Pomalé PC

[Petura]

Dobrý den,
prosím o kontrolu PC, je strašně pomalé a HDD os startu stále bez přestávky šrotuje...díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2022 01
Ran by Nada (administrator) on NADA-PC (MSI MS-7592) (01-07-2022 12:13:37)
Running from C:\Users\Nada\Desktop
Loaded Profiles: Nada
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvBugReport.exe <2>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <4>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (Piriform Software Ltd -> ) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(taskeng.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\AvBugReport.exe
(taskeng.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213760 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4115792 2022-05-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-642364921-1089016685-4093869991-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon iPF605 Print Processor: C:\Windows\System32\spool\prtprocs\x64\cnwfdpA7.dll [95232 2009-05-08] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG5500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBU.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5500 series: C:\Windows\system32\CNMLMBU.DLL [391168 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon IOS Language Monitor: C:\Windows\system32\cnwilm64.dll [16896 2005-11-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\91.0.10364.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-17] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\102.1.17190.115\Installer\chrmstp.exe [2022-07-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-03-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {061C493A-2384-43B8-B88D-A911E1D45763} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {245AE443-33F9-444C-AF6E-8E207FB0A432} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {4BFD2399-B09F-4E0D-A629-338038247C6F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2778136 2022-06-14] (Avast Software s.r.o. -> AVAST Software)
Task: {7AA300FC-00B5-4CD1-B182-D2B3F2E74D4C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {7D62B860-D410-4F70-9744-720393EE7DEC} - System32\Tasks\CCleanerSkipUAC - Nada => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A988C8EB-3576-4097-8ED4-174E619DACB6} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6667600 2022-05-18] (Avast Software s.r.o. -> Avast Software)
Task: {B8C25BEB-328D-4940-A521-51866A27CA2E} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4614992 2022-05-27] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 16728c19-cb6c-49c2-9072-faa14c3bdee7
Task: {BA9B50F1-619D-4569-B57E-AF881312CEA7} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2778136 2022-06-14] (Avast Software s.r.o. -> AVAST Software)
Task: {C469F3AC-284D-4E3B-9C90-C5956313A8B1} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CDB118EE-59E6-47C4-80C5-6FDF0CD87E16} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-27] (Avast Software s.r.o. -> Avast Software)
Task: {E981489A-A206-4444-9AB1-B4981B9A283D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4938496 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
Task: {EE7ED8E5-F996-48D3-9B7C-429CE8DE34C3} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
Task: {FC02F8E8-6FEC-4AC2-8743-4C1A983AB003} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DAB09092-03A4-4AF2-A074-86BE96986353}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF DefaultProfile: b0ozq1ow.default
FF ProfilePath: C:\Users\Nada\AppData\Roaming\Mozilla\Firefox\Profiles\b0ozq1ow.default [2022-07-01]
FF DownloadDir: C:\Stahování
FF Homepage: Mozilla\Firefox\Profiles\b0ozq1ow.default -> www.seznam.cz
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-06-05] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8486968 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] (Autodesk, Inc. -> )
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [590080 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2009344 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [589056 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\102.1.17190.115\elevation_service.exe [2026040 2022-06-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-27] (Avast Software s.r.o. -> AVAST Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [789744 2022-05-11] (Piriform Software Ltd -> )
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15701328 2022-05-27] (Avast Software s.r.o. -> AVAST Software)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [129648 2011-05-26] (Portrait Displays, Inc. -> Portrait Displays, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-19] (Malwarebytes Inc. -> Malwarebytes)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [60416 2009-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [235584 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [385560 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [258072 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [104976 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [47976 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [274536 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [553928 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [113984 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [89056 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [860416 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [668208 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [221528 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324864 2022-06-30] (Avast Software s.r.o. -> AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-24] (DT Soft Ltd -> DT Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [57344 2009-06-10] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [129960 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2011-05-05] (Portrait Displays, Inc. -> Portrait Displays, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [9856 2011-07-10] (Padus, Inc.) [File not signed]
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-01 12:13 - 2022-07-01 12:14 - 000018375 _____ C:\Users\Nada\Desktop\FRST.txt
2022-07-01 11:59 - 2022-07-01 11:59 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-07-01 11:59 - 2022-07-01 11:59 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-06-30 23:44 - 2022-06-30 23:45 - 000490392 _____ C:\Windows\system32\FNTCACHE.DAT
2022-06-30 23:37 - 2022-06-30 23:37 - 000270592 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-06-30 23:37 - 2022-06-30 23:37 - 000221528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-06-26 16:35 - 2022-06-26 16:35 - 000000000 ____D C:\Users\Nada\.ms-ad
2022-06-19 11:30 - 2022-06-19 11:30 - 000000000 ____D C:\ProgramData\Piriform

