VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pamalé PC

https://forum.viry.cz:443/viewtopic.php?t=158006

Stránka 1 z 1

Pamalé PC

Napsal: 02 dub 2021 08:57
od Petura
Dobrý den, prosím o kontrolu, PC je strašně pomalé a disk nepřetžitě pracuje...díky.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-03-2021
Ran by Petr (administrator) on PETR-PC (Gigabyte Technology Co., Ltd. G31M-ES2L) (02-04-2021 09:44:29)
Running from C:\Stahování
Loaded Profiles: Petr
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe <3>
(Google LLC -> Google LLC) C:\Program Files\Google\Update\Install\{3123FA2E-2276-4731-999E-054FB61E6DF2}\89.0.4389.114_89.0.4389.90_chrome_updater.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\Install\{3123FA2E-2276-4731-999E-054FB61E6DF2}\CR_564E1.tmp\setup.exe <2>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [104160 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2268624 2019-03-18] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [130624 2019-03-18] (Corel Corporation -> WinZip Computing)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\Run: [Xvid] => WScript "C:\Program Files\Xvid\CheckUpdateLauncher.vbs" "C:\Program Files\Xvid\CheckUpdate.ps1"
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\MountPoints2: {54cae04e-ddba-11e8-a0ce-6cf049cbae7d} - F:\LGAutoRun.exe
HKLM\...\Windows NT x86\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPD9W.DLL [27648 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [272384 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\89.1.8894.90\Installer\chrmstp.exe [2021-04-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-16] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1119EE64-F50A-43BB-8AF6-410045247D7A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1550048 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {1296B2B2-DBA3-41A1-9EA7-533C8ED78805} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {1C75028D-FC69-4165-B5A5-B38688ACE8F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {37CFCEF7-A69D-40D6-9A61-075838995A40} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1968160 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {3DAC85D4-EBEF-4BF8-AD9F-57042E7E6F24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {55887A39-2DC9-4FBC-8E91-873161F12FA0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {57411C4B-E521-48F1-8316-E1A773C0D113} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1968160 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {6AA9DE0D-4DAF-4857-96FF-395AEF0E7C75} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {71D79223-316C-4B3C-AE1B-EA651960A4D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7B717C92-8F00-4054-B843-647D8579AB89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {9BA636B6-CA06-4AE9-976A-B620BADA2A15} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {C0768313-C7F6-4AA5-8B01-BCC817C7EEA9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4108000 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
Task: {CF1C9177-645B-4CC4-A58B-1D9A9B05244F} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [1923584 2021-03-15] () [File not signed]
Task: {D937303A-F898-4616-BD32-72DC99F0077A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {F7BFC4EC-26EE-43A7-BA71-B1B409D48BB9} - System32\Tasks\{25663AD6-2B65-43A7-B0CE-BF4D2113A348} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\FreeCommander\FreeCommander.exe" -d "C:\Program Files\FreeCommander"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F10E948-19EF-499E-BEF8-E480C119DCEC}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-28]

FireFox:
========
FF DefaultProfile: fa8ytgvl.default-1606416614406
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\fa8ytgvl.default-1606416614406 [2021-04-02]
FF DownloadDir: C:\Stahování
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2021-03-28]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-10]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-10]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-28]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-10]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-10]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7050776 2021-03-29] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [563416 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1190976 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [330976 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\89.1.8894.90\elevation_service.exe [1230544 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5578952 2020-08-01] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175872 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [287192 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206304 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [91616 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39248 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147728 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [376840 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2018-05-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [92696 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [71352 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [690144 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [384152 2021-03-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [161312 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [276960 2021-02-25] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [87568 2016-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-14] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [181000 2020-08-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [213912 2020-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2017-05-01] (Padus, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-02 09:42 - 2021-04-02 09:42 - 000000921 _____ C:\Users\Petr\Desktop\FRST(1) – zástupce.lnk
2021-04-02 09:26 - 2021-04-02 09:26 - 000025774 _____ C:\Users\Petr\Downloads\CarNet - Tisk1.pdf
2021-04-02 09:26 - 2021-04-02 09:26 - 000021016 _____ C:\Users\Petr\Downloads\CarNet - Tisk2.pdf
2021-03-26 09:26 - 2021-03-27 08:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-15 09:43 - 2021-04-02 09:34 - 000002896 _____ C:\Windows\system32\Tasks\AutoKMS
2021-03-15 09:43 - 2021-04-02 09:34 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
2021-03-09 22:06 - 2021-03-09 22:06 - 000003693 _____ C:\Users\Petr\Downloads\ockovani.csv-metadata.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-02 09:45 - 2016-12-24 12:15 - 000000000 ____D C:\FRST
2021-04-02 09:42 - 2014-03-15 14:04 - 000000000 ____D C:\Stahování
2021-04-02 09:36 - 2019-02-05 12:26 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-02 09:35 - 2016-12-22 18:28 - 000000000 ____D C:\Program Files\CCleaner
2021-04-02 09:35 - 2016-12-22 17:48 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2021-04-02 09:34 - 2016-12-22 18:23 - 000000000 ____D C:\ProgramData\AVAST Software
2021-04-02 09:32 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-02 09:09 - 2016-12-22 21:34 - 000000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2021-04-02 08:43 - 2020-08-26 21:11 - 000000000 ____D C:\Users\Petr\AppData\Local\AVAST Software
2021-04-01 18:41 - 2009-07-14 06:34 - 000038608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-04-01 18:41 - 2009-07-14 06:34 - 000038608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-04-01 14:26 - 2017-03-18 15:38 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-04-01 10:12 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2021-04-01 09:11 - 2020-08-25 16:13 - 000003720 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-04-01 09:11 - 2018-04-05 10:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-04-01 09:11 - 2018-04-05 10:06 - 000002332 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-03-31 14:06 - 2021-01-14 17:32 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-03-31 14:06 - 2020-10-28 13:50 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ad1792fe4ccc
2021-03-31 14:06 - 2020-08-09 11:35 - 000003472 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-31 14:06 - 2020-08-09 11:35 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-31 14:06 - 2019-10-07 22:09 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-31 14:06 - 2019-10-07 22:09 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-31 14:06 - 2019-08-24 20:07 - 000003162 _____ C:\Windows\system32\Tasks\{25663AD6-2B65-43A7-B0CE-BF4D2113A348}
2021-03-31 14:06 - 2016-12-22 18:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-03-31 14:06 - 2016-12-22 18:28 - 000002786 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-03-31 14:06 - 2016-12-22 18:16 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-03-30 09:20 - 2016-12-23 02:14 - 000668866 _____ C:\Windows\system32\perfh005.dat
2021-03-30 09:20 - 2016-12-23 02:14 - 000141526 _____ C:\Windows\system32\perfc005.dat
2021-03-30 09:20 - 2010-11-20 23:01 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2021-03-28 09:01 - 2021-01-14 17:33 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2021-03-27 08:49 - 2017-01-08 16:09 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2021-03-26 09:40 - 2020-08-09 11:36 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-26 09:40 - 2020-08-09 11:36 - 000002126 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-19 10:06 - 2016-12-22 18:47 - 000384152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-03-16 15:00 - 2017-03-19 15:18 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-16 15:00 - 2017-03-19 15:18 - 000002129 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-15 09:43 - 2020-03-27 21:42 - 000000000 ____D C:\Windows\AutoKMS
2021-03-13 10:17 - 2021-02-21 11:15 - 000002029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-10 11:07 - 2016-12-25 11:05 - 000000000 ____D C:\Windows\system32\MRT
2021-03-10 11:00 - 2016-12-25 11:04 - 127268096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2020-10-27 17:57 - 2020-10-27 17:57 - 000004096 ____H () C:\Users\Petr\AppData\Local\keyfile3.drm

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-03-23 11:35
==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-03-2021
Ran by Petr (02-04-2021 09:50:03)
Running from C:\Stahování
Microsoft Windows 7 Professional Service Pack 1 (X86) (2016-12-22 15:36:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-54223709-3085532525-3047887407-500 - Administrator - Disabled)
Guest (S-1-5-21-54223709-3085532525-3047887407-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-54223709-3085532525-3047887407-1002 - Limited - Enabled)
Petr (S-1-5-21-54223709-3085532525-3047887407-1000 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 89.1.8894.90 - Autoři prohlížeče Avast Secure Browser)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Google Chrome (HKLM\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 89.0.774.63 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 87.0 (x86 cs) (HKLM\...\Mozilla Firefox 87.0 (x86 cs)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0.0.7747 - Mozilla)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Skype verze 8.68 (HKLM\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
SysTools DBX Converter version 4.3 (HKLM\...\{0BDF5B3B-040E-4355-BAF5-DA626D01A1F8}_is1) (Version: 4.3 - SysTools Software)
WinZip 23.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2411E}) (Version: 23.0.13431 - Corel Corporation)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.7) (Version: 1.3.7 - Xvid Team)
Zoom (HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\ZoomUMX) (Version: 5.3.2 (53291.1011) - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-54223709-3085532525-3047887407-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2019-03-18] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.ACDV] => C:\Windows\system32\ACDV.dll [462848 2005-06-20] (ACD Systems) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [235520 2019-12-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-13 09:43 - 2020-07-13 09:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\MSVCP140.dll
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\ucrtbase.DLL
2021-04-01 14:26 - 2021-04-01 14:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21040100\avast.local_vc142.crt\VCRUNTIME140.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
SearchScopes: HKU\S-1-5-21-54223709-3085532525-3047887407-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2020-08-09 09:17 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-54223709-3085532525-3047887407-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9421E7B2-F7A9-4A35-8B95-D4A9483F1020}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9A92F8CF-3D62-4D92-855B-8899CC7A094D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{23BD3E6A-355C-4B29-AB06-EA1F0D535073}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC48A628-51C4-4520-B3AA-1F68D54233F4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3CF3DDA8-F3E2-465A-966E-D734796E53FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1CDB625C-8722-42B9-8E56-F5CA10B354B8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{DB07A551-80AF-4405-9C89-D2AEA9306CF5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{4ADED938-66A2-4AE8-B333-4E285EF166DA}] => (Allow) C:\Users\Petr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{681D38D1-C7FF-44A7-ABCC-838D8C8B9519}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA8CF9DB-89D7-49D0-B6E6-7CB78542DB5C}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1268E9D-04FD-472C-A6C9-75666ED60109}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F81C714F-965E-44A9-A35B-BCA5F4514E93}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

17-03-2021 15:34:30 Naplánovaný kontrolní bod
24-03-2021 18:43:43 Naplánovaný kontrolní bod
01-04-2021 09:54:37 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/02/2021 09:37:42 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/02/2021 09:33:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/02/2021 08:13:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/01/2021 09:37:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/01/2021 08:37:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/01/2021 07:37:21 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/01/2021 06:45:17 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/01/2021 06:37:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (04/02/2021 09:32:35 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:30:43, ‎2.‎4.‎2021) bylo neočekávané.

Error: (04/02/2021 09:30:08 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Klient zásad skupiny se po přijetí pokynu pro vypnutí neukončila správně.

Error: (03/31/2021 08:43:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft .NET Framework NGEN v4.0.30319_X86 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/31/2021 08:43:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba %1!s! Update (avast) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/31/2021 08:43:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba 30000!s! Update (avast) bylo dosaženo časového limitu (30000 ms).

Error: (03/30/2021 09:19:31 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (03/28/2021 12:21:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/24/2021 10:08:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba %1!s! Update (avast) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


==================== Memory info ===========================

BIOS: Award Software International, Inc. FH 04/30/2010
Motherboard: Gigabyte Technology Co., Ltd. G31M-ES2L
Processor: Intel(R) Celeron(R) CPU E3300 @ 2.50GHz
Percentage of memory in use: 84%
Total physical RAM: 2046.49 MB
Available physical RAM: 311.2 MB
Total Virtual: 4092.98 MB
Available Virtual: 1458.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:401.4 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:232.88 GB) (Free:163.62 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 54D22AD4)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: C46FBD09)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Pamalé PC

Napsal: 02 dub 2021 10:21
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Pamalé PC

Napsal: 02 dub 2021 19:42
od Petura
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-03-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-02-2021
# Duration: 00:00:01
# OS: Windows 7 Professional
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [15/12/2018 12:34:34]
AdwCleaner[S01].txt - [1318 octets] - [15/12/2018 12:40:35]
AdwCleaner[C01].txt - [1504 octets] - [15/12/2018 12:41:01]
AdwCleaner[S02].txt - [1516 octets] - [24/08/2019 17:45:22]
AdwCleaner[S03].txt - [1577 octets] - [24/08/2019 20:06:38]
AdwCleaner[C03].txt - [1765 octets] - [24/08/2019 20:07:23]
AdwCleaner[S04].txt - [1778 octets] - [21/02/2021 10:28:49]
AdwCleaner[S05].txt - [1840 octets] - [02/04/2021 20:37:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

Re: Pamalé PC

Napsal: 02 dub 2021 20:01
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\MountPoints2: {54cae04e-ddba-11e8-a0ce-6cf049cbae7d} - F:\LGAutoRun.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1C75028D-FC69-4165-B5A5-B38688ACE8F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {CF1C9177-645B-4CC4-A58B-1D9A9B05244F} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [1923584 2021-03-15] () [File not signed]
C:\WINDOWS\AutoKMS
Task: {F7BFC4EC-26EE-43A7-BA71-B1B409D48BB9} - System32\Tasks\{25663AD6-2B65-43A7-B0CE-BF4D2113A348} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\FreeCommander\FreeCommander.exe" -d "C:\Program Files\FreeCommander
Task: {3DAC85D4-EBEF-4BF8-AD9F-57042E7E6F24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
C:\Windows\system32\Tasks\AutoKMS
C:\Windows\Tasks\AutoKMS.job
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\Tasks\{25663AD6-2B65-43A7-B0CE-BF4D2113A348}

EmptyTemp:
End
Uložte do C:\Stahování jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Pamalé PC

Napsal: 02 dub 2021 20:17
od Petura
Něco je špatně....fix proběhl, restart taky...ale log se nevytvořil.

Re: Pamalé PC

Napsal: 02 dub 2021 20:19
od Petura
Tak nakonec jsem ho objevil

Fix result of Farbar Recovery Scan Tool (x86) Version: 31-03-2021
Ran by Petr (02-04-2021 21:08:28) Run:2
Running from C:\Stahování
Loaded Profiles: Petr
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\...\MountPoints2: {54cae04e-ddba-11e8-a0ce-6cf049cbae7d} - F:\LGAutoRun.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1C75028D-FC69-4165-B5A5-B38688ACE8F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {CF1C9177-645B-4CC4-A58B-1D9A9B05244F} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [1923584 2021-03-15] () [File not signed]
C:\WINDOWS\AutoKMS
Task: {F7BFC4EC-26EE-43A7-BA71-B1B409D48BB9} - System32\Tasks\{25663AD6-2B65-43A7-B0CE-BF4D2113A348} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\FreeCommander\FreeCommander.exe" -d "C:\Program Files\FreeCommander
Task: {3DAC85D4-EBEF-4BF8-AD9F-57042E7E6F24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
C:\Windows\system32\Tasks\AutoKMS
C:\Windows\Tasks\AutoKMS.job
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\Tasks\{25663AD6-2B65-43A7-B0CE-BF4D2113A348}

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-54223709-3085532525-3047887407-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54cae04e-ddba-11e8-a0ce-6cf049cbae7d} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C75028D-FC69-4165-B5A5-B38688ACE8F9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C75028D-FC69-4165-B5A5-B38688ACE8F9}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CF1C9177-645B-4CC4-A58B-1D9A9B05244F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF1C9177-645B-4CC4-A58B-1D9A9B05244F}" => removed successfully.
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully.
C:\WINDOWS\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7BFC4EC-26EE-43A7-BA71-B1B409D48BB9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7BFC4EC-26EE-43A7-BA71-B1B409D48BB9}" => removed successfully.
C:\Windows\System32\Tasks\{25663AD6-2B65-43A7-B0CE-BF4D2113A348} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{25663AD6-2B65-43A7-B0CE-BF4D2113A348}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3DAC85D4-EBEF-4BF8-AD9F-57042E7E6F24}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DAC85D4-EBEF-4BF8-AD9F-57042E7E6F24}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"C:\Windows\system32\Tasks\AutoKMS" => not found
C:\Windows\Tasks\AutoKMS.job => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\Windows\system32\Tasks\{25663AD6-2B65-43A7-B0CE-BF4D2113A348}" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8079875 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 7147604 B
Edge => 0 B
Chrome => 139264 B
Firefox => 1102852929 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 128 B
NetworkService => 1016 B
Petr => 24785856 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:09:56 ====

Re: Pamalé PC

Napsal: 02 dub 2021 20:56
od Rudy
Smazáno. Nastala nějaká změna?

Re: Pamalé PC

Napsal: 02 dub 2021 21:04
od Petura
Je to lepší, PC už tolik nešrotuje HDD...díky.

Re: Pamalé PC

Napsal: 03 dub 2021 10:18
od Rudy
Nemáte zač! Můžete ještě zkusit defragmentovat disk.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz