfh005.dat
2021-02-03 16:15 - 2009-07-14 09:44 - 000136064 _____ C:\Windows\system32\perfc005.dat
2021-02-03 16:15 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2021-02-02 17:22 - 2016-02-14 12:17 - 000000000 ____D C:\Users\ION\AppData\Local\CrashDumps
2021-01-25 16:46 - 2020-12-16 16:24 - 000003152 _____ C:\Windows\system32\Tasks\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B}
2021-01-25 16:46 - 2020-11-15 10:34 - 000003042 _____ C:\Windows\system32\Tasks\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795}
2021-01-25 16:46 - 2020-04-03 15:47 - 000003172 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2021-01-25 16:46 - 2020-02-06 19:24 - 000003984 _____ C:\Windows\system32\Tasks\EPSON XP-610 Series Update {5143EFF3-57E6-4FC9-B5CA-DF74C90F6446}
2021-01-25 16:46 - 2020-02-06 19:24 - 000003798 _____ C:\Windows\system32\Tasks\EPSON XP-610 Series Invitation {5143EFF3-57E6-4FC9-B5CA-DF74C90F6446}
2021-01-25 16:46 - 2019-06-16 18:06 - 000003984 _____ C:\Windows\system32\Tasks\EPSON XP-610 Series Update {D11E5804-0C51-475B-B95B-48C1DEABA690}
2021-01-25 16:46 - 2019-06-16 18:06 - 000003798 _____ C:\Windows\system32\Tasks\EPSON XP-610 Series Invitation {D11E5804-0C51-475B-B95B-48C1DEABA690}
2021-01-25 16:46 - 2018-10-31 15:54 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-01-25 16:46 - 2018-05-30 19:12 - 000003460 _____ C:\Windows\system32\Tasks\SmartShare
2021-01-25 16:46 - 2017-11-12 10:11 - 000003386 _____ C:\Windows\system32\Tasks\{9DC1B5CF-F174-4C5C-8EB7-D93C4533368A}
2021-01-25 16:46 - 2017-11-02 19:30 - 000003168 _____ C:\Windows\system32\Tasks\{A0D76558-4D99-471E-8D97-3587B37873ED}
2021-01-25 16:46 - 2017-11-02 18:53 - 000003120 _____ C:\Windows\system32\Tasks\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB}
2021-01-25 16:46 - 2016-02-13 22:39 - 000003148 _____ C:\Windows\system32\Tasks\SidebarExecute
2021-01-25 16:46 - 2016-02-09 22:15 - 000002960 _____ C:\Windows\system32\Tasks\{E938E2AB-72F4-41E9-A11B-0B66E24832F9}
2021-01-25 16:46 - 2015-07-25 11:52 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-01-25 16:46 - 2015-05-31 16:55 - 000003076 _____ C:\Windows\system32\Tasks\{2E005387-9D53-48ED-97D9-42B1999BB624}
2021-01-25 16:46 - 2015-03-29 18:13 - 000003670 _____ C:\Windows\system32\Tasks\Adobe Reader and Acrobat Manager
2021-01-25 16:46 - 2014-03-29 18:04 - 000003104 _____ C:\Windows\system32\Tasks\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A}
2021-01-25 16:46 - 2014-02-25 15:21 - 000003226 _____ C:\Windows\system32\Tasks\{CC1F8C40-8373-4E5D-A675-3F1465FC1117}
2021-01-23 10:33 - 2018-08-28 15:44 - 000000000 ____D C:\Users\ION\AppData\Roaming\vlc
2021-01-15 20:13 - 2014-02-25 15:28 - 000000000 ___HD C:\Users\ION\AppData\Local\Deployment
2021-01-15 18:55 - 2019-11-09 15:22 - 000000000 ____D C:\Windows\Minidump
2021-01-08 12:25 - 2017-04-01 17:42 - 000394744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2021-01-07 16:25 - 2020-12-27 00:24 - 000161448 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2021-01-07 12:25 - 2017-04-01 17:42 - 000276600 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
==================== Files in the root of some directories ========
2014-10-31 18:51 - 2011-07-19 03:37 - 000003262 _____ () C:\Program Files\Falco.ico
2014-10-31 18:51 - 2011-07-19 04:05 - 000000046 _____ () C:\Program Files\Falco.url
2016-01-13 22:47 - 2016-01-13 22:47 - 000000929 _____ () C:\Users\ION\AppData\Roaming\10.gif
2014-03-29 16:07 - 2014-03-29 16:13 - 000000624 _____ () C:\Users\ION\AppData\Roaming\All CPU MeterV3_Settings.ini
2020-06-21 09:11 - 2020-08-08 17:56 - 000000005 _____ () C:\Users\ION\AppData\Roaming\autoplay.ini
2016-02-11 21:33 - 2016-02-11 21:33 - 000049777 _____ () C:\Users\ION\AppData\Roaming\footnote.number.format.xml
2016-02-11 21:33 - 2016-02-11 21:33 - 000001775 _____ () C:\Users\ION\AppData\Roaming\MossieIntercomSnakeroot
2014-10-11 10:09 - 2014-10-11 10:09 - 000022328 _____ () C:\Users\ION\AppData\Roaming\PnkBstrK.sys
2013-10-02 03:56 - 2013-10-02 03:56 - 000002407 _____ () C:\Users\ION\AppData\Roaming\preface.autolabel.xml
2020-06-14 15:42 - 2020-05-30 19:32 - 000000701 _____ () C:\Users\ION\AppData\Roaming\soundyhd.dll
2020-03-13 12:12 - 2020-03-13 17:51 - 285961728 __RSH () C:\Users\ION\AppData\Roaming\WmiApSrv.exe
2013-10-02 03:59 - 2013-10-02 03:59 - 000002592 _____ () C:\Users\ION\AppData\Roaming\xalan.regexp.LICENSE.txt
2020-06-14 15:42 - 2019-04-28 17:37 - 000000002 _____ () C:\Users\ION\AppData\Roaming\yhdlan.ini
2020-06-21 09:04 - 2020-08-08 18:01 - 000000016 _____ () C:\Users\ION\AppData\Roaming\ymddefault.ini
2016-01-30 17:55 - 2016-01-30 18:01 - 000000426 _____ () C:\Users\ION\AppData\Local\FSDownloader.err
2016-01-30 17:55 - 2016-01-30 18:01 - 000001136 _____ () C:\Users\ION\AppData\Local\FSDownloader.nast
2020-07-14 21:23 - 2020-07-14 21:23 - 010849443 _____ () C:\Users\ION\AppData\Local\prjOptimizon.exe
2015-02-22 19:20 - 2016-02-14 16:42 - 000007602 _____ () C:\Users\ION\AppData\Local\Resmon.ResmonCfg
2015-02-08 09:43 - 2015-02-08 09:47 - 000000224 _____ () C:\Users\ION\AppData\Local\SRDownloader.err
2015-02-08 09:43 - 2015-02-08 09:47 - 000001040 _____ () C:\Users\ION\AppData\Local\SRDownloader.nast
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\User32.dll
[2017-10-28 00:39] - [2016-11-10 17:19] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1
LastRegBack: 2021-02-01 00:21
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-02-2021
Ran by ION (06-02-2021 13:24:55)
Running from C:\Users\ION\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2014-02-12 15:56:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-507323896-2788175996-4153637081-500 - Administrator - Disabled)
Guest (S-1-5-21-507323896-2788175996-4153637081-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-507323896-2788175996-4153637081-1012 - Limited - Enabled)
ION (S-1-5-21-507323896-2788175996-4153637081-1000 - Administrator - Enabled) => C:\Users\ION
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Antivirus (Disabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Disabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.0.1.152 - Adobe Systems Incorporated)
AirCopy 3.10 (HKLM\...\{D20023DD-6327-457B-BE3F-ABB460C2A452}_is1) (Version: 3.10 - WR Software)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Ashampoo Burning Studio 20 CZ v.20.0.3.3 (HKLM\...\Ashampoo Burning Studio 20 CZ v.20.0.3.3) (Version: v.20.0.3.3 - Libbi)
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 20.10.3157 - AVG Technologies)
