VIRY.CZ

Dobrý den, prosím o preventivní kontrolu logu, pčítač se poslední dobou nějak zpomaluje, hlavně při práci s emailem (centrum.cz). Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2023-02-22 17:24:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 164 GB (67%) free of 244 GB
Total RAM: 16383 MB (72% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Avast Software\Avast\AvastSvc.exe" /runassvc
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Avast Software\Avast\aswToolsSvc.exe" /runassvc
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\AmbRunE.dll,RunDLLEntry
"C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe" /StartRunKey
"C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\Avast Software\Avast\aswEngSrv.exe" /pipename="6ACAC989-F765-2548-A49A-DE60A554951D" /binpath="C:\Program Files\Avast Software\Avast"
"C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe"
"C:\Users\Honza\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001" 2580 "C:\Users\Honza\AppData\Local\Temp\""Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0038"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe"
"C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe"
"C:\Program Files\Avast Software\Avast\aswidsagent.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Kamo\KamoSvc.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.0.262824852\1741321840" -parentBuildID 20230214051806 -prefsHandle 1604 -prefMapHandle 1596 -prefsLen 28814 -prefMapSize 241422 -appDir "C:\Program Files\Mozilla Firefox\browser" - {359aea2f-1f6e-443f-93b3-d47efe6ade5d} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 1668 f89c58 socket
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.1.1760627328\1695318538" -childID 1 -isForBrowser -prefsHandle 2180 -prefMapHandle 2176 -prefsLen 28890 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {07a5285c-c8f4-4779-81ae-a2bf08972292} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 2192 2633bc58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.2.49973844\744431704" -childID 2 -isForBrowser -prefsHandle 3524 -prefMapHandle 3520 -prefsLen 34311 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {26f662a4-285c-4f31-926b-ddc402d8db26} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 3536 2bd47558 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.38.1596454779\103966718" -parentBuildID 20230214051806 -prefsHandle 8416 -prefMapHandle 8580 -prefsLen 34534 -prefMapSize 241422 -appDir "C:\Program Files\Mozilla Firefox\browser" - {366970a5-fb7d-47a0-ad1a-8b355d686266} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 4420 2b470b58 rdd
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.39.1655721946\240649756" -parentBuildID 20230214051806 -sandboxingKind 1 -prefsHandle 4736 -prefMapHandle 4860 -prefsLen 34534 -prefMapSize 241422 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3d42bb3a-f1f0-455d-9b76-6a04952a8d09} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 4708 2b5d0458 utility
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.43.468692169\2036748706" -parentBuildID 20230214051806 -sandboxingKind 0 -prefsHandle 7480 -prefMapHandle 9260 -prefsLen 34534 -prefMapSize 241422 -appDir "C:\Program Files\Mozilla Firefox\browser" - {093c58a3-9275-48f2-8968-eaf6fd445ef2} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 2132 2b654058 utility
"C:\Program Files\Avast Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=7312,4460811839216772256,18157874630315647427,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\Honza\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (21.2.2455)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=MAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Users\Honza\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=7300 /prefetch:2
"C:\Program Files\Avast Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=7312,4460811839216772256,18157874630315647427,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=network --no-sandbox --force-wave-audio --log-file="C:\Users\Honza\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (21.2.2455)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Honza\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=7080 /prefetch:8
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.121.1053222627\305381250" -childID 118 -isForBrowser -prefsHandle 6304 -prefMapHandle 4012 -prefsLen 34776 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {48606ec9-0513-4ab0-9758-1e798b150eaf} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 4584 2b6c7458 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.320.158058515\692026879" -childID 317 -isForBrowser -prefsHandle 6672 -prefMapHandle 8492 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a98259d4-2515-468e-98ed-02a43462ee97} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 6172 15eb6258 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.322.2065973031\1384628069" -childID 319 -isForBrowser -prefsHandle 5324 -prefMapHandle 7536 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0e84b4cd-d717-4c74-bd93-0c1d6b064d7f} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 7148 2cc99558 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.323.916138792\1420020379" -childID 320 -isForBrowser -prefsHandle 4556 -prefMapHandle 4552 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc888f50-8a3a-4d86-857f-5ee293c5da0c} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 5320 2bcaa358 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.324.670367700\193728060" -childID 321 -isForBrowser -prefsHandle 7348 -prefMapHandle 8200 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2ad784f5-5ecc-406a-9b7d-b0f59357ec02} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 7412 2bca8558 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.326.1378786600\2130592313" -childID 323 -isForBrowser -prefsHandle 6676 -prefMapHandle 6608 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d99f9d36-d8e9-4144-9be9-bbce6dc273ef} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 5884 31b83958 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.327.1497513365\374901267" -childID 324 -isForBrowser -prefsHandle 9452 -prefMapHandle 6284 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae0fae5a-9127-4a38-a5b5-65e4d448d021} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 4888 1d042958 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.328.625743002\1241162269" -childID 325 -isForBrowser -prefsHandle 8472 -prefMapHandle 7340 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {80a3ed74-26c9-4690-9c92-4f48fbefcde1} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 4544 27274958 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.329.1485992829\23829332" -childID 326 -isForBrowser -prefsHandle 7740 -prefMapHandle 6116 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {db2165d1-7be1-48a0-833f-8373810b4082} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 7512 20b60758 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.330.346356347\22099738" -childID 327 -isForBrowser -prefsHandle 8768 -prefMapHandle 9692 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3b32909c-9702-484e-a2dd-a5e520d35cd5} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 4040 132f9d58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.331.76057294\428954334" -childID 328 -isForBrowser -prefsHandle 7276 -prefMapHandle 8828 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {90f59b74-00a0-4785-8cfb-294daec6639b} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 7264 20b60458 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.332.496296537\82604010" -childID 329 -isForBrowser -prefsHandle 4580 -prefMapHandle 3288 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e617075-0394-45f7-a976-adbaf93f8c6b} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 4696 30288458 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.333.1786746838\1754216238" -childID 330 -isForBrowser -prefsHandle 7888 -prefMapHandle 5148 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8bb80066-0acc-45e8-b4c5-85bc6efb8101} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 7364 2fddb658 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.335.1634209342\1587439155" -childID 332 -isForBrowser -prefsHandle 7888 -prefMapHandle 9176 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f4a5958c-29e0-41ff-b19e-9314247ada6e} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 6176 132f8b58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.336.2072777594\1988257649" -childID 333 -isForBrowser -prefsHandle 8432 -prefMapHandle 6976 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {81b37772-e6e2-4b9b-b8ae-de786120c999} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 6788 35b92b58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.337.434189816\1160113560" -childID 334 -isForBrowser -prefsHandle 9732 -prefMapHandle 6792 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a72f120-be39-4d6b-93ff-7e332d698936} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 7796 137da158 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.338.868756341\839615559" -childID 335 -isForBrowser -prefsHandle 4688 -prefMapHandle 7748 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b01e24ff-02e8-45ca-9570-6b08b7e6c85d} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 9452 15eb8358 tab
"C:\Program Files\Avast Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=7312,4460811839216772256,18157874630315647427,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=audio --no-sandbox --force-wave-audio --log-file="C:\Users\Honza\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (21.2.2455)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Honza\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=7892 /prefetch:8
"taskhost.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.375.906333770\1662788911" -childID 372 -isForBrowser -prefsHandle 3316 -prefMapHandle 8028 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dad66d92-9f0b-4516-b8b7-3b0930c07372} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 9680 f7a558 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.378.287566710\1596746677" -childID 375 -isForBrowser -prefsHandle 9848 -prefMapHandle 7732 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c9a70c6b-6390-4b9d-b3f1-f74790ca49d4} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 10052 f3f458 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.379.1618481512\806375300" -childID 376 -isForBrowser -prefsHandle 7040 -prefMapHandle 11376 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c2276f0d-d0cf-4e86-8f36-eca83b1c71b2} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 10884 1b93d558 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.381.1969262929\415551997" -childID 378 -isForBrowser -prefsHandle 5444 -prefMapHandle 5920 -prefsLen 34827 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fa102de7-ffa9-4662-91c2-677d830e7037} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 3452 2075de58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.382.854258769\90360097" -childID 379 -isForBrowser -prefsHandle 9688 -prefMapHandle 10304 -prefsLen 35062 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {df209a89-a6bf-480f-b94a-9948ade0d63d} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 8488 1b767e58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.383.708556876\985671085" -childID 380 -isForBrowser -prefsHandle 11096 -prefMapHandle 10956 -prefsLen 35062 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a6d3a70-339d-4bc9-9e58-da22aaa7625c} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 5356 303e2358 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.384.5656280\731976974" -childID 381 -isForBrowser -prefsHandle 10248 -prefMapHandle 5660 -prefsLen 35062 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {98c73627-6e36-4a27-a627-3073d0172928} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 6332 303e3858 tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe16_ Global\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5988.385.1247351487\1957188615" -childID 382 -isForBrowser -prefsHandle 6284 -prefMapHandle 8224 -prefsLen 35062 -prefMapSize 241422 -jsInitHandle 992 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -appDir "C:\Program Files\Mozilla Firefox\browser" - {40e5bea4-c3ca-4ff1-aa13-48951dc78e9f} 5988 "\\.\pipe\gecko-crash-server-pipe.5988" 7556 21bf4858 tab
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\AUDIODG.EXE 0x684
"C:\Users\Honza\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e43b3f3f-9a2e-4fd1-873d-d97d839efc89" --version "6.08.10255" --silent

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release

prefs.js - "browser.startup.homepage" - "centrum.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.16]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]
SmartView VisualBookmark - C:\Program Files (x86)\DeviceVM\SmartView\SmartView.dll [2010-09-02 325904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{AD6E6555-FB2C-47D4-8339-3E2965509877} - TerraTec Home Cinema - C:\PROGRA~2\GENIAT~1\TOTALT~1\THCDES~1.DLL [2016-12-12 526336]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RunDLLEntry"=C:\Windows\system32\AmbRunE.dll [2009-02-26 17920]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-01-26 1875048]
"AvastUI.exe"=C:\Program Files\Avast Software\Avast\AvLaunch.exe [2022-09-01 117472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASRockOCTuner"= []
"ASRockIES"= []
"zASRockInstantBoot"= []
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2023-01-11 38935376]
"Opera Browser Assistant"=C:\Users\Honza\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2022-12-20 3916232]
"Opera Stable"=C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2023-02-15 2635208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-21 2583040]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"CTSyncService"=C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe [2009-07-08 1233195]
"VolPanel"=C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [2009-05-04 241789]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"SmartViewAgent"=C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe [2010-09-02 948504]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-04-14 113288]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aswSP.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2023-02-22 17:24:22 ----D---- C:\rsit
2023-02-22 17:24:22 ----D---- C:\Program Files\trend micro
2023-02-22 16:20:25 ----D---- C:\FRST
2023-02-14 22:41:29 ----D---- C:\Program Files\Mozilla Firefox
2023-02-11 16:03:29 ----HD---- C:\$AV_ASW

======List of files/folders modified in the last 1 month======

2023-02-22 17:24:22 ----RD---- C:\Program Files
2023-02-22 17:24:22 ----D---- C:\Windows\Temp
2023-02-22 17:02:25 ----SHD---- C:\System Volume Information
2023-02-22 16:56:53 ----D---- C:\Program Files (x86)\Google
2023-02-22 15:01:59 ----D---- C:\Windows\system32\config
2023-02-22 13:37:54 ----D---- C:\Program Files\CCleaner
2023-02-22 13:34:39 ----D---- C:\Windows\System32
2023-02-22 13:34:39 ----D---- C:\Windows\inf
2023-02-22 13:34:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2023-02-22 13:29:00 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-22 13:27:42 ----D---- C:\ProgramData\Avast Software
2023-02-22 13:27:41 ----D---- C:\Windows\system32\Tasks
2023-02-22 13:27:40 ----D---- C:\ProgramData\NVIDIA
2023-02-16 21:48:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-14 00:40:51 ----D---- C:\Windows\system32\catroot2
2023-01-25 21:56:01 ----D---- C:\Windows
2023-01-25 21:54:00 ----D---- C:\Windows\Minidump
2023-01-25 21:46:23 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2022-09-01 35680]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2022-09-01 250328]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2022-09-01 99288]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2022-09-01 83368]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2022-09-01 326976]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2022-09-01 208552]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2022-09-01 365520]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2022-09-01 41304]
R1 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2022-09-01 177872]
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys [2022-09-01 524416]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2022-09-01 107808]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2022-09-01 850120]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2022-09-01 466696]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2022-09-01 216376]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2022-09-01 38152]
R3 CYDTV_SRV;cydtv Driver; C:\Windows\system32\drivers\cydtv.sys [2017-06-28 1286912]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-04-13 87552]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-04-13 207872]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-02-19 155752]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-07-01 339744]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-28 28704]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-09-17 1250816]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2021-12-14 509904]
S1 netfilter2;netfilter2; C:\Windows\system32\drivers\netfilter2.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2014-11-28 18456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;Ovladač WinUSB; C:\Windows\system32\drivers\WinUSB.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [2022-09-01 623216]
R2 avast! Tools;Avast Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [2022-09-01 353504]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 EyeTV Netstream;EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [2013-04-15 400864]
R2 KamoSvc;Kamo Service; C:\Program Files (x86)\Kamo\KamoSvc.exe [2022-11-15 6452440]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-02-17 1005160]
R2 SecureLine;Avast SecureLine VPN; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [2023-02-14 9639320]
R2 SmartViewService;SmartView service; C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe [2010-09-02 125216]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-17 378472]
R2 WCUService;SmartView Software Updater Service; C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe [2010-09-02 456976]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [2022-09-01 7888408]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2021-12-12 79360]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2022-10-29 171480]
S3 CCleanerPerformanceOptimizerService;CCleaner Performance Optimizer Service; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [2023-01-11 1003344]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2021-12-12 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2021-12-12 79360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe [2023-01-24 1725720]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2022-10-29 171480]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2023-02-14 247200]

-----------------EOF-----------------

ahoj,
vycisti PC s Adwcleanerom - log sem
+
vloz oba logy FRST

Zdravím,
tady je log Adwcleaneru:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-23-2023
# Duration: 00:00:08
# OS: Windows 7 Service Pack 1
# Scanned: 32104
# Detected: 30


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy C:\Program Files (x86)\DeviceVM
PUP.Optional.Legacy C:\ProgramData\DeviceVM
PUP.Optional.Legacy C:\Users\Honza\AppData\Roaming\DeviceVM

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKCU\Software\DeviceVM Inc.
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\DeviceVM Inc.
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


Spustil jsem FRSIT , skenování trvalo dlouho, zasekávalo se a po třičtvrtě hodiny se zastavilo u moduluC/Program files/Avast Software........dll , tak jsem to vzdal

Když jsem chtěl FRSIT vypnout, tak se zase rozeběhl a tak jsem ho nechal zapnutý a po dlouhé době (přes jeden a pů hodiny) se končně vytvořily oba logy. Tady jsou:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-02-2023
Ran by Honza (administrator) on BETYNA-PC (23-02-2023 19:20:38)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe ->) (Macrovision Europe Ltd.) [File not signed] C:\Users\Honza\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
(DeviceVM Inc. -> ) C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <29>
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Creative Labs) [File not signed] C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (DeviceVM Inc. -> DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe
(services.exe ->) (DeviceVM Inc. -> DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe
(services.exe ->) (Elgato Systems -> Elgato Systems GmbH) C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files (x86)\Kamo\KamoSvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(VIA) [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.) [File not signed]
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1875048 2011-01-26] (NVIDIA Corporation -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2583040 2009-09-21] (VIA) [File not signed]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTSyncService] => C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe [1233195 2009-07-08] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [SmartViewAgent] => C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe [948504 2010-09-02] (DeviceVM Inc. -> )
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [ASRockOCTuner] => [X]
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [ASRockIES] => [X]
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [Opera Browser Assistant] => C:\Users\Honza\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [Opera Stable] => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9Z.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\Windows\system32\CNMLM9Z.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerCrashReporting" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - Honza" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore{14408F90-2C51-40E0-9BB3-E89912A6E6F4}" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA{076BD99E-EA93-4A03-9D37-1D7CF115EF81}" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1671574569" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1639340036" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {263F73CB-2D1A-49C2-854D-5DFD91F82089} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
Task: {4A3CBD96-69E4-479A-A12C-F53E24A083CA} - System32\Tasks\Opera scheduled Autoupdate 1639340036 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software)
Task: {5704D6A6-D766-429C-840C-EA3442D688E1} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1217944 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
Task: {59BBB41D-E430-47A8-A825-EFE38D7A2BD7} - System32\Tasks\CCleanerSkipUAC - Honza => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6BA888CC-CBCD-4526-9914-B81B3FB34C9B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-02-02] (Avast Software s.r.o. -> Avast Software)
Task: {707D1C94-7546-43FE-A29A-169F5F775B41} - System32\Tasks\GoogleUpdateTaskMachineUA{076BD99E-EA93-4A03-9D37-1D7CF115EF81} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-29] (Google LLC -> Google LLC)
Task: {7334B09D-5516-4A3B-8344-752F3243FD4C} - System32\Tasks\GoogleUpdateTaskMachineCore{14408F90-2C51-40E0-9BB3-E89912A6E6F4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-29] (Google LLC -> Google LLC)
Task: {7702EB06-49E3-4562-A397-CB8CE3B5DC16} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe [911576 2022-11-15] (Piriform Software Ltd -> Piriform)
Task: {8949652B-2D30-433E-B351-08AB13D565D2} - System32\Tasks\Opera scheduled assistant Autoupdate 1671574569 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Honza\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A717DC49-0ED9-4C47-83FD-5C356E8D3FBB} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4698008 2023-02-14] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid f2c50cc3-65cb-431b-b44d-6e1482f155b3
Task: {B9CA066B-8FD1-40D6-A175-081C24266B61} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2023-01-26] (Avast Software s.r.o. -> Avast Software) [File not signed]
Task: {D52216DA-69D4-4D82-98DF-DCDADF0E6D2B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-02-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DB445B7A-9B9A-4428-BF52-4B0A46614CFC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716192 2023-02-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {F65ECD01-D1D2-4182-9726-4B938C331B2B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {FB5B887F-7458-4696-B854-1084FF4E9AAF} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e43b3f3f-9a2e-4fd1-873d-d97d839efc89" --version "6.08.10255" --silent

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 05 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 46.16.122.2
Tcpip\..\Interfaces\{B6B54CE5-730C-4E63-B5B9-1302B3F0458F}: [DhcpNameServer] 46.16.122.2

FireFox:
========
FF DefaultProfile: 0cttmrx6.default
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\0cttmrx6.default [2021-12-12]
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release [2023-02-23]
FF Homepage: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> centrum.cz
FF Notifications: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> hxxps://www.priceorcan.cz; hxxps://best.aliexpress.com; hxxps://usa.banggood.com
FF HomepageOverride: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (Norton Password Manager) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\idsafe@norton.com.xpi [2023-01-19]
FF Extension: (Norton Home Page) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\nortonhomepage@symantec.com.xpi [2022-12-21] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\nortonsafeweb@symantec.com.xpi [2023-01-16]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\sp@avast.com.xpi [2022-09-01]
FF Extension: (Avast Online Security & Privacy) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\wrc@avast.com.xpi [2022-11-15]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF => not found
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\coFFPlgn => not found
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2023-02-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-29]

Opera:
=======
OPR Profile: C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable [2023-02-23]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-30]
OPR Extension: (Opera Coupons | kupóny a slevové kódy) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\eplcjggklbefnipglcfdfalbbjpmkbkl [2022-11-30]
OPR Extension: (Opera Wallet) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-14]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-12-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2021-12-12] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2021-12-12] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 KamoSvc; C:\Program Files (x86)\Kamo\KamoSvc.exe [6452440 2022-11-15] (Piriform Software Ltd -> Piriform Software Ltd)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9639320 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
R2 SmartViewService; C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe [125216 2010-09-02] (DeviceVM Inc. -> DeviceVM, Inc.)
R3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2021-12-12] (Creative Labs) [File not signed]
R2 WCUService; C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe [456976 2010-09-02] (DeviceVM Inc. -> DeviceVM, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35680 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208552 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365520 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250328 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41304 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [177872 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524416 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2022-09-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107808 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83368 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850120 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [466696 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216376 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R3 CYDTV_SRV; C:\Windows\System32\drivers\cydtv.sys [1286912 2017-06-28] (Shenzhen Geniatech Technology LTD. -> )
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [87552 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [207872 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia -> Secunia)
S1 netfilter2; system32\drivers\netfilter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-23 19:14 - 2023-02-23 19:15 - 000000000 ____D C:\AdwCleaner
2023-02-23 19:14 - 2023-02-23 19:14 - 008791352 _____ (Malwarebytes) C:\Users\Honza\Downloads\adwcleaner-8.4.0-installer.exe
2023-02-23 19:12 - 2023-02-23 19:12 - 001800096 _____ ( ) C:\Users\Honza\Desktop\adwcleaner-8.4.0-installer_1L-Y6q1.exe
2023-02-22 17:41 - 2023-02-22 17:41 - 000000000 ____D C:\Users\Honza\Desktop\rsit
2023-02-22 17:24 - 2023-02-22 17:24 - 000000000 ____D C:\rsit
2023-02-22 17:24 - 2023-02-22 17:24 - 000000000 ____D C:\Program Files\trend micro
2023-02-22 17:23 - 2023-02-22 17:23 - 001222144 _____ C:\Users\Honza\Downloads\RSITx64.exe
2023-02-22 17:14 - 2023-02-22 17:14 - 000000000 _____ C:\Users\Honza\Downloads\pr-f0CLp.exe.part
2023-02-22 16:27 - 2023-02-22 16:28 - 000010593 _____ C:\Users\Honza\Desktop\Addition.txt
2023-02-22 16:21 - 2023-02-23 19:26 - 000023613 _____ C:\Users\Honza\Desktop\FRST.txt
2023-02-22 16:20 - 2023-02-23 19:22 - 000000000 ____D C:\FRST
2023-02-22 16:18 - 2023-02-22 16:18 - 002378752 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2023-02-22 15:10 - 2023-02-22 15:10 - 000003310 _____ C:\Users\Honza\Downloads\smime(1).p7s
2023-02-14 22:46 - 2023-02-14 22:46 - 000090112 _____ C:\Users\Honza\Downloads\přehled_nájmů_2023__návrh_na_navýšení_o_inflaci.xls
2023-02-14 22:41 - 2023-02-16 21:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-11 16:03 - 2023-02-11 16:03 - 000000000 ___HD C:\$AV_ASW
2023-02-08 12:27 - 2023-02-08 12:27 - 000007334 _____ C:\Users\Honza\Desktop\Nový Textový dokument OpenDocument.odt
2023-02-04 20:21 - 2023-02-04 20:21 - 000074890 _____ C:\Users\Honza\Downloads\N_2E2DBC5E02834EDC9B31B9CA20CF0FC8.pdf
2023-02-04 20:20 - 2023-02-04 20:20 - 003391936 _____ C:\Users\Honza\Downloads\CARDIOLIGHT_tisk_pacienta_451107_036_JAN_KOZEL.pdf
2023-01-25 23:28 - 2023-01-25 23:29 - 000000000 ____D C:\Users\Honza\Documents\Raiffeisen st.sp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-23 19:20 - 2021-12-12 21:25 - 000000000 ____D C:\Program Files\CCleaner
2023-02-23 19:13 - 2021-12-12 21:26 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-23 19:13 - 2021-12-12 21:11 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2023-02-23 19:10 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-02-23 19:10 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-02-23 19:08 - 2022-02-09 21:10 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-23 19:08 - 2009-07-14 16:18 - 000622422 _____ C:\Windows\system32\perfh005.dat
2023-02-23 19:08 - 2009-07-14 16:18 - 000118604 _____ C:\Windows\system32\perfc005.dat
2023-02-23 19:08 - 2009-07-14 06:13 - 001445734 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-23 19:08 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2023-02-23 19:03 - 2022-12-20 23:16 - 000004294 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1671574569
2023-02-23 19:03 - 2022-11-15 15:07 - 000003938 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2023-02-23 19:03 - 2022-10-29 21:51 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{076BD99E-EA93-4A03-9D37-1D7CF115EF81}
2023-02-23 19:03 - 2022-10-29 21:51 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{14408F90-2C51-40E0-9BB3-E89912A6E6F4}
2023-02-23 19:03 - 2022-09-29 12:20 - 000003354 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-02-23 19:03 - 2022-09-29 12:20 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-02-23 19:03 - 2022-01-28 22:43 - 000001398 _____ C:\Users\Honza\Desktop\Games.lnk
2023-02-23 19:03 - 2021-12-12 21:25 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-02-23 19:03 - 2021-12-12 21:25 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Honza
2023-02-23 19:03 - 2021-12-12 21:13 - 000004060 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1639340036
2023-02-23 19:03 - 2021-12-12 21:06 - 000000000 ____D C:\ProgramData\Avast Software
2023-02-23 19:03 - 2021-12-12 21:02 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-23 19:03 - 2021-12-12 20:04 - 000001398 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
2023-02-23 19:03 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-22 21:42 - 2022-09-01 09:21 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-02-16 21:48 - 2021-12-12 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-15 18:29 - 2022-02-19 19:54 - 000026927 _____ C:\Users\Honza\Documents\Seznam 2023.odt
2023-02-15 17:23 - 2022-03-03 17:51 - 000000000 ____D C:\Users\Honza\Desktop\grizly
2023-02-15 15:21 - 2022-01-15 20:29 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-02-11 17:14 - 2022-10-12 21:16 - 000000000 ____D C:\Users\Honza\Desktop\BIDLI
2023-02-11 15:36 - 2022-10-15 21:21 - 000028815 _____ C:\Users\Honza\Desktop\Vybíjení noteboku.odt
2023-02-10 19:13 - 2021-12-17 17:08 - 000000000 ____D C:\Users\Honza\Documents\SPOLEČENS.VLASTNÍKŮ JEDNOTEK
2023-01-29 22:13 - 2022-01-21 20:17 - 000000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2023-01-27 16:57 - 2022-10-29 21:52 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-27 16:57 - 2022-10-29 21:52 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-25 21:54 - 2021-12-13 19:39 - 000000000 ____D C:\Windows\Minidump
2023-01-25 14:03 - 2022-02-17 14:31 - 000000000 ____D C:\Users\Honza\Desktop\Manuály

==================== Files in the root of some directories ========

2022-06-23 08:26 - 2022-06-23 08:26 - 000001537 _____ () C:\Users\Honza\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-02-22 14:05
==================== End of FRST.txt ========================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-02-2023
Ran by Honza (administrator) on BETYNA-PC (23-02-2023 19:20:38)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe ->) (Macrovision Europe Ltd.) [File not signed] C:\Users\Honza\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
(DeviceVM Inc. -> ) C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <29>
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Creative Labs) [File not signed] C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (DeviceVM Inc. -> DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe
(services.exe ->) (DeviceVM Inc. -> DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe
(services.exe ->) (Elgato Systems -> Elgato Systems GmbH) C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files (x86)\Kamo\KamoSvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(VIA) [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.) [File not signed]
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1875048 2011-01-26] (NVIDIA Corporation -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2583040 2009-09-21] (VIA) [File not signed]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTSyncService] => C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe [1233195 2009-07-08] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [SmartViewAgent] => C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe [948504 2010-09-02] (DeviceVM Inc. -> )
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [ASRockOCTuner] => [X]
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [ASRockIES] => [X]
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [Opera Browser Assistant] => C:\Users\Honza\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [Opera Stable] => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9Z.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\Windows\system32\CNMLM9Z.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerCrashReporting" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - Honza" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore{14408F90-2C51-40E0-9BB3-E89912A6E6F4}" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA{076BD99E-EA93-4A03-9D37-1D7CF115EF81}" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1671574569" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1639340036" /ENABLE
Task: {263A9A36-6CB6-4363-BD68-EB40FC5E707A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {263F73CB-2D1A-49C2-854D-5DFD91F82089} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
Task: {4A3CBD96-69E4-479A-A12C-F53E24A083CA} - System32\Tasks\Opera scheduled Autoupdate 1639340036 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software)
Task: {5704D6A6-D766-429C-840C-EA3442D688E1} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1217944 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
Task: {59BBB41D-E430-47A8-A825-EFE38D7A2BD7} - System32\Tasks\CCleanerSkipUAC - Honza => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6BA888CC-CBCD-4526-9914-B81B3FB34C9B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-02-02] (Avast Software s.r.o. -> Avast Software)
Task: {707D1C94-7546-43FE-A29A-169F5F775B41} - System32\Tasks\GoogleUpdateTaskMachineUA{076BD99E-EA93-4A03-9D37-1D7CF115EF81} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-29] (Google LLC -> Google LLC)
Task: {7334B09D-5516-4A3B-8344-752F3243FD4C} - System32\Tasks\GoogleUpdateTaskMachineCore{14408F90-2C51-40E0-9BB3-E89912A6E6F4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-29] (Google LLC -> Google LLC)
Task: {7702EB06-49E3-4562-A397-CB8CE3B5DC16} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe [911576 2022-11-15] (Piriform Software Ltd -> Piriform)
Task: {8949652B-2D30-433E-B351-08AB13D565D2} - System32\Tasks\Opera scheduled assistant Autoupdate 1671574569 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Honza\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A717DC49-0ED9-4C47-83FD-5C356E8D3FBB} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4698008 2023-02-14] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid f2c50cc3-65cb-431b-b44d-6e1482f155b3
Task: {B9CA066B-8FD1-40D6-A175-081C24266B61} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2023-01-26] (Avast Software s.r.o. -> Avast Software) [File not signed]
Task: {D52216DA-69D4-4D82-98DF-DCDADF0E6D2B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-02-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DB445B7A-9B9A-4428-BF52-4B0A46614CFC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716192 2023-02-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {F65ECD01-D1D2-4182-9726-4B938C331B2B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {FB5B887F-7458-4696-B854-1084FF4E9AAF} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e43b3f3f-9a2e-4fd1-873d-d97d839efc89" --version "6.08.10255" --silent

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 05 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 46.16.122.2
Tcpip\..\Interfaces\{B6B54CE5-730C-4E63-B5B9-1302B3F0458F}: [DhcpNameServer] 46.16.122.2

FireFox:
========
FF DefaultProfile: 0cttmrx6.default
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\0cttmrx6.default [2021-12-12]
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release [2023-02-23]
FF Homepage: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> centrum.cz
FF Notifications: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> hxxps://www.priceorcan.cz; hxxps://best.aliexpress.com; hxxps://usa.banggood.com
FF HomepageOverride: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\wn0tntzz.default-release -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (Norton Password Manager) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\idsafe@norton.com.xpi [2023-01-19]
FF Extension: (Norton Home Page) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\nortonhomepage@symantec.com.xpi [2022-12-21] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2022-10-17] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\nortonsafeweb@symantec.com.xpi [2023-01-16]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\sp@avast.com.xpi [2022-09-01]
FF Extension: (Avast Online Security & Privacy) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\wn0tntzz.default-release\Extensions\wrc@avast.com.xpi [2022-11-15]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF => not found
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\coFFPlgn => not found
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2023-02-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-29]

Opera:
=======
OPR Profile: C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable [2023-02-23]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-30]
OPR Extension: (Opera Coupons | kupóny a slevové kódy) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\eplcjggklbefnipglcfdfalbbjpmkbkl [2022-11-30]
OPR Extension: (Opera Wallet) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-14]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-12-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2021-12-12] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2021-12-12] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 KamoSvc; C:\Program Files (x86)\Kamo\KamoSvc.exe [6452440 2022-11-15] (Piriform Software Ltd -> Piriform Software Ltd)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9639320 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
R2 SmartViewService; C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe [125216 2010-09-02] (DeviceVM Inc. -> DeviceVM, Inc.)
R3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2021-12-12] (Creative Labs) [File not signed]
R2 WCUService; C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe [456976 2010-09-02] (DeviceVM Inc. -> DeviceVM, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35680 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208552 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365520 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250328 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41304 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [177872 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524416 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2022-09-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107808 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83368 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850120 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [466696 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216376 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2022-09-01] (Avast Software s.r.o. -> AVAST Software)
R3 CYDTV_SRV; C:\Windows\System32\drivers\cydtv.sys [1286912 2017-06-28] (Shenzhen Geniatech Technology LTD. -> )
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [87552 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [207872 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia -> Secunia)
S1 netfilter2; system32\drivers\netfilter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-23 19:14 - 2023-02-23 19:15 - 000000000 ____D C:\AdwCleaner
2023-02-23 19:14 - 2023-02-23 19:14 - 008791352 _____ (Malwarebytes) C:\Users\Honza\Downloads\adwcleaner-8.4.0-installer.exe
2023-02-23 19:12 - 2023-02-23 19:12 - 001800096 _____ ( ) C:\Users\Honza\Desktop\adwcleaner-8.4.0-installer_1L-Y6q1.exe
2023-02-22 17:41 - 2023-02-22 17:41 - 000000000 ____D C:\Users\Honza\Desktop\rsit
2023-02-22 17:24 - 2023-02-22 17:24 - 000000000 ____D C:\rsit
2023-02-22 17:24 - 2023-02-22 17:24 - 000000000 ____D C:\Program Files\trend micro
2023-02-22 17:23 - 2023-02-22 17:23 - 001222144 _____ C:\Users\Honza\Downloads\RSITx64.exe
2023-02-22 17:14 - 2023-02-22 17:14 - 000000000 _____ C:\Users\Honza\Downloads\pr-f0CLp.exe.part
2023-02-22 16:27 - 2023-02-22 16:28 - 000010593 _____ C:\Users\Honza\Desktop\Addition.txt
2023-02-22 16:21 - 2023-02-23 19:26 - 000023613 _____ C:\Users\Honza\Desktop\FRST.txt
2023-02-22 16:20 - 2023-02-23 19:22 - 000000000 ____D C:\FRST
2023-02-22 16:18 - 2023-02-22 16:18 - 002378752 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2023-02-22 15:10 - 2023-02-22 15:10 - 000003310 _____ C:\Users\Honza\Downloads\smime(1).p7s
2023-02-14 22:46 - 2023-02-14 22:46 - 000090112 _____ C:\Users\Honza\Downloads\přehled_nájmů_2023__návrh_na_navýšení_o_inflaci.xls
2023-02-14 22:41 - 2023-02-16 21:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-11 16:03 - 2023-02-11 16:03 - 000000000 ___HD C:\$AV_ASW
2023-02-08 12:27 - 2023-02-08 12:27 - 000007334 _____ C:\Users\Honza\Desktop\Nový Textový dokument OpenDocument.odt
2023-02-04 20:21 - 2023-02-04 20:21 - 000074890 _____ C:\Users\Honza\Downloads\N_2E2DBC5E02834EDC9B31B9CA20CF0FC8.pdf
2023-02-04 20:20 - 2023-02-04 20:20 - 003391936 _____ C:\Users\Honza\Downloads\CARDIOLIGHT_tisk_pacienta_451107_036_JAN_KOZEL.pdf
2023-01-25 23:28 - 2023-01-25 23:29 - 000000000 ____D C:\Users\Honza\Documents\Raiffeisen st.sp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-23 19:20 - 2021-12-12 21:25 - 000000000 ____D C:\Program Files\CCleaner
2023-02-23 19:13 - 2021-12-12 21:26 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-23 19:13 - 2021-12-12 21:11 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2023-02-23 19:10 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-02-23 19:10 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-02-23 19:08 - 2022-02-09 21:10 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-23 19:08 - 2009-07-14 16:18 - 000622422 _____ C:\Windows\system32\perfh005.dat
2023-02-23 19:08 - 2009-07-14 16:18 - 000118604 _____ C:\Windows\system32\perfc005.dat
2023-02-23 19:08 - 2009-07-14 06:13 - 001445734 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-23 19:08 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2023-02-23 19:03 - 2022-12-20 23:16 - 000004294 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1671574569
2023-02-23 19:03 - 2022-11-15 15:07 - 000003938 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2023-02-23 19:03 - 2022-10-29 21:51 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{076BD99E-EA93-4A03-9D37-1D7CF115EF81}
2023-02-23 19:03 - 2022-10-29 21:51 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{14408F90-2C51-40E0-9BB3-E89912A6E6F4}
2023-02-23 19:03 - 2022-09-29 12:20 - 000003354 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-02-23 19:03 - 2022-09-29 12:20 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-02-23 19:03 - 2022-01-28 22:43 - 000001398 _____ C:\Users\Honza\Desktop\Games.lnk
2023-02-23 19:03 - 2021-12-12 21:25 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-02-23 19:03 - 2021-12-12 21:25 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Honza
2023-02-23 19:03 - 2021-12-12 21:13 - 000004060 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1639340036
2023-02-23 19:03 - 2021-12-12 21:06 - 000000000 ____D C:\ProgramData\Avast Software
2023-02-23 19:03 - 2021-12-12 21:02 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-23 19:03 - 2021-12-12 20:04 - 000001398 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
2023-02-23 19:03 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-22 21:42 - 2022-09-01 09:21 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-02-16 21:48 - 2021-12-12 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-15 18:29 - 2022-02-19 19:54 - 000026927 _____ C:\Users\Honza\Documents\Seznam 2023.odt
2023-02-15 17:23 - 2022-03-03 17:51 - 000000000 ____D C:\Users\Honza\Desktop\grizly
2023-02-15 15:21 - 2022-01-15 20:29 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-02-11 17:14 - 2022-10-12 21:16 - 000000000 ____D C:\Users\Honza\Desktop\BIDLI
2023-02-11 15:36 - 2022-10-15 21:21 - 000028815 _____ C:\Users\Honza\Desktop\Vybíjení noteboku.odt
2023-02-10 19:13 - 2021-12-17 17:08 - 000000000 ____D C:\Users\Honza\Documents\SPOLEČENS.VLASTNÍKŮ JEDNOTEK
2023-01-29 22:13 - 2022-01-21 20:17 - 000000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2023-01-27 16:57 - 2022-10-29 21:52 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-27 16:57 - 2022-10-29 21:52 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-25 21:54 - 2021-12-13 19:39 - 000000000 ____D C:\Windows\Minidump
2023-01-25 14:03 - 2022-02-17 14:31 - 000000000 ____D C:\Users\Honza\Desktop\Manuály

==================== Files in the root of some directories ========

2022-06-23 08:26 - 2022-06-23 08:26 - 000001537 _____ () C:\Users\Honza\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-02-22 14:05
==================== End of FRST.txt ========================

AHOJ,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >> •Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-02-2023
Ran by Honza (26-02-2023 00:31:24) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [ASRockOCTuner] => [X]
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [ASRockIES] => [X]
HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\...\Run: [zASRockInstantBoot] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
S1 netfilter2; system32\drivers\netfilter2.sys [X]


EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockOCTuner" => removed successfully
"HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockIES" => removed successfully
"HKU\S-1-5-21-2396163683-3237053938-2717139369-1001\Software\Microsoft\Windows\CurrentVersion\Run\\zASRockInstantBoot" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\netfilter2 => removed successfully
netfilter2 => service removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30998207 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 92906 B
Edge => 0 B
Chrome => 367800345 B
Firefox => 1113991976 B
Opera => 16411917 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 18029 B
systemprofile32 => 35105 B
LocalService => 167349 B
NetworkService => 233577 B
Honza => 1566812884 B

RecycleBin => 16134514 B
EmptyTemp: => 2.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:32:07 ====

Malo by to byt ciste

Děkuji , posílám 100,- Kč

Aj my dakujeme