Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.01.2024
Ran by TOMCAT (administrator) on PC-GTX1080 (Gigabyte Technology Co., Ltd. Z270X-Gaming K5) (12-01-2024 15:30:19)
Running from D:\_ APLIKACE PORTABLE _\viry.cz\FRST64.exe
Loaded Profiles: TOMCAT
Platform: Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.147\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.147\BraveCrashHandler64.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(explorer.exe ->) (6099D0EF-9374-47ED-BDFE-A82136831235 -> File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(explorer.exe ->) (Dominik Reichl) [File not signed] C:\_ APLIKACE _\KeePass\KeePass.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <33>
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(F:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) F:\Oculus\Support\oculus-runtime\OVRRedir.exe
(F:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) F:\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(F:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming Group Limited -> Wargaming.net) F:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <5>
(F:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) F:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\TOMCAT\AppData\Local\Microsoft\OneDrive\23.246.1127.0002\Microsoft.SharePoint.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) D:\Program Files (x86)\AOMEI\AOMEI Backupper 6.4.0\ABService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_675be35f1ba2315e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) F:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (Rivet Networks) [File not signed] C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2310.24037.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.3DBuilder_20.0.4.0_x64__8wekyb3d8bbwe\Builder3D.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(Wargaming Group Limited -> Wargaming.net) F:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobePSE18AutoAnalyzer] => C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe [3560048 2020-12-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [7195488 2021-02-19] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [VCVS07EN] => C:\Program Files\ACD Systems\LUXEA Pro\7.0\acdIDInTouch2.exe [3501616 2023-07-07] (ACD Systems International Inc. -> ACD Systems International Inc.)
HKLM\...\Run: [BraveVpnWireguardService] => C:\Program Files\BraveSoftware\Brave-Browser\Application\120.1.61.116\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10837528 2024-01-10] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM-x32\...\Run: [Sound Blaster X-Fi MB5] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB5\Sound Blaster X-Fi MB5\SBXFIMB5.exe [871936 2016-09-23] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [5788496 2023-08-17] (QNAP Systems, Inc. -> QNAP)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-08] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72104 2023-12-18] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [62057848 2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1002\...\RunOnce: [Uninstall 23.048.0305.0002] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\23.048.0305.0002" [0 2023-08-02] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72104 2023-12-18] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [Free Download Manager] => "C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe" --hidden (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [MicrosoftEdgeAutoLaunch_C38AFCD7DF647D1430F440CCC5893D25] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [] => [X]
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [com.messenger] => "C:\Users\TOMCAT\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\Run: [Gaijin.Net Updater] => C:\Users\TOMCAT\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [3065544 2023-10-06] (Gaijin Network Ltd -> Gaijin)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\...\RunOnce: [Application Restart #4] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [2759704 2024-01-10] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37180368 2023-12-27] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\Run: [MicrosoftEdgeAutoLaunch_16407E915A42BEBED3F72C119C6A4F64] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3854376 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\Run: [Opera GX Stable] => C:\Users\finkd\AppData\Local\Programs\Opera GX\launcher.exe [2646424 2023-06-14] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\Run: [Opera GX Browser Assistant] => C:\Users\finkd\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\finkd\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\finkd\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [61477816 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4136874423-1320431272-4261636104-1006\...\RunOnce: [Uninstall 22.238.1114.0002] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\finkd\AppData\Local\Microsoft\OneDrive\22.238.1114.0002" [0 2023-06-24] () <==== ATTENTION [zero byte File/Folder]
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.217\Installer\chrmstp.exe [2024-01-12] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\120.1.61.116\Installer\chrmstp.exe [2024-01-11] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-04-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\TOMCAT\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook) [File not signed]
Startup: C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-08-07]
ShortcutTarget: MEGAsync.lnk -> C:\Users\TOMCAT\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2017-07-12]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks) [File not signed]

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FA2D141-D25C-4892-BF8C-A027310AD606} - \Opera GX scheduled assistant Autoupdate 1666173150 -> No File <==== ATTENTION
Task: {D20382E7-DCC3-44A5-92CB-81F026156FC9} - \FreeDownloadManagerHelperService -> No File <==== ATTENTION
Task: {C52B065D-BFB2-4C4D-805E-E69B22B2F3B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {ED30CB83-F97D-483F-A213-1C2A71DE7CBD} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-2NJN64C-TOMCAT => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2677460E-4B7E-420B-9D48-F2CB3E62986D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-fink.daniel@outlook.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F28EEFF4-67BF-49A6-8A68-3571C60427ED} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {3D9E78BD-97A7-46EA-B0BD-7F997F1E7C24} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {44202069-B920-495F-AC7E-C5DA10662275} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {39BF968B-E91C-475B-947F-728BA6A61E56} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-09] (bookingDesktopApp.) [File not signed]
Task: {679BDED1-896E-40C8-9E50-9CC91B76EC5E} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-09] (bookingDesktopApp.) [File not signed]
Task: {F97E899C-40AC-46D7-AB7D-0B2AFEA3633F} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {068A41C9-2584-4614-A533-17ED39D133CE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9CBC141C-6F47-4D36-B846-83EBB212ADFA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6234.0{B17E6A21-BA3D-4247-BE33-839706AAE746} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6234.0\updater.exe [4639520 2024-01-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {BB78FD16-B747-40FB-82A2-365A0C9FCB0B} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Admin => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5473552 2019-07-10] (Janos Mathe -> H.D.S. Hungary)
Task: {4D8BAFC4-C4FD-4FC7-BFE0-74DEF6536037} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1741136 2023-08-17] (QNAP Systems, Inc. -> )
Task: {FA475CE5-E9F1-4907-A553-5F2A7D80180B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4136874423-1320431272-4261636104-1003 => C:\Users\TOMCAT\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2023-09-23] (Mega Limited -> )
Task: {0C5373CF-FB5F-49E2-8E6A-1ABB2B03C2B9} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-4136874423-1320431272-4261636104-1003 => C:\Users\TOMCAT\AppData\Local\Programs\Messenger\MessengerHelper.exe [2157816 2023-02-27] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {BF1B205C-40D1-4210-A781-1797415D7461} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425808 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {24C4FA37-206C-407B-BC6F-EFD7A0FB9C18} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425808 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {08B9DD8E-C1AD-4A71-881D-38703D184CD2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305600 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {63FFFAB8-E6AE-4F92-A064-2A922DFD165E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305600 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {159CD631-D64F-408C-B0A7-6C91B5A72669} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F5D82A0-4645-44F9-ADFC-E5AFF37B14E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB891EB4-57BA-414B-BF27-7337FFC7CD41} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {99345E06-44CA-408F-B612-FB1F9533164A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7565EEC3-65D3-4388-A14D-2157591B1786} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AAE5882D-5A06-4069-9F8C-1B45B9FD0548} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [674720 2024-01-10] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6CDB8039-2641-4607-945C-D44389FEAD07} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [35232 2024-01-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {AD1CAF56-BF9C-4DAD-936C-15A13586DFFB} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-04-21] () [File not signed]
Task: {52DD6325-921D-4FC0-B7B5-43B8BFF50074} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A0942A4E-BDC4-427D-9775-3B7F00C435AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2ADDAA41-047D-40F6-B35C-EA4097841D9B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D532B136-808C-47A3-84C4-9AFDDC69E0A0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {419A9268-1F9B-4EC3-A070-7F15B3FE95A1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {09ED2EFB-0812-46D7-9CAC-202A40CF190E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {64D98C9C-7642-47C4-B41B-C388F380623A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CEA627D4-8014-4D54-AF81-3EE9D53291E1} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {509C742F-5DE2-4708-9DEF-1652060A4B36} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1D6E5E8-E90B-4E76-87CB-46007CBCF8C8} - System32\Tasks\Opera GX scheduled Autoupdate 1665589995 => C:\Users\finkd\AppData\Local\Programs\Opera GX\launcher.exe [2646424 2023-06-14] (Opera Norway AS -> Opera Software)
Task: {13DCE8D7-EFE0-40DD-9412-70FDD92FE97D} - System32\Tasks\Opera scheduled Autoupdate 1666092092 => C:\Users\TOMCAT\AppData\Local\Programs\Opera\launcher.exe [2350496 2024-01-05] (Opera Norway AS -> Opera Software)
Task: {C0599DD0-D111-4A1D-8E28-37D342AC565E} - System32\Tasks\RunAsStdUser_MyComGames => C:\Users\TOMCAT\AppData\Local\MyComGames\MyComGames.exe  -updated -lowermode "mycomgames://uninstall/13.2000009" /unique=12926484 (No File)
Task: {2A2CF8DB-0907-4BC6-B455-ADC0A59E6DB3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {2DF7A833-E645-4530-BA85-87DE542118F9} - System32\Tasks\VivaldiUpdateCheck-6910249aa0de7256 => C:\Users\TOMCAT\AppData\Local\Vivaldi\Application\update_notifier.exe [3704720 2024-01-10] (Vivaldi Technologies AS -> Vivaldi Technologies AS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1ae59009-36bf-4fda-b8ed-5c0449ade3ad}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1ae59009-36bf-4fda-b8ed-5c0449ade3ad}: [DhcpDomain] AX6000

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-12]
Edge Notifications: Default -> hxxps://twitter.com
Edge HomePage: Default -> hxxps://calendar.google.com/calendar/r?tab=wc
Edge StartupUrls: Default -> "hxxps://scratch.mit.edu/"
Edge Extension: (Překladač Google) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-10-07]
Edge Extension: (Video Downloader Plus) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjljdgfhkjbdbkcdkfojleidpldagmao [2023-10-07]
Edge Extension: (Return YouTube Dislike) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-12-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-07]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-07]
Edge Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mceplokdebjaneacdmhgacicphdkenab [2023-11-08]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-01-12]
Edge Extension: (Adblock for Youtube™) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nipggfgilmoiofmnkbeabghbcaohmjih [2023-12-25]
Edge Profile: C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-10-07]
Edge Profile: C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2024-01-10]
Edge Extension: (Dokumenty Google offline) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-07]
Edge Extension: (Edge relevant text changes) - C:\Users\TOMCAT\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-07]

FireFox:
========
FF DefaultProfile: px7yb97d.default
FF ProfilePath: C:\Users\TOMCAT\AppData\Roaming\Mozilla\Firefox\Profiles\px7yb97d.default [2024-01-12]
FF Notifications: Mozilla\Firefox\Profiles\px7yb97d.default -> hxxps://www.letgo.cz; hxxps://www.megaknihy.cz; hxxps://littlealchemy2.com
FF Extension: (Blokátor reklam AdGuard) - C:\Users\TOMCAT\AppData\Roaming\Mozilla\Firefox\Profiles\px7yb97d.default\Extensions\adguardadblocker@adguard.com.xpi [2023-12-29]
FF Extension: (Elemental – Soft) - C:\Users\TOMCAT\AppData\Roaming\Mozilla\Firefox\Profiles\px7yb97d.default\Extensions\elemental-soft-colorway@mozilla.org.xpi [2023-03-17]
FF Extension: (Enhancer for YouTube™) - C:\Users\TOMCAT\AppData\Roaming\Mozilla\Firefox\Profiles\px7yb97d.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2023-08-26]
FF Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\TOMCAT\AppData\Roaming\Mozilla\Firefox\Profiles\px7yb97d.default\Extensions\firefox@ghostery.com.xpi [2023-12-15]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\TOMCAT\AppData\Roaming\Mozilla\Firefox\Profiles\px7yb97d.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2023-12-13]
