Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.06.2024
Ran by havran (administrator) on PC (23-06-2024 19:16:38)
Running from C:\Users\havran\AppData\Local\Temp\scoped_dir13264_596650308\FRST64.exe
Loaded Profiles: havran
Platform: Microsoft Windows 10 Home Version 22H2 19045.4529 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.240.599.0_x64__zpdnekdrzrea0\Spotify.exe <7>
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe
(C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiESNAC.exe
(C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(C:\Program Files (x86)\Fortinet\FortiClient\x64\FCHelper64.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\identity_helper.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\110.0.5130.82\opera_crashreporter.exe
(C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Users\havran\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\havran\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(cmd.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (Cloudflare, Inc. -> Cloudflare) C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe
(explorer.exe ->) (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\opera.exe <19>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Cloudflare, Inc. -> ) C:\Program Files\Cloudflare\Cloudflare WARP\warp-svc.exe
(services.exe ->) (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe
(services.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®) C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\havran\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(svchost.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe
(svchost.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(svchost.exe ->) (Fortinet Technologies (Canada) Inc. -> FortiClient System Helper) C:\Program Files (x86)\Fortinet\FortiClient\x64\FCHelper64.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <2>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [423832 2024-06-13] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\Wondershare UniConverter\WSVCUUpdateHelper.exe [34736 2020-11-20] (Wondershare Technology Co.,Ltd -> )
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM\...\Run: [UniConverterUpdateHelper] => C:\Program Files\Wondershare\Wondershare UniConverter 14 for Windows (CPC)\WSVCUUpdateHelper.exe [41712 2023-07-26] (Wondershare Technology Group Co.,Ltd -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Opera Browser Assistant] => c:\program files (x86)\opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4379496 2024-05-21] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-02-12] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\havran\AppData\Local\WebEx\ciscowebexstart.exe [2841816 2021-04-16] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [EpicGamesLauncher] => "F:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent -launchcontext=boot (No File)
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [EADM] => "H:\Games\Origin\Origin.exe" -AutoStart (No File)
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [GogGalaxy] => H:\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (No File)
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [AvastBrowserAutoLaunch_C1B7414C4F724BEFCE506EDDF0A4C19E] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3137424 2024-06-18] (Avast Software s.r.o. -> Gen Digital Inc.)
HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\...\Run: [MicrosoftEdgeAutoLaunch_F4EE5F322C867E37C8E8A591CEF560A4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883560 2024-06-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\126.0.6478.114\Installer\chrmstp.exe [2024-06-20] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\125.0.25426.176\Installer\chrmstp.exe [2024-06-20] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7980.150\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Cloudflare WARP.lnk [2023-03-27]
ShortcutTarget: Cloudflare WARP.lnk -> C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe (Cloudflare, Inc. -> Cloudflare)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C4CA10DF-1FFA-40D1-8BBD-9FC408AD2879} - System32\Tasks\{BCF7562B-0A87-43CB-B9B5-FF372946E484} => C:\Windows\System32\pcalua.exe [53760 2023-11-17] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Windows\unins000.exe
Task: {F48B5E81-1175-4EDE-AE83-6D25028E5653} - System32\Tasks\{DED18256-3F6B-415F-AA38-C78943FF0785} => C:\Windows\System32\pcalua.exe [53760 2023-11-17] (Microsoft Windows -> Microsoft Corporation) -> -a G:\setup.exe -d G:\
Task: {75DBEA58-03A9-4D22-AF64-E920E92D2BBE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {A7090A43-BA7B-4603-86C4-9592D381C615} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-14] (Adobe Inc. -> Adobe)
Task: {5CB57AB2-C14C-4211-A3FE-1924E6A56769} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_pepper.exe [1471032 2020-07-14] (Adobe Inc. -> Adobe)
Task: {18D8EB2C-D5D3-4FB6-8768-1C0D6995E732} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
Task: {F394313D-9859-448D-9150-64D614FCBB53} - System32\Tasks\AdobeAAMUpdater-1.0-PC-havran => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {78FB4966-4F42-4876-A2F3-F42B35F2D2E1} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {28A89ED6-DF4F-4D09-B6CD-76C84ED6B8F1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A1A164A4-6170-46B6-9D9B-6DC25E8278A6} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3137424 2024-06-18] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {879149AD-A157-4909-9C29-18CC05060181} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3137424 2024-06-18] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {0BDEE644-F5DC-4923-A411-0EEFCA243D6D} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5079448 2024-06-13] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {B6D29748-A453-4E33-9EE5-3767A6B810D8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe  -> C:\Program Files\Common Files\AV\avast! Antivirus\/backup /iavs
Task: {03CADC85-A0C8-4CD8-A30F-871F00D964E8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2135448 2023-04-13] (Avast Software s.r.o. -> Avast Software)
Task: {296EE1A7-0B83-41A8-A512-F9B7A475580B} - System32\Tasks\AvastBrowserProtectS-1-5-21-3376478119-2527698871-4093556559-1001 => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1690008 2024-04-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {C98D574C-DCCF-410F-B02E-10EC3FEE5F36} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {EBA17401-BC86-4BEB-B02B-39BC63E679EC} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {429ED005-DD1C-48D2-9793-2C040BA5219E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {595F0EED-8F64-4610-B6EE-15F043AD286F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {9080F592-DA21-46B4-896D-C70CD57052EC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{08B50CCA-0C83-42A6-8A7D-5620338BF3C4} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {49F22016-509D-4587-92F3-056E2277CD4E} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {A965343C-5B5B-42AF-9394-51EDE2618CDF} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {6BD84CA9-3933-422D-B717-EAAA7CB10912} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2023-07-06] () [File not signed]
Task: {D3E8CDA4-067D-4BC5-A998-6B340A4682F2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {51BA64A4-EF07-4614-B425-612E60E3A5D3} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {886D60D6-5400-4507-9BF2-C5D3C9CC6B97} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5E380EB-1C83-4931-B6BA-0E8AE877F3BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {054AB4F7-C1A5-4E64-8273-3A5859BD5D0A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D09E3F35-9752-422B-8484-64759BED9AED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe  join (No File)
Task: {76D4AE0A-763B-4EE7-8332-333F20D143AB} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [676936 2024-06-20] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {EF4E3112-5F70-4695-AF38-2EF32110572A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3376478119-2527698871-4093556559-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [676936 2024-06-20] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F3B23784-5A7A-426D-9981-435D4D252EB4} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34888 2024-06-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {8F9A2F97-9B23-434A-8448-6282C372DCD8} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [3685360 2015-06-04] (Nero AG -> Nero AG)
Task: {6D4C1D44-1150-41FE-835E-6E7549281843} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {9B3BFD05-3142-48FE-8DDD-7621F5F6BECF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D47CCB9B-8F0E-4EEF-9514-66BA0C8D9D10} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {175B6B71-5837-4CD8-B5D1-B2B403A455F6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {D7E0EFCD-1B94-4302-8518-3540BD0191D0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AAE0FA15-1015-41F1-83EA-65E34DE1C485} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1A881E8-02B3-4DFB-8FFB-BEBBC3B574FE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52FE600E-F610-4923-9BD2-6F062BAB9693} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {61D7B289-A98B-4930-AEEC-9FD81A13B1D8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DCF933E-CE84-457E-B1DF-68C422DE21ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59761D2B-DB20-4EC3-9DE7-9ECD434BE906} - System32\Tasks\Opera scheduled assistant Autoupdate 1582732448 => c:\program files (x86)\Opera\launcher.exe [1610144 2024-06-15] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="c:\program files (x86)\opera\assistant" $(Arg0)
Task: {B9DF4980-B6D2-4316-A9DC-1635A8E39829} - System32\Tasks\Opera scheduled Autoupdate 1430256848 => C:\Program Files (x86)\Opera\autoupdate\opera_autoupdate.exe [5728672 2024-06-13] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{5A1ADF38-87E5-4133-B980-69BAF6599A32}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{64c32911-6b33-42df-93b1-24bcc19facfa}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{64c32911-6b33-42df-93b1-24bcc19facfa}: [DhcpDomain] home
Tcpip\..\Interfaces\{64c32911-6b33-42df-93b1-24bcc19facfa}\550534730333338393635374: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{64c32911-6b33-42df-93b1-24bcc19facfa}\550534730333338393635374: [DhcpDomain] home
Tcpip\..\Interfaces\{DEC38570-001A-46B1-8679-65A48C988B60}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{DEC38570-001A-46B1-8679-65A48C988B60}: [DhcpDomain] home
Tcpip\..\Interfaces\{E7775F43-6BAF-464A-BA76-8A52F57C6781}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\havran\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-23]
Edge Extension: (Dokumenty Google offline) - C:\Users\havran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
Edge Extension: (Edge relevant text changes) - C:\Users\havran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge Extension: (IBM Security Rapport) - C:\Users\havran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2023-12-03]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]

FireFox:
========
FF DefaultProfile: cjzabd2c.default
FF ProfilePath: C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default [2024-06-23]
FF DownloadDir: E:\Filmy\Plexis Klip
FF Session Restore: Mozilla\Firefox\Profiles\cjzabd2c.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\cjzabd2c.default -> hxxps://www.slevomat.cz; hxxps://www.luxor.cz; hxxps://ceskolipsky.denik.cz; hxxps://www.cestujlevne.com; hxxps://www.reddit.com
FF NewTabOverride: Mozilla\Firefox\Profiles\cjzabd2c.default -> Disabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (IBM Security Rapport) - C:\Users\havran\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2022-10-05] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Firebug) - C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-01] [Legacy]
FF Extension: (Ghostery Tracker Ad Blocker - Privacy AdBlock) - C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default\Extensions\firefox@ghostery.com.xpi [2024-05-30]
FF Extension: (IBM Security Rapport) - C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default\Extensions\rapportext@trusteer.com.xpi [2024-06-23] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Vlc context menu) - C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default\Extensions\vlcplaylist@helgatauscher.de.xpi [2016-04-28] [Legacy]
FF Extension: (VLC Youtube Shortcut) - C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default\Extensions\vlc_shortcut@kosan.kosan.xpi [2017-06-25] [Legacy]
FF Extension: (FlashGot) - C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-12-02] [Legacy]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2024-05-03]
FF Extension: (Video DownloadHelper) - C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-06-22]
FF Extension: (No Name) - C:\Users\havran\AppData\Roaming\Mozilla\Firefox\Profiles\cjzabd2c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-06-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-06-15] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2017-11-02] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2018-02-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2018-02-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG -> Nero AG)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3376478119-2527698871-4093556559-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files\Lightspark\nplightsparkplugin.dll [No File]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\havran\AppData\Local\Google\Chrome\User Data\Default [2024-05-01]
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://jnpkmdfhnjbaghfaenkkacdbmdphegck/ntp1.html"
CHR Extension: (IBM Security Rapport) - C:\Users\havran\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2022-03-18]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\havran\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-05-08]
CHR Extension: (AudioToAudio - for Chrome) - C:\Users\havran\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnpkmdfhnjbaghfaenkkacdbmdphegck [2020-04-28]
CHR Extension: (Video DownloadHelper) - C:\Users\havran\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2024-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\havran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-06]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-3376478119-2527698871-4093556559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

Opera: 
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9026968 2024-06-13] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [761752 2024-06-13] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1198488 2024-06-13] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\125.0.25426.176\elevation_service.exe [1772800 2024-06-18] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 CloudflareWARP; C:\Program Files\Cloudflare\Cloudflare WARP\warp-svc.exe [22962552 2023-01-12] (Cloudflare, Inc. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-02-12] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-11-21] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2022-04-05] (Epic Games Inc. -> Epic Games, Inc.)
R2 FA_Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [128832 2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-09-26] (GOG  sp. z o.o -> GOG.com)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NativePushService; C:\Users\havran\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [594320 2023-02-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3032400 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 tmGAInstall; C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.EXE [48344 2018-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files\Wondershare\Wondershare UniConverter\Transfer\DriverInstall.exe [112568 2020-11-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 GalaxyClientService; "H:\GOG Galaxy\GalaxyClientService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 Origin Client Service; "H:\Games\Origin\OriginClientService.exe" [X]
S2 Origin Web Helper Service; "H:\Games\Origin\OriginWebHelperService.exe" [X]
S3 Rockstar Service; "F:\Games\Rockstar\Launcher\RockstarService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 asmthub3; C:\WINDOWS\System32\drivers\asmthub3.sys [140032 2013-08-16] (MCCI Corporation -> ASMedia Technology Inc)
S3 asmtxhci; C:\WINDOWS\System32\drivers\asmtxhci.sys [424192 2013-08-16] (MCCI Corporation -> ASMedia Technology Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20424 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229832 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [380360 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292808 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-02-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269768 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548808 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97848 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69168 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [939976 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [698424 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203832 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306744 2024-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-02-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-02-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [18000 2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [45792 2018-03-06] (Fortinet Technologies -> Fortinet Inc)
S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [37456 2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [147536 2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [72272 2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [111184 2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [66600 2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [71928 2018-03-06] (Fortinet Technologies -> Fortinet Inc)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2018-03-06] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [451992 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R1 RapportCerberus_2304045; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2304045.sys [1453424 2023-08-22] (International Business Machines Corporation -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544664 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398744 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448880 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [557464 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-06-23 18:37 - 2024-06-23 18:37 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-06-23 18:36 - 2024-06-23 18:39 - 000163468 _____ C:\WINDOWS\ntbtlog.txt
2024-06-23 18:19 - 2024-06-23 18:19 - 002932380 _____ C:\Users\havran\Documents\Autoruns.zip
2024-06-23 17:54 - 2024-06-23 17:54 - 008791352 _____ (Malwarebytes) C:\Users\havran\Desktop\AdwCleaner.exe
2024-06-23 17:25 - 2024-06-23 17:25 - 008790880 _____ (Malwarebytes) C:\Users\havran\Desktop\adwcleaner (1).exe
2024-06-23 17:20 - 2024-06-23 17:20 - 008790880 _____ (Malwarebytes) C:\Users\havran\Downloads\adwcleaner.exe
2024-06-23 15:49 - 2024-06-23 15:53 - 000637677 _____ C:\Users\havran\Downloads\Addition.txt
2024-06-23 15:45 - 2024-06-23 15:53 - 000064174 _____ C:\Users\havran\Downloads\FRST.txt
2024-06-23 15:04 - 2024-06-23 19:32 - 000000000 ____D C:\FRST
2024-06-23 15:03 - 2024-06-23 15:03 - 002395648 _____ (Farbar) C:\Users\havran\Downloads\FRST64.exe
2024-06-23 14:35 - 2024-06-23 14:35 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2024-06-23 14:09 - 2024-06-23 14:10 - 084435176 _____ (Piriform Software Ltd) C:\Users\havran\Downloads\ccsetup625.exe
2024-06-23 12:58 - 2024-06-23 12:58 - 000134790 _____ C:\Users\havran\Downloads\[SkT]Ghost.of.Tsushima.DIRECTORS.CUT-TENOKE.torrent
2024-06-23 12:32 - 2024-06-23 12:32 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign6f1304d800cbf73a
2024-06-22 22:40 - 2024-06-22 22:40 - 000000000 ____D C:\Users\havran\AppData\Roaming\AsusFCNotification
2024-06-22 18:17 - 2024-06-22 18:17 - 000226812 _____ C:\Users\havran\Downloads\[SkT]Ghost_of_Tsushima_DIRECTOR'S_CUT_(v1053.0.0515.2048_DLC_Bonus_Content_Multiplayer,_MULTi26)_[FitGirl_Repack].torrent
2024-06-21 16:44 - 2024-06-21 16:44 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign0f3516d5478f4e6a
2024-06-21 16:44 - 2024-06-21 16:44 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign035d5133b2a77f29
2024-06-21 16:36 - 2024-06-21 16:36 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign852556947d2109fb
2024-06-20 23:40 - 2024-06-20 23:40 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignf1dad48495f85ad3
2024-06-20 23:40 - 2024-06-20 23:40 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignd9b006d00e33ac8a
2024-06-20 18:07 - 2024-06-22 21:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-06-20 13:30 - 2024-06-20 13:30 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign5f67a01275c8041e
2024-06-20 13:30 - 2024-06-20 13:30 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign5d62b00abef124c0
2024-06-20 13:28 - 2024-06-20 13:28 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign78073417e7089fae
2024-06-17 08:55 - 2024-06-17 08:55 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsigned97a674bda90221
2024-06-16 19:05 - 2024-06-16 19:05 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign65047d55191da180
2024-06-16 19:05 - 2024-06-16 19:05 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign546d9f7d35196634
2024-06-16 18:59 - 2024-06-16 18:59 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign8101a2dc471ae805
2024-06-13 12:46 - 2024-06-13 12:44 - 000315288 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-06-13 12:09 - 2024-06-13 12:09 - 000000000 ___HD C:\$WinREAgent
2024-06-12 23:22 - 2024-06-12 23:22 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignc9f8564f16d842c3
2024-06-12 23:22 - 2024-06-12 23:22 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign04c256649fcec8fc
2024-06-12 23:20 - 2024-06-12 23:20 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign576d71f37fcb659e
2024-06-11 23:48 - 2024-06-11 23:48 - 000007990 _____ C:\Users\havran\AppData\Local\recently-used.xbel
2024-06-08 00:53 - 2024-06-17 08:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2024-06-07 23:32 - 2024-06-07 23:32 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignb94b4e466cb8e104
2024-06-07 23:32 - 2024-06-07 23:32 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign153121764ba00822
2024-06-07 23:29 - 2024-06-07 23:29 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignaf29eba95bcd4252
2024-06-07 13:49 - 2024-06-07 13:49 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignd4461900a6479aea
2024-06-07 13:49 - 2024-06-07 13:49 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign8607c0530d6add5f
2024-06-07 13:47 - 2024-06-07 13:47 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignfee52d24fa3f8080
2024-05-29 22:24 - 2024-05-29 22:24 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignfe8c42e0ceed17f8
2024-05-29 22:24 - 2024-05-29 22:24 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign3d32e94b55e81d99
2024-05-29 22:21 - 2024-05-29 22:21 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign0c020f1025c466b2
2024-05-29 07:44 - 2024-05-29 07:44 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign224d6a05b6a58696
2024-05-28 15:23 - 2024-05-28 15:23 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsigna9f6e73e6b76c9cc
2024-05-28 15:23 - 2024-05-28 15:23 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign4d9d6c9d9f2c4cb6
2024-05-28 15:20 - 2024-05-28 15:20 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign0914c2dc1ee04085
2024-05-27 19:50 - 2024-05-27 19:50 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignc02bba15573f092b
2024-05-27 19:50 - 2024-05-27 19:50 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign4fd4854524ba536f
2024-05-27 19:50 - 2024-05-27 19:50 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign0001c8a0cff7ac85
2024-05-27 18:00 - 2024-05-27 18:00 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign6212ca4c90e0d927
2024-05-27 18:00 - 2024-05-27 18:00 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign01dcf4ffc7a00ced
2024-05-27 12:30 - 2024-05-27 12:30 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign9497c104c484bb52
2024-05-27 12:30 - 2024-05-27 12:30 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign8becc69946ba3d12
2024-05-27 12:12 - 2024-05-27 12:12 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsigncc4dd3cb0b8021dd
2024-05-26 10:13 - 2024-05-26 10:13 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignea760a9eaaf50f13
2024-05-26 10:13 - 2024-05-26 10:13 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignc6087d53bf7a8988
2024-05-26 10:03 - 2024-05-26 10:03 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignc23535b919543b20
2024-05-24 16:03 - 2024-05-24 16:03 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignd899fd98340038b2
2024-05-24 16:03 - 2024-05-24 16:03 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign909cc026c935910c
2024-05-24 15:45 - 2024-05-24 15:45 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsignfae2897dd310d555
2024-05-24 15:45 - 2024-05-24 15:45 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign3b39afc4256a3f7c
2024-05-24 15:43 - 2024-05-24 15:43 - 000000000 ____D C:\Users\havran\AppData\Local\Tempzxpsign575bd4069469b401

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-06-23 19:36 - 2014-09-23 14:15 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-23 19:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-23 19:12 - 2018-04-04 20:27 - 000000000 ____D C:\Users\havran\AppData\Local\AVAST Software
2024-06-23 19:04 - 2015-04-28 23:28 - 000000000 ____D C:\ProgramData\AVAST Software
2024-06-23 19:01 - 2021-04-10 12:42 - 000008192 ___SH C:\DumpStack.log.tmp
2024-06-23 19:01 - 2020-11-19 01:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-23 19:00 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-06-23 18:44 - 2018-02-16 00:17 - 000000000 ____D C:\AdwCleaner
2024-06-23 18:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-23 18:07 - 2020-11-19 01:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-23 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-06-23 18:05 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-06-23 18:03 - 2016-07-11 18:24 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-06-23 17:05 - 2020-11-19 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-23 16:00 - 2023-03-27 17:03 - 000000000 ____D C:\ProgramData\Cloudflare
2024-06-23 15:56 - 2021-01-05 11:32 - 000000000 ____D C:\Users\havran\Documents\byt
2024-06-23 15:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-06-23 14:15 - 2022-02-10 08:09 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-06-23 14:14 - 2017-11-15 09:37 - 000000000 ____D C:\Users\havran\AppData\Local\CrashDumps
2024-06-23 14:08 - 2021-04-10 13:27 - 000002068 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2024-06-23 12:54 - 2024-03-09 12:31 - 000003516 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582732448
2024-06-23 12:54 - 2023-07-30 22:19 - 000002508 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2024-06-23 12:54 - 2023-07-11 20:49 - 000003024 _____ C:\WINDOWS\system32\Tasks\klcp_update
2024-06-23 12:54 - 2021-12-11 13:24 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3376478119-2527698871-4093556559-1001
2024-06-23 12:54 - 2021-04-10 13:47 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3376478119-2527698871-4093556559-1001
2024-06-23 12:54 - 2021-04-10 13:29 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3376478119-2527698871-4093556559-500
2024-06-23 12:54 - 2021-04-10 13:27 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-06-23 12:54 - 2021-04-10 13:27 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000003352 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1430256848
2024-06-23 12:54 - 2021-04-10 13:27 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000002778 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3376478119-2527698871-4093556559-500
2024-06-23 12:54 - 2021-04-10 13:27 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-06-23 12:54 - 2021-04-10 13:27 - 000002596 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2024-06-23 12:54 - 2021-04-10 13:27 - 000001980 _____ C:\WINDOWS\system32\Tasks\{BCF7562B-0A87-43CB-B9B5-FF372946E484}
2024-06-23 12:54 - 2021-04-10 13:27 - 000001972 _____ C:\WINDOWS\system32\Tasks\{DED18256-3F6B-415F-AA38-C78943FF0785}
2024-06-23 12:54 - 2021-04-10 13:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2024-06-23 12:54 - 2020-11-19 01:32 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-23 12:54 - 2020-11-19 01:32 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-23 12:31 - 2019-10-03 17:47 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-06-23 10:55 - 2023-03-27 17:04 - 000000000 ____D C:\Users\havran\AppData\Local\Cloudflare
2024-06-22 22:45 - 2021-04-10 12:55 - 000000000 ____D C:\Users\havran
2024-06-22 21:57 - 2015-05-01 10:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-06-22 14:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-22 14:13 - 2023-01-18 00:48 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-06-22 14:13 - 2020-11-19 01:32 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-22 13:57 - 2021-04-10 14:02 - 000000000 ____D C:\Users\havran\AppData\Local\D3DSCache
2024-06-21 10:44 - 2021-10-10 16:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-06-21 10:44 - 2015-04-28 23:25 - 000001181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-06-20 12:19 - 2015-04-28 23:16 - 000000000 ____D C:\Users\havran\AppData\Local\Packages
