Pomalý Eee PC- prosím o preventivku
Napsal: 03 zář 2018 18:34
Dobrý den, po delší době jsem si spustila notebook, v červenci po reinstalaci OS v servisu (2x), ale je tak pomalý, že jen stažení FRST a logu jsem dělala skoro 45 min.
Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01.09.2018 03
Ran by Asus (administrator) on ASUS-PC (03-09-2018 19:19:05)
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\AsusService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Update\Install\{BF7BFE16-9C6A-44C9-97AE-2E554DB86E52}\68.0.3440.106_67.0.3396.99_chrome_updater.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Windows\Temp\CR_7546B.tmp\setup.exe
(Google Inc.) C:\Windows\Temp\CR_7546B.tmp\setup.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp472-kb4054541-x86-x64-enu.exe
(Microsoft Corporation) D:\b0ae7da0d128d0c7ad\Setup.exe
(Google) C:\Users\Asus\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Google) C:\Users\Asus\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Google) C:\Users\Asus\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-23] (Realtek Semiconductor)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [95744 2010-09-02] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1245104 2010-09-03] (ASUSTeK Computer Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [170128 2018-07-30] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2010-03-05] (Synaptics Incorporated)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: E - E:\.\StartModem.exe
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: {03da9092-89c8-11e8-b453-74f06dab18dc} - E:\.\StartModem.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{A0E9C34B-83FA-4A08-BB4D-C54C4E681D54}: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{B9F23C04-6940-4BD8-88C2-2F9EEE5B100B}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{F4787E52-5BBA-4CAC-8060-12823D4F0C08}: [NameServer] 78.136.128.4 78.136.128.12
Internet Explorer:
==================
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {7F967E5C-7921-4DDA-B959-65076252BDE5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {7F967E5C-7921-4DDA-B959-65076252BDE5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1522404313-77886156-3663448840-1002 -> DefaultScope {7F967E5C-7921-4DDA-B959-65076252BDE5} URL =
SearchScopes: HKU\S-1-5-21-1522404313-77886156-3663448840-1002 -> {7F967E5C-7921-4DDA-B959-65076252BDE5} URL =
FireFox:
========
FF DefaultProfile: p46g1gr0.default-1530438134847
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\p46g1gr0.default-1530438134847 [2018-09-03]
FF Homepage: Mozilla\Firefox\Profiles\p46g1gr0.default-1530438134847 -> www.seznam.cz
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2002-01-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2002-01-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
StartMenuInternet: Firefox-AE082D9087109D4D - C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2018-09-03]
CHR Extension: (Dokumenty) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-22]
CHR Extension: (Disk Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-22]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-22]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-22]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-18] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-30] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-30] (ESET)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 bmfilter; C:\Windows\System32\DRIVERS\qcusbfilter.sys [28160 2017-02-21] (QUALCOMM Incorporated)
S3 bmusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [205312 2017-02-21] (QUALCOMM Incorporated)
S3 bmusbwwan; C:\Windows\System32\DRIVERS\qcusbwwan.sys [413184 2017-02-21] (QUALCOMM Incorporated)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [124376 2018-07-30] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [92600 2018-07-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150792 2018-07-30] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43816 2018-07-30] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [73424 2018-07-30] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [54240 2018-07-30] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [95224 2018-07-30] (ESET)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [73088 2010-02-05] (Realtek Semiconductor Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-03 19:03 - 2018-09-03 19:21 - 000010218 _____ C:\Users\Asus\Desktop\FRST.txt
2018-09-03 19:02 - 2018-09-03 19:03 - 000000000 ____D C:\FRST
2018-09-03 18:57 - 2018-09-03 18:58 - 001773568 _____ (Farbar) C:\Users\Asus\Desktop\FRST.exe
2018-09-03 18:28 - 2018-09-03 18:28 - 016798624 _____ (Piriform Ltd) C:\Users\Asus\Downloads\ccsetup546.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-03 18:57 - 2014-06-05 22:56 - 001558876 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-03 18:57 - 2009-07-14 10:44 - 000668792 _____ C:\Windows\system32\perfh005.dat
2018-09-03 18:57 - 2009-07-14 10:44 - 000141420 _____ C:\Windows\system32\perfc005.dat
2018-09-03 18:54 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-09-03 18:53 - 2018-06-28 19:02 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2018-09-03 18:53 - 2018-06-28 19:01 - 000000000 ____D C:\Users\Asus\AppData\Local\Mozilla Firefox
2018-09-03 18:36 - 2018-06-30 11:46 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-09-03 18:34 - 2009-07-14 06:34 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-03 18:34 - 2009-07-14 06:34 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-03 18:21 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-17 19:53
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01.09.2018 03
Ran by Asus (03-09-2018 19:23:47)
Running from C:\Users\Asus\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2018-06-22 07:18:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1522404313-77886156-3663448840-500 - Administrator - Disabled)
Asus (S-1-5-21-1522404313-77886156-3663448840-1002 - Administrator - Enabled) => C:\Users\Asus
Guest (S-1-5-21-1522404313-77886156-3663448840-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D-Link Connection Manager v2.0.5EU (HKLM\...\Broad Mobi HSPA Modem Normal Version_is1) (Version: - )
ESET Security (HKLM\...\{E567E054-DD31-4608-ACB3-A89658672639}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Google Chrome (HKLM\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.32 - AsusTek Computer Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
LibreOffice 5.2.5.1 (HKLM\...\{79CD8EA1-DEB1-4582-9E41-8634223BDCD4}) (Version: 5.2.5.1 - The Document Foundation)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x86 cs) (HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\Mozilla Firefox 61.0.2 (x86 cs)) (Version: 61.0.2 - Mozilla)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
USB2.0 UVC VGA WebCam (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0029 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-04-19] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12336F00-1AD1-4901-ADC6-A3E1EF396952} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {33E88BB2-AFF8-4C4C-A539-E4B26DD8DC52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {45C5E387-B5FA-4721-A01A-2B0A951C6EEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2002-01-01] (Google Inc.)
Task: {D3D4A2D4-5220-4763-A64E-096B5CFD04BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {E4AE0FBF-928C-41A4-94D7-CBABC08D3A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2002-01-01] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-06-25 10:05 - 2009-08-18 17:35 - 000219136 _____ () C:\Windows\System32\AsusService.exe
2018-08-24 20:37 - 2018-08-24 20:37 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.24.64.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AB6A06D9-5EDD-4756-885B-71FF9280F08A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D7923A97-7499-4841-8B6F-D3DE8A7093B6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{685288D7-A368-468D-A8C0-F94725B27329}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{76381F5C-A442-430D-BF39-621651E0650C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
02-07-2018 09:38:02 Windows Update
09-07-2018 16:17:08 Windows Update
16-07-2018 08:17:36 Windows Update
17-07-2018 15:51:58 Windows Update
27-07-2018 11:13:27 Windows Update
30-07-2018 13:24:19 Windows Update
03-09-2018 18:29:27 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2018 07:10:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST.exe verze 1.9.2018.3 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1358
Čas spuštění: 01d443a7d241f327
Čas ukončení: 249
Cesta k aplikaci: C:\Users\Asus\Desktop\FRST.exe
ID hlášení: 04f81b5b-af9c-11e8-8551-74f06dab18dc
Error: (07/30/2018 02:05:37 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (07/30/2018 02:05:27 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (07/30/2018 02:05:10 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (1532) Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1532) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -1811.
Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 413) (User: )
Description: taskhost (1532) WebCacheLocal: Nový soubor protokolu nelze vytvořit, protože není možné zapisovat na jednotku protokolu. Jednotka může být označena jen pro čtení, na disku je nedostatek místa nebo je jednotka chybně nakonfigurována či poškozena. Chyba -1811
Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 486) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o přesunutí souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log do složky C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01.log se nezdařil. Došlo k systémové chybě 2 (0x00000002): Systém nemůže nalézt uvedený soubor. . Operace přesunutí souboru se nezdaří a dojde k chybě -1811 (0xfffff8ed).
Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 485) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o odstranění složky C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace odstranění složky se nezdaří a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (09/03/2018 06:27:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/03/2018 06:27:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.
Error: (09/03/2018 06:21:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (07/30/2018 02:00:24 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.
Error: (07/30/2018 02:00:07 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku F: nelze přečíst.
Error: (07/30/2018 12:44:48 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.
Error: (07/30/2018 12:44:30 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku F: nelze přečíst.
Error: (07/30/2018 12:34:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Windows Defender:
===================================
Date: 2018-07-09 16:18:42.342
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.645.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2018-07-09 16:18:42.341
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU N450 @ 1.66GHz
Percentage of memory in use: 81%
Total physical RAM: 1014.12 MB
Available physical RAM: 188.27 MB
Total Virtual: 2038.12 MB
Available Virtual: 668.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:56.62 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:117.87 GB) (Free:117.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 29133921)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=117.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 MB) - (Type=EF)
==================== End of Addition.txt ============================
Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01.09.2018 03
Ran by Asus (administrator) on ASUS-PC (03-09-2018 19:19:05)
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\AsusService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Update\Install\{BF7BFE16-9C6A-44C9-97AE-2E554DB86E52}\68.0.3440.106_67.0.3396.99_chrome_updater.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Windows\Temp\CR_7546B.tmp\setup.exe
(Google Inc.) C:\Windows\Temp\CR_7546B.tmp\setup.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp472-kb4054541-x86-x64-enu.exe
(Microsoft Corporation) D:\b0ae7da0d128d0c7ad\Setup.exe
(Google) C:\Users\Asus\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Google) C:\Users\Asus\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Google) C:\Users\Asus\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Mozilla Corporation) C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-23] (Realtek Semiconductor)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [95744 2010-09-02] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1245104 2010-09-03] (ASUSTeK Computer Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [170128 2018-07-30] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2010-03-05] (Synaptics Incorporated)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: E - E:\.\StartModem.exe
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\MountPoints2: {03da9092-89c8-11e8-b453-74f06dab18dc} - E:\.\StartModem.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{A0E9C34B-83FA-4A08-BB4D-C54C4E681D54}: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{B9F23C04-6940-4BD8-88C2-2F9EEE5B100B}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{F4787E52-5BBA-4CAC-8060-12823D4F0C08}: [NameServer] 78.136.128.4 78.136.128.12
Internet Explorer:
==================
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {7F967E5C-7921-4DDA-B959-65076252BDE5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {7F967E5C-7921-4DDA-B959-65076252BDE5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1522404313-77886156-3663448840-1002 -> DefaultScope {7F967E5C-7921-4DDA-B959-65076252BDE5} URL =
SearchScopes: HKU\S-1-5-21-1522404313-77886156-3663448840-1002 -> {7F967E5C-7921-4DDA-B959-65076252BDE5} URL =
FireFox:
========
FF DefaultProfile: p46g1gr0.default-1530438134847
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\p46g1gr0.default-1530438134847 [2018-09-03]
FF Homepage: Mozilla\Firefox\Profiles\p46g1gr0.default-1530438134847 -> www.seznam.cz
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2002-01-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2002-01-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
StartMenuInternet: Firefox-AE082D9087109D4D - C:\Users\Asus\AppData\Local\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2018-09-03]
CHR Extension: (Dokumenty) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-22]
CHR Extension: (Disk Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-22]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-22]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-22]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-18] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-30] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-30] (ESET)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 bmfilter; C:\Windows\System32\DRIVERS\qcusbfilter.sys [28160 2017-02-21] (QUALCOMM Incorporated)
S3 bmusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [205312 2017-02-21] (QUALCOMM Incorporated)
S3 bmusbwwan; C:\Windows\System32\DRIVERS\qcusbwwan.sys [413184 2017-02-21] (QUALCOMM Incorporated)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [124376 2018-07-30] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [92600 2018-07-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150792 2018-07-30] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43816 2018-07-30] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [73424 2018-07-30] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [54240 2018-07-30] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [95224 2018-07-30] (ESET)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [73088 2010-02-05] (Realtek Semiconductor Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-03 19:03 - 2018-09-03 19:21 - 000010218 _____ C:\Users\Asus\Desktop\FRST.txt
2018-09-03 19:02 - 2018-09-03 19:03 - 000000000 ____D C:\FRST
2018-09-03 18:57 - 2018-09-03 18:58 - 001773568 _____ (Farbar) C:\Users\Asus\Desktop\FRST.exe
2018-09-03 18:28 - 2018-09-03 18:28 - 016798624 _____ (Piriform Ltd) C:\Users\Asus\Downloads\ccsetup546.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-03 18:57 - 2014-06-05 22:56 - 001558876 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-03 18:57 - 2009-07-14 10:44 - 000668792 _____ C:\Windows\system32\perfh005.dat
2018-09-03 18:57 - 2009-07-14 10:44 - 000141420 _____ C:\Windows\system32\perfc005.dat
2018-09-03 18:54 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-09-03 18:53 - 2018-06-28 19:02 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2018-09-03 18:53 - 2018-06-28 19:01 - 000000000 ____D C:\Users\Asus\AppData\Local\Mozilla Firefox
2018-09-03 18:36 - 2018-06-30 11:46 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-09-03 18:34 - 2009-07-14 06:34 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-03 18:34 - 2009-07-14 06:34 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-03 18:21 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-17 19:53
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01.09.2018 03
Ran by Asus (03-09-2018 19:23:47)
Running from C:\Users\Asus\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2018-06-22 07:18:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1522404313-77886156-3663448840-500 - Administrator - Disabled)
Asus (S-1-5-21-1522404313-77886156-3663448840-1002 - Administrator - Enabled) => C:\Users\Asus
Guest (S-1-5-21-1522404313-77886156-3663448840-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D-Link Connection Manager v2.0.5EU (HKLM\...\Broad Mobi HSPA Modem Normal Version_is1) (Version: - )
ESET Security (HKLM\...\{E567E054-DD31-4608-ACB3-A89658672639}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Google Chrome (HKLM\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.32 - AsusTek Computer Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
LibreOffice 5.2.5.1 (HKLM\...\{79CD8EA1-DEB1-4582-9E41-8634223BDCD4}) (Version: 5.2.5.1 - The Document Foundation)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x86 cs) (HKU\S-1-5-21-1522404313-77886156-3663448840-1002\...\Mozilla Firefox 61.0.2 (x86 cs)) (Version: 61.0.2 - Mozilla)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
USB2.0 UVC VGA WebCam (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0029 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-04-19] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-30] (ESET)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12336F00-1AD1-4901-ADC6-A3E1EF396952} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {33E88BB2-AFF8-4C4C-A539-E4B26DD8DC52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {45C5E387-B5FA-4721-A01A-2B0A951C6EEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2002-01-01] (Google Inc.)
