VIRY.CZ

Dobrý den, mám podezření na menší neplechu u svého PC, tak poprosím o kontrolu, děkuji.

Vejde se mi zde jenom jeden log, druhý pošlu v příloze.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2024
Ran by Jura (administrator) on JURA-PC (Gigabyte Technology Co., Ltd. Z170-D3H) (30-10-2024 04:16:11)
Running from C:\Users\Jura\Desktop\FRST64.exe
Loaded Profiles: Jura
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5011 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\RocketDock\RocketDock.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Voyetra Turtle Beach, Inc. -> ROCCAT) H:\roccat\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Installer\setup.exe <2>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <20>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) G:\junior\Games\Origin\OriginWebHelperService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_fc9ac11e55f51133\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files\Windscribe\WindscribeService.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2409.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\backup\23D271CC-2B14-4532-85B3-B2C2BEF992E9\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
(svchost.exe ->) (Voyetra Turtle Beach, Inc. -> ROCCAT) H:\roccat\ROCCAT Swarm\ROCCAT_dev_service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [427304 2024-10-10] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919336 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [File not signed]
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [SuuntolinkLauncher] => C:\Users\Jura\AppData\Local\Suuntolink\app-3.6.2\resources\app\LaunchAgents\SuuntolinkLauncher.exe [831832 2021-10-04] (Suunto Oy -> )
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [Windscribe] => C:\Program Files\Windscribe\Windscribe.exe [8089200 2024-09-12] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-07-09] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [Microsoft Edge Update] => C:\Users\Jura\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateCore.exe [268384 2024-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [Jura] => cmd.exe /c start www.dinoklafbzor.org (No File) <==== ATTENTION
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {076425d7-1e58-11ee-9c84-1c1b0d68fe46} - "I:\setup.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {2a59e237-2f3b-11eb-9c02-1c1b0d68fe46} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {50b56a65-6f1b-11e8-9b76-1c1b0d68fe46} - "I:\LaunchU3.exe" -a
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {54b88c80-c6d1-11e7-9b52-1c1b0d68fe46} - "I:\setup.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {ea20091a-16ab-11ea-9bc4-1c1b0d68fe46} - "H:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\WINDOWS\system32\hpinkstsC211LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\WINDOWS\system32\HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\129.0.26740.101\Installer\chrmstp.exe [2024-10-17] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\130.0.6723.70\Installer\chrmstp.exe [2024-10-25] (Google LLC -> Google LLC)
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2018-02-18]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2024-02-28]
ShortcutTarget: ROCCAT Swarm Monitor.lnk -> H:\roccat\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {6FE02586-0CFE-4DEC-B4C9-720A6D4A8C59} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {03C611D5-4181-4991-820F-6CB7883F2F7B} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5200168 2024-10-10] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {1D305AF2-CF4D-4348-A791-690A0D2686BF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {E705A5D0-63A7-4327-8254-67E20DBC3A47} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3215864 2024-10-09] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {A340D4F7-C230-4EB8-B52E-07930BEF4DFC} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3215864 2024-10-09] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {F451C3D5-08DC-4C34-AE32-D3CFCDFD4EF0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {5316423F-EE1D-4E87-BF98-48E6ED5EBC6E} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-698999926-1648983513-1323860127-1001 => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1717416 2024-04-16] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {AE298588-2C1D-4B36-85FD-0BD7D826B0BA} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "e4199ad1-1be0-4b74-b84c-c7da5b304562" --version "6.29.11342" --silent
Task: {6F2EB0E4-FCB5-4DB6-849C-674EFFB98FF1} - System32\Tasks\CCleanerSkipUAC - Jura => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {244F2E07-3811-4EC4-B184-1BEA2D364BF8} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {0214D1A7-9FED-4385-A276-181C8177D3F6} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {12A8E0FC-1BA2-4DAD-9897-4160786B5C83} - System32\Tasks\Driver Booster SkipUAC (Jura) => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe /skipuac (No File)
Task: {DEA15772-3460-4B88-912F-E92B9016D642} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{11DEAF42-BF88-4B5D-A28B-3B9EFBC46B1A} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {45A826F7-0CFB-4740-9F88-F144E6E3BD11} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-13] (HP Inc. -> HP Inc.)
Task: {92FCBCB2-16A3-4A83-8219-886110F15494} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-13] (HP Inc. -> HP Inc.)
Task: {39AEF157-DF07-4D43-9EFC-011890F2CD26} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
Task: {A4F48765-0BCB-4E44-93D9-E249E355E21B} - System32\Tasks\Jura => C:\WINDOWS\system32\cmd.exe [289792 2024-05-15] (Microsoft Windows -> Microsoft Corporation) -> /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Jura /t REG_SZ /d "cmd.exe /c start www.dinoklafbzor.org" <==== ATTENTION
Task: {EEDE0FC8-441A-4E1E-BB50-AED83765EDFA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {41A6FDC1-137A-401F-9558-9A1E30A5DEC2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6645AF96-5C47-496F-9ADB-84AD2AA36B19} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {498EDAAF-B284-4B9D-9027-1F3CA3F81133} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBDFDF41-B1DE-412A-8159-D069C2EC26E2} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {1744A049-B6D0-431D-8EE4-82463E1EB974} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4465608 2024-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE722870-EA6E-44D9-AD05-EE9BBCFA4F81} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => C:\WINDOWS\system32\clipesu.exe [221680 2024-10-10] (Microsoft Windows -> Microsoft Corporation)
Task: {5565B9F5-935F-4B4F-A217-EECF91347C94} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-698999926-1648983513-1323860127-1001Core => C:\Users\Jura\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C0BC731-35FF-449E-A3B7-E181400854AC} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-698999926-1648983513-1323860127-1001UA => C:\Users\Jura\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDF3118D-9929-4440-87B5-64E623FA820E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2024-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {6F7A4150-B6AF-4C86-9014-6BEF2492B885} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-698999926-1648983513-1323860127-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2024-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {4D332A99-CA54-4E23-9913-853B05146D6A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-10-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {0B81FB77-01C4-48D1-8BDC-7067A31245BB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {50AB0665-E755-47F7-BF7F-8D5D6892DBE9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47A4C70F-6E10-4D94-B9B9-A1267ED8E90A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {6923B2CF-8A9A-4E17-BCCB-C9DD7183EB09} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E7FB888-1330-4832-A554-378EA1A9A307} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C347F128-C718-42D2-8A2E-E48DF8DA5EE3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7FEA821E-84EC-4BD6-90B4-6046FD96A068} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2FF7D10-E7D7-4215-9FC1-4D812C19C42F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EAD2824-310E-4724-AB4F-11063E037D22} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {169759B9-D6CB-425A-9074-284AADBFD41D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {22C02BF4-9559-4782-AF1C-9DA4F894316F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-698999926-1648983513-1323860127-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1AB1277-7CD8-4CA1-888B-7B76A1C82269} - System32\Tasks\ROCCAT DEVICE SERVICE => H:\roccat\ROCCAT Swarm\ROCCAT_dev_service.exe [459104 2024-10-23] (Voyetra Turtle Beach, Inc. -> ROCCAT)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{6b6f5b63-2a17-4bb9-8122-39b23d1360fd}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge Profile: C:\Users\Jura\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-02]
Edge Extension: (Google Docs Offline) - C:\Users\Jura\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-05]
Edge Extension: (Edge relevant text changes) - C:\Users\Jura\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: iziz1h9m.default-1557078611056
FF ProfilePath: C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\iziz1h9m.default-1557078611056 [2024-10-30]
FF Session Restore: Mozilla\Firefox\Profiles\iziz1h9m.default-1557078611056 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\iziz1h9m.default-1557078611056 -> hxxps://mail.wemail.cz; hxxps://www.instagram.com
FF Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\iziz1h9m.default-1557078611056\Extensions\firefox@ghostery.com.xpi [2024-10-29]
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\iziz1h9m.default-1557078611056\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2024-10-10]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\iziz1h9m.default-1557078611056\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2024-07-31]
FF Extension: (MetaMask) - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\iziz1h9m.default-1557078611056\Extensions\webextension@metamask.io.xpi [2024-08-30]
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)

Chrome:
=======
CHR Profile: C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default [2024-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-21]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2018-02-18] (Adobe Systems) [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7252264 2024-10-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [774440 2024-10-10] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1220904 2024-10-10] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\129.0.26740.101\elevation_service.exe [1731376 2024-10-09] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861072 2024-10-14] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4973904 2023-07-09] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2023-12-02] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [964336 2024-08-30] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-10-21] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.192.0923.0006\FileSyncHelper.exe [3524648 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-10-24] (FUTUREMARK INC -> Futuremark)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-13] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62760 2016-06-01] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [12153200 2022-10-24] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe [1275024 2024-10-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [22384 2023-11-15] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.192.0923.0006\OneDriveUpdaterService.exe [3868688 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; G:\junior\Games\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; G:\junior\Games\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-01-18] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530488 2024-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files\Windscribe\WindscribeService.exe [573040 2024-09-12] (Windscribe Limited -> Windscribe Limited)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [155744 2024-04-01] (Alcorlink Corp. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20528 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229944 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [381520 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [293968 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84424 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27744 2024-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28752 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274000 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [549968 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97848 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [950328 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1200696 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203832 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306744 2024-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-07-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-07-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\Windows\gdrv.sys [26192 2017-11-14] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-12-14] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-11-14] (Martin Malik - REALiX -> REALiX(tm))
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2022-04-21] (Windscribe Limited -> The OpenVPN Project)
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2020-08-08] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [39280 2024-09-12] (Windscribe Limited -> )
S3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2022-04-21] (Windscribe Limited -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-12-08] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-10-30 04:16 - 2024-10-30 04:16 - 000038078 ____C C:\Users\Jura\Desktop\FRST.txt
2024-10-30 04:15 - 2024-10-30 04:15 - 002397696 _____ (Farbar) C:\Users\Jura\Desktop\FRST64.exe
2024-10-26 15:16 - 2024-10-26 15:16 - 000000000 ____D C:\WINDOWS\LastGood
2024-10-26 15:14 - 2024-10-16 09:00 - 002060648 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-10-26 15:14 - 2024-10-16 09:00 - 002060648 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-10-26 15:14 - 2024-10-16 09:00 - 001600360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-10-26 15:14 - 2024-10-16 09:00 - 001600360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-10-26 15:14 - 2024-10-16 08:59 - 001452400 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-10-26 15:14 - 2024-10-16 08:59 - 001452400 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-10-26 15:14 - 2024-10-16 08:59 - 001301864 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-10-26 15:14 - 2024-10-16 08:59 - 001301864 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-10-26 15:14 - 2024-10-16 08:59 - 000477816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-10-26 15:14 - 2024-10-16 08:59 - 000374944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-10-26 15:14 - 2024-10-16 08:56 - 001554568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-10-26 15:14 - 2024-10-16 08:56 - 001208952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-10-26 15:14 - 2024-10-16 08:56 - 001114752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-10-26 15:14 - 2024-10-16 08:56 - 000863904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-10-26 15:14 - 2024-10-16 08:56 - 000670360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-10-26 15:14 - 2024-10-16 08:56 - 000505488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-10-26 15:14 - 2024-10-16 08:55 - 025450104 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2024-10-26 15:13 - 2024-10-16 08:55 - 002185344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-10-26 15:13 - 2024-10-16 08:55 - 001634944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-10-26 15:13 - 2024-10-16 08:55 - 001042048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-10-26 15:13 - 2024-10-16 08:55 - 000800888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-10-26 15:13 - 2024-10-16 08:55 - 000461944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-10-26 15:13 - 2024-10-16 08:54 - 017736824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-10-26 15:13 - 2024-10-16 08:54 - 016811128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-10-26 15:13 - 2024-10-16 08:54 - 006953120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-10-26 15:13 - 2024-10-16 08:54 - 005910168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-10-26 15:13 - 2024-10-16 08:54 - 005435024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-10-26 15:13 - 2024-10-16 08:54 - 003807384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-10-26 15:13 - 2024-10-16 08:54 - 000853112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-10-26 15:13 - 2024-10-16 08:53 - 007159112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-10-26 15:13 - 2024-10-16 08:53 - 006236256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-10-26 15:13 - 2024-10-15 20:04 - 000132701 _____ C:\WINDOWS\system32\nvinfo.pb
2024-10-15 03:11 - 2024-10-30 04:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-10-14 03:08 - 2024-10-14 03:08 - 000025526 _____ C:\Users\Jura\Downloads\vyplist2024-9_osc_00002601.pdf
2024-10-13 13:44 - 2024-10-13 13:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-10-10 03:59 - 2024-10-10 03:59 - 000315688 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-10-10 03:14 - 2024-10-10 03:14 - 000000000 ___HD C:\$WinREAgent
2024-10-02 03:10 - 2024-09-28 21:57 - 007157504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SET884.tmp
2024-10-02 03:10 - 2024-09-28 19:32 - 000125048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-10-30 04:16 - 2019-04-04 04:36 - 000000000 ____D C:\FRST
2024-10-30 04:15 - 2024-09-17 03:09 - 000000000 ____D C:\Program Files\Windscribe
2024-10-30 04:15 - 2017-11-10 01:53 - 000000000 ____D C:\Program Files (x86)\Steam
2024-10-30 04:10 - 2021-12-16 17:46 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-30 04:07 - 2017-11-10 01:38 - 000000000 ____D C:\ProgramData\NVIDIA
2024-10-29 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-29 17:11 - 2024-09-14 22:08 - 000002580 _____ C:\WINDOWS\system32\Tasks\Jura
2024-10-29 17:11 - 2024-02-28 08:39 - 000002756 _____ C:\WINDOWS\system32\Tasks\ROCCAT DEVICE SERVICE
2024-10-29 17:11 - 2024-02-19 10:14 - 000002840 _____ C:\WINDOWS\system32\Tasks\CCleanerBrowserProtectS-1-5-21-698999926-1648983513-1323860127-1001
2024-10-29 17:11 - 2022-11-14 16:52 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-29 17:11 - 2022-11-14 16:52 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-29 17:11 - 2022-11-14 16:52 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-29 17:11 - 2022-11-14 16:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-29 17:11 - 2022-11-14 16:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-29 17:11 - 2022-11-14 16:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-29 17:11 - 2022-11-14 16:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-29 17:11 - 2022-11-14 16:52 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-29 17:11 - 2022-11-14 16:52 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-29 17:11 - 2022-11-14 16:50 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-29 17:11 - 2022-09-25 08:31 - 000002952 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-10-29 17:11 - 2022-09-25 08:31 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-10-29 17:11 - 2022-06-18 16:50 - 000003740 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-698999926-1648983513-1323860127-1001UA
2024-10-29 17:11 - 2022-06-18 16:50 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-698999926-1648983513-1323860127-1001Core
2024-10-29 17:11 - 2021-12-11 21:53 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-698999926-1648983513-1323860127-1001
2024-10-29 17:11 - 2021-08-18 17:06 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Jura
2024-10-29 17:11 - 2021-07-08 08:18 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2024-10-29 17:11 - 2020-12-09 19:11 - 000003456 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2024-10-29 17:11 - 2020-12-09 19:11 - 000003232 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2024-10-29 17:11 - 2020-12-09 19:11 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2024-10-29 17:11 - 2020-12-09 19:11 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2024-10-29 17:11 - 2020-12-09 13:34 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-10-29 17:11 - 2020-08-08 14:15 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-29 17:11 - 2020-08-08 14:15 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-29 17:11 - 2020-08-08 14:15 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-10-29 17:11 - 2020-08-08 14:15 - 000002388 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Jura)
2024-10-29 17:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-29 16:25 - 2020-08-08 14:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-10-29 04:49 - 2018-12-14 19:07 - 000000000 ___DC C:\Users\Jura\AppData\Roaming\discord
2024-10-29 04:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-29 04:09 - 2019-04-15 15:29 - 000000000 ___DC C:\Users\Jura\AppData\Local\Discord
2024-10-29 04:09 - 2018-09-12 16:46 - 000000000 ___DC C:\Users\Jura\AppData\Local\D3DSCache
2024-10-29 04:08 - 2022-11-14 17:27 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-10-29 04:08 - 2022-11-14 16:50 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-27 19:18 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-10-27 19:18 - 2017-11-11 12:52 - 000000000 ____D C:\Program Files\CCleaner
2024-10-27 17:24 - 2019-10-28 18:38 - 000000000 ____D C:\Users\Jura\AppData\Local\CrashDumps
2024-10-26 17:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-10-26 17:14 - 2020-08-08 14:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-26 17:14 - 2017-11-13 19:27 - 000000000 ___DC C:\Users\Jura\AppData\Roaming\vlc
2024-10-26 15:17 - 2019-05-19 15:03 - 000000000 ___DC C:\Users\Jura\AppData\Local\NVIDIA
2024-10-26 15:13 - 2020-06-07 15:04 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-25 03:22 - 2017-11-10 01:53 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-23 03:34 - 2021-06-14 12:27 - 000000000 ____D C:\Users\Jura\AppData\Local\Avast Software
2024-10-21 17:10 - 2020-08-08 14:20 - 001693350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-10-21 17:10 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2024-10-21 17:10 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2024-10-20 12:17 - 2022-11-14 16:40 - 000000000 ____D C:\Program Files\Microsoft Office
2024-10-20 12:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-10-17 15:17 - 2023-10-12 03:42 - 000000000 ____D C:\Program Files\RUXIM
2024-10-17 15:10 - 2020-08-08 14:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-17 15:10 - 2020-08-08 14:11 - 000008192 ___SH C:\DumpStack.log.tmp
2024-10-17 15:10 - 2019-09-13 16:35 - 000000000 ____D C:\ProgramData\AVAST Software
2024-10-17 15:10 - 2017-11-10 01:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-10-17 15:09 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-10-17 14:19 - 2020-12-09 19:11 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2024-10-17 14:19 - 2020-12-09 19:11 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2024-10-16 03:08 - 2022-02-10 09:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-15 16:24 - 2017-11-10 01:52 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-10-13 13:42 - 2022-03-22 05:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-10-13 13:42 - 2021-06-01 20:48 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-10-10 17:07 - 2022-12-30 17:04 - 000000000 ____D C:\Users\Jura\AppData\Roaming\EasyAntiCheat
2024-10-10 16:23 - 2023-12-25 23:08 - 000000000 ____D C:\ProgramData\Packer
2024-10-10 16:23 - 2017-11-11 13:17 - 000000000 ___DC C:\Users\Jura\AppData\Local\UnrealEngine
2024-10-10 03:59 - 2020-10-13 15:25 - 000274000 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-10-10 03:59 - 2020-04-13 15:56 - 000549968 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-10-10 03:59 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-10-10 03:59 - 2019-09-13 16:36 - 001200696 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000950328 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000381520 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000306744 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000293968 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000229944 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000097848 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000084424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000028752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-10-10 03:59 - 2019-09-13 16:36 - 000020528 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2024-10-10 03:58 - 2020-08-08 14:11 - 000462536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-10-10 03:57 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-10-10 03:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-10-10 03:22 - 2022-10-14 14:47 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-10-10 03:22 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-10-10 03:19 - 2020-08-08 14:15 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-10-10 03:17 - 2020-02-15 18:16 - 000000000 ____D C:\Users\Jura\AppData\Local\Battle.net
2024-10-09 02:57 - 2017-11-10 01:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-10-09 02:55 - 2017-11-10 01:45 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-10-02 17:35 - 2020-03-28 13:28 - 000000000 ____D C:\Users\Jura\AppData\Local\Saber
2024-10-02 14:47 - 2017-11-11 17:11 - 000000000 ___DC C:\Users\Jura\AppData\Roaming\uTorrent
2024-09-30 14:50 - 2018-06-18 09:43 - 000000000 ___DC C:\Users\Jura\AppData\Roaming\Microsoft\Word
2024-09-30 14:41 - 2023-08-23 12:07 - 000115834 ____C C:\Users\Jura\Desktop\zivotopis_Ondrej_Jiri.pdf

==================== Files in the root of some directories ========

2021-09-25 17:14 - 2024-06-28 19:02 - 000012288 _____ () C:\Users\Jura\AppData\Roaming\emp.bin
2017-11-14 20:52 - 2017-11-14 20:52 - 000728064 ____C () C:\Users\Jura\AppData\Local\file__0.localstorage
2022-11-19 12:47 - 2022-11-19 12:47 - 000000218 _____ () C:\Users\Jura\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Ahoj,
pouzi fixlist s obsahom:

Start

CloseProcesses:

HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [Jura] => cmd.exe /c start ‪www.dinoklafbzor.org‬ (No File) <==== ATTENTION
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {076425d7-1e58-11ee-9c84-1c1b0d68fe46} - "I:\setup.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {2a59e237-2f3b-11eb-9c02-1c1b0d68fe46} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {50b56a65-6f1b-11e8-9b76-1c1b0d68fe46} - "I:\LaunchU3.exe" -a
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {54b88c80-c6d1-11e7-9b52-1c1b0d68fe46} - "I:\setup.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {ea20091a-16ab-11ea-9bc4-1c1b0d68fe46} - "H:\HiSuiteDownLoader.exe"

Hosts:
EmptyTemp:

End

Hotovo, posílám fixlog. Bude ještě potřeba znovu udělat FRST scan ?



Fix result of Farbar Recovery Scan Tool (x64) Version: 29-10-2024
Ran by Jura (30-10-2024 17:00:22) Run:2
Running from C:\Users\Jura\Desktop
Loaded Profiles: Jura
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [Jura] => cmd.exe /c start ‪www.dinoklafbzor.org‬ (No File) <==== ATTENTION
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {076425d7-1e58-11ee-9c84-1c1b0d68fe46} - "I:\setup.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {2a59e237-2f3b-11eb-9c02-1c1b0d68fe46} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {50b56a65-6f1b-11e8-9b76-1c1b0d68fe46} - "I:\LaunchU3.exe" -a
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {54b88c80-c6d1-11e7-9b52-1c1b0d68fe46} - "I:\setup.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {ea20091a-16ab-11ea-9bc4-1c1b0d68fe46} - "H:\HiSuiteDownLoader.exe"

Hosts:
EmptyTemp:

End
*****************

Processes closed successfully.
"HKU\S-1-5-21-698999926-1648983513-1323860127-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Jura" => removed successfully
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{076425d7-1e58-11ee-9c84-1c1b0d68fe46} => removed successfully
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a59e237-2f3b-11eb-9c02-1c1b0d68fe46} => removed successfully
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50b56a65-6f1b-11e8-9b76-1c1b0d68fe46} => removed successfully
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54b88c80-c6d1-11e7-9b52-1c1b0d68fe46} => removed successfully
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea20091a-16ab-11ea-9bc4-1c1b0d68fe46} => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38155640 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1434082885 B
Windows/system/drivers => 110769348 B
Edge => 0 B
Chrome => 122492480 B
Firefox => 1537256426 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 397646 B
systemprofile32 => 398025 B
LocalService => 401913 B
NetworkService => 401913 B
Jura => 44008777 B

RecycleBin => 0 B
EmptyTemp: => 3.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:01:09 ====

Netreba, prescanuj este s ADWCleanerom - ak nieco najde daj log ak nie hotovo

Hotovo, našlo to ještě jednu položku, posílám log.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-30-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.5011)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2765 octets] - [04/04/2019 20:10:36]
AdwCleaner[C00].txt - [2657 octets] - [04/04/2019 20:10:55]
AdwCleaner[S01].txt - [1371 octets] - [04/04/2019 20:12:46]
AdwCleaner[S02].txt - [1662 octets] - [30/10/2024 18:12:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-30-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.5011)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2765 octets] - [04/04/2019 20:10:36]
AdwCleaner[C00].txt - [2657 octets] - [04/04/2019 20:10:55]
AdwCleaner[S01].txt - [1371 octets] - [04/04/2019 20:12:46]
AdwCleaner[S02].txt - [1662 octets] - [30/10/2024 18:12:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Je to taka drobnost, dobre, ze si to zmazal a mame hotovo

Super, děkuji za pomoc. Pěkný večer přeji

Diiiky, aj Tebe