Balíček ovladače systému Windows - libusb-win32 WorldCup Device (02/23/2013 1.2.6.0) (HKLM\...\607E81836F3E58EDC7289F7B7047149AE2C7F301) (Version: 02/23/2013 1.2.6.0 - libusb-win32)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DVD Slim Free 2.7.0.4 (HKLM\...\DVD Slim Free_is1) (Version: 2.7.0.4 - Marcello Pietrelli & Gianni Baini)
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Google Chrome Backup 1.8.0.141 (HKLM\...\{52291FC0-33D3-4A18-9587-5115225545D8}_is1) (Version: - )
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
ISO to USB (HKLM\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
ITECIR (HKLM\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
KeyDominator2 (HKLM\...\BloodyKeyboard) (Version: 17.11.0002 - Bloody)
MediaHuman YouTube to MP3 Converter 3.9.9.30 (HKLM\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.30 - MediaHuman)
MediaInfo 0.7.4.5 (HKLM\...\MediaInfo) (Version: 0.7.4.5 - )
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 341.44 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{04F3BF74-9E34-4D3E-93C3-D3D1F24199C8}) (Version: 6.43.10.1 - Nokia)
Příručky společnosti EPSON (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5864 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{D4EEC21C-04F0-4CF4-8078-82C11E38EF11}) (Version: 1.01.0094 - REALTEK Semiconductor Corp.)
Seagate Drive Settings Installer (HKLM\...\{91DDF870-EE18-44D8-9D93-F4C122B80908}) (Version: 1.00.0000 - Seagate Technologies LLC) Hidden
Seagate Drive Settings Installer (HKLM\...\InstallShield_{91DDF870-EE18-44D8-9D93-F4C122B80908}) (Version: 1.00.0000 - Seagate Technologies LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype verze 8.34 (HKLM\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.0 release candidate 1 - Ghisler Software GmbH)
USB_Burning_Tool (HKLM\...\{0F91E44C-2FAD-4298-8051-40E52C7E1341}_is1) (Version: 1.0.99 - Amlogic, Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Windows Phone app for desktop (HKLM\...\{CE9BDD0F-BAF3-474D-B6D8-15B84BDAB229}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 5.40 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.1 - win.rar GmbH)
YouTube HD Downloader V1.1.1 (HKLM\...\Youtube HD Downloader_is1) (Version: - YouTube HD Downloader)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-507323896-2788175996-4153637081-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\ION\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-507323896-2788175996-4153637081-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Users\ION\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUObserver37.gadget\GPUStatusReader.dll (Orbmu2k) [File not signed] [File is in use]
CustomCLSID: HKU\S-1-5-21-507323896-2788175996-4153637081-1000_Classes\CLSID\{9CF1512B-6019-4573-9466-57AA61960209}\InprocServer32 -> C:\Users\ION\AppData\Local\Microsoft\Windows Sidebar\Gadgets\nvidia-gpu-temp.gadget\NvApiReader.dll (Orbmu2k) [File not signed]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-05-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files\Alcohol Soft\Alcohol 120\AxShlex.dll [2010-03-25] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-12-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-05-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-11-16 16:58 - 2014-01-10 10:48 - 004260352 ____N () [File not signed] C:\Program Files\KeyDominator2\KeyDominator2\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2015-03-11 15:54 - 2012-03-14 05:00 - 000311296 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLMAT.DLL
2011-02-01 09:22 - 2011-02-01 09:22 - 000363008 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMNPPM.DLL
2017-10-28 00:39 - 2016-11-10 17:19 - 000811520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2014-05-08 15:04 - 2014-05-08 15:04 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\ucrtbase.DLL
2020-07-15 15:12 - 2020-07-15 15:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1029\avg.local_vc142.crt\VCRUNTIME140.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\MSVCP140.dll
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\ucrtbase.DLL
2021-02-06 11:08 - 2021-02-06 11:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\defs\21020600\avg.local_vc142.crt\VCRUNTIME140.dll
2014-03-29 16:30 - 2014-03-29 16:30 - 000060416 _____ (Orbmu2k) [File not signed] [File is in use] C:\Users\ION\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUObserver37.gadget\GPUStatusReader.dll
2015-12-17 10:11 - 2015-12-17 10:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files\EPSON Software\Event Manager\epnsm.dll
2009-10-21 16:39 - 2009-10-21 16:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files\EPSON Software\Event Manager\LcMgr.dll
2016-02-17 18:52 - 2012-11-12 15:15 - 000476027 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2016-02-17 18:52 - 2012-10-22 17:19 - 000218112 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enpres.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-26] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File
Toolbar: HKU\S-1-5-21-507323896-2788175996-4153637081-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-10-28 11:39 - 2018-12-03 16:24 - 000000954 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
2017-10-28 19:33 - 2021-02-06 12:27 - 000000374 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\PC Connectivity Solution;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;D:\Program Files\Calibre 2;C:\Program Files\Skype\Phone
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ION\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.99.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8F92EACF-19F1-4C7C-BE84-5151FA11922F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BB5A482-22C5-4628-BAB2-57DB8067C22C}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB2BB3C-06D7-4C22-8FDC-66F75E234787}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB3E265-3041-4352-BFE4-15D184B703D1}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B0195926-AA15-4FD8-84CE-A9FEB82126E8}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{A97765C6-DE31-4798-B6CF-12D2C3021331}C:\users\ion\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ion\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{E0B8AC03-AB38-461D-AB1D-26E193CAB5EE}C:\users\ion\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ion\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{F1D80E03-C78B-441E-97DE-5FD7E62F574B}] => (Allow) C:\Users\ION\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{FBA8B73E-9FA0-46A7-BEC8-E6F060B9BBE4}] => (Allow) C:\Users\ION\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{51149487-2C85-4C21-B056-333EB6B0BEBD}] => (Allow) C:\Users\ION\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0FA7E3C0-2FF8-40F9-A0B4-A399ECC1F46D}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{96D31D59-D3E5-4493-A8CC-9C62EE3296E8}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{06689E62-18FA-469D-9924-AB928A897018}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe (Easybits AS -> Easybits)
FirewallRules: [{DD768AAA-493A-4D46-BE48-D54E0B904429}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3299341D-FD4C-4A18-A248-BA831D88AA06}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6E144F77-25F2-4E7D-9FED-4CAF99A9D45C}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{D4BD548E-1B68-4732-8511-D2BB1C88ACBF}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{AA205770-8A6E-41C6-9B49-7D0360D04DF6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{711F1BB1-A961-4B32-AE68-F6227078F9E8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8D989621-9AAE-4FB5-98E4-8AB274A06DA0}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2DEC5BE-C9E4-4711-A7BB-EC9A7FFE3D6E}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{775D280B-7458-4AB0-9268-0485A011F00C}] => (Allow) C:\Users\ION\AppData\Roaming\AirCopy\AirCopyEngine.exe (WinRecovery Software -> )
FirewallRules: [{EE45BE35-9E34-41B5-AF48-C5CC98F47925}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{7F3B874C-690A-4CB5-87AD-2CD7C2D10BD9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{4BFF1312-7816-4813-B2B7-A02A8FC2E778}] => (Allow) LPort=57893
FirewallRules: [{E436985F-F561-4060-BFD2-754BD21F6F53}] => (Allow) LPort=57893
FirewallRules: [{C1330FE6-F16C-4470-992E-09C49E282708}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
15-01-2021 20:10:41 Odebráno: Mobipocket Reader 6.2
15-01-2021 20:13:39 Removed Windows Phone app for desktop
23-01-2021 02:14:40 Naplánovaný kontrolní bod
31-01-2021 00:00:02 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Síťový adaptér Realtek RTL8187SE Wireless 802.11b/g 54Mbps PCIE
Description: Síťový adaptér Realtek RTL8187SE Wireless 802.11b/g 54Mbps PCIE
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8187Se
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/06/2021 12:27:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5d1d8caa
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24291, časové razítko: 0x5be78231
Kód výjimky: 0xe0434352
Posun chyby: 0x0000845d
ID chybujícího procesu: 0xaa0
Čas spuštění chybující aplikace: 0x01d6fc7af2eb9780
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: 3c05cb20-686e-11eb-9d5e-7071bc8b5edc
Error: (02/06/2021 12:26:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])
Error: (02/06/2021 12:26:28 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.
Error: (02/06/2021 12:26:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
0x800401F9
Error: (02/06/2021 10:49:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 6.1.7601.17567 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 14f0
Čas spuštění: 01d6fc671d434050
Čas ukončení: 153
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: 9b3e8131-6860-11eb-b921-7071bc8b5edc
Error: (02/06/2021 10:04:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 6.1.7601.17567 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: cc
Čas spuštění: 01d6fc66ef87caf0
Čas ukončení: 136
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: 54c5f181-685a-11eb-b921-7071bc8b5edc
Error: (02/06/2021 10:03:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: c3c
Čas spuštění: 01d6e9e2250084c0
Čas ukončení: 1285
Cesta k aplikaci: C:\Windows\Explorer.EXE
ID hlášení: 279ad541-685a-11eb-b921-7071bc8b5edc
Error: (02/02/2021 08:05:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SoftwareUpdate.exe, verze: 2.1.1.116, časové razítko: 0x488a4f1f
Název chybujícího modulu: ScriptingObjectModel.dll, verze: 2.1.1.116, časové razítko: 0x488a4efe
Kód výjimky: 0xc0000005
Posun chyby: 0x00002f91
ID chybujícího procesu: 0x114c
Čas spuštění chybující aplikace: 0x01d6f931b988a470
Cesta k chybující aplikaci: C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files\Apple Software Update\ScriptingObjectModel.dll
ID zprávy: ff1a1eb0-6524-11eb-b921-7071bc8b5edc
System errors:
=============
Error: (02/06/2021 12:28:37 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti zjistil vnitřní chybu.
Error: (02/06/2021 12:28:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/06/2021 12:27:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/06/2021 12:27:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (30000 ms).
Error: (02/06/2021 11:51:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Technologie Windows Connect Now – Registrátor konfigurací byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (02/06/2021 11:51:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel zařízení UPnP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.
Error: (02/06/2021 11:51:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SSDP Discovery byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.
Error: (02/06/2021 11:51:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Windows Defender:
===================================
Date: 2016-02-14 18:18:18.826
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C4E47644-2FF7-46DC-83C2-68F5233F082C}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:ION-PC\ION
Date: 2016-02-13 02:10:18.819
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{6E89285A-C960-4B56-9024-05AC8331316E}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:ION-PC\ION
Date: 2016-02-14 18:00:18.356
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Verze podpisu:1.177.386.0
Verze modulu:1.1.10302.0
Date: 2016-02-14 17:43:40.595
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Verze podpisu:1.177.386.0
Verze modulu:1.1.10302.0
Date: 2016-02-14 17:09:02.102
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Verze podpisu:1.177.386.0
Verze modulu:1.1.10302.0
Date: 2016-02-14 17:08:38.218
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2016-01-11 15:46:39.922
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-01-11 15:46:39.888
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-01-11 15:46:39.853
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-01-11 15:46:35.775
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-01-11 15:41:04.992
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-01-11 15:41:04.961
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-01-11 15:41:04.852
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 11:41:07.679
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0112 12/24/2009
Motherboard: To be filled by O.E.M. To be filled by O.E.M.
Processor: Intel(R) Atom(TM) CPU 330 @ 1.60GHz
Percentage of memory in use: 74%
Total physical RAM: 3327.11 MB
Available physical RAM: 855.55 MB
Total Virtual: 6652.59 MB
Available Virtual: 3376.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.72 GB) (Free:45.71 GB) NTFS
Drive d: () (Fixed) (Total:135.06 GB) (Free:87.57 GB) NTFS
Drive h: (WD) (Fixed) (Total:1862.98 GB) (Free:453.18 GB) NTFS
\\?\Volume{25a0a1e4-93fd-11e3-8f28-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 2F806A97)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=135.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 64F0551B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalený počítač
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zpomalený počítač
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Zpomalený počítač
Děkuji za reakci,ale nic to nenašlo,zde je log
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-06-2021
# Duration: 00:01:31
# OS: Windows 7 Professional
# Scanned: 31956
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [39724 octets] - [11/12/2018 21:09:42]
AdwCleaner[C00].txt - [34957 octets] - [11/12/2018 21:10:39]
AdwCleaner[S01].txt - [1845 octets] - [09/11/2019 15:29:31]
AdwCleaner[C01].txt - [1919 octets] - [09/11/2019 15:29:48]
AdwCleaner[S02].txt - [1503 octets] - [29/11/2019 21:54:36]
AdwCleaner[S03].txt - [1720 octets] - [04/03/2020 19:28:45]
AdwCleaner[S04].txt - [1781 octets] - [04/03/2020 19:31:54]
AdwCleaner[S05].txt - [1860 octets] - [13/01/2021 20:08:32]
AdwCleaner[C05].txt - [2030 octets] - [13/01/2021 20:22:42]
AdwCleaner[S06].txt - [1964 octets] - [25/01/2021 16:50:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S07].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-06-2021
# Duration: 00:01:31
# OS: Windows 7 Professional
# Scanned: 31956
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [39724 octets] - [11/12/2018 21:09:42]
AdwCleaner[C00].txt - [34957 octets] - [11/12/2018 21:10:39]
AdwCleaner[S01].txt - [1845 octets] - [09/11/2019 15:29:31]
AdwCleaner[C01].txt - [1919 octets] - [09/11/2019 15:29:48]
AdwCleaner[S02].txt - [1503 octets] - [29/11/2019 21:54:36]
AdwCleaner[S03].txt - [1720 octets] - [04/03/2020 19:28:45]
AdwCleaner[S04].txt - [1781 octets] - [04/03/2020 19:31:54]
AdwCleaner[S05].txt - [1860 octets] - [13/01/2021 20:08:32]
AdwCleaner[C05].txt - [2030 octets] - [13/01/2021 20:22:42]
AdwCleaner[S06].txt - [1964 octets] - [25/01/2021 16:50:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S07].txt ##########
Re: Zpomalený počítač
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
CloseProcesses:
CreateRestorePoint:
C:\Windows\System32\Drivers\a8ist5bk.sys
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\MountPoints2: {3e5b41fe-5aac-11e4-9374-7071bc8b5edc} - F:\Startme.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {16AAAE92-0F58-4327-9E88-F3B372264D68} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {2C15B83F-0603-4A7A-86D4-7C4C25147A70} - System32\Tasks\{A0D76558-4D99-471E-8D97-3587B37873ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\ION\Downloads\Net-Framework-2-0_2.0_Service_Pack 1.exe" -d C:\Users\ION\Downloads
Task: {3E65E18A-7DBF-44A6-8EB9-2DD483745818} - System32\Tasks\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795} => C:\Windows\system32\pcalua.exe -a G:\MAME\MAMEW.EXE -d G:\MAME
Task: {55EFAB53-4A8B-46EB-813A-6652E6E5345E} - System32\Tasks\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B} => C:\Windows\system32\pcalua.exe -a "H:\Half Life 2 CZ Dabing New\d1 Half Life 2.exe" -d "H:\Half Life 2 CZ Dabing New"
Task: {5AC12548-9430-4F31-93BD-A37FA0428E6A} - System32\Tasks\{2E005387-9D53-48ED-97D9-42B1999BB624} => C:\Windows\system32\pcalua.exe -a D:\Downloads\WindowsPhone.exe -d D:\Downloads
Task: {5AC807DF-4C9E-4C41-8472-F47ED7594CCD} - System32\Tasks\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {7696A6E2-3F94-47CE-88A8-F7A9E4890736} - System32\Tasks\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {82CE5246-3BB7-4261-9CB2-23A56520242A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {88175706-154B-44BB-BBA7-266901676E83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {A134FB69-8FD3-4A44-96C5-7707889A099C} - System32\Tasks\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => C:\Users\ION\Downloads\SBTA_PCDRV_L13_1_02_0001.exe
Task: {BCB83E86-39D2-43A3-A9B3-E103C923C632} - System32\Tasks\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Downloads\NetFx20SP2_x86.exe -d C:\Users\ION\Downloads
Task: {E3ED774B-22CC-4E4C-8E03-B85F08D8528D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
U3 a8ist5bk; C:\Windows\System32\Drivers\a8ist5bk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 GPCIDrv; \??\C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
2021-02-05 02:48 - 2018-12-11 20:38 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 02:48 - 2018-12-11 20:38 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll => No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File
Toolbar: HKU\S-1-5-21-507323896-2788175996-4153637081-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
FirewallRules: [{EE45BE35-9E34-41B5-AF48-C5CC98F47925}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{7F3B874C-690A-4CB5-87AD-2CD7C2D10BD9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{4BFF1312-7816-4813-B2B7-A02A8FC2E778}] => (Allow) LPort=57893
FirewallRules: [{E436985F-F561-4060-BFD2-754BD21F6F53}] => (Allow) LPort=57893
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8F92EACF-19F1-4C7C-BE84-5151FA11922F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BB5A482-22C5-4628-BAB2-57DB8067C22C}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB2BB3C-06D7-4C22-8FDC-66F75E234787}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB3E265-3041-4352-BFE4-15D184B703D1}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B0195926-AA15-4FD8-84CE-A9FEB82126E8}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
EmptyTemp:
Hosts:
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Zpomalený počítač
Provedeno,ale FRST nejde spustit,pokud nevypnu antivirus.Pak již jde.
Zde je Fixlog
Fix result of Farbar Recovery Scan Tool (x86) Version: 04-02-2021
Ran by ION (06-02-2021 15:06:59) Run:1
Running from C:\Users\ION\Desktop
Loaded Profiles: ION
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
C:\Windows\System32\Drivers\a8ist5bk.sys
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\MountPoints2: {3e5b41fe-5aac-11e4-9374-7071bc8b5edc} - F:\Startme.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {16AAAE92-0F58-4327-9E88-F3B372264D68} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {2C15B83F-0603-4A7A-86D4-7C4C25147A70} - System32\Tasks\{A0D76558-4D99-471E-8D97-3587B37873ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\ION\Downloads\Net-Framework-2-0_2.0_Service_Pack 1.exe" -d C:\Users\ION\Downloads
Task: {3E65E18A-7DBF-44A6-8EB9-2DD483745818} - System32\Tasks\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795} => C:\Windows\system32\pcalua.exe -a G:\MAME\MAMEW.EXE -d G:\MAME
Task: {55EFAB53-4A8B-46EB-813A-6652E6E5345E} - System32\Tasks\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B} => C:\Windows\system32\pcalua.exe -a "H:\Half Life 2 CZ Dabing New\d1 Half Life 2.exe" -d "H:\Half Life 2 CZ Dabing New"
Task: {5AC12548-9430-4F31-93BD-A37FA0428E6A} - System32\Tasks\{2E005387-9D53-48ED-97D9-42B1999BB624} => C:\Windows\system32\pcalua.exe -a D:\Downloads\WindowsPhone.exe -d D:\Downloads
Task: {5AC807DF-4C9E-4C41-8472-F47ED7594CCD} - System32\Tasks\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {7696A6E2-3F94-47CE-88A8-F7A9E4890736} - System32\Tasks\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {82CE5246-3BB7-4261-9CB2-23A56520242A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {88175706-154B-44BB-BBA7-266901676E83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {A134FB69-8FD3-4A44-96C5-7707889A099C} - System32\Tasks\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => C:\Users\ION\Downloads\SBTA_PCDRV_L13_1_02_0001.exe
Task: {BCB83E86-39D2-43A3-A9B3-E103C923C632} - System32\Tasks\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Downloads\NetFx20SP2_x86.exe -d C:\Users\ION\Downloads
Task: {E3ED774B-22CC-4E4C-8E03-B85F08D8528D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
U3 a8ist5bk; C:\Windows\System32\Drivers\a8ist5bk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 GPCIDrv; \??\C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
2021-02-05 02:48 - 2018-12-11 20:38 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 02:48 - 2018-12-11 20:38 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll => No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File
Toolbar: HKU\S-1-5-21-507323896-2788175996-4153637081-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
FirewallRules: [{EE45BE35-9E34-41B5-AF48-C5CC98F47925}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{7F3B874C-690A-4CB5-87AD-2CD7C2D10BD9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{4BFF1312-7816-4813-B2B7-A02A8FC2E778}] => (Allow) LPort=57893
FirewallRules: [{E436985F-F561-4060-BFD2-754BD21F6F53}] => (Allow) LPort=57893
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8F92EACF-19F1-4C7C-BE84-5151FA11922F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BB5A482-22C5-4628-BAB2-57DB8067C22C}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB2BB3C-06D7-4C22-8FDC-66F75E234787}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB3E265-3041-4352-BFE4-15D184B703D1}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B0195926-AA15-4FD8-84CE-A9FEB82126E8}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
EmptyTemp:
Hosts:
*****************
Processes closed successfully.
Zde je Fixlog
Fix result of Farbar Recovery Scan Tool (x86) Version: 04-02-2021
Ran by ION (06-02-2021 15:06:59) Run:1
Running from C:\Users\ION\Desktop
Loaded Profiles: ION
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
C:\Windows\System32\Drivers\a8ist5bk.sys
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\MountPoints2: {3e5b41fe-5aac-11e4-9374-7071bc8b5edc} - F:\Startme.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {16AAAE92-0F58-4327-9E88-F3B372264D68} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {2C15B83F-0603-4A7A-86D4-7C4C25147A70} - System32\Tasks\{A0D76558-4D99-471E-8D97-3587B37873ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\ION\Downloads\Net-Framework-2-0_2.0_Service_Pack 1.exe" -d C:\Users\ION\Downloads
Task: {3E65E18A-7DBF-44A6-8EB9-2DD483745818} - System32\Tasks\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795} => C:\Windows\system32\pcalua.exe -a G:\MAME\MAMEW.EXE -d G:\MAME
Task: {55EFAB53-4A8B-46EB-813A-6652E6E5345E} - System32\Tasks\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B} => C:\Windows\system32\pcalua.exe -a "H:\Half Life 2 CZ Dabing New\d1 Half Life 2.exe" -d "H:\Half Life 2 CZ Dabing New"
Task: {5AC12548-9430-4F31-93BD-A37FA0428E6A} - System32\Tasks\{2E005387-9D53-48ED-97D9-42B1999BB624} => C:\Windows\system32\pcalua.exe -a D:\Downloads\WindowsPhone.exe -d D:\Downloads
Task: {5AC807DF-4C9E-4C41-8472-F47ED7594CCD} - System32\Tasks\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {7696A6E2-3F94-47CE-88A8-F7A9E4890736} - System32\Tasks\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {82CE5246-3BB7-4261-9CB2-23A56520242A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {88175706-154B-44BB-BBA7-266901676E83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {A134FB69-8FD3-4A44-96C5-7707889A099C} - System32\Tasks\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => C:\Users\ION\Downloads\SBTA_PCDRV_L13_1_02_0001.exe
Task: {BCB83E86-39D2-43A3-A9B3-E103C923C632} - System32\Tasks\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Downloads\NetFx20SP2_x86.exe -d C:\Users\ION\Downloads
Task: {E3ED774B-22CC-4E4C-8E03-B85F08D8528D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
U3 a8ist5bk; C:\Windows\System32\Drivers\a8ist5bk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 GPCIDrv; \??\C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
2021-02-05 02:48 - 2018-12-11 20:38 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 02:48 - 2018-12-11 20:38 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll => No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File
Toolbar: HKU\S-1-5-21-507323896-2788175996-4153637081-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
FirewallRules: [{EE45BE35-9E34-41B5-AF48-C5CC98F47925}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{7F3B874C-690A-4CB5-87AD-2CD7C2D10BD9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{4BFF1312-7816-4813-B2B7-A02A8FC2E778}] => (Allow) LPort=57893
FirewallRules: [{E436985F-F561-4060-BFD2-754BD21F6F53}] => (Allow) LPort=57893
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8F92EACF-19F1-4C7C-BE84-5151FA11922F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BB5A482-22C5-4628-BAB2-57DB8067C22C}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB2BB3C-06D7-4C22-8FDC-66F75E234787}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB3E265-3041-4352-BFE4-15D184B703D1}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B0195926-AA15-4FD8-84CE-A9FEB82126E8}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
EmptyTemp:
Hosts:
*****************
Processes closed successfully.
Re: Zpomalený počítač
log neni kompletny
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Zpomalený počítač
Omlouvám se, špatně jsem to zkopíroval 
Tak znovu:
Fix result of Farbar Recovery Scan Tool (x86) Version: 04-02-2021
Ran by ION (06-02-2021 15:06:59) Run:1
Running from C:\Users\ION\Desktop
Loaded Profiles: ION
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
C:\Windows\System32\Drivers\a8ist5bk.sys
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\MountPoints2: {3e5b41fe-5aac-11e4-9374-7071bc8b5edc} - F:\Startme.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {16AAAE92-0F58-4327-9E88-F3B372264D68} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {2C15B83F-0603-4A7A-86D4-7C4C25147A70} - System32\Tasks\{A0D76558-4D99-471E-8D97-3587B37873ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\ION\Downloads\Net-Framework-2-0_2.0_Service_Pack 1.exe" -d C:\Users\ION\Downloads
Task: {3E65E18A-7DBF-44A6-8EB9-2DD483745818} - System32\Tasks\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795} => C:\Windows\system32\pcalua.exe -a G:\MAME\MAMEW.EXE -d G:\MAME
Task: {55EFAB53-4A8B-46EB-813A-6652E6E5345E} - System32\Tasks\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B} => C:\Windows\system32\pcalua.exe -a "H:\Half Life 2 CZ Dabing New\d1 Half Life 2.exe" -d "H:\Half Life 2 CZ Dabing New"
Task: {5AC12548-9430-4F31-93BD-A37FA0428E6A} - System32\Tasks\{2E005387-9D53-48ED-97D9-42B1999BB624} => C:\Windows\system32\pcalua.exe -a D:\Downloads\WindowsPhone.exe -d D:\Downloads
Task: {5AC807DF-4C9E-4C41-8472-F47ED7594CCD} - System32\Tasks\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {7696A6E2-3F94-47CE-88A8-F7A9E4890736} - System32\Tasks\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {82CE5246-3BB7-4261-9CB2-23A56520242A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {88175706-154B-44BB-BBA7-266901676E83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {A134FB69-8FD3-4A44-96C5-7707889A099C} - System32\Tasks\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => C:\Users\ION\Downloads\SBTA_PCDRV_L13_1_02_0001.exe
Task: {BCB83E86-39D2-43A3-A9B3-E103C923C632} - System32\Tasks\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Downloads\NetFx20SP2_x86.exe -d C:\Users\ION\Downloads
Task: {E3ED774B-22CC-4E4C-8E03-B85F08D8528D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
U3 a8ist5bk; C:\Windows\System32\Drivers\a8ist5bk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 GPCIDrv; \??\C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
2021-02-05 02:48 - 2018-12-11 20:38 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 02:48 - 2018-12-11 20:38 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll => No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File
Toolbar: HKU\S-1-5-21-507323896-2788175996-4153637081-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
FirewallRules: [{EE45BE35-9E34-41B5-AF48-C5CC98F47925}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{7F3B874C-690A-4CB5-87AD-2CD7C2D10BD9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{4BFF1312-7816-4813-B2B7-A02A8FC2E778}] => (Allow) LPort=57893
FirewallRules: [{E436985F-F561-4060-BFD2-754BD21F6F53}] => (Allow) LPort=57893
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8F92EACF-19F1-4C7C-BE84-5151FA11922F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BB5A482-22C5-4628-BAB2-57DB8067C22C}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB2BB3C-06D7-4C22-8FDC-66F75E234787}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB3E265-3041-4352-BFE4-15D184B703D1}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B0195926-AA15-4FD8-84CE-A9FEB82126E8}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
EmptyTemp:
Hosts:
*****************
Processes closed successfully.
Restore point was successfully created.
"C:\Windows\System32\Drivers\a8ist5bk.sys" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPSDNMON" => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation" => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword" => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff" => removed successfully.
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e5b41fe-5aac-11e4-9374-7071bc8b5edc} => removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16AAAE92-0F58-4327-9E88-F3B372264D68} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16AAAE92-0F58-4327-9E88-F3B372264D68} => removed successfully.
C:\Windows\System32\Tasks\Java Update Scheduler => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Update Scheduler => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C15B83F-0603-4A7A-86D4-7C4C25147A70}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C15B83F-0603-4A7A-86D4-7C4C25147A70}" => removed successfully.
C:\Windows\System32\Tasks\{A0D76558-4D99-471E-8D97-3587B37873ED} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A0D76558-4D99-471E-8D97-3587B37873ED}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E65E18A-7DBF-44A6-8EB9-2DD483745818}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E65E18A-7DBF-44A6-8EB9-2DD483745818}" => removed successfully.
C:\Windows\System32\Tasks\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55EFAB53-4A8B-46EB-813A-6652E6E5345E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55EFAB53-4A8B-46EB-813A-6652E6E5345E}" => removed successfully.
C:\Windows\System32\Tasks\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B}" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AC12548-9430-4F31-93BD-A37FA0428E6A} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AC12548-9430-4F31-93BD-A37FA0428E6A} => removed successfully.
C:\Windows\System32\Tasks\{2E005387-9D53-48ED-97D9-42B1999BB624} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2E005387-9D53-48ED-97D9-42B1999BB624} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AC807DF-4C9E-4C41-8472-F47ED7594CCD} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AC807DF-4C9E-4C41-8472-F47ED7594CCD} => removed successfully.
C:\Windows\System32\Tasks\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7696A6E2-3F94-47CE-88A8-F7A9E4890736} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7696A6E2-3F94-47CE-88A8-F7A9E4890736} => removed successfully.
C:\Windows\System32\Tasks\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82CE5246-3BB7-4261-9CB2-23A56520242A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82CE5246-3BB7-4261-9CB2-23A56520242A}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88175706-154B-44BB-BBA7-266901676E83}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88175706-154B-44BB-BBA7-266901676E83}" => removed successfully.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A134FB69-8FD3-4A44-96C5-7707889A099C} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A134FB69-8FD3-4A44-96C5-7707889A099C} => removed successfully.
C:\Windows\System32\Tasks\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCB83E86-39D2-43A3-A9B3-E103C923C632}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCB83E86-39D2-43A3-A9B3-E103C923C632}" => removed successfully.
C:\Windows\System32\Tasks\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3ED774B-22CC-4E4C-8E03-B85F08D8528D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3ED774B-22CC-4E4C-8E03-B85F08D8528D}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
a8ist5bk => service not found.
HKLM\System\CurrentControlSet\Services\GPCIDrv => removed successfully.
GPCIDrv => service removed successfully.
HKLM\System\CurrentControlSet\Services\RtsUIR => removed successfully.
RtsUIR => service removed successfully.
HKLM\System\CurrentControlSet\Services\USBCCID => removed successfully.
USBCCID => service removed successfully.
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => removed successfully.
HKLM\Software\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE45BE35-9E34-41B5-AF48-C5CC98F47925}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F3B874C-690A-4CB5-87AD-2CD7C2D10BD9}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BFF1312-7816-4813-B2B7-A02A8FC2E778}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E436985F-F561-4060-BFD2-754BD21F6F53}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP-NoScope" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F92EACF-19F1-4C7C-BE84-5151FA11922F}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BB5A482-22C5-4628-BAB2-57DB8067C22C}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1CB2BB3C-06D7-4C22-8FDC-66F75E234787}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1CB3E265-3041-4352-BFE4-15D184B703D1}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B0195926-AA15-4FD8-84CE-A9FEB82126E8}" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 190691613 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2110900 B
Edge => 0 B
Chrome => 916874411 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 39798 B
Public => 39798 B
ProgramData => 39798 B
systemprofile => 73416 B
LocalService => 205660 B
NetworkService => 276388 B
ION => 605955538 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:11:01 ====
Tak znovu:
Fix result of Farbar Recovery Scan Tool (x86) Version: 04-02-2021
Ran by ION (06-02-2021 15:06:59) Run:1
Running from C:\Users\ION\Desktop
Loaded Profiles: ION
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
C:\Windows\System32\Drivers\a8ist5bk.sys
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\...\MountPoints2: {3e5b41fe-5aac-11e4-9374-7071bc8b5edc} - F:\Startme.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {16AAAE92-0F58-4327-9E88-F3B372264D68} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {2C15B83F-0603-4A7A-86D4-7C4C25147A70} - System32\Tasks\{A0D76558-4D99-471E-8D97-3587B37873ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\ION\Downloads\Net-Framework-2-0_2.0_Service_Pack 1.exe" -d C:\Users\ION\Downloads
Task: {3E65E18A-7DBF-44A6-8EB9-2DD483745818} - System32\Tasks\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795} => C:\Windows\system32\pcalua.exe -a G:\MAME\MAMEW.EXE -d G:\MAME
Task: {55EFAB53-4A8B-46EB-813A-6652E6E5345E} - System32\Tasks\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B} => C:\Windows\system32\pcalua.exe -a "H:\Half Life 2 CZ Dabing New\d1 Half Life 2.exe" -d "H:\Half Life 2 CZ Dabing New"
Task: {5AC12548-9430-4F31-93BD-A37FA0428E6A} - System32\Tasks\{2E005387-9D53-48ED-97D9-42B1999BB624} => C:\Windows\system32\pcalua.exe -a D:\Downloads\WindowsPhone.exe -d D:\Downloads
Task: {5AC807DF-4C9E-4C41-8472-F47ED7594CCD} - System32\Tasks\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\ION\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {7696A6E2-3F94-47CE-88A8-F7A9E4890736} - System32\Tasks\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {82CE5246-3BB7-4261-9CB2-23A56520242A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {88175706-154B-44BB-BBA7-266901676E83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {A134FB69-8FD3-4A44-96C5-7707889A099C} - System32\Tasks\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => C:\Users\ION\Downloads\SBTA_PCDRV_L13_1_02_0001.exe
Task: {BCB83E86-39D2-43A3-A9B3-E103C923C632} - System32\Tasks\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB} => C:\Windows\system32\pcalua.exe -a C:\Users\ION\Downloads\NetFx20SP2_x86.exe -d C:\Users\ION\Downloads
Task: {E3ED774B-22CC-4E4C-8E03-B85F08D8528D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
U3 a8ist5bk; C:\Windows\System32\Drivers\a8ist5bk.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 GPCIDrv; \??\C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
2021-02-05 02:48 - 2018-12-11 20:38 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 02:48 - 2018-12-11 20:38 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll => No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll No File
Toolbar: HKU\S-1-5-21-507323896-2788175996-4153637081-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
FirewallRules: [{EE45BE35-9E34-41B5-AF48-C5CC98F47925}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{7F3B874C-690A-4CB5-87AD-2CD7C2D10BD9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{4BFF1312-7816-4813-B2B7-A02A8FC2E778}] => (Allow) LPort=57893
FirewallRules: [{E436985F-F561-4060-BFD2-754BD21F6F53}] => (Allow) LPort=57893
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8F92EACF-19F1-4C7C-BE84-5151FA11922F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BB5A482-22C5-4628-BAB2-57DB8067C22C}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB2BB3C-06D7-4C22-8FDC-66F75E234787}] => (Allow) C:\Windows\System32\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1CB3E265-3041-4352-BFE4-15D184B703D1}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B0195926-AA15-4FD8-84CE-A9FEB82126E8}] => (Allow) C:\Windows\System32\PnkBstrB.exe (Even Balance, Inc. -> )
EmptyTemp:
Hosts:
*****************
Processes closed successfully.
Restore point was successfully created.
"C:\Windows\System32\Drivers\a8ist5bk.sys" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPSDNMON" => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation" => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword" => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff" => removed successfully.
HKU\S-1-5-21-507323896-2788175996-4153637081-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e5b41fe-5aac-11e4-9374-7071bc8b5edc} => removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16AAAE92-0F58-4327-9E88-F3B372264D68} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16AAAE92-0F58-4327-9E88-F3B372264D68} => removed successfully.
C:\Windows\System32\Tasks\Java Update Scheduler => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Update Scheduler => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C15B83F-0603-4A7A-86D4-7C4C25147A70}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C15B83F-0603-4A7A-86D4-7C4C25147A70}" => removed successfully.
C:\Windows\System32\Tasks\{A0D76558-4D99-471E-8D97-3587B37873ED} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A0D76558-4D99-471E-8D97-3587B37873ED}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E65E18A-7DBF-44A6-8EB9-2DD483745818}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E65E18A-7DBF-44A6-8EB9-2DD483745818}" => removed successfully.
C:\Windows\System32\Tasks\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D7AE0B8B-3848-4A6D-BEBB-4DBA99E45795}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55EFAB53-4A8B-46EB-813A-6652E6E5345E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55EFAB53-4A8B-46EB-813A-6652E6E5345E}" => removed successfully.
C:\Windows\System32\Tasks\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C20628A4-ED3B-4C30-80C0-93CF72EB0E5B}" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AC12548-9430-4F31-93BD-A37FA0428E6A} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AC12548-9430-4F31-93BD-A37FA0428E6A} => removed successfully.
C:\Windows\System32\Tasks\{2E005387-9D53-48ED-97D9-42B1999BB624} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2E005387-9D53-48ED-97D9-42B1999BB624} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AC807DF-4C9E-4C41-8472-F47ED7594CCD} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AC807DF-4C9E-4C41-8472-F47ED7594CCD} => removed successfully.
C:\Windows\System32\Tasks\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CC1F8C40-8373-4E5D-A675-3F1465FC1117} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7696A6E2-3F94-47CE-88A8-F7A9E4890736} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7696A6E2-3F94-47CE-88A8-F7A9E4890736} => removed successfully.
C:\Windows\System32\Tasks\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ACD67CBF-7ACC-4F8E-B205-87526939BE2A} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82CE5246-3BB7-4261-9CB2-23A56520242A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82CE5246-3BB7-4261-9CB2-23A56520242A}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88175706-154B-44BB-BBA7-266901676E83}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88175706-154B-44BB-BBA7-266901676E83}" => removed successfully.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A134FB69-8FD3-4A44-96C5-7707889A099C} => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A134FB69-8FD3-4A44-96C5-7707889A099C} => removed successfully.
C:\Windows\System32\Tasks\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E938E2AB-72F4-41E9-A11B-0B66E24832F9} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCB83E86-39D2-43A3-A9B3-E103C923C632}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCB83E86-39D2-43A3-A9B3-E103C923C632}" => removed successfully.
C:\Windows\System32\Tasks\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5FB9410-45A6-4D0A-A74C-668D332DF1BB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3ED774B-22CC-4E4C-8E03-B85F08D8528D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3ED774B-22CC-4E4C-8E03-B85F08D8528D}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
a8ist5bk => service not found.
HKLM\System\CurrentControlSet\Services\GPCIDrv => removed successfully.
GPCIDrv => service removed successfully.
HKLM\System\CurrentControlSet\Services\RtsUIR => removed successfully.
RtsUIR => service removed successfully.
HKLM\System\CurrentControlSet\Services\USBCCID => removed successfully.
USBCCID => service removed successfully.
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => removed successfully.
HKLM\Software\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removed successfully.
"HKU\S-1-5-21-507323896-2788175996-4153637081-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE45BE35-9E34-41B5-AF48-C5CC98F47925}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F3B874C-690A-4CB5-87AD-2CD7C2D10BD9}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BFF1312-7816-4813-B2B7-A02A8FC2E778}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E436985F-F561-4060-BFD2-754BD21F6F53}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP-NoScope" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F92EACF-19F1-4C7C-BE84-5151FA11922F}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BB5A482-22C5-4628-BAB2-57DB8067C22C}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1CB2BB3C-06D7-4C22-8FDC-66F75E234787}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1CB3E265-3041-4352-BFE4-15D184B703D1}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B0195926-AA15-4FD8-84CE-A9FEB82126E8}" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 190691613 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2110900 B
Edge => 0 B
Chrome => 916874411 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 39798 B
Public => 39798 B
ProgramData => 39798 B
systemprofile => 73416 B
LocalService => 205660 B
NetworkService => 276388 B
ION => 605955538 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:11:01 ====
Re: Zpomalený počítač
Vypada to dobre :]]
Ako je na tom pocitac?
Ako je na tom pocitac?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Zpomalený počítač
Zdá se to lepší,ale procesor je stále dost vytížen, tak uvidím.
Mockrát díky
Mockrát díky
Re: Zpomalený počítač
Ktore procesy najviac zatazuju system?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Zpomalený počítač
svchost.exe NETWORK SERVICE a Chrome.exe
Něco bere také uTorrent ale to je jasné.
Něco bere také uTorrent ale to je jasné.
Re: Zpomalený počítač
Otestujte, prosim, tento subor:
C:\Users\ION\AppData\Roaming\WmiApSrv.exe
Otestujte ho pomocou stranky virustotal.com . Url vysledku sem nasledne skopirujte.
C:\Users\ION\AppData\Roaming\WmiApSrv.exe
Otestujte ho pomocou stranky virustotal.com . Url vysledku sem nasledne skopirujte.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Zpomalený počítač
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
-
Kód: Vybrat vše
CloseProcesses:
C:\Users\ION\AppData\Roaming\WmiApSrv.exe
InternetURL: C:\Users\ION\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WmiApSrv.URL -> URL: file:///C:\Users\ION\AppData\Roaming\WmiApSrv.exe
2020-03-13 12:12 - 2020-03-13 17:51 - 285961728 __RSH () C:\Users\ION\AppData\Roaming\WmiApSrv.exe
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
-
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Zpomalený počítač
Zde je Fixlog
Fix result of Farbar Recovery Scan Tool (x86) Version: 04-02-2021
Ran by ION (06-02-2021 21:21:13) Run:2
Running from C:\Users\ION\Desktop
Loaded Profiles: ION
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
C:\Users\ION\AppData\Roaming\WmiApSrv.exe
InternetURL: C:\Users\ION\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WmiApSrv.URL -> URL: file:///C:\Users\ION\AppData\Roaming\WmiApSrv.exe
2020-03-13 12:12 - 2020-03-13 17:51 - 285961728 __RSH () C:\Users\ION\AppData\Roaming\WmiApSrv.exe
*****************
Processes closed successfully.
C:\Users\ION\AppData\Roaming\WmiApSrv.exe => moved successfully
C:\Users\ION\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WmiApSrv.URL => moved successfully
"C:\Users\ION\AppData\Roaming\WmiApSrv.exe" => not found
The system needed a reboot.
==== End of Fixlog 21:21:15 ====
Fix result of Farbar Recovery Scan Tool (x86) Version: 04-02-2021
Ran by ION (06-02-2021 21:21:13) Run:2
Running from C:\Users\ION\Desktop
Loaded Profiles: ION
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
C:\Users\ION\AppData\Roaming\WmiApSrv.exe
InternetURL: C:\Users\ION\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WmiApSrv.URL -> URL: file:///C:\Users\ION\AppData\Roaming\WmiApSrv.exe
2020-03-13 12:12 - 2020-03-13 17:51 - 285961728 __RSH () C:\Users\ION\AppData\Roaming\WmiApSrv.exe
*****************
Processes closed successfully.
C:\Users\ION\AppData\Roaming\WmiApSrv.exe => moved successfully
C:\Users\ION\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WmiApSrv.URL => moved successfully
"C:\Users\ION\AppData\Roaming\WmiApSrv.exe" => not found
The system needed a reboot.
==== End of Fixlog 21:21:15 ====
Přispějete na provoz fóra?