VIRY.CZ

Zdravím,
Avast hlásí hrozbu, najednou stále něco blokuje, i když nic nespustím.
Prosím o kontrolu logů. díky
logy v raru v příloze

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-03-2022
# Duration: 00:00:00
# OS: Windows 10 (Build 19043.2130)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1431 octets] - [03/11/2022 21:01:25]
AdwCleaner[C00].txt - [1601 octets] - [03/11/2022 21:02:10]
AdwCleaner[S01].txt - [1542 octets] - [03/11/2022 21:02:46]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\...\Run: [AdobeBridge] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9FFBC23C-E8DB-4C29-9F50-13376DC6A72C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-17] (Google LLC -> Google LLC)
Task: {C5C66EF5-F0EC-4DFE-9B92-F20BACD61FD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-17] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{911C219E-1E9E-4B29-A156-22C6026CB96A}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{CBEBF0A6-847E-493E-B9FC-49A01B571761}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{BCEDE981-E0E0-4512-87D7-B0353D21E55F}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe => No File
FirewallRules: [TCP Query User{96B58268-34AB-4F70-9D2F-6EDB3C948C50}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe => No File
FirewallRules: [{E99EC2BA-469F-4179-BC5A-A0B56DFA172C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{D2B15D9D-0DCA-49A7-87FD-EC437E73D21E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{C78D94E6-C041-46A8-B94F-11747ECE2113}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe ->) (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7>
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(E:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\igfxTray.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212192 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-04-30] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2021-10-27] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2147264 2021-08-15] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\...\Run: [EpicGamesLauncher] => E:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32696784 2022-11-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\...\Run: [Discord] => C:\Users\Iva\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7222736 2022-10-16] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\WINDOWS\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\106.0.19037.121\Installer\chrmstp.exe [2022-11-01] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-01] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0495CAA6-6033-4458-A1A3-7CAC52FFF99F} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1413384 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {17337028-18F3-4843-9B25-1AA920E28BE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {25956978-B283-4E8A-9061-26C7B471A825} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2824144F-4954-4A56-A0D8-5FD091A615CA} - System32\Tasks\SmartShare => C:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe [513216 2017-12-12] (LG Electronics Inc. -> LG Electronics Inc.)
Task: {36EEA241-091C-407D-9EEA-AFA13AFF15AF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {4E78B11A-F0EA-4C24-81EA-C446D8903FE4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {4FE7C12F-36B5-429C-A5AA-8AA8723AE205} - System32\Tasks\CCleanerSkipUAC - Iva => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5788F7D2-9552-4CBF-A37C-DB25C3969CD0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "47421b35-a859-48b2-92f0-48d15240c347" --version "6.04.10044" --silent
Task: {63F805CC-5F91-4639-A1D8-1222E9C8A67D} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3032080 2022-10-27] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {7ABB11CF-6352-47DF-B335-251599A9B80E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {8A3FBF76-D4D9-4ED2-A7FE-8EDC9794469A} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-03-30] (Piriform Software Ltd -> Piriform Software)
Task: {8C77E7ED-D4D9-4560-A9A9-71B6A12BFF60} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9FFBC23C-E8DB-4C29-9F50-13376DC6A72C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-17] (Google LLC -> Google LLC)
Task: {B166E32B-75BC-464F-AC3E-DB8BCBF3F77B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {C5C66EF5-F0EC-4DFE-9B92-F20BACD61FD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-17] (Google LLC -> Google LLC)
Task: {E1C5BBCD-1E6A-4380-93F2-4D33C1674EE3} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-03-30] (Piriform Software Ltd -> Piriform Software)
Task: {EE8C5088-1320-475D-A356-BF219CACB35D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EFE43D33-4841-4DFE-83FE-4D8F80354391} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3032080 2022-10-27] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {FA0CD886-1182-492A-A2FA-A860C5A6371E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4946144 2022-10-04] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.112.1.1 10.112.2.1
Tcpip\..\Interfaces\{0d08f138-5a95-4078-9ac4-3c7fcf360315}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{5b6d5095-3f69-49ae-953e-d4a8ce6a8913}: [DhcpNameServer] 10.112.1.1 10.112.2.1
Tcpip\..\Interfaces\{ca1ee261-26fc-4c4a-af96-485b850db4eb}: [DhcpNameServer] 192.168.0.1 193.17.47.1 10.15.13.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Iva\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-01]
Edge HomePage: Default -> hxxp://www.seznam.cz/

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-10-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-03-30] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-03-30] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-10-27] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default [2022-11-03]
CHR Notifications: Default -> hxxps://best.aliexpress.com; hxxps://business.facebook.com; hxxps://ccc.eu; hxxps://explosionfiles.com; hxxps://reverscaptcha.com; hxxps://web.whatsapp.com; hxxps://www.aliexpress.com; hxxps://www.eobuv.cz; hxxps://www.heureka.cz; hxxps://www.netflix.com; hxxps://www.wish.com
CHR HomePage: Default -> hxxps://seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-11]
CHR Extension: (DeFi Saver Gas Prices Extension) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgfdkloegmghldbalmenklokhlifphe [2022-06-01]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2020-01-17]
CHR Extension: (Alitools - nákupní asistent) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenflijjbchafephdplkdmeenekabdfb [2022-10-31]
CHR Extension: (Avast Passwords) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Yoroi) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffnbelfdoeiohenkjibnmadjiehjhajb [2022-10-04]
CHR Extension: (Binance Wallet) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2022-09-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-31]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-10-22]
CHR Extension: (Google Kalendář) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2021-01-10]
CHR Extension: (FormApps Extension) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-12]
CHR Extension: (WPSNIFFER - WordPress Themes Sniffer) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\kihhefcbenhkjgjhchanjfhhflaojldn [2020-01-17]
CHR Extension: (Alt Text Tester) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\koldhcllpbdfcdpfpbldbicbgddglodk [2020-01-17]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-25]
CHR Extension: (polkadot{.js} extension) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-10]
CHR Extension: (EXIF Viewer Classic) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck [2020-01-17]
CHR Extension: (MetaMask) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2021-10-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8513552 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592608 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592096 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-26] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-03-30] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\106.0.19037.121\elevation_service.exe [2047024 2022-10-27] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-03-30] (Piriform Software Ltd -> Piriform Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-04-30] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42296 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [558536 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-10-04] (Avast Software s.r.o. -> AVAST Software)
R3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [30432 2017-04-29] (Lenovo -> Lenovo)
R2 mi2c; C:\WINDOWS\system32\drivers\mi2c.sys [20784 2021-02-25] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-03 19:23 - 2022-11-03 19:24 - 000025902 _____ C:\Users\Iva\Desktop\FRST.txt
2022-11-03 19:23 - 2022-11-03 19:24 - 000000000 ____D C:\FRST
2022-11-03 19:23 - 2022-11-03 19:23 - 002374144 _____ (Farbar) C:\Users\Iva\Desktop\FRST64.exe
2022-10-14 07:07 - 2022-10-23 10:57 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-14 07:07 - 2022-10-23 10:57 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-10-14 06:52 - 2022-10-14 06:52 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-10-12 07:50 - 2022-10-12 07:50 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 07:50 - 2022-10-12 07:50 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-12 07:50 - 2022-10-12 07:50 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-12 07:49 - 2022-10-12 07:49 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 07:49 - 2022-10-12 07:49 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-12 07:49 - 2022-10-12 07:49 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 07:49 - 2022-10-12 07:49 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 07:44 - 2022-10-12 07:44 - 000000000 ___HD C:\$WinREAgent
2022-10-05 08:21 - 2022-11-03 08:50 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-10-05 08:21 - 2022-11-03 08:50 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-10-04 08:42 - 2022-10-04 08:42 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-10-04 08:42 - 2022-10-04 08:42 - 000221976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-03 19:23 - 2020-12-03 13:27 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-03 19:23 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-03 19:23 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-03 19:23 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-03 19:21 - 2020-12-03 13:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-03 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-03 18:53 - 2020-01-17 17:28 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-03 17:32 - 2020-01-17 14:30 - 000000000 __SHD C:\Users\Iva\IntelGraphicsProfiles
2022-11-03 17:32 - 2020-01-17 14:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-11-03 10:11 - 2021-12-13 09:20 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3215927581-2232842446-2066388149-1001
2022-11-03 10:11 - 2020-12-03 13:23 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3215927581-2232842446-2066388149-1001
2022-11-03 10:11 - 2020-12-03 13:19 - 000002375 _____ C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-03 08:59 - 2020-01-17 20:13 - 000000000 ___RD C:\Users\Iva\Creative Cloud Files
2022-11-03 08:50 - 2020-04-09 10:05 - 000000000 ____D C:\Program Files\CCleaner
2022-11-02 14:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-01 09:58 - 2020-01-17 17:30 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-01 09:58 - 2020-01-17 17:30 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-01 09:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-01 08:30 - 2021-05-26 08:03 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-01 08:30 - 2021-03-15 08:48 - 000000000 ____D C:\Users\postgres
2022-11-01 08:30 - 2020-12-03 13:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-01 08:30 - 2020-12-03 13:18 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-01 08:30 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-01 08:29 - 2021-03-30 11:05 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-11-01 08:29 - 2021-03-30 11:05 - 000002352 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2022-11-01 08:29 - 2021-03-30 11:05 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-10-31 18:15 - 2021-12-07 10:27 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Iva
2022-10-31 18:15 - 2021-12-06 13:46 - 000002562 _____ C:\WINDOWS\system32\Tasks\SmartShare
2022-10-31 18:15 - 2021-05-26 08:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-31 18:15 - 2021-03-30 11:05 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-10-31 18:15 - 2021-03-30 11:05 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2022-10-31 18:15 - 2021-03-30 11:05 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2022-10-31 18:15 - 2021-03-30 11:05 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2022-10-31 18:15 - 2020-12-03 13:23 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-31 18:15 - 2020-12-03 13:23 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-31 18:15 - 2020-12-03 13:23 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-31 18:15 - 2020-12-03 13:23 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-31 18:15 - 2020-12-03 13:23 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-31 18:15 - 2020-12-03 13:23 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-10-31 18:15 - 2020-12-03 13:23 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-10-31 18:15 - 2020-12-03 13:23 - 000002336 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2022-10-31 18:15 - 2020-12-03 13:23 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-10-31 07:50 - 2020-06-08 18:46 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-31 07:50 - 2020-06-08 18:46 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-25 07:52 - 2020-01-19 14:25 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-10-22 17:51 - 2020-01-23 18:17 - 000000127 _____ C:\Users\Iva\Desktop\cloud.url
2022-10-22 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-10-22 17:21 - 2020-01-19 19:58 - 000000000 ____D C:\Users\Iva\AppData\Roaming\vlc
2022-10-19 17:43 - 2022-05-28 17:53 - 000000127 _____ C:\Users\Iva\Desktop\NAS.url
2022-10-18 14:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-17 17:10 - 2020-12-03 13:19 - 000000000 ____D C:\Users\Iva
2022-10-17 14:32 - 2021-03-17 12:38 - 000000000 ____D C:\Users\Iva\AppData\Local\CrashDumps
2022-10-13 10:42 - 2020-12-03 13:18 - 000294040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-13 10:41 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-13 10:41 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 07:52 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 07:52 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-12 07:49 - 2020-12-03 13:18 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-12 07:43 - 2020-01-17 17:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 07:41 - 2020-01-17 17:56 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-04 08:42 - 2021-05-26 08:04 - 000862960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000671712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000558536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000327904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000276496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000258496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000238128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000114488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000105920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000090000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000048488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000042296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-10-04 08:42 - 2021-05-26 08:04 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-04 08:42 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories ========

2020-01-17 18:02 - 2020-01-17 18:02 - 000000410 _____ () C:\Users\Iva\AppData\Local\oobelibMkey.log
2020-07-03 19:06 - 2020-07-03 19:06 - 000007605 _____ () C:\Users\Iva\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Potřebuji vidět obsah souboru fixlog.txt. Měl by být na ploše. Děkuji.

Zdravím, nějak jsem to popletl
Fix result of Farbar Recovery Scan Tool (x64) Version: 31-10-2022 02
Ran by Iva (04-11-2022 11:01:40) Run:1
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva & lkos & info & postgres
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\...\Run: [AdobeBridge] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9FFBC23C-E8DB-4C29-9F50-13376DC6A72C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-17] (Google LLC -> Google LLC)
Task: {C5C66EF5-F0EC-4DFE-9B92-F20BACD61FD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-17] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{911C219E-1E9E-4B29-A156-22C6026CB96A}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{CBEBF0A6-847E-493E-B9FC-49A01B571761}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{BCEDE981-E0E0-4512-87D7-B0353D21E55F}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe => No File
FirewallRules: [TCP Query User{96B58268-34AB-4F70-9D2F-6EDB3C948C50}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe => No File
FirewallRules: [{E99EC2BA-469F-4179-BC5A-A0B56DFA172C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{D2B15D9D-0DCA-49A7-87FD-EC437E73D21E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{C78D94E6-C041-46A8-B94F-11747ECE2113}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-3215927581-2232842446-2066388149-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9FFBC23C-E8DB-4C29-9F50-13376DC6A72C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FFBC23C-E8DB-4C29-9F50-13376DC6A72C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5C66EF5-F0EC-4DFE-9B92-F20BACD61FD8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5C66EF5-F0EC-4DFE-9B92-F20BACD61FD8}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{911C219E-1E9E-4B29-A156-22C6026CB96A}C:\games\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CBEBF0A6-847E-493E-B9FC-49A01B571761}C:\games\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BCEDE981-E0E0-4512-87D7-B0353D21E55F}C:\games\world_of_tanks_eu\win32\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{96B58268-34AB-4F70-9D2F-6EDB3C948C50}C:\games\world_of_tanks_eu\win32\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E99EC2BA-469F-4179-BC5A-A0B56DFA172C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D2B15D9D-0DCA-49A7-87FD-EC437E73D21E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C78D94E6-C041-46A8-B94F-11747ECE2113}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1526284091 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 377567978 B
Windows/system/drivers => 12166393 B
Edge => 76288 B
Chrome => 788205575 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 181598 B
NetworkService => 463006 B

OK, bylo smazáno. Nastala nějaká změna?

Děkuji, vypadá to ok.
Co to bylo?
ještě jednou díky.

Pravděpodobně některý registry klíč, nebo něco v dočasných souborech. Bez podrobné analýzy smazaných položek nemohu přesně určit. Nemáte zač!