VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

https://forum.viry.cz:443/viewtopic.php?t=157820

Stránka 1 z 1

Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 23 led 2021 19:51
od lastsaves
Prosim o kontrolu logu v priloze
RSIT.zip
(36.55 KiB) Staženo 99 x
- byl prilis velky na vlozeni.
Dekuji.

Re: Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 23 led 2021 19:54
od Rudy
Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není s desítkami plně kompatibilní. Děkuji.

Re: Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 24 led 2021 12:50
od lastsaves
Omlouvám se a posílám logy z FRST. Děkuji.

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18242048 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2596704 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\Bootrace.exe [9208904 2020-03-19] (Greatis Software LLC -> Greatis Software)
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 1
HKU\S-1-5-21-1085476363-3268248269-2470111272-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1085476363-3268248269-2470111272-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon MG2400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBW.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP240 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9H.DLL [27648 2008-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP240 series: C:\WINDOWS\system32\CNMLM9H.DLL [279040 2008-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {111EA075-6C12-48D0-921B-1633018217E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {18A6F513-9D4D-46B4-AEE4-525841B36997} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2020-12-16] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 66d43bae-d370-4794-8c2b-9acd6ec98a8e
Task: {4AC2DBAC-4724-4826-998A-63F66CB3677A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {50EB0A92-9889-456D-AFA0-DC33DEC16530} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A7A1DD5F-5F49-4312-B54D-EE0787DE92B7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {AF1E0E01-B533-4FCC-91B1-EE17B72002A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {B412E8D7-B483-46E2-9C00-B6D9ABE15362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {D2F25DD1-25EF-4409-BEAB-AC2BAEBDC2EE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
Task: {E74597DF-F01B-40E6-96E9-F23BA074C136} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5442656 2020-11-25] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{57df4623-5517-4b5f-93fd-1037b0d376bb}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{84679ce0-3b44-4240-993e-cc6df8cb850d}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-23]

FireFox:
========
FF DefaultProfile: gk1ulw7z.default
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\gk1ulw7z.default [2021-01-24]
FF Notifications: Mozilla\Firefox\Profiles\gk1ulw7z.default -> hxxps://www.hudy.cz

Chrome:
=======
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default [2021-01-23]
CHR Notifications: Default -> hxxps://cz.pinterest.com; hxxps://meet.google.com
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Slides) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-14]
CHR Extension: (Docs) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-14]
CHR Extension: (Google Drive) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-23]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-14]
CHR Extension: (Sheets) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-14]
CHR Extension: (Google Docs Offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-23]
CHR Extension: (Chrome Media Router) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
S4 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [96152 2019-07-10] (Greatis Software LLC -> Greatis Software, LLC)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12968552 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-24] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-24 12:30 - 2021-01-24 12:33 - 000012060 _____ C:\Users\Tomáš\Desktop\FRST.txt
2021-01-24 12:29 - 2021-01-24 12:29 - 000000000 ___HD C:\$AV_ASW
2021-01-24 12:28 - 2021-01-24 12:31 - 000000000 ____D C:\FRST
2021-01-24 12:28 - 2021-01-24 12:29 - 000000000 ____D C:\Users\Tomáš\Desktop\FRST-OlderVersion
2021-01-24 11:05 - 2021-01-24 12:28 - 002297344 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2021-01-23 20:09 - 2021-01-23 20:09 - 000284920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-23 18:51 - 2021-01-23 18:51 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2021-01-23 18:51 - 2021-01-23 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-01-23 18:51 - 2021-01-23 18:51 - 000000000 ____D C:\Program Files\Speccy
2021-01-23 18:49 - 2021-01-23 18:49 - 008234296 _____ (Piriform Software Ltd) C:\Users\Tomáš\Downloads\spsetup132.exe
2021-01-19 22:26 - 2021-01-19 22:26 - 000019306 _____ C:\Users\Tomáš\Downloads\Test_unit_7_kotovsky.odt
2021-01-19 20:19 - 2021-01-19 20:20 - 000023167 _____ C:\Users\Tomáš\Downloads\Vocabulary test U2.odt
2021-01-19 14:23 - 2021-01-19 14:23 - 000069807 _____ C:\Users\Tomáš\Downloads\Module 8 Test.pdf
2021-01-19 14:20 - 2021-01-19 14:20 - 000067806 _____ C:\Users\Tomáš\Downloads\test(1).pdf
2021-01-18 23:10 - 2021-01-18 23:10 - 000212116 _____ C:\Users\Tomáš\Downloads\Unit 1 Test Part 1 kroupa.pdf
2021-01-18 22:56 - 2021-01-18 22:56 - 000069724 _____ C:\Users\Tomáš\Downloads\Unit 1 Test Part 1(1).pdf
2021-01-18 22:32 - 2021-01-18 22:32 - 000068840 _____ C:\Users\Tomáš\Downloads\Unit 1 Test Part 1.pdf
2021-01-18 22:28 - 2021-01-18 22:28 - 000060324 _____ C:\Users\Tomáš\Downloads\test.pdf
2021-01-18 18:51 - 2021-01-18 18:51 - 000016781 _____ C:\Users\Tomáš\Downloads\Test Module 1 Feelings + present tenses 3.odt
2021-01-13 02:49 - 2021-01-13 02:49 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 02:47 - 2021-01-13 02:47 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 02:47 - 2021-01-13 02:47 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 02:47 - 2021-01-13 02:47 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 02:47 - 2021-01-13 02:47 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 02:47 - 2021-01-13 02:47 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 02:46 - 2021-01-13 02:46 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 02:46 - 2021-01-13 02:46 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 02:46 - 2021-01-13 02:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 02:46 - 2021-01-13 02:46 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 02:45 - 2021-01-13 02:45 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 02:43 - 2021-01-13 02:43 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 02:42 - 2021-01-13 02:42 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 02:42 - 2021-01-13 02:42 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 02:41 - 2021-01-13 02:41 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 02:41 - 2021-01-13 02:41 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 02:40 - 2021-01-13 02:40 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 02:40 - 2021-01-13 02:40 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-13 02:39 - 2021-01-13 02:39 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 02:39 - 2021-01-13 02:39 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 02:38 - 2021-01-13 02:38 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-13 02:37 - 2021-01-13 02:37 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 02:37 - 2021-01-13 02:37 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 02:36 - 2021-01-13 02:36 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 02:36 - 2021-01-13 02:36 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 02:35 - 2021-01-13 02:35 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-13 02:35 - 2021-01-13 02:35 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 02:34 - 2021-01-13 02:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 02:33 - 2021-01-13 02:33 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 02:32 - 2021-01-13 02:32 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 02:32 - 2021-01-13 02:32 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 02:32 - 2021-01-13 02:32 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-13 02:29 - 2021-01-13 02:29 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-13 02:28 - 2021-01-13 02:28 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 02:28 - 2021-01-13 02:28 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 02:25 - 2021-01-13 02:25 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 02:24 - 2021-01-13 02:24 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 02:24 - 2021-01-13 02:24 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 02:24 - 2021-01-13 02:24 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 02:23 - 2021-01-13 02:23 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-12 16:07 - 2021-01-12 16:07 - 000771450 _____ C:\Users\Tomáš\Downloads\Domov_plakat_Adam Poslusny.pdf
2021-01-12 15:43 - 2021-01-12 15:43 - 001659155 _____ C:\Users\Tomáš\Downloads\E4AD0E79-E0BB-4515-BB0E-088880ACD539.jpeg
2021-01-12 15:01 - 2021-01-12 15:01 - 000689209 _____ C:\Users\Tomáš\Downloads\Domov.pdf
2021-01-12 14:56 - 2021-01-12 14:56 - 002104443 _____ C:\Users\Tomáš\Downloads\image2.jpeg
2021-01-12 14:55 - 2021-01-12 14:55 - 002774108 _____ C:\Users\Tomáš\Downloads\image4.jpeg
2021-01-12 14:55 - 2021-01-12 14:55 - 002774108 _____ C:\Users\Tomáš\Downloads\image4(1).jpeg
2021-01-12 14:55 - 2021-01-12 14:55 - 002347418 _____ C:\Users\Tomáš\Downloads\image1.jpeg
2021-01-11 10:01 - 2021-01-11 10:01 - 000265710 _____ C:\Users\Tomáš\Downloads\Document1607333991188.pdf
2021-01-10 17:10 - 2021-01-10 17:10 - 000201978 _____ C:\Users\Tomáš\Downloads\Module 2 Test Grammar - reseni.pdf
2021-01-10 16:31 - 2021-01-10 16:31 - 000101467 _____ C:\Users\Tomáš\Downloads\Module 2 Test Grammar(2).pdf
2021-01-06 10:38 - 2021-01-06 10:38 - 103503047 _____ C:\Users\Tomáš\Downloads\Vocabulary_in_Practice_Full_Set_www.frenglish.ru(2).rar
2021-01-06 10:35 - 2021-01-06 10:35 - 103503047 _____ C:\Users\Tomáš\Downloads\Vocabulary_in_Practice_Full_Set_www.frenglish.ru(1).rar
2021-01-06 09:50 - 2021-01-06 10:34 - 103503047 _____ C:\Users\Tomáš\Downloads\Vocabulary_in_Practice_Full_Set_www.frenglish.ru.rar
2021-01-06 09:46 - 2021-01-06 09:46 - 021802849 _____ C:\Users\Tomáš\Downloads\idoc.pub_vocabulary-in-practice-4-intermediate.pdf
2021-01-04 22:57 - 2021-01-04 22:57 - 000107902 _____ C:\Users\Tomáš\Downloads\oprava časy a otázky kvarta-vyplneno.pdf
2021-01-04 18:40 - 2021-01-04 18:41 - 000101467 _____ C:\Users\Tomáš\Downloads\Module 2 Test Grammar(1).pdf
2021-01-04 18:15 - 2021-01-04 18:15 - 000703652 _____ C:\Users\Tomáš\Downloads\Image (32).pdf
2021-01-04 17:48 - 2021-01-04 17:49 - 000082547 _____ C:\Users\Tomáš\Downloads\aidu.pdf
2021-01-04 17:30 - 2021-01-04 17:30 - 000100940 _____ C:\Users\Tomáš\Downloads\Module 2 Test Grammar.pdf
2021-01-04 16:54 - 2021-01-04 16:54 - 000022246 _____ C:\Users\Tomáš\Downloads\Module 2 Test Grammar.odt
2021-01-03 21:55 - 2021-01-07 16:52 - 000214808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-01-03 21:55 - 2021-01-03 21:53 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-24 12:34 - 2018-01-14 14:48 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-24 12:25 - 2020-05-31 16:27 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-24 12:21 - 2019-12-26 15:15 - 000000000 ____D C:\Program Files\CCleaner
2021-01-24 12:21 - 2017-12-25 22:13 - 000000000 ___RD C:\Users\Tomáš\OneDrive
2021-01-24 12:20 - 2020-05-31 16:01 - 000643072 _____ C:\Users\Public\Documents\bootracer.his
2021-01-24 12:20 - 2020-05-31 15:45 - 000000756 _____ C:\Users\Public\Documents\bootracer.ini
2021-01-24 12:20 - 2020-05-31 15:44 - 000000000 ____D C:\Program Files (x86)\BootRacer
2021-01-24 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-24 12:19 - 2020-11-05 01:06 - 000000000 ____D C:\Users\Tomáš
2021-01-24 12:19 - 2020-11-05 01:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-24 12:19 - 2017-12-25 22:08 - 000000000 __SHD C:\Users\Tomáš\IntelGraphicsProfiles
2021-01-24 10:07 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-24 09:55 - 2020-11-05 01:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-24 09:55 - 2020-11-05 01:00 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-24 09:54 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-23 21:25 - 2019-04-17 16:45 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-23 21:24 - 2018-01-14 14:52 - 000000000 ____D C:\Users\Tomáš\AppData\LocalLow\Mozilla
2021-01-23 20:29 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-23 20:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-23 19:51 - 2020-05-31 16:28 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\TeamViewer
2021-01-23 19:50 - 2020-05-31 16:39 - 000000000 ____D C:\rsit
2021-01-23 19:48 - 2020-05-31 16:39 - 000000000 ____D C:\Program Files\trend micro
2021-01-23 19:39 - 2020-11-18 11:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-23 19:14 - 2020-06-07 16:40 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-23 19:14 - 2020-06-07 16:40 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-23 18:51 - 2019-06-28 10:14 - 000000000 ____D C:\Users\Tomáš\AppData\Local\D3DSCache
2021-01-22 10:46 - 2020-03-17 12:03 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\NAPS2
2021-01-22 09:03 - 2020-11-05 01:07 - 000000000 ____D C:\Users\defaultuser0
2021-01-21 16:42 - 2018-07-01 17:51 - 000000000 ____D C:\Users\Tomáš\AppData\Local\AVAST Software
2021-01-21 12:07 - 2018-01-14 14:52 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-20 07:55 - 2020-11-30 10:05 - 000003378 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b308b5c8762a
2021-01-20 07:55 - 2020-11-05 01:35 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-15 07:59 - 2020-11-05 01:35 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-14 20:12 - 2020-11-05 01:35 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-13 03:58 - 2020-11-05 01:19 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-13 03:58 - 2019-12-07 15:41 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-13 03:58 - 2019-12-07 15:41 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 03:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-13 03:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 03:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 03:42 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 03:42 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 03:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 03:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-13 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 03:06 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 02:22 - 2020-11-05 01:03 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 01:25 - 2017-02-28 10:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 01:12 - 2017-02-28 10:07 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-12 09:03 - 2018-01-14 14:46 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 09:03 - 2018-01-14 14:46 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-08 12:53 - 2018-01-14 14:55 - 000468888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-07 12:52 - 2018-01-14 14:55 - 000324904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-04 09:22 - 2019-02-11 21:38 - 000000000 ____D C:\Users\Tomáš\AppData\Local\CrashDumps
2021-01-03 21:55 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-03 21:54 - 2020-10-18 09:30 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-01-03 21:54 - 2020-04-15 14:10 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-01-03 21:54 - 2019-02-10 00:10 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-01-03 21:54 - 2019-02-10 00:10 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-01-03 21:54 - 2019-01-03 22:11 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-01-03 21:54 - 2018-07-01 13:34 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-01-03 21:54 - 2018-01-14 14:55 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-01-03 21:54 - 2018-01-14 14:55 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-01-03 21:52 - 2019-02-10 00:10 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-01-03 21:52 - 2019-02-10 00:10 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-01-03 21:52 - 2018-01-14 14:55 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-01-03 21:52 - 2018-01-14 14:55 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021
Ran by Tomáš (24-01-2021 12:40:50)
Running from C:\Users\Tomáš\Desktop
Windows 10 Home Version 2004 19041.746 (X64) (2020-11-05 00:37:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1085476363-3268248269-2470111272-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1085476363-3268248269-2470111272-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1085476363-3268248269-2470111272-1001 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1085476363-3268248269-2470111272-501 - Limited - Disabled)
Tomáš (S-1-5-21-1085476363-3268248269-2470111272-1002 - Administrator - Enabled) => C:\Users\Tomáš
WDAGUtilityAccount (S-1-5-21-1085476363-3268248269-2470111272-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 20.1.9481.1346 - Avast Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
BootRacer 7.90 (HKLM-x32\...\{50EB4E13-A810-411E-8F1F-C22FE7841DA2}_is1) (Version: 7.90 - Greatis Software)
Canon MP240 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1085476363-3268248269-2470111272-1002\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
NAPS2 6.1.2 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.20538 - Kakao Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.12.4 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
XnView 2.43 (HKLM-x32\...\XnView_is1) (Version: 2.43 - Gougelet Pierre-e)

Packages:
=========
All Video Player HD -> C:\Program Files\WindowsApps\22450.TotalVideoPlayer_2.0.29.0_x64__0aqw1zw0x2snt [2021-01-21] (韵华软件)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-15] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-17] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.185.400.0_x86__kgqvnymyfvs32 [2021-01-21] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-07] (Canon Inc.)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.6.10.0_x86__h6adky7gbf63m [2020-12-15] (Gameloft SE)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-19] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.3.1.1_x86__h6adky7gbf63m [2021-01-14] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-14] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-15] (Microsoft Studios)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0 [2021-01-23] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1-x32: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files (x86)\XnView\ShellEx\XnViewShellExt.dll [2015-02-19] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\igfxDTCM.dll [2016-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-1085476363-3268248269-2470111272-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2020-05-31 16:39 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1085476363-3268248269-2470111272-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1085476363-3268248269-2470111272-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKU\S-1-5-21-1085476363-3268248269-2470111272-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-1085476363-3268248269-2470111272-1002\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{818F00C9-4FDC-4FDD-A97F-0285DE8F9695}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{9628420E-A05E-49EF-AC80-08A24FD99CDA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4F116A6F-4E8E-4665-98B5-F83F0E2E5ED9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{653A62DF-A158-46DA-8FDE-595C593A5F36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{398BF6A4-CE55-4736-9B32-555C2FFBC61A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{883C6927-FB58-4A80-9387-AB51012FCD60}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{64BFFEB0-015E-44F0-8766-433EA88B2BB1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DCCC7CD0-8C19-4779-A963-98250D6D5235}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{FC6F380D-C1F5-42F6-ADEB-B005AD5F56D0}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{CD596983-836D-4F6C-81D4-01202DDD3A46}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0804CCE0-110B-41FF-9E89-74FDD7BE9252}] => (Block) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A267426E-DB3A-4EF0-BBE2-5FF6A8F7FD58}] => (Block) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5D512B03-7384-409C-B117-8B2836FB3110}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{105B0387-5101-455C-B665-A3DEEBA11933}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3961ED10-D9F2-48C9-9824-6152E22A57EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BCBE78E7-D855-4E04-BC06-5E442FEF4B83}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8C51D0E-005B-476F-8209-D6CF1C4F4039}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C6F18854-0F10-49AE-9889-F96B7573918C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{60D5924B-E773-4402-9B0A-483BD41BBAE3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB28BED7-4591-4F45-8AFC-CDAC2399DEDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4FA3C4FD-4DAB-4065-9F8C-B8D332B68A02}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3053D0A1-CF8B-42AC-A845-4E9EB031BFC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FDAD4538-2A3B-4422-A899-0F6322AEDD70}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{48239E53-6FE7-47F8-B537-971BB02783FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A621183E-05FE-43A6-99FE-BD016BF75E81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

20-01-2021 08:55:38 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/22/2021 11:57:47 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/22/2021 11:45:57 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/22/2021 10:41:32 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/20/2021 08:56:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/19/2021 07:04:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4728,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Tomáš\AppData\Local\Microsoft\Windows\WebCache\V0100012.log došlo k chybě -1811 (0xfffff8ed).

Error: (01/15/2021 12:49:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/15/2021 12:23:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/15/2021 11:58:11 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (01/24/2021 09:55:44 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (01/24/2021 09:54:34 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.

Error: (01/24/2021 09:38:50 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (01/24/2021 09:39:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:52:03, ‎23.‎01.‎2021) bylo neočekávané.

Error: (01/24/2021 09:38:30 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 16) (User: NT AUTHORITY)
Description: 3221226513Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (01/23/2021 08:09:26 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (01/23/2021 07:55:01 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Tools se po přijetí pokynu pro vypnutí neukončila správně.

Error: (01/23/2021 06:52:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.


CodeIntegrity:
===================================

Date: 2021-01-24 12:32:18.9000000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\setup\uat_2528.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-24 09:57:14.3680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-24 09:57:14.3510000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-24 09:57:14.3330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-24 09:57:14.3160000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-24 09:57:14.2960000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-24 09:57:14.2740000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-24 09:57:14.2560000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO LENOVO - 3 02/10/2017
Motherboard: LENOVO Lenovo V110-15IAP
Processor: Intel(R) Celeron(R) CPU N3350 @ 1.10GHz
Percentage of memory in use: 89%
Total physical RAM: 3371.61 MB
Available physical RAM: 353.51 MB
Total Virtual: 5931.61 MB
Available Virtual: 2494.62 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.48 GB) (Free:410.65 GB) NTFS

\\?\Volume{d9fa2484-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{d9fa2484-0000-0000-0000-303e74000000}\ () (Fixed) (Total:0.79 GB) (Free:0.3 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=807 MB) - (Type=27)

==================== End of Addition.txt =======================

Re: Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 24 led 2021 14:50
od Rudy
Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 24 led 2021 18:51
od lastsaves
Provedeno, log níže.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-24-2021
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1406 octets] - [24/01/2021 18:43:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 24 led 2021 19:04
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {50EB0A92-9889-456D-AFA0-DC33DEC16530} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AF1E0E01-B533-4FCC-91B1-EE17B72002A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {B412E8D7-B483-46E2-9C00-B6D9ABE15362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1085476363-3268248269-2470111272-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 24 led 2021 19:31
od lastsaves
Fixnuto, log níže.

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by Tomáš (24-01-2021 19:29:37) Run:1
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: defaultuser0 & Tomáš
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {50EB0A92-9889-456D-AFA0-DC33DEC16530} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AF1E0E01-B533-4FCC-91B1-EE17B72002A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {B412E8D7-B483-46E2-9C00-B6D9ABE15362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1085476363-3268248269-2470111272-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

Re: Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 24 led 2021 20:03
od Rudy
Fixlog by měl vypadat takto: https://forum.viry.cz/viewtopic.php?p=1538863#p1538863 .

Re: Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 24 led 2021 20:29
od lastsaves
Fixnuto znovu, tentokrát je snad vše v pořádku. (zvláštní, že po prvním fixnutí opravdu vyplivl ten log, co jsme poslal).
Log níže.

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by Tomáš (24-01-2021 20:13:46) Run:2
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: defaultuser0 & Tomáš
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {50EB0A92-9889-456D-AFA0-DC33DEC16530} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AF1E0E01-B533-4FCC-91B1-EE17B72002A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {B412E8D7-B483-46E2-9C00-B6D9ABE15362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1085476363-3268248269-2470111272-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50EB0A92-9889-456D-AFA0-DC33DEC16530}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50EB0A92-9889-456D-AFA0-DC33DEC16530}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF1E0E01-B533-4FCC-91B1-EE17B72002A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF1E0E01-B533-4FCC-91B1-EE17B72002A2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B412E8D7-B483-46E2-9C00-B6D9ABE15362}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B412E8D7-B483-46E2-9C00-B6D9ABE15362}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-1085476363-3268248269-2470111272-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49812259 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 77783429 B
Edge => 86673 B
Chrome => 15389352 B
Firefox => 556488699 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 390698 B
NetworkService => 390698 B
defaultuser0 => 390698 B
Tomáš => 45178840 B

RecycleBin => 0 B
EmptyTemp: => 721.4 MB temporary data Removed.

================================

Re: Zpomaleny pocitac, preskakujici kurzor, samovolne zavirani oken

Napsal: 24 led 2021 20:49
od Rudy
Teď je to v pořádku. Bylo smazáno. Nastala nějaká změna?
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz