VIRY.CZ

Zdravím. Dneska při cvičení z programování mi počítač sám od sebe psal nesmysly, kazil mi psaní kódu, podezřelé mi to přišlo, když to napsalo slovo "sportka" (což jsme při programování neprobírali a fakt jsem se nenudil tak, že bych psal takový nesmysly). Pak mě to začalo z ničeho nic odpojovat od internetu. Počítač si myslel, že jsem připojen, ale na cvičení v MS-Teams jsem se nemohl znovu připojit, nemohl jsem ani načíst žádnou webovou stránku. Teď se nic neděje, ale netuším, kdy to opět začne. AVAST nic nenašel.

Ocenil bych rychlost. Fakt nechci předat počítač tátovi s tím, že se tam pohybuje někdo nepovolaný. Logy FRST a Addition jsou v příloze.

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-10-2021
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted C:\END
Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d52a0dcc-407f-4d9d-9593-0f8601e8ce71}|DhcpNameServer - "77.236.192.130"

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1838 octets] - [10/03/2021 18:20:28]
AdwCleaner[S01].txt - [1899 octets] - [10/03/2021 18:22:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

OK. Dejte nové logy FRST+Addition.

Logy jsou v příloze

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {4236F3B2-5403-4C88-90D9-390CA706C8F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-28] (Google Inc -> Google Inc.)
Task: {8B1F7846-3039-400D-AA8C-7E23969B55FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-28] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUT78BB.tmp
C:\Program Files (x86)\GUT7F66.tmp
C:\Program Files (x86)\GUT9B12.tmp
CustomCLSID: HKU\S-1-5-21-196395001-3005040533-1894216317-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Uzivatel\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\Uzivatel\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Uzivatel\Documents\desktop.ini:gs5sys [3074]
FirewallRules: [{9AD19405-A875-461D-B3DF-B43EC6DAFB92}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS750B\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{993B52BE-FBE3-4ACF-BD16-1E72C8BAD633}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS750B\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C5B1405C-43FE-4DD9-B3D5-7B689C393C89}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS686D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{08A07D13-7B8C-46D6-9955-730EF6C9B75A}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS686D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{269551D4-70A7-4A08-88F9-1DED86283172}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS5E9D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{8343F641-C023-4EAE-AF41-162A9FC0F4F4}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS5E9D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9D35BF58-B2FE-4955-ADE5-88D9B6666AA9}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS57DD\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{04465AFD-D5F7-407F-B023-C00772F59B3A}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS57DD\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AA4AF4E5-B399-47B0-8AFF-73FAF81FC7F8}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3EA5\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{2878BA39-15F2-48DF-AD27-2A069F6A74B1}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3EA5\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{17A58320-0E24-47E2-A899-2BCF0F69F25B}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3B85\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{ACF1E5D4-483E-48BC-99D7-A90235F9D98C}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3B85\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{1170BBE4-223F-4535-B3D6-378BE81B0859}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS2267\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{0BB78C01-4C17-445B-AE9A-E814A2C3B71A}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS2267\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C665FD4F-8E7D-4F24-A5F0-E293D6299160}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS20CF\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{BFFF54DD-BA0D-401B-8084-59893BC3BA4C}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS20CF\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FCD12785-6052-41BD-98AE-A46FE5CEBC0C}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS132F\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{CDBA4181-97F0-4C8E-AE30-2B658F9B0B70}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS132F\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{4BDDEFF2-6004-47C2-B56D-C7E4CF25D158}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3673\Installer\hpbcsiInstaller.exe => No File
FirewallRules: [{3D570243-E148-4C88-86DB-47B9A84C2A9F}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3673\Installer\hpbcsiInstaller.exe => No File
FirewallRules: [{807C0051-E000-48AF-AD72-D4D180F9CF64}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3162\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3ABC282D-972C-4FA0-AF1C-45CEFE32295B}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3162\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AD2BF9F0-7A2C-49E3-A14B-39EDE56E4688}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS6D48\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{F19A9222-4773-4068-BCCD-3DEB4CAD3F95}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS6D48\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{A5A16943-490D-48CA-AA1E-846C9F11C29A}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS6C0C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{78566CC0-4C72-4D44-8DEC-F9E978B3F59D}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS6C0C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{4A6A2C8D-95F6-40DD-BA92-24EFDB6128E4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A159EDF8-0363-4E91-8F26-93C114E2C051}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{22FDCF80-0259-445B-8EF2-6C334DFADCAE}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS37FC\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{918EDCD4-57E4-4D69-AE7F-1BDAD27B5325}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS37FC\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{31C5AB20-5EC8-48F7-B4E3-9F66CA6C575A}] => (Allow) G:\autorun.exe => No File
FirewallRules: [{605D5E23-CDDA-4BE8-9D8D-34F64A967793}] => (Allow) G:\autorun.exe => No File
FirewallRules: [{725F629C-74B4-45CC-95ED-5606886B8404}] => (Allow) G:\autorun.exe => No File
FirewallRules: [{2AD97F57-35C7-4496-9D4E-D6F76230F3CB}] => (Allow) G:\autorun.exe => No File
FirewallRules: [{3A85FEB5-4A63-44EA-BA8D-AEEB3A7B20C1}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS041C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{67E35824-99CA-419B-94F9-09D4A4B14713}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS041C\HPDiagnosticCoreUI.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Hotovo. Avast Driver Updater najednou hlásí, že vypršelo předplatné. Může to být náhoda? V logu AdwCleaner to našlo PUP Driver Updater, jediný updater v počítači je právě předplacený Avast.

Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon

Tu je log FRST fix:

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Uzivatel (11-03-2021 10:37:29) Run:1
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {4236F3B2-5403-4C88-90D9-390CA706C8F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-28] (Google Inc -> Google Inc.)
Task: {8B1F7846-3039-400D-AA8C-7E23969B55FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-28] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUT78BB.tmp
C:\Program Files (x86)\GUT7F66.tmp
C:\Program Files (x86)\GUT9B12.tmp
CustomCLSID: HKU\S-1-5-21-196395001-3005040533-1894216317-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Uzivatel\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\Uzivatel\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Uzivatel\Documents\desktop.ini:gs5sys [3074]
FirewallRules: [{9AD19405-A875-461D-B3DF-B43EC6DAFB92}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS750B\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{993B52BE-FBE3-4ACF-BD16-1E72C8BAD633}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS750B\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C5B1405C-43FE-4DD9-B3D5-7B689C393C89}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS686D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{08A07D13-7B8C-46D6-9955-730EF6C9B75A}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS686D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{269551D4-70A7-4A08-88F9-1DED86283172}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS5E9D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{8343F641-C023-4EAE-AF41-162A9FC0F4F4}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS5E9D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9D35BF58-B2FE-4955-ADE5-88D9B6666AA9}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS57DD\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{04465AFD-D5F7-407F-B023-C00772F59B3A}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS57DD\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AA4AF4E5-B399-47B0-8AFF-73FAF81FC7F8}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3EA5\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{2878BA39-15F2-48DF-AD27-2A069F6A74B1}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3EA5\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{17A58320-0E24-47E2-A899-2BCF0F69F25B}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3B85\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{ACF1E5D4-483E-48BC-99D7-A90235F9D98C}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3B85\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{1170BBE4-223F-4535-B3D6-378BE81B0859}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS2267\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{0BB78C01-4C17-445B-AE9A-E814A2C3B71A}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS2267\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C665FD4F-8E7D-4F24-A5F0-E293D6299160}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS20CF\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{BFFF54DD-BA0D-401B-8084-59893BC3BA4C}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS20CF\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FCD12785-6052-41BD-98AE-A46FE5CEBC0C}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS132F\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{CDBA4181-97F0-4C8E-AE30-2B658F9B0B70}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS132F\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{4BDDEFF2-6004-47C2-B56D-C7E4CF25D158}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3673\Installer\hpbcsiInstaller.exe => No File
FirewallRules: [{3D570243-E148-4C88-86DB-47B9A84C2A9F}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3673\Installer\hpbcsiInstaller.exe => No File
FirewallRules: [{807C0051-E000-48AF-AD72-D4D180F9CF64}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3162\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3ABC282D-972C-4FA0-AF1C-45CEFE32295B}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS3162\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AD2BF9F0-7A2C-49E3-A14B-39EDE56E4688}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS6D48\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{F19A9222-4773-4068-BCCD-3DEB4CAD3F95}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS6D48\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{A5A16943-490D-48CA-AA1E-846C9F11C29A}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS6C0C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{78566CC0-4C72-4D44-8DEC-F9E978B3F59D}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS6C0C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{4A6A2C8D-95F6-40DD-BA92-24EFDB6128E4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A159EDF8-0363-4E91-8F26-93C114E2C051}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{22FDCF80-0259-445B-8EF2-6C334DFADCAE}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS37FC\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{918EDCD4-57E4-4D69-AE7F-1BDAD27B5325}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS37FC\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{31C5AB20-5EC8-48F7-B4E3-9F66CA6C575A}] => (Allow) G:\autorun.exe => No File
FirewallRules: [{605D5E23-CDDA-4BE8-9D8D-34F64A967793}] => (Allow) G:\autorun.exe => No File
FirewallRules: [{725F629C-74B4-45CC-95ED-5606886B8404}] => (Allow) G:\autorun.exe => No File
FirewallRules: [{2AD97F57-35C7-4496-9D4E-D6F76230F3CB}] => (Allow) G:\autorun.exe => No File
FirewallRules: [{3A85FEB5-4A63-44EA-BA8D-AEEB3A7B20C1}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS041C\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{67E35824-99CA-419B-94F9-09D4A4B14713}] => (Allow) C:\Users\Uzivatel\AppData\Local\Temp\7zS041C\HPDiagnosticCoreUI.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4236F3B2-5403-4C88-90D9-390CA706C8F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4236F3B2-5403-4C88-90D9-390CA706C8F0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B1F7846-3039-400D-AA8C-7E23969B55FC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B1F7846-3039-400D-AA8C-7E23969B55FC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Program Files (x86)\GUT78BB.tmp => moved successfully
C:\Program Files (x86)\GUT7F66.tmp => moved successfully
C:\Program Files (x86)\GUT9B12.tmp => moved successfully
HKU\S-1-5-21-196395001-3005040533-1894216317-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\Users\Uzivatel\Soubory cookie => ":gs5sys" ADS removed successfully
C:\Users\Uzivatel\AppData\Local\History => ":gs5sys" ADS removed successfully
C:\Users\Uzivatel\Documents\desktop.ini => ":gs5sys" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AD19405-A875-461D-B3DF-B43EC6DAFB92}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{993B52BE-FBE3-4ACF-BD16-1E72C8BAD633}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5B1405C-43FE-4DD9-B3D5-7B689C393C89}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08A07D13-7B8C-46D6-9955-730EF6C9B75A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{269551D4-70A7-4A08-88F9-1DED86283172}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8343F641-C023-4EAE-AF41-162A9FC0F4F4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D35BF58-B2FE-4955-ADE5-88D9B6666AA9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04465AFD-D5F7-407F-B023-C00772F59B3A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AA4AF4E5-B399-47B0-8AFF-73FAF81FC7F8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2878BA39-15F2-48DF-AD27-2A069F6A74B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17A58320-0E24-47E2-A899-2BCF0F69F25B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACF1E5D4-483E-48BC-99D7-A90235F9D98C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1170BBE4-223F-4535-B3D6-378BE81B0859}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BB78C01-4C17-445B-AE9A-E814A2C3B71A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C665FD4F-8E7D-4F24-A5F0-E293D6299160}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFFF54DD-BA0D-401B-8084-59893BC3BA4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCD12785-6052-41BD-98AE-A46FE5CEBC0C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CDBA4181-97F0-4C8E-AE30-2B658F9B0B70}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BDDEFF2-6004-47C2-B56D-C7E4CF25D158}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D570243-E148-4C88-86DB-47B9A84C2A9F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{807C0051-E000-48AF-AD72-D4D180F9CF64}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3ABC282D-972C-4FA0-AF1C-45CEFE32295B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD2BF9F0-7A2C-49E3-A14B-39EDE56E4688}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F19A9222-4773-4068-BCCD-3DEB4CAD3F95}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A5A16943-490D-48CA-AA1E-846C9F11C29A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78566CC0-4C72-4D44-8DEC-F9E978B3F59D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A6A2C8D-95F6-40DD-BA92-24EFDB6128E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A159EDF8-0363-4E91-8F26-93C114E2C051}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{22FDCF80-0259-445B-8EF2-6C334DFADCAE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{918EDCD4-57E4-4D69-AE7F-1BDAD27B5325}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{31C5AB20-5EC8-48F7-B4E3-9F66CA6C575A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{605D5E23-CDDA-4BE8-9D8D-34F64A967793}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{725F629C-74B4-45CC-95ED-5606886B8404}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2AD97F57-35C7-4496-9D4E-D6F76230F3CB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A85FEB5-4A63-44EA-BA8D-AEEB3A7B20C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{67E35824-99CA-419B-94F9-09D4A4B14713}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 241901454 B
Java, Flash, Steam htmlcache => 498520361 B
Windows/system/drivers => 4293805 B
Edge => 0 B
Chrome => 285020863 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 6345 B
LocalService => 218036002 B
NetworkService => 218036002 B
Uzivatel => 1431255367 B

RecycleBin => 0 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:38:17 ====

Screenshot Avast Driver Updater v příloze.

Smazáno. Vypršení předplatného už asi nebude náš problém.

Ok, takže uklidit?

Buď Avast Driver Updater znovu předplatit, nedo odinstalovat.

Řekl bych buď předplatit, nebo znovu aktivovat, pokud z nějakého důvodu zmizel aktivační kód. O tomto už nerozhoduju, to je v režii otce. Avast je koupený, mimochodem. Každopádně díky za pomoc

Pak je to jeho rozhodnutí. Rádo se stalo!