Prosím o kontrolu logu. Děkuji.
Napsal: 12 bře 2023 23:19
Zdravím,
prosím o kontrolu logu (pořízen, až po pročištění Adwcleaner), přikládám i log s ADwcleaner nalez pup.optional seznam cz Dal jsem kontrolu jelikož mám problém s platebním režimem u Avastu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2023
Ran by Roman (administrator) on DESKTOP-9RDGM5O (Gigabyte Technology Co., Ltd. B550 GAMING X V2) (12-03-2023 22:32:37)
Running from C:\Users\rosmy\Desktop
Loaded Profiles: Roman
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1265 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23034.1300.1846.7680_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe <12>
(DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atieclxx.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <3>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) () [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3398037617-877173979-1485582407-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3398037617-877173979-1485582407-1001\...\Run: [MicrosoftEdgeAutoLaunch_8C26541BB0E90087424048CEDDA8EBAF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2044248 2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\Installer\chrmstp.exe [2023-03-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2023-02-15]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {0CCF315D-2D8B-4528-B4B7-8FA402A0B7FC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56368 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {0E5974F5-6CD5-4927-A5D1-64230F814A7D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "a6108a6b-07b7-475f-b5c7-fa4c9abad6b0" --version "6.09.10300" --silent
Task: {29335325-4E2D-460E-A1FA-EF3A1FF297BE} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {2B217388-9CD4-4E9E-9AEF-896CE417608C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)
Task: {302F7049-45AC-4E22-A7DB-D9EEA0FAC00F} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1217944 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
Task: {47E82149-9FBA-4481-980A-11C4536FBAAB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {6F805CFF-5B63-4114-95BE-15EB6BE563AE} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-04-28] (Advanced Micro Devices, Inc.) [File not signed]
Task: {71A01836-17DE-4FD8-9F07-BBA815A05666} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {80B36C5E-21AC-41FE-86BE-34BD2A23CFD6} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {82A5154E-CE57-42A9-B0E6-E9DCED2B030A} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4698008 2023-02-14] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 04dee113-ea33-441c-9c41-1c126b7b4db8
Task: {8F59C42C-4579-49BE-8DE7-767B0C3D597B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {90FFD2A9-E249-4B28-81BE-5383D1713D0A} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9BCBEA99-9EB2-4FE3-9EDE-13E78ABC06C1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {B1C59922-6573-431B-A555-D55AA23ECBF4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {B45267C1-616E-40C4-8A14-571EEDF68566} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3398037617-877173979-1485582407-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1790.13.81.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2157816 2023-02-24] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CECB9E7C-93C3-4E8B-9AA0-CB81AF3C9907} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {D1921B9D-C5B7-4A67-ADEF-80EA878015AE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {DE5C787C-483C-4416-A87C-6AACA6A7EA4A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E469A6C5-A505-4680-8054-441BC56809A9} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5000600 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
Task: {F14089BE-EF73-41C2-A7D4-31DD9E72E1B2} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [261680 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {FAB9E7A1-A527-4490-9456-A0E02D30DD9A} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [813008 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {FC11A5C0-A082-4CA2-AE6B-20123FDE5FD2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2023-01-26] (Avast Software s.r.o. -> Avast Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.0 account.zoner.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{41766173-7453-6f66-7477-617265415357}: [NameServer] 100.126.0.1
Tcpip\..\Interfaces\{99b877ff-3a1c-4207-bddb-9e3233fbea3d}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\rosmy\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-12]
FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-3398037617-877173979-1485582407-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3398037617-877173979-1485582407-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3398037617-877173979-1485582407-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8905624 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [583064 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2197912 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [583576 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [5779160 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\elevation_service.exe [1824504 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed]
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9639320 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249328 2023-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137600 2023-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [861328 2023-03-12] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\Windows\system32\AMDRyzenMasterDriver.sys [43336 2022-04-26] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\amdkmdag.sys [94459216 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [231808 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391856 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297880 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268480 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [557136 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [941928 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [699624 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212640 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319056 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [72584 2023-02-14] (Avast Software s.r.o. -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [51112 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [184544 2023-02-14] (Avast Software s.r.o. -> Avast Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2023-01-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [124952 2023-01-28] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_8ba6e3ab748a90bd\rt68cx21x64.sys [620456 2022-03-25] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2023-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2023-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-28] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-12 22:32 - 2023-03-12 22:32 - 000026209 _____ C:\Users\rosmy\Desktop\FRST.txt
2023-03-12 22:32 - 2023-03-12 22:32 - 000000000 ____D C:\FRST
2023-03-12 22:29 - 2023-03-12 22:29 - 000002535 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-03-12 22:28 - 2023-03-12 22:28 - 001685233 _____ C:\Users\rosmy\Documents\záložky_12.03.23.html
2023-03-12 22:25 - 2023-03-12 22:25 - 000691102 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-12 22:25 - 2023-03-12 22:25 - 000143008 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-12 22:23 - 2023-03-12 22:23 - 002378752 _____ (Farbar) C:\Users\rosmy\Desktop\FRST64.exe
2023-03-12 22:19 - 2023-03-10 21:01 - 000308120 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-03-12 22:06 - 2023-03-12 22:07 - 000000000 ____D C:\AdwCleaner
2023-03-12 22:06 - 2023-03-12 22:06 - 008791352 _____ (Malwarebytes) C:\Users\rosmy\Desktop\adwcleaner.exe
2023-03-11 22:19 - 2023-03-11 22:19 - 000000000 ____D C:\Users\rosmy\AppData\Roaming\Zoner
2023-03-11 22:19 - 2023-03-11 22:19 - 000000000 ____D C:\Users\rosmy\AppData\Local\Zoner
2023-03-11 22:18 - 2023-03-11 22:18 - 000001825 _____ C:\Users\rosmy\Desktop\ZPS 19 CZ.lnk
2023-03-11 22:18 - 2023-03-11 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZPS 19 CZ
2023-03-11 22:18 - 2023-03-11 22:18 - 000000000 ____D C:\Program Files\ZPS 19 CZ
2023-03-11 00:21 - 2023-03-11 00:21 - 000010454 _____ C:\Users\rosmy\Documents\cc_20230311_002104.reg
2023-03-10 21:02 - 2023-03-10 21:02 - 000116853 _____ C:\Users\rosmy\Desktop\faktura zrcátka skutr_337556.pdf
2023-03-09 10:47 - 2013-03-12 18:42 - 011392061 _____ C:\Users\rosmy\Desktop\Yamaha-YP-125-R-2005-2012.pdf
2023-03-09 10:46 - 2022-03-22 17:26 - 021388775 _____ C:\Users\rosmy\Desktop\manual-x-max-125-2013 tento-pdf.pdf
2023-03-08 19:55 - 2023-03-08 19:55 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-03-01 21:22 - 2023-03-01 21:22 - 000024815 _____ C:\Users\rosmy\Documents\SOKOLA - Faktura zaplaceno.pdf
2023-02-28 21:57 - 2023-02-28 21:57 - 000179947 _____ C:\Users\rosmy\Downloads\priloha_1129898580_0_zprava.pdf
2023-02-28 21:57 - 2023-02-28 21:57 - 000098366 _____ C:\Users\rosmy\Downloads\priloha_1134699498_0_VypisROS.pdf
2023-02-28 21:57 - 2023-02-28 21:57 - 000001785 _____ C:\Users\rosmy\Downloads\priloha_1134699498_1_VypisROS.csv
2023-02-26 12:55 - 2023-03-11 21:24 - 000000000 ____D C:\WINDOWS\Minidump
2023-02-18 19:22 - 2023-02-18 19:22 - 006085576 _____ C:\Users\rosmy\Downloads\avast_secure_browser_setup.exe
2023-02-18 16:37 - 2023-02-18 16:38 - 009635652 _____ C:\Users\rosmy\Documents\IMG_6792.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 009753449 _____ C:\Users\rosmy\Documents\IMG_6794.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 009703403 _____ C:\Users\rosmy\Documents\IMG_6795.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 008784382 _____ C:\Users\rosmy\Documents\IMG_6791.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 007413663 _____ C:\Users\rosmy\Documents\IMG_6796.MOV
2023-02-18 16:15 - 2023-02-18 16:15 - 000088490 _____ C:\Users\rosmy\Desktop\Informace o pojištění vozidla na další období.pdf
2023-02-18 16:15 - 2023-02-18 16:15 - 000080175 _____ C:\Users\rosmy\Desktop\Zelená karta k pojistné smlouvě číslo 4781673741.pdf
2023-02-18 15:56 - 2023-02-18 15:56 - 000000000 ____D C:\Users\rosmy\AppData\Local\ElevatedDiagnostics
2023-02-16 21:22 - 2023-02-16 21:22 - 000008524 _____ C:\Users\rosmy\Documents\cc_20230216_212202.reg
2023-02-16 20:31 - 2023-02-16 20:31 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2023-02-16 20:25 - 2023-02-16 20:25 - 000000000 ___HD C:\$WinREAgent
2023-02-14 23:06 - 2023-02-14 23:06 - 000008443 _____ C:\Users\rosmy\Documents\VYPL_080552_0_202301.pdf
2023-02-14 20:11 - 2023-02-14 20:11 - 000184544 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswWireguard.sys
2023-02-14 20:11 - 2023-02-14 20:11 - 000072584 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2023-02-14 20:09 - 2023-02-14 20:09 - 000563802 _____ C:\Users\rosmy\Documents\ML_Smejkal_2022.pdf
2023-02-13 22:31 - 2023-02-27 22:31 - 000000000 ____D C:\Users\rosmy\AppData\Local\AMD_Common
2023-02-13 21:00 - 2023-02-13 21:00 - 002041040 _____ ( ) C:\Users\rosmy\Downloads\data-recovery.exe
2023-02-13 18:48 - 2023-02-13 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2023-02-13 18:47 - 2023-02-16 20:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\WINDOWS\PCHEALTH
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2023-02-13 18:45 - 2023-02-13 18:47 - 000000000 ____D C:\WINDOWS\SHELLNEW
2023-02-13 18:45 - 2023-02-13 18:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-02-13 18:45 - 2023-02-13 18:45 - 000000000 __RHD C:\MSOCache
2023-02-13 18:45 - 2023-02-13 18:45 - 000000000 ____D C:\Users\rosmy\AppData\Local\Microsoft Help
2023-02-13 18:45 - 2023-02-13 18:45 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-12 14:43 - 2023-02-12 14:43 - 000000000 ____D C:\ProgramData\Western Digital
2023-02-12 10:24 - 2023-02-12 10:24 - 008718782 _____ C:\Users\rosmy\Downloads\SanDiskSecurity_WIN.zip
2023-02-12 10:16 - 2023-02-12 10:16 - 000000000 ____D C:\Users\rosmy\AppData\Roaming\com.sandisk.softwareInstaller
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-12 22:29 - 2023-01-28 15:09 - 000002570 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-03-12 22:25 - 2023-01-30 22:28 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-12 22:25 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-03-12 22:23 - 2023-01-31 23:00 - 000000000 ____D C:\Program Files\CCleaner
2023-03-12 22:23 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-12 22:21 - 2023-02-02 16:36 - 000003078 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-03-12 22:21 - 2023-01-30 22:25 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-03-12 22:21 - 2023-01-30 22:25 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-03-12 22:21 - 2023-01-28 15:20 - 000000000 ____D C:\Users\rosmy\AppData\Local\AvastAntiTrackPremium
2023-03-12 22:21 - 2023-01-28 15:17 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2023-03-12 22:21 - 2023-01-28 15:17 - 000002076 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2023-03-12 22:21 - 2023-01-28 15:09 - 000000000 ____D C:\ProgramData\AVAST Software
2023-03-12 22:21 - 2023-01-28 11:40 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2023-03-12 22:20 - 2023-01-31 23:00 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-03-12 22:20 - 2023-01-30 22:25 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-03-12 22:20 - 2023-01-30 22:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-12 22:20 - 2023-01-28 11:15 - 000875536 _____ C:\WINDOWS\system32\wpbbin.exe
2023-03-12 22:20 - 2023-01-28 11:15 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2023-03-12 22:20 - 2023-01-28 11:15 - 000012288 ___SH C:\DumpStack.log.tmp
2023-03-12 22:20 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-03-12 22:19 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-12 22:05 - 2023-01-28 11:40 - 000000000 ____D C:\Users\rosmy\AppData\Local\D3DSCache
2023-03-12 21:43 - 2023-01-30 22:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-12 20:21 - 2023-01-31 23:00 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-12 20:21 - 2023-01-31 23:00 - 000003046 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-03-12 20:21 - 2023-01-31 23:00 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Roman
2023-03-12 20:21 - 2023-01-30 22:25 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-12 20:21 - 2023-01-30 22:25 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-12 20:21 - 2023-01-30 22:25 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3398037617-877173979-1485582407-1001
2023-03-12 20:21 - 2023-01-30 22:25 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3398037617-877173979-1485582407-1001
2023-03-12 20:21 - 2023-01-30 22:25 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2023-03-12 20:21 - 2023-01-30 22:25 - 000002402 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2023-03-12 20:21 - 2023-01-30 22:25 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2023-03-12 20:21 - 2023-01-30 22:25 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2023-03-12 20:21 - 2023-01-30 22:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-03-12 00:20 - 2023-01-30 22:15 - 000000000 ____D C:\Users\rosmy
2023-03-11 22:28 - 2023-01-28 15:33 - 000000000 ____D C:\Users\rosmy\Roman ostatní
2023-03-11 21:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-11 21:24 - 2023-01-30 22:24 - 000477936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-11 21:24 - 2023-01-28 11:15 - 001556406 _____ C:\WINDOWS\Minidump\031123-4390-01.dmp
2023-03-11 21:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-03-11 20:48 - 2023-01-28 14:40 - 000000000 ____D C:\Users\rosmy\AppData\Local\GHISLER
2023-03-11 20:42 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-11 19:43 - 2023-01-28 11:15 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-11 00:20 - 2023-01-28 16:48 - 000000000 ____D C:\Users\rosmy\AppData\Local\CrashDumps
2023-03-10 21:05 - 2023-01-28 11:34 - 000002377 _____ C:\Users\rosmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-10 21:01 - 2023-01-28 15:17 - 000941928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000699624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000557136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000391856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000319056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000297880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000268480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000231808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-03-06 11:10 - 2023-01-28 15:39 - 000000364 _____ C:\Users\rosmy\Desktop\Ethernet – zástupce.lnk
2023-03-03 10:53 - 2023-01-28 11:40 - 000000000 ____D C:\ProgramData\Packages
2023-02-18 16:00 - 2023-01-28 11:42 - 000000000 ____D C:\Users\rosmy\AppData\Local\PlaceholderTileLogoFolder
2023-02-18 16:00 - 2023-01-28 11:40 - 000000000 ____D C:\Users\rosmy\AppData\Local\Packages
2023-02-17 20:38 - 2019-12-07 10:14 - 000000167 _____ C:\WINDOWS\win.ini
2023-02-16 23:48 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-16 20:33 - 2023-01-28 14:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-16 20:32 - 2023-01-28 14:30 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-16 20:31 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-16 20:29 - 2023-01-30 22:25 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-13 18:47 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-02-12 15:39 - 2023-01-28 11:42 - 000000000 ____D C:\ProgramData\Package Cache
2023-02-11 22:54 - 2023-01-30 21:42 - 000000000 ___DC C:\WINDOWS\Panther
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ======================== Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-12-2023
# Duration: 00:00:03
# OS: Windows 11 (Build 22621.1265)
# Scanned: 32101
# Detected: 11
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\rosmy\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-12-2023
# Duration: 00:00:01
# OS: Windows 11 (Build 22621.1265)
# Cleaned: 11
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\rosmy\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2508 octets] - [12/03/2023 22:06:43]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Další sken, už byl bez detekce. Avast nic nehlásil, akorát mi maže frst. Platební režim se spustí, ale celý prohlížeč je to nějaký podezřelý. Tak jen pro jistotu. Děkuji.
prosím o kontrolu logu (pořízen, až po pročištění Adwcleaner), přikládám i log s ADwcleaner nalez pup.optional seznam cz Dal jsem kontrolu jelikož mám problém s platebním režimem u Avastu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2023
Ran by Roman (administrator) on DESKTOP-9RDGM5O (Gigabyte Technology Co., Ltd. B550 GAMING X V2) (12-03-2023 22:32:37)
Running from C:\Users\rosmy\Desktop
Loaded Profiles: Roman
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1265 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23034.1300.1846.7680_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe <12>
(DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atieclxx.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <3>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) () [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3398037617-877173979-1485582407-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3398037617-877173979-1485582407-1001\...\Run: [MicrosoftEdgeAutoLaunch_8C26541BB0E90087424048CEDDA8EBAF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2044248 2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\Installer\chrmstp.exe [2023-03-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2023-02-15]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {0CCF315D-2D8B-4528-B4B7-8FA402A0B7FC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56368 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {0E5974F5-6CD5-4927-A5D1-64230F814A7D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "a6108a6b-07b7-475f-b5c7-fa4c9abad6b0" --version "6.09.10300" --silent
Task: {29335325-4E2D-460E-A1FA-EF3A1FF297BE} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {2B217388-9CD4-4E9E-9AEF-896CE417608C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)
Task: {302F7049-45AC-4E22-A7DB-D9EEA0FAC00F} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1217944 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
Task: {47E82149-9FBA-4481-980A-11C4536FBAAB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {6F805CFF-5B63-4114-95BE-15EB6BE563AE} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-04-28] (Advanced Micro Devices, Inc.) [File not signed]
Task: {71A01836-17DE-4FD8-9F07-BBA815A05666} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {80B36C5E-21AC-41FE-86BE-34BD2A23CFD6} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {82A5154E-CE57-42A9-B0E6-E9DCED2B030A} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4698008 2023-02-14] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 04dee113-ea33-441c-9c41-1c126b7b4db8
Task: {8F59C42C-4579-49BE-8DE7-767B0C3D597B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {90FFD2A9-E249-4B28-81BE-5383D1713D0A} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9BCBEA99-9EB2-4FE3-9EDE-13E78ABC06C1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {B1C59922-6573-431B-A555-D55AA23ECBF4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {B45267C1-616E-40C4-8A14-571EEDF68566} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3398037617-877173979-1485582407-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1790.13.81.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2157816 2023-02-24] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CECB9E7C-93C3-4E8B-9AA0-CB81AF3C9907} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {D1921B9D-C5B7-4A67-ADEF-80EA878015AE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {DE5C787C-483C-4416-A87C-6AACA6A7EA4A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E469A6C5-A505-4680-8054-441BC56809A9} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5000600 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
Task: {F14089BE-EF73-41C2-A7D4-31DD9E72E1B2} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [261680 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {FAB9E7A1-A527-4490-9456-A0E02D30DD9A} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [813008 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {FC11A5C0-A082-4CA2-AE6B-20123FDE5FD2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2023-01-26] (Avast Software s.r.o. -> Avast Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.0 account.zoner.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{41766173-7453-6f66-7477-617265415357}: [NameServer] 100.126.0.1
Tcpip\..\Interfaces\{99b877ff-3a1c-4207-bddb-9e3233fbea3d}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\rosmy\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-12]
FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-3398037617-877173979-1485582407-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3398037617-877173979-1485582407-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3398037617-877173979-1485582407-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8905624 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [583064 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2197912 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [583576 2023-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [5779160 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\elevation_service.exe [1824504 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed]
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9639320 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249328 2023-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137600 2023-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [861328 2023-03-12] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\Windows\system32\AMDRyzenMasterDriver.sys [43336 2022-04-26] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\amdkmdag.sys [94459216 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [231808 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391856 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297880 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268480 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [557136 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [941928 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [699624 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212640 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319056 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [72584 2023-02-14] (Avast Software s.r.o. -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [51112 2023-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [184544 2023-02-14] (Avast Software s.r.o. -> Avast Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2023-01-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [124952 2023-01-28] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_8ba6e3ab748a90bd\rt68cx21x64.sys [620456 2022-03-25] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2023-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2023-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-28] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2023-01-30] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-12 22:32 - 2023-03-12 22:32 - 000026209 _____ C:\Users\rosmy\Desktop\FRST.txt
2023-03-12 22:32 - 2023-03-12 22:32 - 000000000 ____D C:\FRST
2023-03-12 22:29 - 2023-03-12 22:29 - 000002535 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-03-12 22:28 - 2023-03-12 22:28 - 001685233 _____ C:\Users\rosmy\Documents\záložky_12.03.23.html
2023-03-12 22:25 - 2023-03-12 22:25 - 000691102 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-12 22:25 - 2023-03-12 22:25 - 000143008 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-12 22:23 - 2023-03-12 22:23 - 002378752 _____ (Farbar) C:\Users\rosmy\Desktop\FRST64.exe
2023-03-12 22:19 - 2023-03-10 21:01 - 000308120 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-03-12 22:06 - 2023-03-12 22:07 - 000000000 ____D C:\AdwCleaner
2023-03-12 22:06 - 2023-03-12 22:06 - 008791352 _____ (Malwarebytes) C:\Users\rosmy\Desktop\adwcleaner.exe
2023-03-11 22:19 - 2023-03-11 22:19 - 000000000 ____D C:\Users\rosmy\AppData\Roaming\Zoner
2023-03-11 22:19 - 2023-03-11 22:19 - 000000000 ____D C:\Users\rosmy\AppData\Local\Zoner
2023-03-11 22:18 - 2023-03-11 22:18 - 000001825 _____ C:\Users\rosmy\Desktop\ZPS 19 CZ.lnk
2023-03-11 22:18 - 2023-03-11 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZPS 19 CZ
2023-03-11 22:18 - 2023-03-11 22:18 - 000000000 ____D C:\Program Files\ZPS 19 CZ
2023-03-11 00:21 - 2023-03-11 00:21 - 000010454 _____ C:\Users\rosmy\Documents\cc_20230311_002104.reg
2023-03-10 21:02 - 2023-03-10 21:02 - 000116853 _____ C:\Users\rosmy\Desktop\faktura zrcátka skutr_337556.pdf
2023-03-09 10:47 - 2013-03-12 18:42 - 011392061 _____ C:\Users\rosmy\Desktop\Yamaha-YP-125-R-2005-2012.pdf
2023-03-09 10:46 - 2022-03-22 17:26 - 021388775 _____ C:\Users\rosmy\Desktop\manual-x-max-125-2013 tento-pdf.pdf
2023-03-08 19:55 - 2023-03-08 19:55 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-03-01 21:22 - 2023-03-01 21:22 - 000024815 _____ C:\Users\rosmy\Documents\SOKOLA - Faktura zaplaceno.pdf
2023-02-28 21:57 - 2023-02-28 21:57 - 000179947 _____ C:\Users\rosmy\Downloads\priloha_1129898580_0_zprava.pdf
2023-02-28 21:57 - 2023-02-28 21:57 - 000098366 _____ C:\Users\rosmy\Downloads\priloha_1134699498_0_VypisROS.pdf
2023-02-28 21:57 - 2023-02-28 21:57 - 000001785 _____ C:\Users\rosmy\Downloads\priloha_1134699498_1_VypisROS.csv
2023-02-26 12:55 - 2023-03-11 21:24 - 000000000 ____D C:\WINDOWS\Minidump
2023-02-18 19:22 - 2023-02-18 19:22 - 006085576 _____ C:\Users\rosmy\Downloads\avast_secure_browser_setup.exe
2023-02-18 16:37 - 2023-02-18 16:38 - 009635652 _____ C:\Users\rosmy\Documents\IMG_6792.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 009753449 _____ C:\Users\rosmy\Documents\IMG_6794.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 009703403 _____ C:\Users\rosmy\Documents\IMG_6795.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 008784382 _____ C:\Users\rosmy\Documents\IMG_6791.MOV
2023-02-18 16:37 - 2023-02-18 16:37 - 007413663 _____ C:\Users\rosmy\Documents\IMG_6796.MOV
2023-02-18 16:15 - 2023-02-18 16:15 - 000088490 _____ C:\Users\rosmy\Desktop\Informace o pojištění vozidla na další období.pdf
2023-02-18 16:15 - 2023-02-18 16:15 - 000080175 _____ C:\Users\rosmy\Desktop\Zelená karta k pojistné smlouvě číslo 4781673741.pdf
2023-02-18 15:56 - 2023-02-18 15:56 - 000000000 ____D C:\Users\rosmy\AppData\Local\ElevatedDiagnostics
2023-02-16 21:22 - 2023-02-16 21:22 - 000008524 _____ C:\Users\rosmy\Documents\cc_20230216_212202.reg
2023-02-16 20:31 - 2023-02-16 20:31 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2023-02-16 20:25 - 2023-02-16 20:25 - 000000000 ___HD C:\$WinREAgent
2023-02-14 23:06 - 2023-02-14 23:06 - 000008443 _____ C:\Users\rosmy\Documents\VYPL_080552_0_202301.pdf
2023-02-14 20:11 - 2023-02-14 20:11 - 000184544 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswWireguard.sys
2023-02-14 20:11 - 2023-02-14 20:11 - 000072584 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2023-02-14 20:09 - 2023-02-14 20:09 - 000563802 _____ C:\Users\rosmy\Documents\ML_Smejkal_2022.pdf
2023-02-13 22:31 - 2023-02-27 22:31 - 000000000 ____D C:\Users\rosmy\AppData\Local\AMD_Common
2023-02-13 21:00 - 2023-02-13 21:00 - 002041040 _____ ( ) C:\Users\rosmy\Downloads\data-recovery.exe
2023-02-13 18:48 - 2023-02-13 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2023-02-13 18:47 - 2023-02-16 20:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\WINDOWS\PCHEALTH
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2023-02-13 18:45 - 2023-02-13 18:47 - 000000000 ____D C:\WINDOWS\SHELLNEW
2023-02-13 18:45 - 2023-02-13 18:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-02-13 18:45 - 2023-02-13 18:45 - 000000000 __RHD C:\MSOCache
2023-02-13 18:45 - 2023-02-13 18:45 - 000000000 ____D C:\Users\rosmy\AppData\Local\Microsoft Help
2023-02-13 18:45 - 2023-02-13 18:45 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-12 14:43 - 2023-02-12 14:43 - 000000000 ____D C:\ProgramData\Western Digital
2023-02-12 10:24 - 2023-02-12 10:24 - 008718782 _____ C:\Users\rosmy\Downloads\SanDiskSecurity_WIN.zip
2023-02-12 10:16 - 2023-02-12 10:16 - 000000000 ____D C:\Users\rosmy\AppData\Roaming\com.sandisk.softwareInstaller
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-12 22:29 - 2023-01-28 15:09 - 000002570 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-03-12 22:25 - 2023-01-30 22:28 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-12 22:25 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-03-12 22:23 - 2023-01-31 23:00 - 000000000 ____D C:\Program Files\CCleaner
2023-03-12 22:23 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-12 22:21 - 2023-02-02 16:36 - 000003078 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-03-12 22:21 - 2023-01-30 22:25 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-03-12 22:21 - 2023-01-30 22:25 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-03-12 22:21 - 2023-01-28 15:20 - 000000000 ____D C:\Users\rosmy\AppData\Local\AvastAntiTrackPremium
2023-03-12 22:21 - 2023-01-28 15:17 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2023-03-12 22:21 - 2023-01-28 15:17 - 000002076 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2023-03-12 22:21 - 2023-01-28 15:09 - 000000000 ____D C:\ProgramData\AVAST Software
2023-03-12 22:21 - 2023-01-28 11:40 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2023-03-12 22:20 - 2023-01-31 23:00 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-03-12 22:20 - 2023-01-30 22:25 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-03-12 22:20 - 2023-01-30 22:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-12 22:20 - 2023-01-28 11:15 - 000875536 _____ C:\WINDOWS\system32\wpbbin.exe
2023-03-12 22:20 - 2023-01-28 11:15 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2023-03-12 22:20 - 2023-01-28 11:15 - 000012288 ___SH C:\DumpStack.log.tmp
2023-03-12 22:20 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-03-12 22:19 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-12 22:05 - 2023-01-28 11:40 - 000000000 ____D C:\Users\rosmy\AppData\Local\D3DSCache
2023-03-12 21:43 - 2023-01-30 22:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-12 20:21 - 2023-01-31 23:00 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-12 20:21 - 2023-01-31 23:00 - 000003046 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-03-12 20:21 - 2023-01-31 23:00 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Roman
2023-03-12 20:21 - 2023-01-30 22:25 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-12 20:21 - 2023-01-30 22:25 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-12 20:21 - 2023-01-30 22:25 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3398037617-877173979-1485582407-1001
2023-03-12 20:21 - 2023-01-30 22:25 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3398037617-877173979-1485582407-1001
2023-03-12 20:21 - 2023-01-30 22:25 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2023-03-12 20:21 - 2023-01-30 22:25 - 000002402 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2023-03-12 20:21 - 2023-01-30 22:25 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2023-03-12 20:21 - 2023-01-30 22:25 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2023-03-12 20:21 - 2023-01-30 22:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-03-12 00:20 - 2023-01-30 22:15 - 000000000 ____D C:\Users\rosmy
2023-03-11 22:28 - 2023-01-28 15:33 - 000000000 ____D C:\Users\rosmy\Roman ostatní
2023-03-11 21:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-11 21:24 - 2023-01-30 22:24 - 000477936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-11 21:24 - 2023-01-28 11:15 - 001556406 _____ C:\WINDOWS\Minidump\031123-4390-01.dmp
2023-03-11 21:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-03-11 20:48 - 2023-01-28 14:40 - 000000000 ____D C:\Users\rosmy\AppData\Local\GHISLER
2023-03-11 20:42 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-11 19:43 - 2023-01-28 11:15 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-11 00:20 - 2023-01-28 16:48 - 000000000 ____D C:\Users\rosmy\AppData\Local\CrashDumps
2023-03-10 21:05 - 2023-01-28 11:34 - 000002377 _____ C:\Users\rosmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-10 21:01 - 2023-01-28 15:17 - 000941928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000699624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000557136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000391856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000319056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000297880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000268480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000231808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-03-10 21:01 - 2023-01-28 15:17 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-03-06 11:10 - 2023-01-28 15:39 - 000000364 _____ C:\Users\rosmy\Desktop\Ethernet – zástupce.lnk
2023-03-03 10:53 - 2023-01-28 11:40 - 000000000 ____D C:\ProgramData\Packages
2023-02-18 16:00 - 2023-01-28 11:42 - 000000000 ____D C:\Users\rosmy\AppData\Local\PlaceholderTileLogoFolder
2023-02-18 16:00 - 2023-01-28 11:40 - 000000000 ____D C:\Users\rosmy\AppData\Local\Packages
2023-02-17 20:38 - 2019-12-07 10:14 - 000000167 _____ C:\WINDOWS\win.ini
2023-02-16 23:48 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-16 23:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-16 20:33 - 2023-01-28 14:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-16 20:32 - 2023-01-28 14:30 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-16 20:31 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-16 20:29 - 2023-01-30 22:25 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-13 18:47 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-02-12 15:39 - 2023-01-28 11:42 - 000000000 ____D C:\ProgramData\Package Cache
2023-02-11 22:54 - 2023-01-30 21:42 - 000000000 ___DC C:\WINDOWS\Panther
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ======================== Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-12-2023
# Duration: 00:00:03
# OS: Windows 11 (Build 22621.1265)
# Scanned: 32101
# Detected: 11
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\rosmy\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-12-2023
# Duration: 00:00:01
# OS: Windows 11 (Build 22621.1265)
# Cleaned: 11
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\rosmy\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2508 octets] - [12/03/2023 22:06:43]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Další sken, už byl bez detekce. Avast nic nehlásil, akorát mi maže frst. Platební režim se spustí, ale celý prohlížeč je to nějaký podezřelý. Tak jen pro jistotu. Děkuji.
