Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2023
Ran by Admin (administrator) on DESKTOP-2NJN64C (Gigabyte Technology Co., Ltd. Z270X-Gaming K5) (15-01-2023 15:22:07)
Running from C:\_ INSTALACE APLIKACI _\WWW stranka na viry
Loaded Profiles: Admin & TOMCAT
Platform: Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler64.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\Macrium\Common\ReflectMonitor.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(explorer.exe ->) (ACD Systems International Inc. -> ACD Systems) D:\Program Files\ACD Systems\ACDSee Luxea\acdIDInTouch2.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <40>
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(F:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) F:\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) F:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (Rivet Networks) [File not signed] C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(services.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(svchost.exe ->) (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(svchost.exe ->) (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30120.12006.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10031.0_x64__8wekyb3d8bbwe\Video.UI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [41088 2014-02-21] (Creative Technology Ltd -> Creative Technology Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobePSE18AutoAnalyzer] => C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe [3560048 2020-12-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [7195488 2021-02-19] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [VCVS06EN] => D:\Program Files\ACD Systems\ACDSee Luxea\acdIDInTouch2.exe [2155928 2022-03-11] (ACD Systems International Inc. -> ACD Systems)
HKLM-x32\...\Run: [Sound Blaster X-Fi MB5] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB5\Sound Blaster X-Fi MB5\SBXFIMB5.exe [871936 2016-09-23] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [5678928 2022-09-28] (QNAP Systems, Inc. -> QNAP)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\Run: [S3AutomaticSTART] => D:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe /tray (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\Run: [S3Automatic] => D:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe /tray (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\Run: [Free Download Manager] => C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe [4729344 2020-12-25] (Softdeluxe) [File not signed]
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [71744 2022-08-04] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\RunOnce: [Uninstall 21.109.0530.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.109.0530.0001\amd64" (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\RunOnce: [Uninstall 21.109.0530.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.109.0530.0001" (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [S3AutomaticSTART] => D:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe /tray (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [S3Automatic] => D:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe /tray (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [71744 2022-08-04] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [Free Download Manager] => C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe [4729344 2020-12-25] (Softdeluxe) [File not signed]
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32754128 2022-12-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [CCleaner Browser] => C:\Users\TOMCAT\AppData\Local\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserUpdateCore.exe (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [MicrosoftEdgeAutoLaunch_C38AFCD7DF647D1430F440CCC5893D25] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879368 2023-01-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32754128 2022-12-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\Run: [MicrosoftEdgeAutoLaunch_16407E915A42BEBED3F72C119C6A4F64] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879368 2023-01-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\Run: [Opera GX Stable] => C:\Users\finkd\AppData\Local\Programs\Opera GX\launcher.exe [2566600 2022-12-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\Run: [Opera GX Browser Assistant] => C:\Users\finkd\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.126\Installer\chrmstp.exe [2023-01-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.171\Installer\chrmstp.exe [2023-01-15] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2017-07-12]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks) [File not signed]
Startup: C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-04-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Admin\AppData\Local\Facebook\Games\FacebookGameroom.exe (No File)
Startup: C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-08-07]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Admin\AppData\Local\MEGAsync\MEGAsync.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {068A41C9-2584-4614-A533-17ED39D133CE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {072B581D-11C4-465F-9673-4A3EFDA1C1D0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {0FA2D141-D25C-4892-BF8C-A027310AD606} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1666173150 => C:\Users\finkd\AppData\Local\Programs\Opera GX\launcher.exe [2566600 2022-12-20] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\finkd\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {114186DA-0F8C-4E27-9A6D-CF47574E1FD9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {12CC878B-4383-4BE9-8A53-59736AA9AA6E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DD3CEED-4D9B-4118-AACF-2DE0597836D6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2677460E-4B7E-420B-9D48-F2CB3E62986D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-fink.daniel@outlook.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2A2CF8DB-0907-4BC6-B455-ADC0A59E6DB3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {2DF7A833-E645-4530-BA85-87DE542118F9} - System32\Tasks\VivaldiUpdateCheck-6910249aa0de7256 => C:\Users\TOMCAT\AppData\Local\Vivaldi\Application\update_notifier.exe [3426152 2023-01-11] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {39BF968B-E91C-475B-947F-728BA6A61E56} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-09] (bookingDesktopApp.) [File not signed]
Task: {42D96475-8C59-4A0A-A3F8-054A5638C9A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)
Task: {44202069-B920-495F-AC7E-C5DA10662275} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {4C783F5F-B062-48C4-A70D-F52C37023433} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {50034BF4-F760-4B4A-A094-A556442B52DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {59034BEA-BADB-44D4-BF65-7B879775845F} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1741136 2022-09-28] (QNAP Systems, Inc. -> )
Task: {5A994FCB-9354-45D5-8144-DF9FE35C9EE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {664F91DA-5D17-4B46-ABED-27CC6128386F} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\_DOWNLOAD_\esetonlinescanner_enu (1).exe LOGON (No File)
Task: {66C0F83C-7F42-42E8-B21A-5139355A9103} - System32\Tasks\Minecraft Education Weekly Updater => D:\Program Files (x86)\Microsoft Studios\Minecraft Education Edition\MinecraftEducationUpdater.exe (No File)
Task: {679BDED1-896E-40C8-9E50-9CC91B76EC5E} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-09] (bookingDesktopApp.) [File not signed]
Task: {69D5E407-4795-44DF-A99C-2F6BDBCF8D74} - System32\Tasks\EOSv3 Scheduler onTime => D:\_DOWNLOAD_\esetonlinescanner_enu (1).exe SCHED (No File)
Task: {6A1F0FEC-6E7F-4BD2-9A22-E3D258A8ED9C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {77F768EA-0FF2-495D-8C78-4F8821CDF309} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341432 2022-05-06] (Nvidia Corporation -> NVIDIA Corporation)
Task: {791CA059-A0BD-4DA0-A23F-1C74CC420486} - System32\Tasks\Minecraft Education Edition Automatic Updater => D:\Program Files (x86)\Microsoft Studios\Minecraft Education Edition\MinecraftEducationUpdater.exe (No File)
Task: {9741931A-60D9-40FB-B82E-B62EBBF0D08B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {97AFEDDC-6536-49A2-B354-AB5E05F0E9A9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DFB7EC9-0C4B-41A6-AC25-108B0ECEBE02} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AAE5882D-5A06-4069-9F8C-1B45B9FD0548} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AD1CAF56-BF9C-4DAD-936C-15A13586DFFB} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-04-21] () [File not signed]
Task: {B0B40DD5-126E-4E61-B469-895CCDA67983} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-25] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B3D80625-0B89-4CB5-B704-2D4B76B23EFD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BB3A1C81-3AA9-4198-8F4E-A402723BFA4B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB78FD16-B747-40FB-82A2-365A0C9FCB0B} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Admin => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5473552 2019-07-10] (Janos Mathe -> H.D.S. Hungary)
Task: {C0599DD0-D111-4A1D-8E28-37D342AC565E} - System32\Tasks\RunAsStdUser_MyComGames => C:\Users\TOMCAT\AppData\Local\MyComGames\MyComGames.exe -updated -lowermode "mycomgames://uninstall/13.2000009" /unique=12926484 (No File)