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-01 12:14 - 2020-10-24 10:44 - 000000000 ____D C:\FRST
2022-07-01 12:12 - 2020-10-24 14:20 - 000000000 ____D C:\Users\Nada\Desktop\FRST-OlderVersion
2022-07-01 12:12 - 2020-10-24 10:44 - 002369024 _____ (Farbar) C:\Users\Nada\Desktop\FRST64.exe
2022-07-01 12:11 - 2022-02-11 10:26 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-01 12:10 - 2016-11-22 14:49 - 000000000 ____D C:\Users\Nada\AppData\LocalLow\Mozilla
2022-07-01 12:09 - 2020-11-01 21:15 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2022-07-01 12:09 - 2019-10-11 17:45 - 000000000 ____D C:\Program Files\CCleaner
2022-07-01 12:09 - 2018-04-05 08:05 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-07-01 12:04 - 2009-07-14 06:45 - 000026912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-07-01 12:04 - 2009-07-14 06:45 - 000026912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-07-01 11:54 - 2009-09-21 21:15 - 000669318 _____ C:\Windows\system32\perfh005.dat
2022-07-01 11:54 - 2009-09-21 21:15 - 000141720 _____ C:\Windows\system32\perfc005.dat
2022-07-01 11:54 - 2009-07-14 07:13 - 001586170 _____ C:\Windows\system32\PerfStringBackup.INI
2022-07-01 11:54 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2022-07-01 11:42 - 2019-02-25 09:27 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-07-01 11:37 - 2011-02-21 16:49 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-01 11:37 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-30 23:53 - 2021-02-17 17:59 - 000000000 ____D C:\Users\Nada\AppData\Local\AVAST Software
2022-06-30 23:46 - 2017-06-29 15:33 - 000000000 ____D C:\ProgramData\AVAST Software
2022-06-30 23:44 - 2021-12-21 17:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-06-30 23:44 - 2021-12-19 20:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-06-30 23:37 - 2020-10-14 09:18 - 000274536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-06-30 23:37 - 2020-04-27 08:19 - 000553928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-06-30 23:37 - 2019-01-07 09:09 - 000258072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-06-30 23:37 - 2019-01-07 09:09 - 000104976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-06-30 23:37 - 2018-10-22 08:51 - 000047976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-06-30 23:37 - 2017-06-29 15:35 - 000668208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-06-30 23:37 - 2017-06-29 15:35 - 000324864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-06-30 23:37 - 2017-06-29 15:35 - 000113984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-06-30 23:37 - 2017-06-29 15:35 - 000089056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-06-30 23:36 - 2019-01-16 09:35 - 000385560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-06-30 23:36 - 2017-11-20 09:01 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-06-30 23:36 - 2017-06-29 15:35 - 000860416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-06-30 23:24 - 2012-07-26 13:17 - 000000000 ____D C:\ProgramData\Mozilla
2022-06-30 23:20 - 2021-11-06 19:23 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-06-26 16:37 - 2021-04-30 08:34 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-06-26 16:35 - 2011-07-10 15:54 - 000000000 ____D C:\Users\Nada
2022-06-19 12:11 - 2022-01-20 18:04 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-06-19 12:11 - 2020-12-24 13:02 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-06-19 12:08 - 2020-12-24 13:02 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-06-19 12:07 - 2020-12-24 13:00 - 000000000 ____D C:\Program Files\Malwarebytes
2022-06-19 12:07 - 2019-10-11 17:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-06-19 11:56 - 2020-11-17 19:41 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-06-19 11:52 - 2013-08-15 08:45 - 000000000 ____D C:\Windows\system32\MRT
2022-06-19 11:44 - 2011-02-21 17:43 - 145918784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-06-19 11:21 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2022-06-19 11:12 - 2012-02-25 12:50 - 000000000 ____D C:\ProgramData\FLEXnet

==================== Files in the root of some directories ========

2022-02-06 15:14 - 2022-02-06 15:14 - 000000000 _____ () C:\Users\Nada\AppData\Local\{48F4345D-40EA-4AC2-AAE5-28B98535821F}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-03-05 10:02
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2022 01
Ran by Nada (01-07-2022 12:15:36)
Running from C:\Users\Nada\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2011-07-10 13:54:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-642364921-1089016685-4093869991-500 - Administrator - Disabled)
Guest (S-1-5-21-642364921-1089016685-4093869991-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-642364921-1089016685-4093869991-1002 - Limited - Enabled)
Nada (S-1-5-21-642364921-1089016685-4093869991-1000 - Administrator - Enabled) => C:\Users\Nada
UpdatusUser (S-1-5-21-642364921-1089016685-4093869991-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee 6.0 PowerPack (HKLM-x32\...\{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}) (Version: 6.0.0 - ACD Systems Ltd.)
Acer eDisplay Management (HKLM-x32\...\{A586DC50-B18D-48FB-B7CC-A598200457C2}) (Version: 1.36.003 - Portrait Displays, Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20142 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
AutoCAD 2012 - Czech (HKLM\...\{5783F2D7-A001-0405-0102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 - Czech (HKLM\...\AutoCAD 2012 - Czech) (Version: 18.2.51.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 22.2.11886.7156 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.6.6022 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 102.1.17190.115 - Autoři prohlížeče Avast Secure Browser)
CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
ENIGMA (HKLM-x32\...\ST5UNST #1) (Version: - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Klikni a spusť 2010 (HKLM\...\{90140000-006D-0405-1000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 102.0 (x64 cs)) (Version: 102.0 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 102.0 (x86 cs)) (Version: 102.0 - Mozilla)
NVIDIA Ovladač 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Pivot Pro Plugin (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Screen Calipers (HKLM-x32\...\Screen Calipers) (Version: 3.3 - Iconico)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.SingleImage_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.SingleImage_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.SingleImage_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.SingleImage_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.SingleImage_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-642364921-1089016685-4093869991-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-642364921-1089016685-4093869991-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-642364921-1089016685-4093869991-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-642364921-1089016685-4093869991-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-642364921-1089016685-4093869991-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-06-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-06-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2011-02-04] (Autodesk, Inc -> Autodesk) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-19] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2011-02-04 06:42 - 2011-02-04 06:42 - 000592608 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
2011-02-04 06:42 - 2011-02-04 06:42 - 000045280 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Windows\system32\AcSignIcon.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\MSVCP140.dll
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\ucrtbase.DLL
2021-11-08 17:05 - 2021-11-08 17:05 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\VCRUNTIME140.dll
2022-07-01 11:43 - 2022-07-01 11:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\AVAST Software\Avast\defs\22070102\avast.local_vc142.crt\VCRUNTIME140_1.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-642364921-1089016685-4093869991-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Version 11) (Whitelisted) ==========

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2020-10-25 12:40 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-642364921-1089016685-4093869991-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: DTSRVC => 2
MSCONFIG\Services: FLEXnet Licensing Service 64 => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2EBEDB4E-B739-4755-99C9-2EB4F0E57841}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AC4BA5D5-465F-4DD8-B7D8-3556B2D895B3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C4C25320-2E1C-42FB-B4A8-660E3A3F639F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{228F78A8-9084-4146-BDA6-3A0E899D7045}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B04DFFD6-AC9F-4A21-80B8-07E972623A5C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4F49994E-ECF5-44A7-9075-41174BE3F22A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BA5A599B-5D02-41D6-B7B2-869CD9524A5A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8F1BDB39-C00C-4D38-9705-B2FC3DD459BF}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CCECCAC7-DF7B-4FB1-A92A-BBAC7057A5A6}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{54827482-FE69-407D-B4AC-B324A9DCB49C}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6CFA62FB-A0D4-4B4A-8639-3E947989A01A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6818A990-27A1-49E4-8B2A-257168888405}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8AFB974C-93EB-4596-BAB3-72F9924D7FF4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{41785582-CFDC-4485-A357-EC9A3DD6A544}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{054C181C-0AB4-4A09-8E4B-69D045CDA0E4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6D2EF659-5FB2-4738-9529-1EE0F8089112}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{23CE08C8-C7B0-435A-BBE7-CF57D6B6FF33}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2BA5ED26-BBF0-4ACA-A2C0-11EEBD6BE21F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4C646279-7D42-4AA9-9FD2-68D72DC61F6C}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{2B65F35A-482E-43F2-9DC9-3123283773C1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{041EE811-D9AF-4E79-BC26-A804F594C41D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{037E7BAE-AEF6-40D2-A8A0-6C97AA29AC49}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1A729CF6-BADF-4EC9-B7A8-E945D91D16A3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F8CE3B0B-026A-4A9C-9BBA-47804BF958D7}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1BAA678C-9388-4AC9-A626-8718039B18C5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{37A73409-2AAB-4965-98C7-F6A16AFCA350}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AE77111F-7118-45FA-87DB-89BD9FAE5955}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{78B3F5EE-87B0-4E43-BFAD-5AB72D48B811}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{62689319-ADFA-4926-B1EE-1957C7D571FC}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8D27B606-C3AD-4317-AF33-2DE8991AC8C3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A18AF9B9-2413-482A-9C53-FB1614690DB2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F12C8D41-8A74-4180-B5FD-51C20B5D4728}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B37B477F-23D8-45DE-80E7-91CF878FEC06}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{61AAB710-0699-49A3-A37A-32BB28F607B4}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

19-06-2022 11:43:39 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/01/2022 11:48:35 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/01/2022 07:33:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sftlist.exe, verze: 4.6.3.25281, časové razítko: 0x54348bda
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x02b77584
ID chybujícího procesu: 0xfec
Čas spuštění chybující aplikace: 0x01d88ccad608f203
Cesta k chybující aplikaci: C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5b36b8ad-f8ff-11ec-8b2e-6c626daefe95

Error: (07/01/2022 07:33:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sftvsa.exe, verze: 4.6.3.25281, časové razítko: 0x54348b60
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x02b77584
ID chybujícího procesu: 0xeb8
Čas spuštění chybující aplikace: 0x01d88ccad41c352a
Cesta k chybující aplikaci: C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5aaf0a3d-f8ff-11ec-8b2e-6c626daefe95

Error: (07/01/2022 07:33:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: armsvc.exe, verze: 1.824.45.8876, časové razítko: 0x619600e3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x02b77584
ID chybujícího procesu: 0xb00
Čas spuštění chybující aplikace: 0x01d88ccab94671d3
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5452dd02-f8ff-11ec-8b2e-6c626daefe95

Error: (07/01/2022 07:33:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvSCPAPISvr.exe, verze: 7.17.13.1106, časové razítko: 0x50f9536b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x02b77584
ID chybujícího procesu: 0x33c
Čas spuštění chybující aplikace: 0x01d88cca923cf52a
Cesta k chybující aplikaci: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4f99a1f7-f8ff-11ec-8b2e-6c626daefe95

Error: (07/01/2022 01:08:00 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/01/2022 12:13:49 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (06/30/2022 11:46:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -528.


System errors:
=============
Error: (07/01/2022 12:19:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/01/2022 11:50:38 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error: (07/01/2022 11:50:38 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error: (07/01/2022 11:50:37 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error: (07/01/2022 11:45:52 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (07/01/2022 11:42:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (07/01/2022 11:42:33 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/01/2022 11:38:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V26.3 11/01/2010
Motherboard: MSI G41M-P28 (MS-7592)
Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 86%
Total physical RAM: 4095.18 MB
Available physical RAM: 561.31 MB
Total Virtual: 8188.5 MB
Available Virtual: 4094.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:581.03 GB) (Model: ST31000524AS ATA Device) NTFS
Drive q: () (Fixed) (Total:0 GB) (Free:0 GB) (Model: ST31000524AS ATA Device)

\\?\Volume{629b4f58-3d9d-11e0-827c-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 828A0713)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Petura]

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-01-2022
# Duration: 00:00:04
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1413 octets] - [01/07/2022 14:35:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U1 aswbdisk; no ImagePath

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Petura]

po restartu strašně dlouho trvalo než naběhl firefox a pc šrotuje jak o život

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-06-2022 01
Ran by Nada (01-07-2022 15:17:21) Run:4
Running from C:\Users\Nada\Desktop
Loaded Profiles: Nada & UpdatusUser
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U1 aswbdisk; no ImagePath

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4712895 B
Java, Discord, Steam htmlcache => 0 B
Windows/system/drivers => 1622 B
Edge => 0 B
Chrome => 0 B
Firefox => 47677948 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Nada => 2527832 B
UpdatusUser => 2527832 B

RecycleBin => 0 B
EmptyTemp: => 54.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-07-2022 15:24:06)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 15:24:30 ====

[Rudy]

OK. Spusťte tedy ještě AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po ukončení akce amžte vše, co najde. Návod v odkazu je na starší verzi.