2024-06-20 11:34 - 2021-04-10 12:55 - 000002390 _____ C:\Users\havran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-20 11:34 - 2018-04-04 20:28 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2024-06-20 11:19 - 2021-12-15 21:23 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-20 11:19 - 2015-06-23 21:58 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-17 16:41 - 2015-06-23 23:28 - 000000000 ____D C:\Users\havran\AppData\Roaming\vlc
2024-06-17 08:33 - 2021-04-10 12:55 - 001962404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-17 08:33 - 2019-12-07 16:41 - 000810316 _____ C:\WINDOWS\system32\perfh005.dat
2024-06-17 08:33 - 2019-12-07 16:41 - 000187462 _____ C:\WINDOWS\system32\perfc005.dat
2024-06-17 07:42 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-06-17 07:41 - 2020-11-19 01:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-06-16 07:37 - 2022-11-18 11:11 - 000002067 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-06-16 07:37 - 2022-10-11 13:12 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-06-15 09:55 - 2015-05-01 10:15 - 000002120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-06-15 07:27 - 2020-11-19 01:33 - 000000000 ____D C:\ProgramData\Packages
2024-06-15 07:03 - 2017-06-30 17:33 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2024-06-15 07:03 - 2015-04-28 23:34 - 000000000 ____D C:\Program Files (x86)\Opera
2024-06-13 19:04 - 2020-11-19 00:29 - 005319160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-06-13 18:54 - 2024-01-16 17:18 - 000000000 ____D C:\WINDOWS\en-GB
2024-06-13 18:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-06-13 18:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-06-13 18:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-06-13 18:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-06-13 18:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-06-13 18:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-06-13 18:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-06-13 18:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-06-13 14:26 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-13 14:12 - 2013-08-22 17:44 - 000416976 __RSH C:\bootmgr
2024-06-13 14:10 - 2020-11-19 01:32 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-13 12:47 - 2015-04-28 23:30 - 000939976 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-06-13 12:46 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-06-13 12:45 - 2020-10-26 07:02 - 000269768 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-06-13 12:45 - 2020-04-21 08:21 - 000548808 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-06-13 12:45 - 2019-01-16 20:13 - 000292808 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-06-13 12:45 - 2019-01-16 20:13 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-06-13 12:45 - 2018-10-22 18:56 - 000097848 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-06-13 12:45 - 2018-10-22 18:56 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-06-13 12:45 - 2015-04-28 23:30 - 000698424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-06-13 12:45 - 2015-04-28 23:30 - 000306744 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-06-13 12:45 - 2015-04-28 23:30 - 000069168 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-06-13 12:44 - 2019-01-17 20:18 - 000380360 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-06-13 12:44 - 2019-01-16 20:13 - 000020424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2024-06-13 12:44 - 2017-11-20 00:00 - 000229832 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-06-13 00:04 - 2015-04-30 21:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-12 23:37 - 2015-04-30 21:02 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-06-12 00:57 - 2015-05-01 17:27 - 000000000 ____D C:\Users\havran\.gimp-2.8
2024-06-11 23:48 - 2015-05-01 17:42 - 000000000 ____D C:\Users\havran\AppData\Local\gtk-2.0
2024-06-04 23:15 - 2015-07-06 20:19 - 000000000 ____D C:\Program Files (x86)\Steam
2024-06-04 21:57 - 2015-07-06 20:28 - 000000000 ____D C:\Users\havran\AppData\Local\Steam
2024-05-30 00:11 - 2016-11-24 19:07 - 000000000 ____D C:\Users\havran\Documents\prani stepanovi

==================== Files in the root of some directories ========

2015-12-22 22:59 - 2015-12-22 22:59 - 000000000 _____ () C:\Users\havran\AppData\Roaming\AVSMediaPlayer.m3u
2021-03-06 10:20 - 2021-03-06 10:22 - 000012288 _____ () C:\Users\havran\AppData\Roaming\emp.bin
2015-04-29 07:47 - 2016-03-11 12:25 - 000004425 _____ () C:\Users\havran\AppData\Roaming\PC.MTBF.txt
2016-03-20 01:36 - 2017-01-30 21:16 - 000000600 _____ () C:\Users\havran\AppData\Roaming\winscp.rnd
2015-04-29 07:48 - 2020-12-22 20:16 - 000021504 _____ () C:\Users\havran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 20:29 - 2018-09-28 20:29 - 000000000 _____ () C:\Users\havran\AppData\Local\oobelibMkey.log
2024-06-11 23:48 - 2024-06-11 23:48 - 000007990 _____ () C:\Users\havran\AppData\Local\recently-used.xbel
2021-08-23 22:24 - 2021-08-23 22:24 - 000007601 _____ () C:\Users\havran\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================