Task: {CE413404-BEBC-4E6E-B970-4BA622D1D065} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647424 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CF217BF3-3A06-44C3-881C-8BA77D558A76} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D0A91C05-5276-46B7-87F1-9DF5029E343A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)
Task: {D20382E7-DCC3-44A5-92CB-81F026156FC9} - System32\Tasks\FreeDownloadManagerHelperService => C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe [144896 2020-12-25] (Softdeluxe) [File not signed]
Task: {D5D0B5ED-B517-4436-AA7F-E54772954F19} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D5EDEA7A-0894-41BE-A972-5DC9CC23913F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC558ED8-DFFD-4379-8DB3-115C3F62AA8D} - System32\Tasks\Opera scheduled Autoupdate 1666092092 => C:\Users\TOMCAT\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {E3E158EF-BB93-49AC-881D-E402130F9E7C} - System32\Tasks\Opera GX scheduled Autoupdate 1665589995 => C:\Users\finkd\AppData\Local\Programs\Opera GX\launcher.exe [2566600 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {ED30CB83-F97D-483F-A213-1C2A71DE7CBD} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-2NJN64C-TOMCAT => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F97E899C-40AC-46D7-AB7D-0B2AFEA3633F} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {FA475CE5-E9F1-4907-A553-5F2A7D80180B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4136874423-1320431272-4261636104-1003 => C:\Users\TOMCAT\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2022-06-23] (Mega Limited -> )
Task: {FE4F6CFE-9D0D-4C8C-BBDD-BC3BBC0473AC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1ae59009-36bf-4fda-b8ed-5c0449ade3ad}: [DhcpNameServer] 192.168.0.1

Edge: 
=======
Edge Notifications: HKU\S-1-5-21-4136874423-1320431272-4261636104-1003 -> hxxps://www.facebook.com; hxxps://www.qnap.com; hxxps://www.letgo.cz; hxxps://www.wish.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-30]

FireFox:
========
FF DefaultProfile: zk333avi.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zk333avi.default [2022-11-09]
FF Homepage: Mozilla\Firefox\Profiles\zk333avi.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\zk333avi.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10463__181115
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-12-09] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-12-09] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin HKU\S-1-5-21-4136874423-1320431272-4261636104-1003: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Users\TOMCAT\AppData\Local\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4136874423-1320431272-4261636104-1003: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Users\TOMCAT\AppData\Local\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [No File]

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2022-11-09]
CHR Notifications: Default -> hxxps://fitgirl-repacks.site
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-22]

Opera: 
=======
StartMenuInternet: (HKU\S-1-5-21-4136874423-1320431272-4261636104-1006) Opera GXStable - "C:\Users\finkd\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-17] (BattlEye Innovations e.K. -> )
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-09] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-09] (bookingDesktopApp.) [File not signed]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12540928 2022-12-17] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-09-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
R2 Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [1929216 2016-09-12] (Rivet Networks) [File not signed]
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [9114464 2021-02-19] (O&O Software GmbH -> O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2347824 2019-10-05] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3222320 2019-10-05] (Electronic Arts, Inc. -> Electronic Arts)
S3 OVRLibraryService; F:\Oculus\Support\oculus-librarian\OVRLibraryService.exe [148024 2022-12-20] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; F:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [514616 2022-12-20] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2017-11-26] (Even Balance, Inc. -> )
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [371280 2021-02-24] (Synology Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.171\elevation_service.exe" [X]
S3 Minecraft Education Updater; "D:\Program Files (x86)\Microsoft Studios\Minecraft Education Edition\MinecraftEducationUpdater.exe" /runservice [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
S2 UsbClientService; d:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\Windows\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [69024 2019-05-29] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 gdrv; C:\Windows\gdrv.sys [26192 2017-07-12] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47928 2020-10-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2021-06-27] (北京铠信神州科技有限责任公司 -> )
R3 MpKslb14250ba; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1DEDB991-B282-4873-AA59-1955226F3ACA}\MpKslDrv.sys [214280 2023-01-15] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle2e2add8; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1DEDB991-B282-4873-AA59-1955226F3ACA}\MpKslDrv.sys [214280 2023-01-15] (Microsoft Windows -> Microsoft Corporation)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [74744 2021-04-21] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:\Windows\System32\drivers\oculusvad.sys [75280 2022-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\Windows\System32\drivers\Oculus_ViGEmBus.sys [32856 2022-07-14] (Oculus VR, LLC -> Facebook Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R2 RfeCoSvc; C:\Windows\system32\DRIVERS\RfeCo10X64.sys [86344 2016-09-12] (Rivet Networks LLC -> Rivet Networks, LLC.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 usbser; C:\Windows\SysWOW64\drivers\usbser.sys [25600 2018-04-19] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-15 15:03 - 2023-01-15 15:22 - 000000000 ____D C:\FRST
2023-01-15 15:03 - 2023-01-15 15:18 - 000059423 _____ C:\Users\TOMCAT\Desktop\FRST.txt
2023-01-15 15:03 - 2023-01-15 15:07 - 000152522 _____ C:\Users\TOMCAT\Desktop\Addition.txt
2023-01-15 15:02 - 2023-01-15 15:02 - 002376704 _____ (Farbar) C:\Users\TOMCAT\Desktop\FRST64.exe
2023-01-15 13:06 - 2023-01-15 13:06 - 000000954 _____ C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeePass.lnk
2023-01-15 12:53 - 2023-01-15 12:54 - 000000000 ____D C:\AdwCleaner
2023-01-15 12:47 - 2023-01-15 12:55 - 000000000 ____D C:\_ INSTALACE APLIKACI _
2023-01-15 12:14 - 2023-01-15 12:14 - 000001878 _____ C:\Users\Public\Desktop\Data Migration.lnk
2023-01-15 12:14 - 2023-01-15 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2023-01-15 12:09 - 2023-01-15 12:09 - 000000004 _____ C:\Windows\dm.err
2022-12-26 13:21 - 2023-01-15 12:15 - 000000034 _____ C:\Windows\script.txt
2022-12-26 13:14 - 2022-12-26 13:14 - 000000000 ____D C:\Users\Admin\AppData\Local\DataMigration
2022-12-19 09:51 - 2022-12-19 17:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-12-18 16:38 - 2022-12-18 16:38 - 000000000 ____D C:\Users\finkd\AppData\LocalLow\Evil Tortilla Games
2022-12-17 04:37 - 2022-12-17 04:37 - 000000846 _____ C:\Users\TOMCAT\Desktop\_ PRONAJMY - NEMOVITOSTI _ – zástupce.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-15 15:18 - 2022-01-31 11:57 - 000000000 ____D C:\Users\TOMCAT\Desktop\Nová složka
2023-01-15 15:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-15 15:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-01-15 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-15 14:43 - 2017-07-13 19:34 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-15 14:18 - 2017-09-03 09:50 - 000000000 ____D C:\Users\TOMCAT\AppData\LocalLow\Mozilla
2023-01-15 14:09 - 2021-03-13 18:22 - 001707166 _____ C:\Windows\system32\PerfStringBackup.INI
2023-01-15 14:09 - 2019-12-07 15:41 - 000721210 _____ C:\Windows\system32\perfh005.dat
2023-01-15 14:09 - 2019-12-07 15:41 - 000147000 _____ C:\Windows\system32\perfc005.dat
2023-01-15 14:09 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-01-15 14:02 - 2022-07-14 12:32 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Oculus
2023-01-15 14:02 - 2021-03-13 18:20 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-01-15 14:02 - 2021-03-13 18:12 - 000343080 _____ C:\Windows\system32\FNTCACHE.DAT
2023-01-15 14:02 - 2021-03-13 18:12 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-15 14:02 - 2021-03-13 18:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-15 14:02 - 2017-07-12 13:30 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-15 13:49 - 2021-03-13 18:14 - 000000000 ____D C:\Users\TOMCAT
2023-01-15 13:30 - 2021-03-09 11:21 - 000002439 _____ C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2023-01-15 13:30 - 2021-03-09 11:21 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Vivaldi
2023-01-15 13:20 - 2019-10-20 09:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-01-15 13:18 - 2021-04-06 03:17 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Kodi
2023-01-15 13:02 - 2020-10-26 17:10 - 000000000 ____D C:\_ FOTO _
2023-01-15 13:01 - 2020-10-24 15:13 - 000000000 ____D C:\_ APLIKACE _
2023-01-15 12:58 - 2021-03-13 18:14 - 000000000 ____D C:\Users\Admin
2023-01-15 12:54 - 2021-07-03 10:08 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Signal
2023-01-15 12:54 - 2018-11-15 14:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Lavasoft
2023-01-15 12:54 - 2018-11-15 14:32 - 000000000 ____D C:\Users\Admin\AppData\Local\Lavasoft
2023-01-15 12:54 - 2018-11-15 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-01-15 12:54 - 2018-11-15 14:32 - 000000000 ____D C:\ProgramData\Lavasoft
2023-01-15 12:54 - 2018-11-15 14:32 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-01-15 12:32 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-01-15 12:14 - 2018-03-13 13:15 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Samsung
2023-01-15 12:14 - 2017-07-12 13:58 - 000000000 ____D C:\Program Files (x86)\Samsung
2023-01-15 12:14 - 2017-07-12 13:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-01-15 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-01-15 11:50 - 2021-07-13 05:49 - 000066560 _____ C:\Windows\dm_batch.bak
2023-01-15 11:50 - 2021-07-13 05:49 - 000000064 _____ C:\Windows\dm.dmap
2023-01-15 11:50 - 2019-12-07 10:03 - 001310720 _____ C:\Windows\system32\config\BBI
2023-01-15 11:46 - 2020-06-09 00:47 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-15 11:42 - 2021-04-22 10:34 - 000001024 ____H C:\AMTAG.BIN
2023-01-15 11:41 - 2021-04-22 10:34 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2023-01-15 11:34 - 2017-08-26 06:35 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\CrashDumps
2023-01-15 11:29 - 2017-07-13 19:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-15 11:16 - 2021-03-13 18:20 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-15 11:16 - 2021-03-13 18:20 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-15 11:13 - 2021-06-26 12:16 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-12-26 10:21 - 2017-09-08 05:29 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Adobe
2022-12-25 13:51 - 2022-07-14 12:34 - 000000000 ____D C:\Users\finkd\AppData\Local\Oculus
2022-12-23 23:19 - 2017-10-08 02:55 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\vlc
2022-12-23 09:16 - 2022-10-18 12:21 - 000004214 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1666092092
2022-12-23 09:16 - 2022-10-18 12:21 - 000001457 _____ C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-12-22 11:52 - 2017-07-15 20:47 - 000000000 ____D C:\Program Files (x86)\Steam
2022-12-21 17:47 - 2021-06-30 06:35 - 000000000 ____D C:\Users\finkd\AppData\Local\Adobe
2022-12-21 16:26 - 2022-10-12 16:53 - 000004218 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1665589995
2022-12-21 16:26 - 2022-10-12 16:53 - 000001483 _____ C:\Users\finkd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2022-12-19 17:01 - 2017-07-12 13:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-19 14:36 - 2021-10-23 05:48 - 000000000 ____D C:\Users\finkd\AppData\Local\GeometryDash
2022-12-19 14:36 - 2021-08-04 12:28 - 000000000 ____D C:\Users\finkd\AppData\Roaming\discord
2022-12-19 14:02 - 2022-08-01 06:39 - 000000000 ____D C:\Users\finkd\AppData\Local\Discord
2022-12-19 11:18 - 2021-07-31 07:29 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-12-19 11:18 - 2017-07-12 13:53 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-19 09:52 - 2022-02-18 08:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-18 16:37 - 2021-09-07 17:35 - 000000000 ____D C:\Users\finkd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-12-17 15:49 - 2021-08-29 01:39 - 000000000 ____D C:\Program Files\Microsoft Office

==================== Files in the root of some directories ========

2021-06-24 08:46 - 2021-06-24 08:46 - 000000038 _____ () C:\Users\Admin\AppData\Local\cloudready_installer_uuid
2021-05-06 13:00 - 2021-05-06 13:00 - 000000001 _____ () C:\Users\Admin\AppData\Local\RawCopy.1.01.agreement
2021-04-26 08:55 - 2021-04-26 08:55 - 000000001 _____ () C:\Users\Admin\AppData\Local\RawCopy.1.02.agreement
2021-05-23 04:50 - 2021-05-23 04:50 - 000000001 _____ () C:\Users\Admin\AppData\Local\RawCopy.1.10.agreement
2021-05-06 13:01 - 2021-05-06 13:01 - 000000061 _____ () C:\Users\Admin\AppData\Local\RawCopy.opendialog.dir
2021-05-06 13:01 - 2021-05-06 13:01 - 000000001 _____ () C:\Users\Admin\AppData\Local\RawCopy.opendialog.filterindex
2021-04-26 08:57 - 2021-04-26 08:57 - 000000044 _____ () C:\Users\Admin\AppData\Local\RawCopy.savedialog.dir
2021-04-26 08:57 - 2021-04-26 08:57 - 000000001 _____ () C:\Users\Admin\AppData\Local\RawCopy.savedialog.filterindex
2021-05-06 13:01 - 2021-05-06 13:01 - 000000092 _____ () C:\Users\Admin\AppData\Local\RawCopy.sourcedisk.filepath
2021-04-26 08:56 - 2021-05-23 04:50 - 000000001 _____ () C:\Users\Admin\AppData\Local\RawCopy.sourcedisk.index

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================