Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu. Děkuji.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
roman7
Návštěvník
Návštěvník
Příspěvky: 327
Registrován: 25 bře 2008 23:09

Prosím o kontrolu logu. Děkuji.

#1 Příspěvek od roman7 »

Zdravím,
prosím o kontrolu logu (pořízen, až po pročištění Adwcleaner), přikládám i log s ADwcleaner nalez pup.optional seznam cz Dal jsem kontrolu jelikož mám problém s platebním režimem u Avastu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2023
Ran by Roman (administrator) on DESKTOP-9RDGM5O (Gigabyte Technology Co., Ltd. B550 GAMING X V2) (12-03-2023 22:32:37)
Running from C:\Users\rosmy\Desktop
Loaded Profiles: Roman
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1265 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23034.1300.1846.7680_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe <12>
(DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atieclxx.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <3>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) () [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3398037617-877173979-1485582407-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3398037617-877173979-1485582407-1001\...\Run: [MicrosoftEdgeAutoLaunch_8C26541BB0E90087424048CEDDA8EBAF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2044248 2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\Installer\chrmstp.exe [2023-03-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2023-02-15]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {0CCF315D-2D8B-4528-B4B7-8FA402A0B7FC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56368 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {0E5974F5-6CD5-4927-A5D1-64230F814A7D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "a6108a6b-07b7-475f-b5c7-fa4c9abad6b0" --version "6.09.10300" --silent
Task: {29335325-4E2D-460E-A1FA-EF3A1FF297BE} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {2B217388-9CD4-4E9E-9AEF-896CE417608C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)
Task: {302F7049-45AC-4E22-A7DB-D9EEA0FAC00F} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1217944 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
Task: {47E82149-9FBA-4481-980A-11C4536FBAAB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {6F805CFF-5B63-4114-95BE-15EB6BE563AE} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-04-28] (Advanced Micro Devices, Inc.) [File not signed]
Task: {71A01836-17DE-4FD8-9F07-BBA815A05666} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {80B36C5E-21AC-41FE-86BE-34BD2A23CFD6} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {82A5154E-CE57-42A9-B0E6-E9DCED2B030A} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4698008 2023-02-14] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 04dee113-ea33-441c-9c41-1c126b7b4db8
Task: {8F59C42C-4579-49BE-8DE7-767B0C3D597B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {90FFD2A9-E249-4B28-81BE-5383D1713D0A} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9BCBEA99-9EB2-4FE3-9EDE-13E78ABC06C1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {B1C59922-6573-431B-A555-D55AA23ECBF4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {B45267C1-616E-40C4-8A14-571EEDF68566} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3398037617-877173979-1485582407-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1790.13.81.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2157816 2023-02-24] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CECB9E7C-93C3-4E8B-9AA0-CB81AF3C9907} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {D1921B9D-C5B7-4A67-ADEF-80EA878015AE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {DE5C787C-483C-4416-A87C-6AACA6A7EA4A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E469A6C5-A505-4680-8054-441BC56809A9} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5000600 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
Task: {F14089BE-EF73-41C2-A7D4-31DD9E72E1B2} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [261680 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {FAB9E7A1-A527-4490-9456-A0E02D30DD9A} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [813008 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {FC11A5C0-A082-4CA2-AE6B-20123FDE5FD2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2023-01-26] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.0 account.zoner.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{41766173-7453-6f66-7477-617265415357}: [NameServer] 100.126.0.1
Tcpip\..\Interfaces\{99b877ff-3a1c-4207-bddb-9e3233fbea3d}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\rosmy\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-12]

FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-3398037617-877173979-1485582407-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3398037617-877173979-1485582407-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3398037617-877173979-1485582407-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8905624 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [583064 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2197912 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [583576 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [5779160 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\elevation_service.exe [1824504 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed]
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9639320 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249328 2023-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137600 2023-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [861328 2023-03-12] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\Windows\system32\AMDRyzenMasterDriver.sys [43336 2022-04-26] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\amdkmdag.sys [94459216 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [231808 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391856 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297880 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268480 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [557136 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [941928 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [699624 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212640 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319056 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [72584 2023-02-14] (Avast Software s.r.o. -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [51112 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [184544 2023-02-14] (Avast Software s.r.o. -> Avast Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2023-01-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [124952 2023-01-28] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_8ba6e3ab748a90bd\rt68cx21x64.sys [620456 2022-03-25] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2023-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2023-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-28] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-12 22:32 - 2023-03-12 22:32 - 000026209 _____ C:\Users\rosmy\Desktop\FRST.txt
2023-03-12 22:32 - 2023-03-12 22:32 - 000000000 ____D C:\FRST
2023-03-12 22:29 - 2023-03-12 22:29 - 000002535 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-03-12 22:28 - 2023-03-12 22:28 - 001685233 _____ C:\Users\rosmy\Documents\záložky_12.03.23.html
2023-03-12 22:25 - 2023-03-12 22:25 - 000691102 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-12 22:25 - 2023-03-12 22:25 - 000143008 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-12 22:23 - 2023-03-12 22:23 - 002378752 _____ (Farbar) C:\Users\rosmy\Desktop\FRST64.exe
2023-03-12 22:19 - 2023-03-10 21:01 - 000308120 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-03-12 22:06 - 2023-03-12 22:07 - 000000000 ____D C:\AdwCleaner
2023-03-12 22:06 - 2023-03-12 22:06 - 008791352 _____ (Malwarebytes) C:\Users\rosmy\Desktop\adwcleaner.exe
2023-03-11 22:19 - 2023-03-11 22:19 - 000000000 ____D C:\Users\rosmy\AppData\Roaming\Zoner
2023-03-11 22:19 - 2023-03-11 22:19 - 000000000 ____D C:\Users\rosmy\AppData\Local\Zoner
2023-03-11 22:18 - 2023-03-11 22:18 - 000001825 _____ C:\Users\rosmy\Desktop\ZPS 19 CZ.lnk
2023-03-11 22:18 - 2023-03-11 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZPS 19 CZ
2023-03-11 22:18 - 2023-03-11 22:18 - 000000000 ____D C:\Program Files\ZPS 19 CZ
2023-03-11 00:21 - 2023-03-11 00:21 - 000010454 _____ C:\Users\rosmy\Documents\cc_20230311_002104.reg
2023-03-10 21:02 - 2023-03-10 21:02 - 000116853 _____ C:\Users\rosmy\Desktop\faktura zrcátka skutr_337556.pdf
2023-03-09 10:47 - 2013-03-12 18:42 - 011392061 _____ C:\Users\rosmy\Desktop\Yamaha-YP-125-R-2005-2012.pdf
2023-03-09 10:46 - 2022-03-22 17:26 - 021388775 _____ C:\Users\rosmy\Desktop\manual-x-max-125-2013 tento-pdf.pdf
2023-03-08 19:55 - 2023-03-08 19:55 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-03-01 21:22 - 2023-03-01 21:22 - 000024815 _____ C:\Users\rosmy\Documents\SOKOLA - Faktura zaplaceno.pdf
2023-02-28 21:57 - 2023-02-28 21:57 - 000179947 _____ C:\Users\rosmy\Downloads\priloha_1129898580_0_zprava.pdf
2023-02-28 21:57 - 2023-02-28 21:57 - 000098366 _____ C:\Users\rosmy\Downloads\priloha_1134699498_0_VypisROS.pdf
2023-02-28 21:57 - 2023-02-28 21:57 - 000001785 _____ C:\Users\rosmy\Downloads\priloha_1134699498_1_VypisROS.csv
2023-02-26 12:55 - 2023-03-11 21:24 - 000000000 ____D C:\WINDOWS\Minidump
2023-02-18 19:22 - 2023-02-18 19:22 - 006085576 _____ C:\Users\rosmy\Downloads\avast_secure_browser_setup.exe
2023-02-18 16:37 - 2023-02-18 16:38 - 009635652 _____ C:\Users\rosmy\Documents\IMG_6792.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 009753449 _____ C:\Users\rosmy\Documents\IMG_6794.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 009703403 _____ C:\Users\rosmy\Documents\IMG_6795.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 008784382 _____ C:\Users\rosmy\Documents\IMG_6791.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 007413663 _____ C:\Users\rosmy\Documents\IMG_6796.MOV
2023-02-18 16:15 - 2023-02-18 16:15 - 000088490 _____ C:\Users\rosmy\Desktop\Informace o pojištění vozidla na další období.pdf
2023-02-18 16:15 - 2023-02-18 16:15 - 000080175 _____ C:\Users\rosmy\Desktop\Zelená karta k pojistné smlouvě číslo 4781673741.pdf
2023-02-18 15:56 - 2023-02-18 15:56 - 000000000 ____D C:\Users\rosmy\AppData\Local\ElevatedDiagnostics
2023-02-16 21:22 - 2023-02-16 21:22 - 000008524 _____ C:\Users\rosmy\Documents\cc_20230216_212202.reg
2023-02-16 20:31 - 2023-02-16 20:31 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2023-02-16 20:25 - 2023-02-16 20:25 - 000000000 ___HD C:\$WinREAgent
2023-02-14 23:06 - 2023-02-14 23:06 - 000008443 _____ C:\Users\rosmy\Documents\VYPL_080552_0_202301.pdf
2023-02-14 20:11 - 2023-02-14 20:11 - 000184544 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswWireguard.sys
2023-02-14 20:11 - 2023-02-14 20:11 - 000072584 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2023-02-14 20:09 - 2023-02-14 20:09 - 000563802 _____ C:\Users\rosmy\Documents\ML_Smejkal_2022.pdf
2023-02-13 22:31 - 2023-02-27 22:31 - 000000000 ____D C:\Users\rosmy\AppData\Local\AMD_Common
2023-02-13 21:00 - 2023-02-13 21:00 - 002041040 _____ ( ) C:\Users\rosmy\Downloads\data-recovery.exe
2023-02-13 18:48 - 2023-02-13 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2023-02-13 18:47 - 2023-02-16 20:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\WINDOWS\PCHEALTH
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2023-02-13 18:45 - 2023-02-13 18:47 - 000000000 ____D C:\WINDOWS\SHELLNEW
2023-02-13 18:45 - 2023-02-13 18:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-02-13 18:45 - 2023-02-13 18:45 - 000000000 __RHD C:\MSOCache
2023-02-13 18:45 - 2023-02-13 18:45 - 000000000 ____D C:\Users\rosmy\AppData\Local\Microsoft Help
2023-02-13 18:45 - 2023-02-13 18:45 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-12 14:43 - 2023-02-12 14:43 - 000000000 ____D C:\ProgramData\Western Digital
2023-02-12 10:24 - 2023-02-12 10:24 - 008718782 _____ C:\Users\rosmy\Downloads\SanDiskSecurity_WIN.zip
2023-02-12 10:16 - 2023-02-12 10:16 - 000000000 ____D C:\Users\rosmy\AppData\Roaming\com.sandisk.softwareInstaller

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-12 22:29 - 2023-01-28 15:09 - 000002570 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-03-12 22:25 - 2023-01-30 22:28 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-12 22:25 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-03-12 22:23 - 2023-01-31 23:00 - 000000000 ____D C:\Program Files\CCleaner
2023-03-12 22:23 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-12 22:21 - 2023-02-02 16:36 - 000003078 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-03-12 22:21 - 2023-01-30 22:25 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-03-12 22:21 - 2023-01-30 22:25 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-03-12 22:21 - 2023-01-28 15:20 - 000000000 ____D C:\Users\rosmy\AppData\Local\AvastAntiTrackPremium
2023-03-12 22:21 - 2023-01-28 15:17 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2023-03-12 22:21 - 2023-01-28 15:17 - 000002076 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2023-03-12 22:21 - 2023-01-28 15:09 - 000000000 ____D C:\ProgramData\AVAST Software
2023-03-12 22:21 - 2023-01-28 11:40 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2023-03-12 22:20 - 2023-01-31 23:00 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-03-12 22:20 - 2023-01-30 22:25 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-03-12 22:20 - 2023-01-30 22:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-12 22:20 - 2023-01-28 11:15 - 000875536 _____ C:\WINDOWS\system32\wpbbin.exe
2023-03-12 22:20 - 2023-01-28 11:15 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2023-03-12 22:20 - 2023-01-28 11:15 - 000012288 ___SH C:\DumpStack.log.tmp
2023-03-12 22:20 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-03-12 22:19 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-12 22:05 - 2023-01-28 11:40 - 000000000 ____D C:\Users\rosmy\AppData\Local\D3DSCache
2023-03-12 21:43 - 2023-01-30 22:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-12 20:21 - 2023-01-31 23:00 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-12 20:21 - 2023-01-31 23:00 - 000003046 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-03-12 20:21 - 2023-01-31 23:00 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Roman
2023-03-12 20:21 - 2023-01-30 22:25 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-12 20:21 - 2023-01-30 22:25 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-12 20:21 - 2023-01-30 22:25 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3398037617-877173979-1485582407-1001
2023-03-12 20:21 - 2023-01-30 22:25 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3398037617-877173979-1485582407-1001
2023-03-12 20:21 - 2023-01-30 22:25 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2023-03-12 20:21 - 2023-01-30 22:25 - 000002402 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2023-03-12 20:21 - 2023-01-30 22:25 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2023-03-12 20:21 - 2023-01-30 22:25 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2023-03-12 20:21 - 2023-01-30 22:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-03-12 00:20 - 2023-01-30 22:15 - 000000000 ____D C:\Users\rosmy
2023-03-11 22:28 - 2023-01-28 15:33 - 000000000 ____D C:\Users\rosmy\Roman ostatní
2023-03-11 21:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-11 21:24 - 2023-01-30 22:24 - 000477936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-11 21:24 - 2023-01-28 11:15 - 001556406 _____ C:\WINDOWS\Minidump\031123-4390-01.dmp
2023-03-11 21:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-03-11 20:48 - 2023-01-28 14:40 - 000000000 ____D C:\Users\rosmy\AppData\Local\GHISLER
2023-03-11 20:42 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-11 19:43 - 2023-01-28 11:15 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-11 00:20 - 2023-01-28 16:48 - 000000000 ____D C:\Users\rosmy\AppData\Local\CrashDumps
2023-03-10 21:05 - 2023-01-28 11:34 - 000002377 _____ C:\Users\rosmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-10 21:01 - 2023-01-28 15:17 - 000941928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000699624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000557136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000391856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000319056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000297880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000268480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000231808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-03-06 11:10 - 2023-01-28 15:39 - 000000364 _____ C:\Users\rosmy\Desktop\Ethernet – zástupce.lnk
2023-03-03 10:53 - 2023-01-28 11:40 - 000000000 ____D C:\ProgramData\Packages
2023-02-18 16:00 - 2023-01-28 11:42 - 000000000 ____D C:\Users\rosmy\AppData\Local\PlaceholderTileLogoFolder
2023-02-18 16:00 - 2023-01-28 11:40 - 000000000 ____D C:\Users\rosmy\AppData\Local\Packages
2023-02-17 20:38 - 2019-12-07 10:14 - 000000167 _____ C:\WINDOWS\win.ini
2023-02-16 23:48 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-16 20:33 - 2023-01-28 14:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-16 20:32 - 2023-01-28 14:30 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-16 20:31 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-16 20:29 - 2023-01-30 22:25 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-13 18:47 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-02-12 15:39 - 2023-01-28 11:42 - 000000000 ____D C:\ProgramData\Package Cache
2023-02-11 22:54 - 2023-01-30 21:42 - 000000000 ___DC C:\WINDOWS\Panther

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Addition.zip
(10 KiB) Staženo 24 x
Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-12-2023
# Duration: 00:00:03
# OS: Windows 11 (Build 22621.1265)
# Scanned: 32101
# Detected: 11


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\rosmy\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-12-2023
# Duration: 00:00:01
# OS: Windows 11 (Build 22621.1265)
# Cleaned: 11
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\rosmy\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2508 octets] - [12/03/2023 22:06:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Další sken, už byl bez detekce. Avast nic nehlásil, akorát mi maže frst. Platební režim se spustí, ale celý prohlížeč je to nějaký podezřelý. Tak jen pro jistotu. Děkuji.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu. Děkuji.

#2 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {DE5C787C-483C-4416-A87C-6AACA6A7EA4A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File

Hosts:
EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

roman7
Návštěvník
Návštěvník
Příspěvky: 327
Registrován: 25 bře 2008 23:09

Re: Prosím o kontrolu logu. Děkuji.

#3 Příspěvek od roman7 »

Zdravím
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-03-2023
Ran by Roman (13-03-2023 10:39:04) Run:1
Running from C:\Users\rosmy\Desktop
Loaded Profiles: Roman
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {DE5C787C-483C-4416-A87C-6AACA6A7EA4A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE5C787C-483C-4416-A87C-6AACA6A7EA4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE5C787C-483C-4416-A87C-6AACA6A7EA4A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11622314 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 14184742 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6946 B
NetworkService => 39110 B
rosmy => 88935899 B

RecycleBin => 0 B
EmptyTemp: => 110.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:39:09 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu. Děkuji.

#4 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

roman7
Návštěvník
Návštěvník
Příspěvky: 327
Registrován: 25 bře 2008 23:09

Re: Prosím o kontrolu logu. Děkuji.

#5 Příspěvek od roman7 »

Děkuji.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu. Děkuji.

#6 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno