Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Nějaký šmejd 368 security *

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
honzaodlabe
Návštěvník
Návštěvník
Příspěvky: 99
Registrován: 08 lis 2008 19:32

Nějaký šmejd 368 security *

#1 Příspěvek od honzaodlabe »

Dobrý den,prosím o kontrolu logu. Vlastní blbostí jsem si do PC něco, čeho se teď nemohu zbavit. Už dříve nainstalovaný HijackThis mi nešel spustit a FRST sice ano, ale nevím , zda bude v pořádku, protože to proti minulé kontrole probíhalo nějak jinak. Takže vkládám to co se mi podařilo vytvořit a pokud to nebude v pořádku, tak mne prosím moc neproklínejte.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2023
Ran by Honza (administrator) on BETYNA-PC (15-12-2023 22:08:03)
Running from C:\Users\Honza\Downloads\FRST64.exe
Loaded Profiles: Honza
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) [File not signed] C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\PopWndLog.exe
(C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe ->) (Macrovision Europe Ltd.) [File not signed] C:\Users\Honza\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(services.exe ->) (Creative Labs) [File not signed] C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files (x86)\Kamo\KamoSvc.exe
(VIA) [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry [17920 2009-02-26] (Creative Technology Ltd.) [File not signed]
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1875048 2011-01-26] (NVIDIA Corporation -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [4921752 2023-12-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2583040 2009-09-21] (VIA) [File not signed]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTSyncService] => C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe [1233195 2009-07-08] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [SmartViewAgent] => C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe [948504 2010-09-02] (DeviceVM Inc. -> )
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1920744 2023-08-28] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [Opera Stable] => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2635160 2023-04-27] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [Opera Browser Assistant] => C:\Users\Honza\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4140448 2023-03-08] (Opera Norway AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9Z.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\Windows\system32\CNMLM9Z.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {71DCF548-B3DE-4F83-9F7A-DFA0B70FFAF8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
Task: {7E2B467F-A916-4EA6-8313-EB633B9BD434} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1398680 2023-11-14] (Avast Software s.r.o. -> AVAST Software)
Task: {6BDA1C58-EEFC-455A-A1EB-05C01F38F5A3} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4845464 2023-12-12] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {E602A222-1A73-4CBF-AB93-8B7A26C2561D} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7319448 2023-11-20] (Avast Software s.r.o. -> Avast Software)
Task: {A717DC49-0ED9-4C47-83FD-5C356E8D3FBB} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4845464 2023-11-14] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {B9CA066B-8FD1-40D6-A175-081C24266B61} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-11-06] (Avast Software s.r.o. -> Avast Software)
Task: {CFB8F85A-544C-40C3-9CE4-34F8D730A0AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {CFB8F85A-544C-40C3-9CE4-34F8D730A0AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerCrashReporting" /ENABLE
Task: {CFB8F85A-544C-40C3-9CE4-34F8D730A0AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - Honza" /ENABLE
Task: {CFB8F85A-544C-40C3-9CE4-34F8D730A0AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore{14408F90-2C51-40E0-9BB3-E89912A6E6F4}" /ENABLE
Task: {CFB8F85A-544C-40C3-9CE4-34F8D730A0AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA{076BD99E-EA93-4A03-9D37-1D7CF115EF81}" /ENABLE
Task: {CFB8F85A-544C-40C3-9CE4-34F8D730A0AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {6BA888CC-CBCD-4526-9914-B81B3FB34C9B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {1D4C08BC-7F44-4652-A793-4D12CDB92E8C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8284807E-7464-4E1E-B6DA-D202B8843E0A} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "e43b3f3f-9a2e-4fd1-873d-d97d839efc89" --version "6.19.10858" --silent
Task: {59BBB41D-E430-47A8-A825-EFE38D7A2BD7} - System32\Tasks\CCleanerSkipUAC - Honza => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7334B09D-5516-4A3B-8344-752F3243FD4C} - System32\Tasks\GoogleUpdateTaskMachineCore{14408F90-2C51-40E0-9BB3-E89912A6E6F4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-29] (Google LLC -> Google LLC)
Task: {707D1C94-7546-43FE-A29A-169F5F775B41} - System32\Tasks\GoogleUpdateTaskMachineUA{076BD99E-EA93-4A03-9D37-1D7CF115EF81} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-29] (Google LLC -> Google LLC)
Task: {7702EB06-49E3-4562-A397-CB8CE3B5DC16} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe [911576 2022-11-15] (Piriform Software Ltd -> Piriform)
Task: {085F564C-76D6-4AFC-8342-D0BC529C481F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-11-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8026864D-5FBE-4487-9FE8-C23F7CE98911} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-11-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {DF7A64CC-FA71-44DB-8B35-94DBB4EBDE9D} - System32\Tasks\Opera scheduled assistant Autoupdate 1671574569 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2635160 2023-04-27] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Honza\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {380FD0A3-B46C-4590-B557-F148BBF43A05} - System32\Tasks\Opera scheduled Autoupdate 1639340036 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2635160 2023-04-27] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 05 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 46.16.122.2
Tcpip\..\Interfaces\{B6B54CE5-730C-4E63-B5B9-1302B3F0458F}: [DhcpNameServer] 46.16.122.2

FireFox:
========
FF DefaultProfile: evuzf2ls.default
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\evuzf2ls.default [2023-11-23]
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\7nruouip.default-esr [2023-12-15]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2023-12-15]
CHR Notifications: Default -> hxxps://app.mondly.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-30]
CHR Extension: (360 Internet Protection) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2023-12-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-29]
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh]

Opera:
=======
OPR Profile: C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable [2023-12-13]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-09]
OPR Extension: (Opera Coupons | kupóny a slevové kódy) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\eplcjggklbefnipglcfdfalbbjpmkbkl [2022-11-30]
OPR Extension: (Opera Wallet) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-07-04]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-12-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1302184 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2021-12-12] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2021-12-12] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [10210712 2023-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 KamoSvc; C:\Program Files (x86)\Kamo\KamoSvc.exe [6452440 2022-11-15] (Piriform Software Ltd -> Piriform Software Ltd)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [1102080 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [11227032 2023-11-14] (Avast Software s.r.o. -> AVAST Software)
S4 SmartViewService; C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe [125216 2010-09-02] (DeviceVM Inc. -> DeviceVM, Inc.)
R3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2021-12-12] (Creative Labs) [File not signed]
S4 WCUService; C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe [456976 2010-09-02] (DeviceVM Inc. -> DeviceVM, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [191272 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [101128 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [350984 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [49584 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [530696 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S4 360Hvm; C:\Windows\System32\Drivers\360Hvm64.sys [338696 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360安全中心)
R1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [87672 2023-03-15] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208552 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365520 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250328 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41304 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [177872 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524416 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2022-09-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107808 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83368 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850120 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [466696 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216376 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [76568 2023-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [228616 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R3 CYDTV_SRV; C:\Windows\System32\drivers\cydtv.sys [1286912 2017-06-28] (Shenzhen Geniatech Technology LTD. -> )
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [87552 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [207872 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia -> Secunia)
S1 netfilter2; system32\drivers\netfilter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-15 22:08 - 2023-12-15 22:14 - 000024820 _____ C:\Users\Honza\Downloads\FRST.txt
2023-12-15 21:43 - 2023-12-15 21:43 - 000023481 _____ C:\Users\Honza\Downloads\Mirnet_dopis(2).odt
2023-12-15 21:41 - 2023-12-15 21:41 - 000022716 _____ C:\Users\Honza\Downloads\Mirnet_dopis.odt
2023-12-15 21:41 - 2023-12-15 21:41 - 000022716 _____ C:\Users\Honza\Downloads\Mirnet_dopis(1).odt
2023-12-15 21:30 - 2023-12-15 21:30 - 002386432 _____ (Farbar) C:\Users\Honza\Downloads\FRST64(1).exe
2023-12-15 21:26 - 2023-12-15 21:26 - 002386432 _____ (Farbar) C:\Users\Honza\Downloads\FRST64.exe
2023-12-13 21:02 - 2023-12-13 21:02 - 000002003 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2023-12-13 21:02 - 2022-09-01 09:21 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-12-12 22:24 - 2023-12-12 22:24 - 000002202 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
2023-12-12 00:41 - 2023-12-13 00:52 - 000000000 ____D C:\Users\Honza\AppData\Roaming\360TotalSecurity
2023-12-12 00:41 - 2023-12-12 00:41 - 000000000 __SHD C:\Users\Honza\AppData\Roaming\360Quarant
2023-12-12 00:41 - 2023-12-12 00:41 - 000000000 ____D C:\Windows\Tasks\360Disabled
2023-12-10 01:23 - 2023-12-10 01:23 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Vault
2023-12-10 00:54 - 2023-12-13 22:55 - 000000000 __SHD C:\$360Section
2023-12-10 00:40 - 2023-12-13 22:55 - 000000000 ____D C:\ProgramData\360Quarant
2023-12-10 00:32 - 2023-12-10 00:32 - 000000000 ____D C:\Users\Honza\AppData\Roaming\DriverPack Cloud
2023-12-10 00:32 - 2023-12-10 00:32 - 000000000 ____D C:\Users\Honza\AppData\Local\cloud
2023-12-10 00:20 - 2012-06-02 15:35 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2023-12-10 00:19 - 2023-12-13 00:53 - 000000000 ____D C:\Users\Honza\AppData\Roaming\360safe
2023-12-09 23:30 - 2023-12-15 22:13 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\360WD
2023-12-09 23:30 - 2023-12-13 00:53 - 000000000 ____D C:\ProgramData\360Safe
2023-12-09 23:30 - 2023-12-10 00:37 - 000000000 ____D C:\ProgramData\360TotalSecurity
2023-12-09 23:30 - 2023-12-09 23:30 - 000000001 _____ C:\Windows\system32\Drivers\360Hvm64.dat
2023-12-09 23:30 - 2023-12-09 23:30 - 000000000 _RSHD C:\360SANDBOX
2023-12-09 23:30 - 2023-12-09 23:30 - 000000000 ____D C:\Program Files (x86)\360
2023-12-09 23:30 - 2023-03-15 09:02 - 000530696 _____ (360.cn) C:\Windows\system32\Drivers\360fsflt.sys
2023-12-09 23:30 - 2023-03-15 09:02 - 000350984 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2023-12-09 23:30 - 2023-03-15 09:02 - 000338696 _____ (360安全中心) C:\Windows\system32\Drivers\360Hvm64.sys
2023-12-09 23:30 - 2023-03-15 09:02 - 000228616 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV64.SYS
2023-12-09 23:30 - 2023-03-15 09:02 - 000191272 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
2023-12-09 23:30 - 2023-03-15 09:02 - 000101128 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2023-12-09 23:30 - 2023-03-15 09:02 - 000087672 _____ (360.cn) C:\Windows\system32\Drivers\360netmon.sys
2023-12-09 23:30 - 2023-03-15 09:02 - 000049584 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
2023-12-09 23:25 - 2023-12-10 00:12 - 000000000 ____D C:\Users\Honza\AppData\Roaming\DRPSu
2023-12-09 23:24 - 2023-12-09 23:24 - 000001672 _____ C:\Users\Honza\Downloads\PROD_Start_DriverPack.hta
2023-12-09 23:19 - 2023-12-09 23:19 - 017684816 _____ (VS Revo Group ) C:\Users\Honza\Downloads\RevoUninProSetup.exe
2023-12-09 21:19 - 2023-12-09 21:19 - 000007334 _____ C:\Users\Honza\Desktop\Dopis dr. Jenerála.odt
2023-12-09 00:28 - 2023-12-09 00:28 - 000053896 _____ C:\Users\Honza\Downloads\Vypis_z_uctu-2602399900_20230701-20230930_cislo-3.pdf
2023-12-08 12:09 - 2023-12-08 12:09 - 000040942 _____ C:\Users\Honza\Downloads\potvrzeni_o_ukonceni_sluzby-2023-12-08-.pdf
2023-12-08 11:46 - 2023-12-08 11:46 - 000053104 _____ C:\Users\Honza\Desktop\Vypis_z_uctu-2401825416_20231101-20231130_cislo-11 listopad.pdf
2023-12-08 11:26 - 2023-12-08 11:26 - 000053104 _____ C:\Users\Honza\Downloads\Vypis_z_uctu-2401825416_20231101-20231130_cislo-11.pdf
2023-12-08 00:29 - 2023-12-08 10:23 - 000019021 _____ C:\Users\Honza\Desktop\Dopis.odt
2023-12-07 14:21 - 2023-12-07 14:21 - 000117661 _____ C:\Users\Honza\Downloads\smlouva-2021-07-23- (3).pdf
2023-12-07 14:13 - 2023-12-07 14:13 - 000094871 _____ C:\Users\Honza\Downloads\smlouva-2021-03-26- (1).pdf
2023-12-07 14:13 - 2023-12-07 14:13 - 000074512 _____ C:\Users\Honza\Downloads\smlouva-2019-11-27-.pdf
2023-12-07 14:12 - 2023-12-07 14:12 - 000105647 _____ C:\Users\Honza\Downloads\smlouva-2019-10-04-.pdf
2023-12-07 13:53 - 2023-12-07 13:53 - 000108858 _____ C:\Users\Honza\Downloads\smlouva-2019-04-03-.pdf
2023-12-07 13:51 - 2023-12-07 13:51 - 000030574 _____ C:\Users\Honza\Downloads\2007-01-11-0100087556--fs.pdf
2023-12-07 13:47 - 2023-12-07 13:47 - 000117661 _____ C:\Users\Honza\Downloads\smlouva-2021-07-23- (2).pdf
2023-12-07 13:47 - 2023-12-07 13:47 - 000117661 _____ C:\Users\Honza\Downloads\smlouva-2021-07-23- (1).pdf
2023-12-07 13:47 - 2023-12-07 13:47 - 000094871 _____ C:\Users\Honza\Downloads\smlouva-2021-03-26-.pdf
2023-12-06 15:58 - 2023-12-06 15:58 - 000192174 _____ C:\Users\Honza\Downloads\faktura_s_razítkem_h_2232360.pdf
2023-12-01 00:42 - 2023-12-01 00:42 - 000000986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-12-01 00:42 - 2023-12-01 00:42 - 000000974 _____ C:\Users\Public\Desktop\Thunderbird.lnk
2023-12-01 00:42 - 2023-12-01 00:42 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Thunderbird
2023-12-01 00:42 - 2023-12-01 00:42 - 000000000 ____D C:\Users\Honza\AppData\Local\Thunderbird
2023-12-01 00:42 - 2023-12-01 00:42 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-11-30 23:35 - 2023-11-30 23:35 - 060041976 _____ (Mozilla) C:\Users\Honza\Downloads\Thunderbird Setup 115.5.1.exe
2023-11-29 23:28 - 2023-11-29 23:28 - 000423431 _____ C:\Users\Honza\Downloads\mail_prilohy_6c0900301b5805729d17.zip
2023-11-28 18:03 - 2023-11-28 18:03 - 000117661 _____ C:\Users\Honza\Downloads\smlouva-2021-07-23-.pdf
2023-11-28 16:01 - 2023-11-28 16:01 - 000062851 _____ C:\Users\Honza\Downloads\2023-10-08-3609555410-sluzby_v_mobilni_siti-fs.pdf
2023-11-28 15:43 - 2023-11-28 15:43 - 000063998 _____ C:\Users\Honza\Downloads\2023-11-08-3609555410-sluzby_v_mobilni_siti-fs-1.pdf
2023-11-28 15:34 - 2023-11-28 15:34 - 000000720 _____ C:\Users\Honza\Downloads\2023-11-08-3609555410-sluzby_v_mobilni_siti-s.csv.zip
2023-11-28 01:31 - 2023-11-28 01:31 - 000063998 _____ C:\Users\Honza\Downloads\2023-11-08-3609555410-sluzby_v_mobilni_siti-fs.pdf
2023-11-23 21:40 - 2023-11-23 21:40 - 000000000 ____D C:\Users\Honza\AppData\Local\Mozilla
2023-11-23 21:39 - 2023-12-01 08:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-23 21:39 - 2023-11-23 21:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-11-23 21:39 - 2023-11-23 21:39 - 058522080 _____ (Mozilla) C:\Users\Honza\Downloads\Firefox Setup 115.5.0esr.exe
2023-11-23 21:39 - 2023-11-23 21:39 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-11-23 21:39 - 2023-11-23 21:39 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-23 21:39 - 2023-11-23 21:39 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2023-11-18 18:14 - 2023-11-18 18:34 - 000000000 ____D C:\Users\Honza\Documents\Lékařské zprávy
2023-11-15 14:45 - 2023-11-15 21:49 - 000009761 _____ C:\Users\Honza\Desktop\Vokál platby 15.11.23.odt
2023-11-15 14:22 - 2023-11-15 14:22 - 000055477 _____ C:\Users\Honza\Desktop\Vypis_z_uctu-2401825416_20231001-20231031_cislo-10.pdf
2023-11-15 14:21 - 2023-11-15 14:21 - 000054371 _____ C:\Users\Honza\Desktop\Vypis_z_uctu-2401825416_20230901-20230930_cislo-9-1.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-15 22:10 - 2023-02-22 16:20 - 000000000 ____D C:\FRST
2023-12-15 22:02 - 2022-02-09 21:10 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-15 21:32 - 2022-10-29 21:51 - 000003684 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{076BD99E-EA93-4A03-9D37-1D7CF115EF81}
2023-12-15 21:32 - 2022-10-29 21:51 - 000003556 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{14408F90-2C51-40E0-9BB3-E89912A6E6F4}
2023-12-15 21:32 - 2022-09-29 12:20 - 000003262 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-12-15 21:32 - 2022-09-29 12:20 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-12-15 21:32 - 2022-09-01 09:21 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-12-15 21:32 - 2021-12-12 21:25 - 000003872 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-12-15 21:32 - 2021-12-12 21:25 - 000002812 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Honza
2023-12-15 21:19 - 2021-12-12 21:26 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-15 21:16 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-12-15 21:16 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-12-15 21:15 - 2009-07-14 16:18 - 000622422 _____ C:\Windows\system32\perfh005.dat
2023-12-15 21:15 - 2009-07-14 16:18 - 000118604 _____ C:\Windows\system32\perfc005.dat
2023-12-15 21:15 - 2009-07-14 06:13 - 001445734 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-15 21:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2023-12-15 21:09 - 2022-11-15 15:07 - 000003938 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2023-12-15 21:09 - 2021-12-12 21:25 - 000000000 ____D C:\Program Files\CCleaner
2023-12-15 21:09 - 2021-12-12 21:02 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-15 21:09 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-13 22:53 - 2022-03-14 00:54 - 000000000 ____D C:\Users\Honza\AppData\Roaming\vlc
2023-12-13 22:37 - 2021-12-13 19:39 - 000000000 ____D C:\Windows\Minidump
2023-12-13 21:02 - 2022-09-01 09:21 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-12-13 21:02 - 2022-09-01 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2023-12-13 01:49 - 2021-12-12 21:06 - 000000000 ____D C:\ProgramData\Avast Software
2023-12-13 00:57 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2023-12-12 22:24 - 2022-11-15 15:07 - 000050048 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2023-12-12 22:24 - 2022-09-01 09:22 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Avast Software
2023-12-12 22:24 - 2022-09-01 09:21 - 000000000 ____D C:\Program Files\Avast Software
2023-12-09 23:29 - 2022-02-16 15:02 - 000000000 ____D C:\Users\Honza\.cache
2023-12-09 23:22 - 2021-12-12 21:18 - 000000000 ____D C:\Program Files (x86)\Elgato
2023-12-06 00:20 - 2023-03-29 22:54 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Stellarium
2023-12-01 20:55 - 2022-03-03 17:51 - 000000000 ____D C:\Users\Honza\Desktop\grizly
2023-12-01 10:41 - 2022-01-21 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-12-01 10:41 - 2022-01-21 18:16 - 000000000 ____D C:\Program Files (x86)\7-Zip
2023-11-25 19:05 - 2022-02-17 14:31 - 000000000 ____D C:\Users\Honza\Desktop\Manuály
2023-11-25 19:04 - 2022-02-17 14:56 - 000000000 ___RD C:\Users\Honza\Documents\Notes
2023-11-23 21:43 - 2022-01-21 20:17 - 000000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2023-11-23 21:40 - 2021-12-12 21:11 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Mozilla
2023-11-22 21:03 - 2022-01-15 20:29 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-11-18 18:21 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp

==================== Files in the root of some directories ========

2023-05-04 13:28 - 2023-05-04 13:28 - 000000916 _____ () C:\Users\Honza\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2023
Ran by Honza (15-12-2023 22:17:09)
Running from C:\Users\Honza\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2021-12-12 18:50:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2396163683-3237053938-2717139369-500 - Administrator - Disabled)
Guest (S-1-5-21-2396163683-3237053938-2717139369-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2396163683-3237053938-2717139369-1002 - Limited - Enabled)
Honza (S-1-5-21-2396163683-3237053938-2717139369-1001 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: 360 Total Security (Enabled - Up to date) {FFDC234A-CE9B-08F9-406B-F876951CE066}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
AS: 360 Total Security (Enabled - Up to date) {44BDC2AE-E8A1-0777-7ADB-C304EE9BAADB}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 21.07 (HKLM-x32\...\7-Zip) (Version: 21.07 - Igor Pavlov)
7-Zip 23.01 (HKLM-x32\...\{23170F69-40C1-2701-2301-000001000000}) (Version: 23.01.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\{00203668-8170-44A0-BE44-B632FA4D780F}) (Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Altap Salamander 4.0 (x64) (HKLM\...\Altap Salamander 4.0 (x64)) (Version: 4.0 - ALTAP)
ASRock IES v2.0.85 (HKLM-x32\...\ASRock IES_is1) (Version: - )
ASRock InstantBoot v1.23 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
ASRock OC Tuner v2.3.84 (HKLM-x32\...\ASRock OC Tuner_is1) (Version: - )
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 23.3.4586.15794 - Avast Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
Firehand Ember (HKLM-x32\...\Firehand Ember) (Version: - )
GIMP 2.10.34 (HKLM\...\GIMP-2_is1) (Version: 2.10.34 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Kamo (HKLM-x32\...\Kamo) (Version: 4.5.733.1276 - Piriform)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mozilla Firefox ESR (x64 cs) (HKLM\...\Mozilla Firefox 115.5.0 ESR (x64 cs)) (Version: 115.5.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 115.5.1 (x64 cs)) (Version: 115.5.1 - Mozilla)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA nView 135.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.64 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.13564 - NVIDIA Corporation) Hidden
NVIDIA Ovladač 3D Vision 267.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.17 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 267.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.17 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6717 - NVIDIA Corporation) Hidden
OpenOffice 4.1.14 (HKLM-x32\...\{008F8E2D-711C-4922-8FCF-0C33BC081F7D}) (Version: 4.114.9811 - Apache Software Foundation)
OpenOffice 4.1.14 Language Pack (Czech) (HKLM-x32\...\{6FA513CE-F048-4814-AA02-31E8E14B3322}) (Version: 4.114.9811 - Apache Software Foundation)
Opera Stable 95.0.4635.84 (HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Opera 95.0.4635.84) (Version: 95.0.4635.84 - Opera Software)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
SmartView for IE (HKLM-x32\...\{C448EA30-BB7F-4D42-83BC-385EBA140AF2}) (Version: 1.0.4.1 - DeviceVM, Inc.) <==== ATTENTION
SmartView Software Updater (HKLM-x32\...\{5B0CE14A-B9B6-4E25-A1BE-3EEC1998AC2C}) (Version: 1.0.4.1 - DeviceVM, Inc.) <==== ATTENTION
Sound Blaster X-Fi MB (HKLM-x32\...\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}) (Version: 1.0 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Stellarium 23.1 (HKLM-x32\...\Stellarium_is1) (Version: 23.1.0 - Stellarium team)
TotalTV Player (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.32.4 - )
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Předem děkuji za každou radu.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15737
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Nějaký šmejd 368 security *

#2 Příspěvek od JaRon »

Ahoj,
restartuj PC do nudzoveho rezime a tam ten SW 360 odinstaluj
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět