Spomalený PC
Napsal: 06 srp 2023 00:17
Dobrý deň.
Prosím o pomoc, ide o PC starších príbuzných, ktoré je zrazu výrazne spomalené. Vraj ich asi pred 2 mesiacmi vyzvalo na kúpu antivírového programu, tak si ho objednali a zaplatili na 2 roky, ale nevedia o ktorý ide. AVG, Avast sú spustené na pozadí.
Pre mňa prvým krokom bolo objednanie 4 GB RAM, namiesto ich doterajších 2 GB (pre Win 10 Home 32-bit).
Prikladám FRST.txt aj Addition.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-08-2023
Ran by Rakaš (administrator) on POČITAČ (Hewlett-Packard HP Compaq dc7900 Small Form Factor) (05-08-2023 20:40:24)
Running from C:\Users\Rakaš\Desktop\FRST.exe
Loaded Profiles: Rakaš
Platform: Microsoft Windows 10 Home Version 22H2 19045.3271 (X86) Language: Čeština (Česko)
Default browser: "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21524.0_x86__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\oobe\UserOOBEBroker.exe
(svchost.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [415376 2021-02-28] (Power Software Limited -> Power Software Ltd)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4108696 2023-07-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [269752 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [4562328 2023-08-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\78.0.1.0\GoogleDriveFS.exe [135735064 2023-07-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\78.0.1.0\GoogleDriveFS.exe [135735064 2023-07-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\78.0.1.0\GoogleDriveFS.exe [135735064 2023-07-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\Run: [BingWallpaperApp] => C:\Users\Rakaš\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [14026632 2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\MountPoints2: E - "E:\Setup.exe"
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\MountPoints2: F - "F:\autorun.exe"
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\MountPoints2: {12611bd3-124f-11eb-96b5-002481c112db} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\MountPoints2: {93458da9-e409-11ed-9bf5-002481c112db} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\78.0.1.0\GoogleDriveFS.exe [135735064 2023-07-19] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\115.0.21930.112\Installer\chrmstp.exe [2023-07-28] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.170\Installer\chrmstp.exe [2023-08-04] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-02-25] () [File not signed] <==== ATTENTION
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {87A20F14-F911-4F2C-83A8-25CDA52B0487} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4556728 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) <==== ATTENTION
Task: {FC68EF15-8589-411A-B318-2FF70D3D080A} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4298136 2023-07-20] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters). <==== ATTENTION
Task: {7F82207F-2EF3-426E-9343-53AFB73435E0} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6442392 2023-07-18] (Avast Software s.r.o. -> Avast Software) <==== ATTENTION
Task: {B1524FEF-8CE1-4799-8A6E-0D88B809A1DA} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4299672 2023-08-03] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters). <==== ATTENTION
Task: {E64FFDD2-15FD-4261-AAD9-A7AC217CF37C} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [6442392 2023-08-02] (Avast Software s.r.o. -> Avast Software) <==== ATTENTION
Task: {98464E17-DBC7-487A-B664-545EF58DE9FC} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1867192 2023-07-20] (AVG Technologies USA, LLC -> AVG Technologies) <==== ATTENTION
Task: {C272BCEA-47DC-4870-A7C5-E2457954EFFE} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2415792 2023-07-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {43693721-D573-4EE3-AF29-DCF7931CC34E} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2415792 2023-07-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {D2830FD5-70F1-4001-B2E4-66651606EF62} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) <==== ATTENTION
Task: {27464CBB-3D31-49A1-98D2-EC38BE7325D7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4252576 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "40c2176e-4504-4227-a8d7-137b37470393" --version "6.14.10584" --silent <==== ATTENTION
Task: {DA0378B4-B0A1-4B2E-917C-5C0755F6B4D0} - System32\Tasks\CCleanerSkipUAC - Rakaš => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) <==== ATTENTION
Task: {B17BC914-5EC4-423F-A2BD-8C4B14B15742} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208168 2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {EA2BFDAF-2D8B-48E9-A0E3-D6336FC584A6} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208168 2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {B3377CC7-9DA7-4BED-B6C1-42FF991ECF7A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [4675912 2023-08-05] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {11AA9A06-B005-429D-BB2F-C5709886F15A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2019-06-02] (Google Inc -> Google LLC) <==== ATTENTION
Task: {3BC8D36B-B6AA-4151-A9F7-BF63E9159C67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2019-06-02] (Google Inc -> Google LLC) <==== ATTENTION
Task: {F5C805BE-C807-4BA8-9BD2-2233C0F99849} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {F5C805BE-C807-4BA8-9BD2-2233C0F99849} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {F5C805BE-C807-4BA8-9BD2-2233C0F99849} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {4730CBD1-4B7A-49D9-8EED-81514B12A6A7} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [69120 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8F7652EA-48E1-429F-B05B-1B96DF26ECE2} - System32\Tasks\Microsoft\Windows\CloudRestore\Backup => {722D0F89-B69C-4700-AE8C-4A44350E4876} C:\WINDOWS\System32\CloudRestoreLauncher.dll [387584 2023-08-05] (Microsoft Windows -> Microsoft Corporation)
Task: {1C97313F-C6DC-4758-886F-C86FFEF0E35A} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [62464 2023-07-12] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {7012373F-D0D4-42EB-8918-4E180C10F346} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\WINDOWS\System32\PrinterCleanupTask.dll [68096 2023-07-12] (Microsoft Windows -> Microsoft Corporation)
Task: {4C016290-7E9C-416D-AD4A-795108009016} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\WINDOWS\System32\Themes.SsfDownload.ScheduledTask.dll [109056 2022-07-15] (Microsoft Windows -> Microsoft Corporation)
Task: {A9FFC201-A745-492A-AAB5-29E1F59F5DAF} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-559361515-4065419017-1633638139-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
AutoConfigURL: [{BF8DC721-AB26-4A08-94F4-D6FA6656FFC3}] => 192.168.0.1 <==== ATTENTION
AutoConfigURL: [S-1-5-21-559361515-4065419017-1633638139-1001] => 192.168.0.1 <==== ATTENTION
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7220615e-e8bb-467b-bf91-c9319c496686}: [DhcpNameServer] 192.168.0.1
ManualProxies: 0192.168.0.1 <==== ATTENTION
Edge:
=======
DownloadDir: C:\Users\Rakaš\Downloads
Edge Notifications: HKU\S-1-5-21-559361515-4065419017-1633638139-1001 -> hxxps://www.svetandroida.cz; hxxps://www.analdin.com; hxxps://www.bravotube.net
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (Translator pro Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2021-08-06]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-05]
Edge Extension: (Avira Safe Shopping) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-09-03]
Edge Extension: (Avira Password Manager) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-09-03]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-03]
Edge Profile: C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-08-05]
Edge Profile: C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-08-05]
Edge HomePage: Profile 1 -> qwant.com
Edge DefaultSearchURL: Profile 1 -> hxxps://www.qwant.com/?q={searchTerms}&client=ext-edge-sb
Edge DefaultSearchKeyword: Profile 1 -> www.qwant.com
Edge DefaultSuggestURL: Profile 1 -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
Edge Extension: (Avira Safe Shopping) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-04-11]
Edge Extension: (Handy Screenshot) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\dajlhodahakobmgdiglkajjgbchiiccf [2022-09-15]
Edge Extension: (Qwant) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\eljplgljphmgjhnalbganhenlcapgnne [2022-12-20]
Edge Extension: (Avira Password Manager) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-03-24]
Edge Extension: (Dokumenty Google offline) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21]
Edge Extension: (Microsoft Editor: kontrola pravopisu a gramatiky) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\hokifickgkhplphjiodbggjmoafhignh [2023-07-04]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-07-19]
Edge Extension: (Edge relevant text changes) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-26]
Edge Extension: (One Click GSN Games) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\kjdbedlepiebjogmbmmfgilidoobdfmb [2022-02-15]
Edge Profile: C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2023-08-05]
Edge HKLM\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1636.4\npCCleanerBrowserUpdate3.dll [2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1636.4\npCCleanerBrowserUpdate3.dll [2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-08-05]
CHR Profile: C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-08-05]
CHR Notifications: Profile 1 -> hxxps://adhesionplum.com; hxxps://blikk.pushengage.com; hxxps://blikkruzs.pushengage.com; hxxps://blog.csdn.net; hxxps://cs-vid.net; hxxps://cs.uzasnenabidky24.com; hxxps://cz-oriflame-com-of.salesmanagopush.com; hxxps://cz.lekarskereporteri24.com; hxxps://cz.pinterest.com; hxxps://fakta.today; hxxps://fastshare.cz; hxxps://femina.hu; hxxps://hnonline.sk; hxxps://keresztlabda.hu; hxxps://lodigoaca.com; hxxps://nevergiveupyourmind.com; hxxps://newsyoucanread24.com; hxxps://noizzhu.pushengage.com; hxxps://popularni.live; hxxps://postovnezdarma.cz; hxxps://slovenskoaktualne.sk; hxxps://szavazo.os.tc; hxxps://thenovosti.com; hxxps://topofferss4you.com; hxxps://tv2play.hu; hxxps://upgrade.beltsdance.com; hxxps://wellnesswayblog.com; hxxps://www.ac24.cz; hxxps://www.caramelbotanica.com; hxxps://www.esky.cz; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.idnes.cz; hxxps://www.kupi.cz; hxxps://www.lightinthebox.com; hxxps://www.magyarorszagom.hu; hxxps://www.myistria.com; hxxps://www.n3ws247.com; hxxps://www.napi.hu; hxxps://www.podnikatel.cz; hxxps://www.wish.com; hxxps://zebrinestreem.info; hxxps://zivot.org
CHR HomePage: Profile 1 -> qwant.com
CHR DefaultSearchURL: Profile 1 -> hxxps://www.gstatic.com/youtube/img/branding/fa ... 44x144.png
CHR DefaultSearchKeyword: Profile 1 -> www.qwant.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://www.bing.com/osjson.aspx?form=BGGCSS&pc ... earchTerms}
CHR Extension: (Avira Safe Shopping) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-08-02]
CHR Extension: (Handy Screenshot) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dajlhodahakobmgdiglkajjgbchiiccf [2022-09-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-26]
CHR Extension: (Microsoft Bing Search Engine) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hkecabaloghleaicfhefejdijblljpco [2022-10-09]
CHR Extension: (Qwant) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2022-12-29]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-05]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-559361515-4065419017-1633638139-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkecabaloghleaicfhefejdijblljpco]
CHR HKU\S-1-5-21-559361515-4065419017-1633638139-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [585656 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [586168 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8058808 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2023-07-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2021-03-20] (Microsoft Windows -> Microsoft Corporation)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208168 2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\115.0.21930.112\elevation_service.exe [1657992 2023-07-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208168 2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [896416 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15922072 2023-07-20] (Avast Software s.r.o. -> AVAST Software)
S2 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [68096 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [33792 2020-11-04] (Microsoft Windows -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [8668056 2023-08-03] (Avast Software s.r.o. -> AVAST Software)
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [358400 2021-08-13] (Microsoft Windows -> Microsoft Corporation)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [14848 2021-08-13] (Microsoft Windows -> Microsoft Corporation)
R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [121344 2021-08-13] (Microsoft Windows -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [865280 2021-05-14] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [230912 2021-02-10] (Microsoft Windows -> Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [299344 2023-04-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [1998784 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1105920 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [89736 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [28856 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [189528 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [330888 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [242072 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [88160 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [22504 2023-07-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [36528 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [228648 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [407424 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [89776 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [69088 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [776120 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [595408 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [158960 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [264744 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [200192 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [15360 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [344664 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HidSpiCx; C:\WINDOWS\System32\drivers\HidSpiCx.sys [70144 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl61632e5a; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [56552 2022-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsla07942ed; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [56552 2022-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [79680 2019-05-11] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 PrjFlt; C:\WINDOWS\system32\drivers\prjflt.sys [187776 2023-08-05] (Microsoft Windows -> Microsoft Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [124616 2017-06-07] (Power Software Limited -> Power Software Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [40384 2023-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401688 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [119952 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [67864 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [218624 2023-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslaadc2a53; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AF27D79A-B78F-4B49-9FCB-AB8DFCE48BE9}\MpKslDrv.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-05 20:34 - 2023-08-05 20:40 - 000037201 ____C C:\Users\Rakaš\Desktop\Addition.txt
2023-08-05 20:27 - 2023-08-05 20:43 - 000030363 ____C C:\Users\Rakaš\Desktop\FRST.txt
2023-08-05 20:26 - 2023-08-05 20:42 - 000000000 ____D C:\FRST
2023-08-05 20:24 - 2023-08-05 20:24 - 002085376 _____ (Farbar) C:\Users\Rakaš\Desktop\FRST.exe
2023-08-05 20:11 - 2023-08-05 20:17 - 000000000 ____D C:\AdwCleaner
2023-08-05 20:10 - 2023-08-05 20:10 - 008791352 _____ (Malwarebytes) C:\Users\Rakaš\Desktop\adwcleaner.exe
2023-08-05 16:53 - 2023-08-05 16:53 - 000001156 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2023-08-05 16:53 - 2023-08-05 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-08-05 16:53 - 2023-08-05 16:53 - 000000000 ____D C:\Program Files\CPUID
2023-08-05 16:51 - 2023-08-05 16:52 - 001491000 _____ (CPUID, Inc. ) C:\Users\Rakaš\Downloads\hwmonitor_1.51.exe
2023-08-05 14:20 - 2023-08-05 14:20 - 000000000 ___HD C:\$WinREAgent
2023-07-31 18:26 - 2023-07-31 18:25 - 000270264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2023-07-26 15:32 - 2023-07-26 15:32 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2023-07-26 15:32 - 2023-07-26 15:32 - 000002271 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
2023-07-26 15:29 - 2023-07-26 15:29 - 001300760 _____ (Avast Software) C:\Users\Rakaš\Downloads\avast_driver_updater_online_setup.exe
2023-07-20 19:00 - 2023-07-20 19:00 - 000000000 ____D C:\Users\Rakaš\AppData\Local\AVG
2023-07-20 16:52 - 2023-07-20 16:52 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus Free.lnk
2023-07-20 16:52 - 2023-07-20 16:52 - 000000000 ____D C:\Users\Rakaš\AppData\Roaming\AVG
2023-07-20 16:51 - 2023-07-20 16:51 - 000000000 ____D C:\ProgramData\Piriform
2023-07-20 16:48 - 2023-07-28 11:43 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2023-07-20 16:46 - 2023-07-20 16:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2023-07-20 16:45 - 2023-07-20 16:45 - 000000000 ____D C:\Users\Rakaš\AppData\Local\CCleaner Browser
2023-07-20 16:45 - 2023-07-20 16:45 - 000000000 ____D C:\ProgramData\CCleaner Browser
2023-07-20 16:44 - 2023-07-31 18:26 - 000003992 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2023-07-20 16:44 - 2023-07-28 14:16 - 000003092 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-07-20 16:44 - 2023-07-28 14:16 - 000002610 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2023-07-20 16:43 - 2023-07-20 16:43 - 000000000 ____D C:\Program Files\Common Files\AVG
2023-07-20 16:38 - 2023-07-28 14:16 - 000003444 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-07-20 16:38 - 2023-07-28 14:16 - 000003220 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-07-20 16:38 - 2023-07-28 11:43 - 000000000 ____D C:\Program Files\CCleaner Browser
2023-07-20 16:38 - 2023-07-20 16:38 - 000000000 ____D C:\Program Files\AVG
2023-07-20 16:37 - 2023-08-05 18:33 - 000000000 ____D C:\ProgramData\AVG
2023-07-20 16:36 - 2023-07-28 14:54 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-07-20 16:36 - 2023-07-28 14:16 - 000003046 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-07-20 16:35 - 2023-08-05 20:06 - 000000000 ____D C:\Program Files\CCleaner
2023-07-20 16:35 - 2023-08-02 12:54 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-07-20 16:35 - 2023-07-28 14:16 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Rakaš
2023-07-20 16:35 - 2023-07-20 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-07-07 22:39 - 2023-07-07 22:39 - 000186501 _____ C:\Users\Rakaš\Downloads\Doklad_SIPO_202307_5070023919.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-05 20:39 - 2019-12-07 08:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-05 20:23 - 2021-12-17 17:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-05 20:23 - 2019-06-02 03:09 - 000000000 ____D C:\Program Files\Google
2023-08-05 20:19 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-08-05 20:17 - 2019-04-13 09:54 - 000000000 ____D C:\Users\Rakaš\AppData\LocalLow\IObit
2023-08-05 20:07 - 2019-08-31 10:45 - 000000000 ____D C:\Users\Rakaš\AppData\Local\CrashDumps
2023-08-05 19:08 - 2019-12-07 08:10 - 000000000 ____D C:\WINDOWS\INF
2023-08-05 18:33 - 2019-06-30 07:56 - 000000000 ____D C:\ProgramData\AVAST Software
2023-08-05 18:32 - 2020-11-04 16:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-05 18:32 - 2020-11-04 15:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-05 17:16 - 2019-12-07 08:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-08-05 15:12 - 2020-11-04 15:55 - 002973736 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-05 15:12 - 2020-11-04 14:50 - 000839092 _____ C:\WINDOWS\system32\perfh007.dat
2023-08-05 15:12 - 2020-11-04 14:50 - 000187708 _____ C:\WINDOWS\system32\perfc007.dat
2023-08-05 15:12 - 2019-12-07 14:21 - 000805198 _____ C:\WINDOWS\system32\perfh005.dat
2023-08-05 15:12 - 2019-12-07 14:21 - 000183898 _____ C:\WINDOWS\system32\perfc005.dat
2023-08-05 15:07 - 2022-03-10 10:37 - 000339864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-05 14:59 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-05 13:47 - 2023-04-13 13:37 - 000000000 ____D C:\Log
2023-08-04 10:55 - 2020-10-19 13:25 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-04 10:55 - 2018-02-04 00:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-03 18:44 - 2020-11-04 15:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-03 15:20 - 2019-12-07 08:12 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-03 15:20 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-03 13:45 - 2020-11-04 15:45 - 000000000 ____D C:\Users\Rakaš
2023-08-02 12:59 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-08-02 11:18 - 2020-11-04 16:08 - 000003756 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-02 11:18 - 2020-11-04 16:08 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-07-31 18:26 - 2019-12-07 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-29 11:14 - 2023-01-16 22:23 - 000002220 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-07-29 11:14 - 2020-03-27 21:29 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-28 14:16 - 2022-03-09 13:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-07-28 14:16 - 2021-01-05 03:25 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-07-28 14:16 - 2020-11-04 16:08 - 000003556 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-28 14:16 - 2020-11-04 16:08 - 000003332 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-28 14:16 - 2020-11-04 16:08 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-559361515-4065419017-1633638139-1001
2023-07-26 15:33 - 2019-06-30 08:06 - 000000000 ____D C:\Users\Rakaš\AppData\Roaming\AVAST Software
2023-07-26 15:31 - 2022-03-09 13:15 - 000000000 ____D C:\Program Files\Avast Software
2023-07-19 15:57 - 2021-09-21 11:07 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-07-19 15:57 - 2021-09-21 11:07 - 000002008 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-07-19 15:57 - 2021-09-21 11:07 - 000002008 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-07-19 15:57 - 2021-09-21 11:07 - 000001996 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-07-14 10:43 - 2019-05-19 03:47 - 000757160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-12 13:36 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-12 13:36 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-12 13:36 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-12 13:35 - 2019-12-07 08:12 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-12 11:18 - 2019-05-19 03:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-12 10:56 - 2019-05-19 03:51 - 168745656 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-09 19:05 - 2021-04-02 20:50 - 000000000 ___DC C:\Users\Rakaš\Documents\NFS Most Wanted
==================== Files in the root of some directories ========
2021-04-28 20:28 - 2021-11-11 16:08 - 000007666 _____ () C:\Users\Rakaš\AppData\Local\Resmon.ResmonCfg
2021-03-22 20:06 - 2021-03-22 20:06 - 000000000 _____ () C:\Users\Rakaš\AppData\Local\{F441F4A8-046A-41A0-B312-46060E44229A}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Prosím o pomoc, ide o PC starších príbuzných, ktoré je zrazu výrazne spomalené. Vraj ich asi pred 2 mesiacmi vyzvalo na kúpu antivírového programu, tak si ho objednali a zaplatili na 2 roky, ale nevedia o ktorý ide. AVG, Avast sú spustené na pozadí.
Pre mňa prvým krokom bolo objednanie 4 GB RAM, namiesto ich doterajších 2 GB (pre Win 10 Home 32-bit).
Prikladám FRST.txt aj Addition.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-08-2023
Ran by Rakaš (administrator) on POČITAČ (Hewlett-Packard HP Compaq dc7900 Small Form Factor) (05-08-2023 20:40:24)
Running from C:\Users\Rakaš\Desktop\FRST.exe
Loaded Profiles: Rakaš
Platform: Microsoft Windows 10 Home Version 22H2 19045.3271 (X86) Language: Čeština (Česko)
Default browser: "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21524.0_x86__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\oobe\UserOOBEBroker.exe
(svchost.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [415376 2021-02-28] (Power Software Limited -> Power Software Ltd)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4108696 2023-07-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [269752 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [4562328 2023-08-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\78.0.1.0\GoogleDriveFS.exe [135735064 2023-07-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\78.0.1.0\GoogleDriveFS.exe [135735064 2023-07-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\78.0.1.0\GoogleDriveFS.exe [135735064 2023-07-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\Run: [BingWallpaperApp] => C:\Users\Rakaš\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [14026632 2023-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\MountPoints2: E - "E:\Setup.exe"
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\MountPoints2: F - "F:\autorun.exe"
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\MountPoints2: {12611bd3-124f-11eb-96b5-002481c112db} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-559361515-4065419017-1633638139-1001\...\MountPoints2: {93458da9-e409-11ed-9bf5-002481c112db} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\78.0.1.0\GoogleDriveFS.exe [135735064 2023-07-19] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\115.0.21930.112\Installer\chrmstp.exe [2023-07-28] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.170\Installer\chrmstp.exe [2023-08-04] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-02-25] () [File not signed] <==== ATTENTION
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {87A20F14-F911-4F2C-83A8-25CDA52B0487} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4556728 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) <==== ATTENTION
Task: {FC68EF15-8589-411A-B318-2FF70D3D080A} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4298136 2023-07-20] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters). <==== ATTENTION
Task: {7F82207F-2EF3-426E-9343-53AFB73435E0} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6442392 2023-07-18] (Avast Software s.r.o. -> Avast Software) <==== ATTENTION
Task: {B1524FEF-8CE1-4799-8A6E-0D88B809A1DA} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4299672 2023-08-03] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters). <==== ATTENTION
Task: {E64FFDD2-15FD-4261-AAD9-A7AC217CF37C} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [6442392 2023-08-02] (Avast Software s.r.o. -> Avast Software) <==== ATTENTION
Task: {98464E17-DBC7-487A-B664-545EF58DE9FC} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1867192 2023-07-20] (AVG Technologies USA, LLC -> AVG Technologies) <==== ATTENTION
Task: {C272BCEA-47DC-4870-A7C5-E2457954EFFE} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2415792 2023-07-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {43693721-D573-4EE3-AF29-DCF7931CC34E} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2415792 2023-07-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {D2830FD5-70F1-4001-B2E4-66651606EF62} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) <==== ATTENTION
Task: {27464CBB-3D31-49A1-98D2-EC38BE7325D7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4252576 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "40c2176e-4504-4227-a8d7-137b37470393" --version "6.14.10584" --silent <==== ATTENTION
Task: {DA0378B4-B0A1-4B2E-917C-5C0755F6B4D0} - System32\Tasks\CCleanerSkipUAC - Rakaš => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) <==== ATTENTION
Task: {B17BC914-5EC4-423F-A2BD-8C4B14B15742} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208168 2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {EA2BFDAF-2D8B-48E9-A0E3-D6336FC584A6} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208168 2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {B3377CC7-9DA7-4BED-B6C1-42FF991ECF7A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [4675912 2023-08-05] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {11AA9A06-B005-429D-BB2F-C5709886F15A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2019-06-02] (Google Inc -> Google LLC) <==== ATTENTION
Task: {3BC8D36B-B6AA-4151-A9F7-BF63E9159C67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2019-06-02] (Google Inc -> Google LLC) <==== ATTENTION
Task: {F5C805BE-C807-4BA8-9BD2-2233C0F99849} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {F5C805BE-C807-4BA8-9BD2-2233C0F99849} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {F5C805BE-C807-4BA8-9BD2-2233C0F99849} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {4730CBD1-4B7A-49D9-8EED-81514B12A6A7} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [69120 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8F7652EA-48E1-429F-B05B-1B96DF26ECE2} - System32\Tasks\Microsoft\Windows\CloudRestore\Backup => {722D0F89-B69C-4700-AE8C-4A44350E4876} C:\WINDOWS\System32\CloudRestoreLauncher.dll [387584 2023-08-05] (Microsoft Windows -> Microsoft Corporation)
Task: {1C97313F-C6DC-4758-886F-C86FFEF0E35A} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [62464 2023-07-12] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {7012373F-D0D4-42EB-8918-4E180C10F346} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\WINDOWS\System32\PrinterCleanupTask.dll [68096 2023-07-12] (Microsoft Windows -> Microsoft Corporation)
Task: {4C016290-7E9C-416D-AD4A-795108009016} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\WINDOWS\System32\Themes.SsfDownload.ScheduledTask.dll [109056 2022-07-15] (Microsoft Windows -> Microsoft Corporation)
Task: {A9FFC201-A745-492A-AAB5-29E1F59F5DAF} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-559361515-4065419017-1633638139-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
AutoConfigURL: [{BF8DC721-AB26-4A08-94F4-D6FA6656FFC3}] => 192.168.0.1 <==== ATTENTION
AutoConfigURL: [S-1-5-21-559361515-4065419017-1633638139-1001] => 192.168.0.1 <==== ATTENTION
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7220615e-e8bb-467b-bf91-c9319c496686}: [DhcpNameServer] 192.168.0.1
ManualProxies: 0192.168.0.1 <==== ATTENTION
Edge:
=======
DownloadDir: C:\Users\Rakaš\Downloads
Edge Notifications: HKU\S-1-5-21-559361515-4065419017-1633638139-1001 -> hxxps://www.svetandroida.cz; hxxps://www.analdin.com; hxxps://www.bravotube.net
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (Translator pro Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2021-08-06]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-05]
Edge Extension: (Avira Safe Shopping) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-09-03]
Edge Extension: (Avira Password Manager) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-09-03]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-03]
Edge Profile: C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-08-05]
Edge Profile: C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-08-05]
Edge HomePage: Profile 1 -> qwant.com
Edge DefaultSearchURL: Profile 1 -> hxxps://www.qwant.com/?q={searchTerms}&client=ext-edge-sb
Edge DefaultSearchKeyword: Profile 1 -> www.qwant.com
Edge DefaultSuggestURL: Profile 1 -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
Edge Extension: (Avira Safe Shopping) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-04-11]
Edge Extension: (Handy Screenshot) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\dajlhodahakobmgdiglkajjgbchiiccf [2022-09-15]
Edge Extension: (Qwant) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\eljplgljphmgjhnalbganhenlcapgnne [2022-12-20]
Edge Extension: (Avira Password Manager) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-03-24]
Edge Extension: (Dokumenty Google offline) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21]
Edge Extension: (Microsoft Editor: kontrola pravopisu a gramatiky) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\hokifickgkhplphjiodbggjmoafhignh [2023-07-04]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-07-19]
Edge Extension: (Edge relevant text changes) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-26]
Edge Extension: (One Click GSN Games) - C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\kjdbedlepiebjogmbmmfgilidoobdfmb [2022-02-15]
Edge Profile: C:\Users\Rakaš\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2023-08-05]
Edge HKLM\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1636.4\npCCleanerBrowserUpdate3.dll [2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1636.4\npCCleanerBrowserUpdate3.dll [2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-08-05]
CHR Profile: C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-08-05]
CHR Notifications: Profile 1 -> hxxps://adhesionplum.com; hxxps://blikk.pushengage.com; hxxps://blikkruzs.pushengage.com; hxxps://blog.csdn.net; hxxps://cs-vid.net; hxxps://cs.uzasnenabidky24.com; hxxps://cz-oriflame-com-of.salesmanagopush.com; hxxps://cz.lekarskereporteri24.com; hxxps://cz.pinterest.com; hxxps://fakta.today; hxxps://fastshare.cz; hxxps://femina.hu; hxxps://hnonline.sk; hxxps://keresztlabda.hu; hxxps://lodigoaca.com; hxxps://nevergiveupyourmind.com; hxxps://newsyoucanread24.com; hxxps://noizzhu.pushengage.com; hxxps://popularni.live; hxxps://postovnezdarma.cz; hxxps://slovenskoaktualne.sk; hxxps://szavazo.os.tc; hxxps://thenovosti.com; hxxps://topofferss4you.com; hxxps://tv2play.hu; hxxps://upgrade.beltsdance.com; hxxps://wellnesswayblog.com; hxxps://www.ac24.cz; hxxps://www.caramelbotanica.com; hxxps://www.esky.cz; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.idnes.cz; hxxps://www.kupi.cz; hxxps://www.lightinthebox.com; hxxps://www.magyarorszagom.hu; hxxps://www.myistria.com; hxxps://www.n3ws247.com; hxxps://www.napi.hu; hxxps://www.podnikatel.cz; hxxps://www.wish.com; hxxps://zebrinestreem.info; hxxps://zivot.org
CHR HomePage: Profile 1 -> qwant.com
CHR DefaultSearchURL: Profile 1 -> hxxps://www.gstatic.com/youtube/img/branding/fa ... 44x144.png
CHR DefaultSearchKeyword: Profile 1 -> www.qwant.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://www.bing.com/osjson.aspx?form=BGGCSS&pc ... earchTerms}
CHR Extension: (Avira Safe Shopping) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-08-02]
CHR Extension: (Handy Screenshot) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dajlhodahakobmgdiglkajjgbchiiccf [2022-09-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-26]
CHR Extension: (Microsoft Bing Search Engine) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hkecabaloghleaicfhefejdijblljpco [2022-10-09]
CHR Extension: (Qwant) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2022-12-29]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Rakaš\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-05]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-559361515-4065419017-1633638139-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkecabaloghleaicfhefejdijblljpco]
CHR HKU\S-1-5-21-559361515-4065419017-1633638139-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [585656 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [586168 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8058808 2023-07-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2023-07-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2021-03-20] (Microsoft Windows -> Microsoft Corporation)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208168 2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\115.0.21930.112\elevation_service.exe [1657992 2023-07-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208168 2023-07-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [896416 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15922072 2023-07-20] (Avast Software s.r.o. -> AVAST Software)
S2 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [68096 2021-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [33792 2020-11-04] (Microsoft Windows -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [8668056 2023-08-03] (Avast Software s.r.o. -> AVAST Software)
R2 ftpsvc; C:\WINDOWS\system32\inetsrv\ftpsvc.dll [358400 2021-08-13] (Microsoft Windows -> Microsoft Corporation)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [14848 2021-08-13] (Microsoft Windows -> Microsoft Corporation)
R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [121344 2021-08-13] (Microsoft Windows -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [865280 2021-05-14] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [230912 2021-02-10] (Microsoft Windows -> Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [299344 2023-04-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [1998784 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1105920 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [89736 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [28856 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [189528 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [330888 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [242072 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [88160 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [22504 2023-07-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [36528 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [228648 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [407424 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [89776 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [69088 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [776120 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [595408 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [158960 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [264744 2023-07-31] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [200192 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [15360 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [344664 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HidSpiCx; C:\WINDOWS\System32\drivers\HidSpiCx.sys [70144 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl61632e5a; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [56552 2022-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsla07942ed; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [56552 2022-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [79680 2019-05-11] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 PrjFlt; C:\WINDOWS\system32\drivers\prjflt.sys [187776 2023-08-05] (Microsoft Windows -> Microsoft Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [124616 2017-06-07] (Power Software Limited -> Power Software Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [40384 2023-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401688 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [119952 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [67864 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [218624 2023-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslaadc2a53; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AF27D79A-B78F-4B49-9FCB-AB8DFCE48BE9}\MpKslDrv.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-05 20:34 - 2023-08-05 20:40 - 000037201 ____C C:\Users\Rakaš\Desktop\Addition.txt
2023-08-05 20:27 - 2023-08-05 20:43 - 000030363 ____C C:\Users\Rakaš\Desktop\FRST.txt
2023-08-05 20:26 - 2023-08-05 20:42 - 000000000 ____D C:\FRST
2023-08-05 20:24 - 2023-08-05 20:24 - 002085376 _____ (Farbar) C:\Users\Rakaš\Desktop\FRST.exe
2023-08-05 20:11 - 2023-08-05 20:17 - 000000000 ____D C:\AdwCleaner
2023-08-05 20:10 - 2023-08-05 20:10 - 008791352 _____ (Malwarebytes) C:\Users\Rakaš\Desktop\adwcleaner.exe
2023-08-05 16:53 - 2023-08-05 16:53 - 000001156 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2023-08-05 16:53 - 2023-08-05 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-08-05 16:53 - 2023-08-05 16:53 - 000000000 ____D C:\Program Files\CPUID
2023-08-05 16:51 - 2023-08-05 16:52 - 001491000 _____ (CPUID, Inc. ) C:\Users\Rakaš\Downloads\hwmonitor_1.51.exe
2023-08-05 14:20 - 2023-08-05 14:20 - 000000000 ___HD C:\$WinREAgent
2023-07-31 18:26 - 2023-07-31 18:25 - 000270264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2023-07-26 15:32 - 2023-07-26 15:32 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2023-07-26 15:32 - 2023-07-26 15:32 - 000002271 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
2023-07-26 15:29 - 2023-07-26 15:29 - 001300760 _____ (Avast Software) C:\Users\Rakaš\Downloads\avast_driver_updater_online_setup.exe
2023-07-20 19:00 - 2023-07-20 19:00 - 000000000 ____D C:\Users\Rakaš\AppData\Local\AVG
2023-07-20 16:52 - 2023-07-20 16:52 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus Free.lnk
2023-07-20 16:52 - 2023-07-20 16:52 - 000000000 ____D C:\Users\Rakaš\AppData\Roaming\AVG
2023-07-20 16:51 - 2023-07-20 16:51 - 000000000 ____D C:\ProgramData\Piriform
2023-07-20 16:48 - 2023-07-28 11:43 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2023-07-20 16:46 - 2023-07-20 16:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2023-07-20 16:45 - 2023-07-20 16:45 - 000000000 ____D C:\Users\Rakaš\AppData\Local\CCleaner Browser
2023-07-20 16:45 - 2023-07-20 16:45 - 000000000 ____D C:\ProgramData\CCleaner Browser
2023-07-20 16:44 - 2023-07-31 18:26 - 000003992 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2023-07-20 16:44 - 2023-07-28 14:16 - 000003092 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-07-20 16:44 - 2023-07-28 14:16 - 000002610 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2023-07-20 16:43 - 2023-07-20 16:43 - 000000000 ____D C:\Program Files\Common Files\AVG
2023-07-20 16:38 - 2023-07-28 14:16 - 000003444 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-07-20 16:38 - 2023-07-28 14:16 - 000003220 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-07-20 16:38 - 2023-07-28 11:43 - 000000000 ____D C:\Program Files\CCleaner Browser
2023-07-20 16:38 - 2023-07-20 16:38 - 000000000 ____D C:\Program Files\AVG
2023-07-20 16:37 - 2023-08-05 18:33 - 000000000 ____D C:\ProgramData\AVG
2023-07-20 16:36 - 2023-07-28 14:54 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-07-20 16:36 - 2023-07-28 14:16 - 000003046 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-07-20 16:35 - 2023-08-05 20:06 - 000000000 ____D C:\Program Files\CCleaner
2023-07-20 16:35 - 2023-08-02 12:54 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-07-20 16:35 - 2023-07-28 14:16 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Rakaš
2023-07-20 16:35 - 2023-07-20 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-07-07 22:39 - 2023-07-07 22:39 - 000186501 _____ C:\Users\Rakaš\Downloads\Doklad_SIPO_202307_5070023919.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-05 20:39 - 2019-12-07 08:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-05 20:23 - 2021-12-17 17:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-05 20:23 - 2019-06-02 03:09 - 000000000 ____D C:\Program Files\Google
2023-08-05 20:19 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-08-05 20:17 - 2019-04-13 09:54 - 000000000 ____D C:\Users\Rakaš\AppData\LocalLow\IObit
2023-08-05 20:07 - 2019-08-31 10:45 - 000000000 ____D C:\Users\Rakaš\AppData\Local\CrashDumps
2023-08-05 19:08 - 2019-12-07 08:10 - 000000000 ____D C:\WINDOWS\INF
2023-08-05 18:33 - 2019-06-30 07:56 - 000000000 ____D C:\ProgramData\AVAST Software
2023-08-05 18:32 - 2020-11-04 16:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-05 18:32 - 2020-11-04 15:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-05 17:16 - 2019-12-07 08:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-08-05 15:12 - 2020-11-04 15:55 - 002973736 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-05 15:12 - 2020-11-04 14:50 - 000839092 _____ C:\WINDOWS\system32\perfh007.dat
2023-08-05 15:12 - 2020-11-04 14:50 - 000187708 _____ C:\WINDOWS\system32\perfc007.dat
2023-08-05 15:12 - 2019-12-07 14:21 - 000805198 _____ C:\WINDOWS\system32\perfh005.dat
2023-08-05 15:12 - 2019-12-07 14:21 - 000183898 _____ C:\WINDOWS\system32\perfc005.dat
2023-08-05 15:07 - 2022-03-10 10:37 - 000339864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-05 15:02 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-05 14:59 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-05 13:47 - 2023-04-13 13:37 - 000000000 ____D C:\Log
2023-08-04 10:55 - 2020-10-19 13:25 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-04 10:55 - 2018-02-04 00:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-03 18:44 - 2020-11-04 15:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-03 15:20 - 2019-12-07 08:12 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-03 15:20 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-03 13:45 - 2020-11-04 15:45 - 000000000 ____D C:\Users\Rakaš
2023-08-02 12:59 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-08-02 11:18 - 2020-11-04 16:08 - 000003756 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-02 11:18 - 2020-11-04 16:08 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-07-31 18:26 - 2019-12-07 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-29 11:14 - 2023-01-16 22:23 - 000002220 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-07-29 11:14 - 2020-03-27 21:29 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-28 14:16 - 2022-03-09 13:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-07-28 14:16 - 2021-01-05 03:25 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-07-28 14:16 - 2020-11-04 16:08 - 000003556 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-28 14:16 - 2020-11-04 16:08 - 000003332 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-28 14:16 - 2020-11-04 16:08 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-559361515-4065419017-1633638139-1001
2023-07-26 15:33 - 2019-06-30 08:06 - 000000000 ____D C:\Users\Rakaš\AppData\Roaming\AVAST Software
2023-07-26 15:31 - 2022-03-09 13:15 - 000000000 ____D C:\Program Files\Avast Software
2023-07-19 15:57 - 2021-09-21 11:07 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-07-19 15:57 - 2021-09-21 11:07 - 000002008 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-07-19 15:57 - 2021-09-21 11:07 - 000002008 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-07-19 15:57 - 2021-09-21 11:07 - 000001996 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-07-14 10:43 - 2019-05-19 03:47 - 000757160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-12 13:36 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-12 13:36 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-12 13:36 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-12 13:35 - 2019-12-07 08:12 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-12 11:18 - 2019-05-19 03:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-12 10:56 - 2019-05-19 03:51 - 168745656 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-09 19:05 - 2021-04-02 20:50 - 000000000 ___DC C:\Users\Rakaš\Documents\NFS Most Wanted
==================== Files in the root of some directories ========
2021-04-28 20:28 - 2021-11-11 16:08 - 000007666 _____ () C:\Users\Rakaš\AppData\Local\Resmon.ResmonCfg
2021-03-22 20:06 - 2021-03-22 20:06 - 000000000 _____ () C:\Users\Rakaš\AppData\Local\{F441F4A8-046A-41A0-B312-46060E44229A}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================