Dobrý den, založil jsem nové vlákno, v předchozím ještě potřebuji dočistit notebook až ho budu mít k dispozici. Nyní se vrátíme k PC, které se čistilo v období okolo vánoc. Zde došlo ke zpomalení, dokonce cčerejší naběhnutí firefoxu zabralo cca 10 minut a dále je asi nějaká neplecha v poště...mallware?
Zasílám logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2022
Ran by Petr (administrator) on PETR-PC (Gigabyte Technology Co., Ltd. G31M-ES2L) (06-02-2022 13:20:32)
Running from C:\Stahování
Loaded Profiles: Petr
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <4>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Marek Jasinski -> Marek Jasinski - www.FreeCommander.com) [File not signed] C:\Program Files\FreeCommander\FreeCommander.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <29>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [143128 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3552024 2022-01-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\MountPoints2: {54cae04e-ddba-11e8-a0ce-6cf049cbae7d} - F:\LGAutoRun.exe
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPD9W.DLL [27648 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [272384 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files\AVAST Software\Browser\Application\91.1.10666.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\97.1.13816.100\Installer\chrmstp.exe [2022-01-27] (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * aswBoot.exe /M:d3563d7c6 /dir:"C:\Program Files\AVAST Software\Avast"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09C0B0D5-A8F7-4186-97A1-2C884E808A47} - System32\Tasks\{505AA0D8-A48D-49B5-A75A-12A93F081CC6} => C:\Windows\system32\pcalua.exe -a C:\Stahování\sp54430(1).exe -d C:\Stahování
Task: {1119EE64-F50A-43BB-8AF6-410045247D7A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1546480 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {1296B2B2-DBA3-41A1-9EA7-533C8ED78805} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {1E9E75B6-07FC-4F28-A538-1809BA50DB4C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {2958C2D6-7FA0-4E30-8DCA-4400A7279AB7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {3ECF8440-60B3-47D2-9001-9BD764ED5252} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4398872 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
Task: {3EF69B47-9C6A-4E78-8A51-13300B0DC25D} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5822744 2022-01-18] (Avast Software s.r.o. -> Avast Software)
Task: {51C6B6A2-2C30-46BB-9CF1-7EF71D7AB503} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2234712 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
Task: {55887A39-2DC9-4FBC-8E91-873161F12FA0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {57411C4B-E521-48F1-8316-E1A773C0D113} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2234712 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
Task: {676A02C8-71CC-4A94-B052-F9B7368A3A42} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {714EA546-C2AB-4C7F-ACCD-56EC8090F547} - System32\Tasks\GoogleUpdateTaskMachineUA{CE3F8198-2728-4394-A1BD-DD98D0CB83A3} => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {953A4804-26C2-42BA-B22D-EA3F76B08054} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4253976 2022-01-23] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 3bb7cc69-277e-46bf-8894-47a1fbea06ff
Task: {9BA636B6-CA06-4AE9-976A-B620BADA2A15} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe /StartRecording (No File)
Task: {B518D301-9BDE-4863-8206-B3B0940A7FB5} - System32\Tasks\GoogleUpdateTaskMachineCore{E8EA0B29-9DBC-47E4-BA4A-762E8EBE6497} => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {C75DD3FE-A745-4EB4-86E2-FB14BCD4DA22} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D937303A-F898-4616-BD32-72DC99F0077A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F10E948-19EF-499E-BEF8-E480C119DCEC}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-05]
FireFox:
========
FF DefaultProfile: fa8ytgvl.default-1606416614406
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\fa8ytgvl.default-1606416614406 [2022-02-06]
FF DownloadDir: C:\Stahování
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2022-02-05]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-10]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-10]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-28]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-10]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-10]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7627856 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [428312 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1583384 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [427800 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\97.1.13816.100\elevation_service.exe [1546200 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12099864 2022-01-23] (Avast Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6391992 2022-01-20] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6380032 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [221696 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [187368 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [309824 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [208448 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [92736 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40368 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [155592 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [394080 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2018-05-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [93824 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72984 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691776 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455456 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [162432 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [267232 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [87568 2016-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [182168 2022-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [213936 2022-01-20] (Malwarebytes Inc -> Malwarebytes)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2017-05-01] (Padus, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-06 09:27 - 2022-02-06 09:27 - 000408864 _____ C:\Windows\system32\FNTCACHE.DAT
2022-02-02 12:31 - 2022-02-02 12:31 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-21 15:53 - 2022-02-02 20:14 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{CE3F8198-2728-4394-A1BD-DD98D0CB83A3}
2022-01-21 15:53 - 2022-02-02 20:14 - 000003248 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{E8EA0B29-9DBC-47E4-BA4A-762E8EBE6497}
2022-01-20 18:00 - 2022-01-20 18:00 - 000001243 _____ C:\Users\Petr\Desktop\CEWE FOTOLAB fotosvet – zástupce.lnk
2022-01-20 18:00 - 2022-01-20 18:00 - 000001223 _____ C:\Users\Petr\Desktop\CEWE fotoimporter – zástupce.lnk
2022-01-20 17:26 - 2022-02-06 12:02 - 000000000 ____D C:\ProgramData\tmp
2022-01-20 17:26 - 2022-01-20 18:27 - 000000000 ____D C:\ProgramData\hps
2022-01-20 17:22 - 2022-01-20 17:22 - 000000000 ____D C:\Program Files\Fotolab
2022-01-18 22:31 - 2022-01-18 22:31 - 000000000 _____ C:\Windows\ativpsrm.bin
2022-01-18 22:29 - 2010-08-26 02:27 - 000065536 _____ (AMD) C:\Windows\system32\coinst.dll
2022-01-18 22:29 - 2010-08-02 09:38 - 000021866 _____ C:\Windows\atiogl.xml
2022-01-18 22:28 - 2010-08-26 03:01 - 000076216 _____ C:\Windows\system32\atiapfxx.blb
2022-01-18 22:28 - 2010-08-26 02:57 - 000450560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2022-01-18 22:28 - 2010-06-15 23:28 - 000002857 _____ C:\Windows\system32\atipblag.dat
2022-01-08 15:17 - 2022-01-08 15:17 - 000000000 ____D C:\Program Files\ATI
2022-01-08 15:16 - 2022-01-08 15:16 - 000000000 ____D C:\SWTOOLS
2022-01-08 14:56 - 2022-02-02 20:14 - 000003076 _____ C:\Windows\system32\Tasks\{505AA0D8-A48D-49B5-A75A-12A93F081CC6}
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-06 13:21 - 2016-12-24 11:15 - 000000000 ____D C:\FRST
2022-02-06 13:20 - 2016-12-23 01:14 - 000668866 _____ C:\Windows\system32\perfh005.dat
2022-02-06 13:20 - 2016-12-23 01:14 - 000141526 _____ C:\Windows\system32\perfc005.dat
2022-02-06 13:20 - 2014-03-15 13:04 - 000000000 ____D C:\Stahování
2022-02-06 13:20 - 2010-11-20 22:01 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-06 13:20 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2022-02-06 12:58 - 2016-12-24 11:46 - 000000000 ____D C:\Program Files\Google
2022-02-06 12:47 - 2019-02-05 11:26 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-06 12:46 - 2016-12-22 16:48 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2022-02-06 10:15 - 2009-07-14 05:34 - 000038608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-02-06 10:15 - 2009-07-14 05:34 - 000038608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-02-06 09:57 - 2016-12-22 17:28 - 000000000 ____D C:\Program Files\CCleaner
2022-02-06 09:48 - 2016-12-22 20:34 - 000000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2022-02-06 09:44 - 2020-08-09 10:36 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-06 09:44 - 2020-08-09 10:36 - 000002126 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-06 09:35 - 2016-12-22 17:16 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-02-06 09:29 - 2020-08-26 20:11 - 000000000 ____D C:\Users\Petr\AppData\Local\AVAST Software
2022-02-06 09:28 - 2016-12-22 17:23 - 000000000 ____D C:\ProgramData\AVAST Software
2022-02-06 09:27 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-02-05 14:19 - 2020-04-15 18:42 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Zoom
2022-02-05 14:19 - 2017-03-20 09:04 - 000000000 ____D C:\Windows\Minidump
2022-02-03 10:20 - 2017-03-18 14:38 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-02-03 10:17 - 2021-01-14 16:32 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-02-02 20:14 - 2021-08-18 16:06 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Petr
2022-02-02 20:14 - 2020-10-28 12:50 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ad1792fe4ccc
2022-02-02 20:14 - 2020-08-09 10:35 - 000003472 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-02 20:14 - 2020-08-09 10:35 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-02 20:14 - 2016-12-22 17:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2022-01-29 09:19 - 2021-12-19 18:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-29 09:19 - 2017-01-08 15:09 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2022-01-27 17:02 - 2020-08-25 15:13 - 000003720 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2022-01-27 17:02 - 2018-04-05 09:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-01-27 17:02 - 2018-04-05 09:06 - 000002332 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-01-25 09:26 - 2017-03-19 14:18 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 09:26 - 2017-03-19 14:18 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-21 09:14 - 2020-08-09 09:20 - 000182168 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-01-20 15:56 - 2020-08-05 18:58 - 000213936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-01-20 15:56 - 2020-08-01 09:34 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-20 15:56 - 2019-07-21 20:41 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-20 15:55 - 2019-07-21 20:41 - 000124328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2022-01-20 15:54 - 2017-01-12 18:57 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-20 15:54 - 2016-12-22 18:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-20 15:49 - 2021-01-14 16:33 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2022-01-19 16:21 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\LiveKernelReports
2022-01-18 22:05 - 2016-12-22 18:13 - 000000000 ____D C:\Users\Petr\AppData\Local\Microsoft Help
2022-01-13 15:57 - 2021-02-21 10:15 - 000002029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-12 10:11 - 2016-12-25 10:05 - 000000000 ____D C:\Windows\system32\MRT
2022-01-12 10:01 - 2016-12-25 10:04 - 142270864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-08 15:40 - 2018-10-23 07:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== Files in the root of some directories ========
2020-10-27 16:57 - 2020-10-27 16:57 - 000004096 ____H () C:\Users\Petr\AppData\Local\keyfile3.drm
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2022-02-06 10:25
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2022
Ran by Petr (06-02-2022 13:22:20)
Running from C:\Stahování
Microsoft Windows 7 Professional Service Pack 1 (X86) (2016-12-22 15:36:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-54223709-3085532525-3047887407-500 - Administrator - Disabled)
Guest (S-1-5-21-54223709-3085532525-3047887407-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-54223709-3085532525-3047887407-1002 - Limited - Enabled)
Petr (S-1-5-21-54223709-3085532525-3047887407-1000 - Administrator - Enabled) => C:\Users\Petr
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C72EEEC4-47F6-BCCF-3D93-8713BCD4936B}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.4.11361.5916 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 97.1.13816.100 - Autoři prohlížeče Avast Secure Browser)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CEWE FOTOLAB fotosvet (HKLM\...\CEWE FOTOLAB fotosvet) (Version: 7.1.5 - CEWE Stiftung u Co. KGaA)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Google Chrome (HKLM\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 96.0.3 (x86 cs)) (Version: 96.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 96.0.3.8061 - Mozilla)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Skype verze 8.79 (HKLM\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
SysTools DBX Converter version 4.3 (HKLM\...\{0BDF5B3B-040E-4355-BAF5-DA626D01A1F8}_is1) (Version: 4.3 - SysTools Software)
WinZip 23.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2411E}) (Version: 23.0.13431 - Corel Corporation)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.7) (Version: 1.3.7 - Xvid Team)
Zoom (HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-54223709-3085532525-3047887407-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\system32\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [235520 2019-12-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\MSVCP140.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\ucrtbase.DLL
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2022-02-06 13:09 - 2022-02-06 13:09 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\defs\22020604\avast.local_vc142.crt\VCRUNTIME140.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2020-08-09 08:17 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9421E7B2-F7A9-4A35-8B95-D4A9483F1020}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9A92F8CF-3D62-4D92-855B-8899CC7A094D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{23BD3E6A-355C-4B29-AB06-EA1F0D535073}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC48A628-51C4-4520-B3AA-1F68D54233F4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3CF3DDA8-F3E2-465A-966E-D734796E53FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1CDB625C-8722-42B9-8E56-F5CA10B354B8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{DB07A551-80AF-4405-9C89-D2AEA9306CF5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{4ADED938-66A2-4AE8-B333-4E285EF166DA}] => (Allow) C:\Users\Petr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{681D38D1-C7FF-44A7-ABCC-838D8C8B9519}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA8CF9DB-89D7-49D0-B6E6-7CB78542DB5C}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C19D9F2-7713-458A-8D6B-BE4AA51EC240}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5DD6919F-A0AC-4360-852F-355ED0B26CAA}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E3C71D6E-6550-4637-AA9F-A8666BD91823}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0C049D28-0917-442A-8C12-855E0176A59E}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CFA45A03-DB8B-4703-A1F3-3341A37CB579}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B77B8EDE-0720-43C0-B5A1-1C0132BF6539}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0B27BBF6-DE99-4BC2-A90A-9369F56389FB}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8266BDF9-22CA-43CB-80F0-94E284700D0A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FB6F489D-E703-4D28-A383-E9BAF7CEEBCE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{99C51180-9C9D-4254-A0D1-BC79FD246116}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6B76ABBB-9B10-4E62-B4A7-CB607235C950}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D19CF0BE-3B3F-42DA-A242-C2F77081BA21}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{05372A40-C8BA-494C-8A8B-D0A6EA63A203}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D31E069-B3E2-45A0-AA26-39982743E909}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{699175B5-AD8A-4786-AFAB-A8A45D34F933}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{48E0FB6E-F2D1-400C-9DE9-EAAE5F1144DD}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
03-02-2022 14:41:10 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/06/2022 12:40:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 11:37:33 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 10:37:21 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 09:38:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 09:29:03 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x800706ba).
Error: (02/06/2022 09:29:03 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x800706ba).
Error: (02/06/2022 09:28:32 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Error: (02/06/2022 09:28:32 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
Kontext: aplikace Windows
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (02/06/2022 01:26:03 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/06/2022 01:17:11 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error: (02/06/2022 01:17:09 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error: (02/06/2022 10:44:45 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).
Error: (02/06/2022 10:42:27 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Firmware platformy při předchozím přechodu systémového napájení poškodil paměť. Zkontrolujte dostupnost aktualizovaného firmwaru pro váš systém.
Error: (02/06/2022 09:28:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/06/2022 09:28:33 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.
Error: (02/05/2022 02:08:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Ochrana softwaru přestala během spouštění reagovat.
==================== Memory info ===========================
BIOS: Award Software International, Inc. FH 04/30/2010
Motherboard: Gigabyte Technology Co., Ltd. G31M-ES2L
Processor: Intel(R) Celeron(R) CPU E3300 @ 2.50GHz
Percentage of memory in use: 88%
Total physical RAM: 2046.49 MB
Available physical RAM: 238.56 MB
Total Virtual: 4428.98 MB
Available Virtual: 356.1 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:407.19 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:232.88 GB) (Free:155.29 GB) NTFS
Drive f: (CORSAIR) (Removable) (Total:7.45 GB) (Free:3.81 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 54D22AD4)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: C46FBD09)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé PC II
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC II
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC II
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-06-2022
# Duration: 00:00:03
# OS: Windows 7 Professional
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1413 octets] - [06/02/2022 16:21:50]
AdwCleaner[S01].txt - [1474 octets] - [06/02/2022 16:22:24]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-06-2022
# Duration: 00:00:03
# OS: Windows 7 Professional
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1413 octets] - [06/02/2022 16:21:50]
AdwCleaner[S01].txt - [1474 octets] - [06/02/2022 16:22:24]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC II
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Stahování jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\MountPoints2: {54cae04e-ddba-11e8-a0ce-6cf049cbae7d} - F:\LGAutoRun.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {714EA546-C2AB-4C7F-ACCD-56EC8090F547} - System32\Tasks\GoogleUpdateTaskMachineUA{CE3F8198-2728-4394-A1BD-DD98D0CB83A3} => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {9BA636B6-CA06-4AE9-976A-B620BADA2A15} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe /StartRecording (No File)
Task: {B518D301-9BDE-4863-8206-B3B0940A7FB5} - System32\Tasks\GoogleUpdateTaskMachineCore{E8EA0B29-9DBC-47E4-BA4A-762E8EBE6497} => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {55887A39-2DC9-4FBC-8E91-873161F12FA0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
EmptyTemp:
End
Uložte do C:\Stahování jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC II
Po fixlistu mi log neudělalo, tak jsem znovu spustil FRST a přikládám logy:3
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2022
Ran by Petr (administrator) on PETR-PC (Gigabyte Technology Co., Ltd. G31M-ES2L) (06-02-2022 18:44:27)
Running from C:\Stahování
Loaded Profiles: Petr
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvBugReport.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <3>
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Marek Jasinski -> Marek Jasinski - www.FreeCommander.com) [File not signed] C:\Program Files\FreeCommander\FreeCommander.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [143128 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3552024 2022-01-23] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPD9W.DLL [27648 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [272384 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files\AVAST Software\Browser\Application\91.1.10666.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\97.1.13816.100\Installer\chrmstp.exe [2022-01-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09C0B0D5-A8F7-4186-97A1-2C884E808A47} - System32\Tasks\{505AA0D8-A48D-49B5-A75A-12A93F081CC6} => C:\Windows\system32\pcalua.exe -a C:\Stahování\sp54430(1).exe -d C:\Stahování
Task: {1119EE64-F50A-43BB-8AF6-410045247D7A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1546480 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {1296B2B2-DBA3-41A1-9EA7-533C8ED78805} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {1E9E75B6-07FC-4F28-A538-1809BA50DB4C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {2958C2D6-7FA0-4E30-8DCA-4400A7279AB7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {3ECF8440-60B3-47D2-9001-9BD764ED5252} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4398872 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
Task: {3EF69B47-9C6A-4E78-8A51-13300B0DC25D} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5822744 2022-01-18] (Avast Software s.r.o. -> Avast Software)
Task: {51C6B6A2-2C30-46BB-9CF1-7EF71D7AB503} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2234712 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
Task: {57411C4B-E521-48F1-8316-E1A773C0D113} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2234712 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
Task: {676A02C8-71CC-4A94-B052-F9B7368A3A42} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {953A4804-26C2-42BA-B22D-EA3F76B08054} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4253976 2022-01-23] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 3bb7cc69-277e-46bf-8894-47a1fbea06ff
Task: {C75DD3FE-A745-4EB4-86E2-FB14BCD4DA22} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D937303A-F898-4616-BD32-72DC99F0077A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F10E948-19EF-499E-BEF8-E480C119DCEC}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-05]
FireFox:
========
FF DefaultProfile: fa8ytgvl.default-1606416614406
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\fa8ytgvl.default-1606416614406 [2022-02-06]
FF DownloadDir: C:\Stahování
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2022-02-05]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-10]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-10]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-28]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-10]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-10]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7627856 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [428312 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1583384 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [427800 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\97.1.13816.100\elevation_service.exe [1546200 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12099864 2022-01-23] (Avast Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6391992 2022-01-20] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6380032 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [221696 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [187368 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [309824 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [208448 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [92736 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40368 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [155592 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [394080 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2018-05-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [93824 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72984 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691776 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455456 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [162432 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [267232 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [87568 2016-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [182168 2022-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [213936 2022-01-20] (Malwarebytes Inc -> Malwarebytes)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2017-05-01] (Padus, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-06 09:27 - 2022-02-06 09:27 - 000408864 _____ C:\Windows\system32\FNTCACHE.DAT
2022-02-02 12:31 - 2022-02-02 12:31 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-20 18:00 - 2022-01-20 18:00 - 000001243 _____ C:\Users\Petr\Desktop\CEWE FOTOLAB fotosvet – zástupce.lnk
2022-01-20 18:00 - 2022-01-20 18:00 - 000001223 _____ C:\Users\Petr\Desktop\CEWE fotoimporter – zástupce.lnk
2022-01-20 17:26 - 2022-02-06 12:02 - 000000000 ____D C:\ProgramData\tmp
2022-01-20 17:26 - 2022-01-20 18:27 - 000000000 ____D C:\ProgramData\hps
2022-01-20 17:22 - 2022-01-20 17:22 - 000000000 ____D C:\Program Files\Fotolab
2022-01-18 22:31 - 2022-01-18 22:31 - 000000000 _____ C:\Windows\ativpsrm.bin
2022-01-18 22:29 - 2010-08-26 02:27 - 000065536 _____ (AMD) C:\Windows\system32\coinst.dll
2022-01-18 22:29 - 2010-08-02 09:38 - 000021866 _____ C:\Windows\atiogl.xml
2022-01-18 22:28 - 2010-08-26 03:01 - 000076216 _____ C:\Windows\system32\atiapfxx.blb
2022-01-18 22:28 - 2010-08-26 02:57 - 000450560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2022-01-18 22:28 - 2010-06-15 23:28 - 000002857 _____ C:\Windows\system32\atipblag.dat
2022-01-08 15:17 - 2022-01-08 15:17 - 000000000 ____D C:\Program Files\ATI
2022-01-08 15:16 - 2022-01-08 15:16 - 000000000 ____D C:\SWTOOLS
2022-01-08 14:56 - 2022-02-02 20:14 - 000003076 _____ C:\Windows\system32\Tasks\{505AA0D8-A48D-49B5-A75A-12A93F081CC6}
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-06 18:46 - 2016-12-24 11:15 - 000000000 ____D C:\FRST
2022-02-06 18:43 - 2016-12-22 17:28 - 000000000 ____D C:\Program Files\CCleaner
2022-02-06 18:42 - 2019-02-05 11:26 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-06 18:42 - 2016-12-24 11:46 - 000000000 ____D C:\Program Files\Google
2022-02-06 18:41 - 2020-08-26 20:11 - 000000000 ____D C:\Users\Petr\AppData\Local\AVAST Software
2022-02-06 18:41 - 2016-12-22 16:48 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2022-02-06 18:39 - 2016-12-22 17:23 - 000000000 ____D C:\ProgramData\AVAST Software
2022-02-06 18:39 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-02-06 18:36 - 2014-03-15 13:04 - 000000000 ____D C:\Stahování
2022-02-06 18:35 - 2016-12-22 17:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2022-02-06 14:06 - 2009-07-14 05:34 - 000038608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-02-06 14:06 - 2009-07-14 05:34 - 000038608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-02-06 13:49 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2022-02-06 13:20 - 2016-12-23 01:14 - 000668866 _____ C:\Windows\system32\perfh005.dat
2022-02-06 13:20 - 2016-12-23 01:14 - 000141526 _____ C:\Windows\system32\perfc005.dat
2022-02-06 13:20 - 2010-11-20 22:01 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-06 09:48 - 2016-12-22 20:34 - 000000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2022-02-06 09:44 - 2020-08-09 10:36 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-06 09:44 - 2020-08-09 10:36 - 000002126 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-06 09:35 - 2016-12-22 17:16 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-02-05 14:19 - 2020-04-15 18:42 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Zoom
2022-02-05 14:19 - 2017-03-20 09:04 - 000000000 ____D C:\Windows\Minidump
2022-02-03 10:20 - 2017-03-18 14:38 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-02-03 10:17 - 2021-01-14 16:32 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-02-02 20:14 - 2021-08-18 16:06 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Petr
2022-02-02 20:14 - 2020-10-28 12:50 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ad1792fe4ccc
2022-02-02 20:14 - 2020-08-09 10:35 - 000003472 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-02 20:14 - 2020-08-09 10:35 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-29 09:19 - 2021-12-19 18:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-29 09:19 - 2017-01-08 15:09 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2022-01-27 17:02 - 2020-08-25 15:13 - 000003720 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2022-01-27 17:02 - 2018-04-05 09:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-01-27 17:02 - 2018-04-05 09:06 - 000002332 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-01-25 09:26 - 2017-03-19 14:18 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 09:26 - 2017-03-19 14:18 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-21 09:14 - 2020-08-09 09:20 - 000182168 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-01-20 15:56 - 2020-08-05 18:58 - 000213936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-01-20 15:56 - 2020-08-01 09:34 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-20 15:56 - 2019-07-21 20:41 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-20 15:55 - 2019-07-21 20:41 - 000124328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2022-01-20 15:54 - 2017-01-12 18:57 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-20 15:54 - 2016-12-22 18:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-20 15:49 - 2021-01-14 16:33 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2022-01-19 16:21 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\LiveKernelReports
2022-01-18 22:05 - 2016-12-22 18:13 - 000000000 ____D C:\Users\Petr\AppData\Local\Microsoft Help
2022-01-13 15:57 - 2021-02-21 10:15 - 000002029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-12 10:11 - 2016-12-25 10:05 - 000000000 ____D C:\Windows\system32\MRT
2022-01-12 10:01 - 2016-12-25 10:04 - 142270864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-08 15:40 - 2018-10-23 07:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== Files in the root of some directories ========
2020-10-27 16:57 - 2020-10-27 16:57 - 000004096 ____H () C:\Users\Petr\AppData\Local\keyfile3.drm
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2022-02-06 10:25
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2022
Ran by Petr (06-02-2022 18:47:32)
Running from C:\Stahování
Microsoft Windows 7 Professional Service Pack 1 (X86) (2016-12-22 15:36:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-54223709-3085532525-3047887407-500 - Administrator - Disabled)
Guest (S-1-5-21-54223709-3085532525-3047887407-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-54223709-3085532525-3047887407-1002 - Limited - Enabled)
Petr (S-1-5-21-54223709-3085532525-3047887407-1000 - Administrator - Enabled) => C:\Users\Petr
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C72EEEC4-47F6-BCCF-3D93-8713BCD4936B}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.4.11361.5916 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 97.1.13816.100 - Autoři prohlížeče Avast Secure Browser)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CEWE FOTOLAB fotosvet (HKLM\...\CEWE FOTOLAB fotosvet) (Version: 7.1.5 - CEWE Stiftung u Co. KGaA)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Google Chrome (HKLM\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 96.0.3 (x86 cs)) (Version: 96.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 96.0.3.8061 - Mozilla)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Skype verze 8.79 (HKLM\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
SysTools DBX Converter version 4.3 (HKLM\...\{0BDF5B3B-040E-4355-BAF5-DA626D01A1F8}_is1) (Version: 4.3 - SysTools Software)
WinZip 23.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2411E}) (Version: 23.0.13431 - Corel Corporation)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.7) (Version: 1.3.7 - Xvid Team)
Zoom (HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-54223709-3085532525-3047887407-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\system32\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [235520 2019-12-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\MSVCP140.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\ucrtbase.DLL
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\VCRUNTIME140.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2020-08-09 08:17 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9421E7B2-F7A9-4A35-8B95-D4A9483F1020}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9A92F8CF-3D62-4D92-855B-8899CC7A094D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{23BD3E6A-355C-4B29-AB06-EA1F0D535073}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC48A628-51C4-4520-B3AA-1F68D54233F4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3CF3DDA8-F3E2-465A-966E-D734796E53FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1CDB625C-8722-42B9-8E56-F5CA10B354B8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{DB07A551-80AF-4405-9C89-D2AEA9306CF5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{4ADED938-66A2-4AE8-B333-4E285EF166DA}] => (Allow) C:\Users\Petr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{681D38D1-C7FF-44A7-ABCC-838D8C8B9519}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA8CF9DB-89D7-49D0-B6E6-7CB78542DB5C}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C19D9F2-7713-458A-8D6B-BE4AA51EC240}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5DD6919F-A0AC-4360-852F-355ED0B26CAA}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E3C71D6E-6550-4637-AA9F-A8666BD91823}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0C049D28-0917-442A-8C12-855E0176A59E}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CFA45A03-DB8B-4703-A1F3-3341A37CB579}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B77B8EDE-0720-43C0-B5A1-1C0132BF6539}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0B27BBF6-DE99-4BC2-A90A-9369F56389FB}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8266BDF9-22CA-43CB-80F0-94E284700D0A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FB6F489D-E703-4D28-A383-E9BAF7CEEBCE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{99C51180-9C9D-4254-A0D1-BC79FD246116}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6B76ABBB-9B10-4E62-B4A7-CB607235C950}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D19CF0BE-3B3F-42DA-A242-C2F77081BA21}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{05372A40-C8BA-494C-8A8B-D0A6EA63A203}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D31E069-B3E2-45A0-AA26-39982743E909}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{699175B5-AD8A-4786-AFAB-A8A45D34F933}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{48E0FB6E-F2D1-400C-9DE9-EAAE5F1144DD}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
03-02-2022 14:41:10 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/06/2022 06:40:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2022 06:37:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 05:37:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 04:37:23 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 03:37:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 02:37:21 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 01:37:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 12:40:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
System errors:
=============
Error: (02/06/2022 06:51:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/06/2022 06:40:29 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.
Error: (02/06/2022 06:36:06 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (02/06/2022 06:36:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {9E175B6D-F52A-11D8-B9A5-505054503030} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/06/2022 06:35:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (02/06/2022 06:35:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/06/2022 06:35:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/06/2022 06:35:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.
==================== Memory info ===========================
BIOS: Award Software International, Inc. FH 04/30/2010
Motherboard: Gigabyte Technology Co., Ltd. G31M-ES2L
Processor: Intel(R) Celeron(R) CPU E3300 @ 2.50GHz
Percentage of memory in use: 90%
Total physical RAM: 2046.49 MB
Available physical RAM: 186.64 MB
Total Virtual: 4092.98 MB
Available Virtual: 1431.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:406.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:232.88 GB) (Free:155.29 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 54D22AD4)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: C46FBD09)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2022
Ran by Petr (administrator) on PETR-PC (Gigabyte Technology Co., Ltd. G31M-ES2L) (06-02-2022 18:44:27)
Running from C:\Stahování
Loaded Profiles: Petr
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvBugReport.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <3>
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Marek Jasinski -> Marek Jasinski - www.FreeCommander.com) [File not signed] C:\Program Files\FreeCommander\FreeCommander.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [143128 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3552024 2022-01-23] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPD9W.DLL [27648 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [272384 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files\AVAST Software\Browser\Application\91.1.10666.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\97.1.13816.100\Installer\chrmstp.exe [2022-01-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09C0B0D5-A8F7-4186-97A1-2C884E808A47} - System32\Tasks\{505AA0D8-A48D-49B5-A75A-12A93F081CC6} => C:\Windows\system32\pcalua.exe -a C:\Stahování\sp54430(1).exe -d C:\Stahování
Task: {1119EE64-F50A-43BB-8AF6-410045247D7A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1546480 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {1296B2B2-DBA3-41A1-9EA7-533C8ED78805} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {1E9E75B6-07FC-4F28-A538-1809BA50DB4C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {2958C2D6-7FA0-4E30-8DCA-4400A7279AB7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {3ECF8440-60B3-47D2-9001-9BD764ED5252} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4398872 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
Task: {3EF69B47-9C6A-4E78-8A51-13300B0DC25D} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5822744 2022-01-18] (Avast Software s.r.o. -> Avast Software)
Task: {51C6B6A2-2C30-46BB-9CF1-7EF71D7AB503} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2234712 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
Task: {57411C4B-E521-48F1-8316-E1A773C0D113} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2234712 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
Task: {676A02C8-71CC-4A94-B052-F9B7368A3A42} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {953A4804-26C2-42BA-B22D-EA3F76B08054} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4253976 2022-01-23] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 3bb7cc69-277e-46bf-8894-47a1fbea06ff
Task: {C75DD3FE-A745-4EB4-86E2-FB14BCD4DA22} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D937303A-F898-4616-BD32-72DC99F0077A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F10E948-19EF-499E-BEF8-E480C119DCEC}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-05]
FireFox:
========
FF DefaultProfile: fa8ytgvl.default-1606416614406
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\fa8ytgvl.default-1606416614406 [2022-02-06]
FF DownloadDir: C:\Stahování
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2022-02-05]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-10]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-10]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-28]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-10]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-10]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7627856 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [428312 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1583384 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [427800 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\97.1.13816.100\elevation_service.exe [1546200 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12099864 2022-01-23] (Avast Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6391992 2022-01-20] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6380032 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [221696 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [187368 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [309824 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [208448 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [92736 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40368 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [155592 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [394080 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2018-05-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [93824 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72984 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691776 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455456 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [162432 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [267232 2021-12-24] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [87568 2016-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [182168 2022-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [213936 2022-01-20] (Malwarebytes Inc -> Malwarebytes)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2017-05-01] (Padus, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-06 09:27 - 2022-02-06 09:27 - 000408864 _____ C:\Windows\system32\FNTCACHE.DAT
2022-02-02 12:31 - 2022-02-02 12:31 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-20 18:00 - 2022-01-20 18:00 - 000001243 _____ C:\Users\Petr\Desktop\CEWE FOTOLAB fotosvet – zástupce.lnk
2022-01-20 18:00 - 2022-01-20 18:00 - 000001223 _____ C:\Users\Petr\Desktop\CEWE fotoimporter – zástupce.lnk
2022-01-20 17:26 - 2022-02-06 12:02 - 000000000 ____D C:\ProgramData\tmp
2022-01-20 17:26 - 2022-01-20 18:27 - 000000000 ____D C:\ProgramData\hps
2022-01-20 17:22 - 2022-01-20 17:22 - 000000000 ____D C:\Program Files\Fotolab
2022-01-18 22:31 - 2022-01-18 22:31 - 000000000 _____ C:\Windows\ativpsrm.bin
2022-01-18 22:29 - 2010-08-26 02:27 - 000065536 _____ (AMD) C:\Windows\system32\coinst.dll
2022-01-18 22:29 - 2010-08-02 09:38 - 000021866 _____ C:\Windows\atiogl.xml
2022-01-18 22:28 - 2010-08-26 03:01 - 000076216 _____ C:\Windows\system32\atiapfxx.blb
2022-01-18 22:28 - 2010-08-26 02:57 - 000450560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2022-01-18 22:28 - 2010-06-15 23:28 - 000002857 _____ C:\Windows\system32\atipblag.dat
2022-01-08 15:17 - 2022-01-08 15:17 - 000000000 ____D C:\Program Files\ATI
2022-01-08 15:16 - 2022-01-08 15:16 - 000000000 ____D C:\SWTOOLS
2022-01-08 14:56 - 2022-02-02 20:14 - 000003076 _____ C:\Windows\system32\Tasks\{505AA0D8-A48D-49B5-A75A-12A93F081CC6}
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-06 18:46 - 2016-12-24 11:15 - 000000000 ____D C:\FRST
2022-02-06 18:43 - 2016-12-22 17:28 - 000000000 ____D C:\Program Files\CCleaner
2022-02-06 18:42 - 2019-02-05 11:26 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-06 18:42 - 2016-12-24 11:46 - 000000000 ____D C:\Program Files\Google
2022-02-06 18:41 - 2020-08-26 20:11 - 000000000 ____D C:\Users\Petr\AppData\Local\AVAST Software
2022-02-06 18:41 - 2016-12-22 16:48 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2022-02-06 18:39 - 2016-12-22 17:23 - 000000000 ____D C:\ProgramData\AVAST Software
2022-02-06 18:39 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-02-06 18:36 - 2014-03-15 13:04 - 000000000 ____D C:\Stahování
2022-02-06 18:35 - 2016-12-22 17:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2022-02-06 14:06 - 2009-07-14 05:34 - 000038608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-02-06 14:06 - 2009-07-14 05:34 - 000038608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-02-06 13:49 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2022-02-06 13:20 - 2016-12-23 01:14 - 000668866 _____ C:\Windows\system32\perfh005.dat
2022-02-06 13:20 - 2016-12-23 01:14 - 000141526 _____ C:\Windows\system32\perfc005.dat
2022-02-06 13:20 - 2010-11-20 22:01 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-06 09:48 - 2016-12-22 20:34 - 000000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2022-02-06 09:44 - 2020-08-09 10:36 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-06 09:44 - 2020-08-09 10:36 - 000002126 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-06 09:35 - 2016-12-22 17:16 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-02-05 14:19 - 2020-04-15 18:42 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Zoom
2022-02-05 14:19 - 2017-03-20 09:04 - 000000000 ____D C:\Windows\Minidump
2022-02-03 10:20 - 2017-03-18 14:38 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-02-03 10:17 - 2021-01-14 16:32 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-02-02 20:14 - 2021-08-18 16:06 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Petr
2022-02-02 20:14 - 2020-10-28 12:50 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ad1792fe4ccc
2022-02-02 20:14 - 2020-08-09 10:35 - 000003472 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-02 20:14 - 2020-08-09 10:35 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-29 09:19 - 2021-12-19 18:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-29 09:19 - 2017-01-08 15:09 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2022-01-27 17:02 - 2020-08-25 15:13 - 000003720 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2022-01-27 17:02 - 2018-04-05 09:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-01-27 17:02 - 2018-04-05 09:06 - 000002332 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-01-25 09:26 - 2017-03-19 14:18 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 09:26 - 2017-03-19 14:18 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-21 09:14 - 2020-08-09 09:20 - 000182168 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-01-20 15:56 - 2020-08-05 18:58 - 000213936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-01-20 15:56 - 2020-08-01 09:34 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-20 15:56 - 2019-07-21 20:41 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-20 15:55 - 2019-07-21 20:41 - 000124328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2022-01-20 15:54 - 2017-01-12 18:57 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-20 15:54 - 2016-12-22 18:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-20 15:49 - 2021-01-14 16:33 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2022-01-19 16:21 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\LiveKernelReports
2022-01-18 22:05 - 2016-12-22 18:13 - 000000000 ____D C:\Users\Petr\AppData\Local\Microsoft Help
2022-01-13 15:57 - 2021-02-21 10:15 - 000002029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-12 10:11 - 2016-12-25 10:05 - 000000000 ____D C:\Windows\system32\MRT
2022-01-12 10:01 - 2016-12-25 10:04 - 142270864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-08 15:40 - 2018-10-23 07:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== Files in the root of some directories ========
2020-10-27 16:57 - 2020-10-27 16:57 - 000004096 ____H () C:\Users\Petr\AppData\Local\keyfile3.drm
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2022-02-06 10:25
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2022
Ran by Petr (06-02-2022 18:47:32)
Running from C:\Stahování
Microsoft Windows 7 Professional Service Pack 1 (X86) (2016-12-22 15:36:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-54223709-3085532525-3047887407-500 - Administrator - Disabled)
Guest (S-1-5-21-54223709-3085532525-3047887407-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-54223709-3085532525-3047887407-1002 - Limited - Enabled)
Petr (S-1-5-21-54223709-3085532525-3047887407-1000 - Administrator - Enabled) => C:\Users\Petr
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C72EEEC4-47F6-BCCF-3D93-8713BCD4936B}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.4.11361.5916 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 97.1.13816.100 - Autoři prohlížeče Avast Secure Browser)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CEWE FOTOLAB fotosvet (HKLM\...\CEWE FOTOLAB fotosvet) (Version: 7.1.5 - CEWE Stiftung u Co. KGaA)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Google Chrome (HKLM\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 96.0.3 (x86 cs)) (Version: 96.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 96.0.3.8061 - Mozilla)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Skype verze 8.79 (HKLM\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
SysTools DBX Converter version 4.3 (HKLM\...\{0BDF5B3B-040E-4355-BAF5-DA626D01A1F8}_is1) (Version: 4.3 - SysTools Software)
WinZip 23.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2411E}) (Version: 23.0.13431 - Corel Corporation)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.7) (Version: 1.3.7 - Xvid Team)
Zoom (HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-54223709-3085532525-3047887407-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\system32\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [235520 2019-12-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\MSVCP140.dll
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\ucrtbase.DLL
2021-11-14 10:32 - 2021-11-14 10:32 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2022-02-06 17:23 - 2022-02-06 17:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\defs\22020608\avast.local_vc142.crt\VCRUNTIME140.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2020-08-09 08:17 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9421E7B2-F7A9-4A35-8B95-D4A9483F1020}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9A92F8CF-3D62-4D92-855B-8899CC7A094D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{23BD3E6A-355C-4B29-AB06-EA1F0D535073}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC48A628-51C4-4520-B3AA-1F68D54233F4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3CF3DDA8-F3E2-465A-966E-D734796E53FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1CDB625C-8722-42B9-8E56-F5CA10B354B8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{DB07A551-80AF-4405-9C89-D2AEA9306CF5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{4ADED938-66A2-4AE8-B333-4E285EF166DA}] => (Allow) C:\Users\Petr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{681D38D1-C7FF-44A7-ABCC-838D8C8B9519}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA8CF9DB-89D7-49D0-B6E6-7CB78542DB5C}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C19D9F2-7713-458A-8D6B-BE4AA51EC240}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5DD6919F-A0AC-4360-852F-355ED0B26CAA}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E3C71D6E-6550-4637-AA9F-A8666BD91823}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0C049D28-0917-442A-8C12-855E0176A59E}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CFA45A03-DB8B-4703-A1F3-3341A37CB579}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B77B8EDE-0720-43C0-B5A1-1C0132BF6539}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0B27BBF6-DE99-4BC2-A90A-9369F56389FB}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8266BDF9-22CA-43CB-80F0-94E284700D0A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FB6F489D-E703-4D28-A383-E9BAF7CEEBCE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{99C51180-9C9D-4254-A0D1-BC79FD246116}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6B76ABBB-9B10-4E62-B4A7-CB607235C950}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D19CF0BE-3B3F-42DA-A242-C2F77081BA21}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{05372A40-C8BA-494C-8A8B-D0A6EA63A203}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D31E069-B3E2-45A0-AA26-39982743E909}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{699175B5-AD8A-4786-AFAB-A8A45D34F933}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{48E0FB6E-F2D1-400C-9DE9-EAAE5F1144DD}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
03-02-2022 14:41:10 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/06/2022 06:40:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/06/2022 06:37:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 05:37:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 04:37:23 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 03:37:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 02:37:21 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 01:37:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (02/06/2022 12:40:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
System errors:
=============
Error: (02/06/2022 06:51:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/06/2022 06:40:29 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.
Error: (02/06/2022 06:36:06 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (02/06/2022 06:36:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {9E175B6D-F52A-11D8-B9A5-505054503030} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/06/2022 06:35:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (02/06/2022 06:35:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/06/2022 06:35:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/06/2022 06:35:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.
==================== Memory info ===========================
BIOS: Award Software International, Inc. FH 04/30/2010
Motherboard: Gigabyte Technology Co., Ltd. G31M-ES2L
Processor: Intel(R) Celeron(R) CPU E3300 @ 2.50GHz
Percentage of memory in use: 90%
Total physical RAM: 2046.49 MB
Available physical RAM: 186.64 MB
Total Virtual: 4092.98 MB
Available Virtual: 1431.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:406.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:232.88 GB) (Free:155.29 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 54D22AD4)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: C46FBD09)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC II
Fixlog by měl být v C:\Stahování. Potřeboval bych ho vidět.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC II
Fix result of Farbar Recovery Scan Tool (x86) Version: 05-02-2022
Ran by Petr (06-02-2022 18:35:32) Run:4
Running from C:\Stahování
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\MountPoints2: {54cae04e-ddba-11e8-a0ce-6cf049cbae7d} - F:\LGAutoRun.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {714EA546-C2AB-4C7F-ACCD-56EC8090F547} - System32\Tasks\GoogleUpdateTaskMachineUA{CE3F8198-2728-4394-A1BD-DD98D0CB83A3} => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {9BA636B6-CA06-4AE9-976A-B620BADA2A15} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe /StartRecording (No File)
Task: {B518D301-9BDE-4863-8206-B3B0940A7FB5} - System32\Tasks\GoogleUpdateTaskMachineCore{E8EA0B29-9DBC-47E4-BA4A-762E8EBE6497} => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {55887A39-2DC9-4FBC-8E91-873161F12FA0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54cae04e-ddba-11e8-a0ce-6cf049cbae7d} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{714EA546-C2AB-4C7F-ACCD-56EC8090F547}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{714EA546-C2AB-4C7F-ACCD-56EC8090F547}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{CE3F8198-2728-4394-A1BD-DD98D0CB83A3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{CE3F8198-2728-4394-A1BD-DD98D0CB83A3}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BA636B6-CA06-4AE9-976A-B620BADA2A15}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BA636B6-CA06-4AE9-976A-B620BADA2A15}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\StartRecording => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B518D301-9BDE-4863-8206-B3B0940A7FB5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B518D301-9BDE-4863-8206-B3B0940A7FB5}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{E8EA0B29-9DBC-47E4-BA4A-762E8EBE6497} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{E8EA0B29-9DBC-47E4-BA4A-762E8EBE6497}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{55887A39-2DC9-4FBC-8E91-873161F12FA0}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55887A39-2DC9-4FBC-8E91-873161F12FA0}" => removed successfully.
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36115598 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 83506752 B
Edge => 0 B
Chrome => 0 B
Firefox => 520306849 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
Petr => 1650247 B
RecycleBin => 4030464 B
EmptyTemp: => 615.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:36:39 ====
Ran by Petr (06-02-2022 18:35:32) Run:4
Running from C:\Stahování
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\MountPoints2: {54cae04e-ddba-11e8-a0ce-6cf049cbae7d} - F:\LGAutoRun.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {714EA546-C2AB-4C7F-ACCD-56EC8090F547} - System32\Tasks\GoogleUpdateTaskMachineUA{CE3F8198-2728-4394-A1BD-DD98D0CB83A3} => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {9BA636B6-CA06-4AE9-976A-B620BADA2A15} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe /StartRecording (No File)
Task: {B518D301-9BDE-4863-8206-B3B0940A7FB5} - System32\Tasks\GoogleUpdateTaskMachineCore{E8EA0B29-9DBC-47E4-BA4A-762E8EBE6497} => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {55887A39-2DC9-4FBC-8E91-873161F12FA0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54cae04e-ddba-11e8-a0ce-6cf049cbae7d} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{714EA546-C2AB-4C7F-ACCD-56EC8090F547}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{714EA546-C2AB-4C7F-ACCD-56EC8090F547}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{CE3F8198-2728-4394-A1BD-DD98D0CB83A3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{CE3F8198-2728-4394-A1BD-DD98D0CB83A3}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BA636B6-CA06-4AE9-976A-B620BADA2A15}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BA636B6-CA06-4AE9-976A-B620BADA2A15}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\StartRecording => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B518D301-9BDE-4863-8206-B3B0940A7FB5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B518D301-9BDE-4863-8206-B3B0940A7FB5}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{E8EA0B29-9DBC-47E4-BA4A-762E8EBE6497} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{E8EA0B29-9DBC-47E4-BA4A-762E8EBE6497}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{55887A39-2DC9-4FBC-8E91-873161F12FA0}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55887A39-2DC9-4FBC-8E91-873161F12FA0}" => removed successfully.
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36115598 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 83506752 B
Edge => 0 B
Chrome => 0 B
Firefox => 520306849 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
Petr => 1650247 B
RecycleBin => 4030464 B
EmptyTemp: => 615.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:36:39 ====
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC II
OK, smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC II
Možná o trošku lepší...vyzkouším pak zítra a dám pak vědět
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC II
OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?