Task: {D3D4A2D4-5220-4763-A64E-096B5CFD04BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {E4AE0FBF-928C-41A4-94D7-CBABC08D3A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2002-01-01] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-06-25 10:05 - 2009-08-18 17:35 - 000219136 _____ () C:\Windows\System32\AsusService.exe
2018-08-24 20:37 - 2018-08-24 20:37 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1522404313-77886156-3663448840-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.24.64.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AB6A06D9-5EDD-4756-885B-71FF9280F08A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D7923A97-7499-4841-8B6F-D3DE8A7093B6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{685288D7-A368-468D-A8C0-F94725B27329}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{76381F5C-A442-430D-BF39-621651E0650C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
02-07-2018 09:38:02 Windows Update
09-07-2018 16:17:08 Windows Update
16-07-2018 08:17:36 Windows Update
17-07-2018 15:51:58 Windows Update
27-07-2018 11:13:27 Windows Update
30-07-2018 13:24:19 Windows Update
03-09-2018 18:29:27 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2018 07:10:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST.exe verze 1.9.2018.3 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1358
Čas spuštění: 01d443a7d241f327
Čas ukončení: 249
Cesta k aplikaci: C:\Users\Asus\Desktop\FRST.exe
ID hlášení: 04f81b5b-af9c-11e8-8551-74f06dab18dc
Error: (07/30/2018 02:05:37 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (07/30/2018 02:05:27 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (07/30/2018 02:05:10 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (1532) Pokus o otevření souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1532) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -1811.
Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 413) (User: )
Description: taskhost (1532) WebCacheLocal: Nový soubor protokolu nelze vytvořit, protože není možné zapisovat na jednotku protokolu. Jednotka může být označena jen pro čtení, na disku je nedostatek místa nebo je jednotka chybně nakonfigurována či poškozena. Chyba -1811
Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 486) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o přesunutí souboru C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log do složky C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01.log se nezdařil. Došlo k systémové chybě 2 (0x00000002): Systém nemůže nalézt uvedený soubor. . Operace přesunutí souboru se nezdaří a dojde k chybě -1811 (0xfffff8ed).
Error: (07/30/2018 02:04:54 PM) (Source: ESENT) (EventID: 485) (User: )
Description: taskhost (1532) WebCacheLocal: Pokus o odstranění složky C:\Users\Asus\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace odstranění složky se nezdaří a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (09/03/2018 06:27:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/03/2018 06:27:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.
Error: (09/03/2018 06:21:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (07/30/2018 02:00:24 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.
Error: (07/30/2018 02:00:07 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku F: nelze přečíst.
Error: (07/30/2018 12:44:48 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.
Error: (07/30/2018 12:44:30 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku F: nelze přečíst.
Error: (07/30/2018 12:34:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Windows Defender:
===================================
Date: 2018-07-09 16:18:42.342
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.645.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2018-07-09 16:18:42.341
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU N450 @ 1.66GHz
Percentage of memory in use: 81%
Total physical RAM: 1014.12 MB
Available physical RAM: 188.27 MB
Total Virtual: 2038.12 MB
Available Virtual: 668.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:56.62 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:117.87 GB) (Free:117.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 29133921)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=117.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 MB) - (Type=EF)
==================== End of Addition.txt ============================