FF Extension: (Simple Translate) - C:\Users\TOMCAT\AppData\Roaming\Mozilla\Firefox\Profiles\px7yb97d.default\Extensions\simple-translate@sienori.xpi [2023-09-15]
FF Extension: (Google™ Translator) - C:\Users\TOMCAT\AppData\Roaming\Mozilla\Firefox\Profiles\px7yb97d.default\Extensions\{059cddf1-f66c-4b63-a79a-c35ac7e6ac65}.xpi [2021-01-13]
FF Extension: (Sticky Password - správce hesel) - C:\Users\TOMCAT\AppData\Roaming\Mozilla\Firefox\Profiles\px7yb97d.default\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2021-11-24]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-12-09] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-12-09] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default [2024-01-12]
CHR DownloadDir: D:\Users\TOMCAT\Downloads
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://calendar.google.com; hxxps://creator.nightcafe.studio; hxxps://cs.duolingo.com; hxxps://drive.google.com; hxxps://en.softonic.com; hxxps://jrceshop.os.tc; hxxps://mallpay.cz; hxxps://meet.google.com; hxxps://milanfon.cz; hxxps://news.ubisoft.com; hxxps://pl.aliexpress.com; hxxps://shellshock.io; hxxps://store.ubi.com; hxxps://tdmix.ru; hxxps://web.skype.com; hxxps://wp.aliexpress.com; hxxps://www.arcadepunks.com; hxxps://www.chip.cz; hxxps://www.dreamstime.com; hxxps://www.duolingo.com; hxxps://www.etoro.com; hxxps://www.gogy.com; hxxps://www.hracky-4kids.cz; hxxps://www.instagram.com; hxxps://www.kosik.cz; hxxps://www.letgo.cz; hxxps://www.prepostseo.com; hxxps://www.qnap.com
CHR HomePage: Default -> hxxps://calendar.google.com/calendar/r?tab=wc
CHR StartupUrls: Default -> "hxxps://scratch.mit.edu/"
CHR Extension: (Překladač Google) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
CHR Extension: (Sticky Password - správce hesel) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2023-10-27]
CHR Extension: (Adblock na Youtube™) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2024-01-09]
CHR Extension: (Scratch Addons) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbeffbjdlemaoicjdapfpikkikjoneco [2023-10-21]
CHR Extension: (Return YouTube Dislike) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-12-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-10]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-12]
CHR Extension: (QR Creator - dělá inteligentní QR) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaemlhmblnpmbcledllflecnlhmaneep [2017-07-13]
CHR Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\mceplokdebjaneacdmhgacicphdkenab [2023-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-10]
CHR Profile: C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-12-12]
CHR Notifications: Profile 2 -> hxxps://eshop.tescoma.cz; hxxps://www.facebook.com
CHR Extension: (Kurzor Cat) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aeehekhncjhhmchjolinnihgdpapmljk [2023-12-12]
CHR Extension: (Laser Cat) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ccnpdidcjgcdgaopacccfghmgdlipnoc [2023-10-10]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-12]
CHR Extension: (Meow, The Cat Pet) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ejgnolahdlcimijhloboakpjogbfdkkp [2023-11-06]
CHR Extension: (Scratch Addons) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fbeffbjdlemaoicjdapfpikkikjoneco [2023-11-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-12]
CHR Extension: (Chrome Cat) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nedimkoolcnedillajmobdhlmeibokgp [2023-10-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-02]
CHR Extension: (Stray Kitty) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pdiefgmeejbkamgippdjdchpgkdnelbl [2023-10-10]
CHR Profile: C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-12-24]
CHR Notifications: Profile 4 -> hxxps://calendar.google.com; hxxps://www.facebook.com
CHR StartupUrls: Profile 4 -> "hxxps://calendar.google.com/calendar/u/0/r/month?pli=1"
CHR Extension: (Překladač Google) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-05-24]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-03-10]
CHR Extension: (Tetrys) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bnchicpgbdgahiecgofdabidjihblaff [2023-03-10]
CHR Extension: (buykers | slevové kupony a kódy) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dacdinoicboceafielngnmjjplncljhj [2023-03-10]
CHR Extension: (FNF Test | Friday Night Funkin') - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eaodffapedapnhpbagmpbmebjlmahdbl [2022-04-24]
CHR Extension: (Kami for Google Chrome™) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk [2023-03-10]
CHR Extension: (Cookie Clicker Game) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\edggkgdammihneiigjkbmbjbihobpoeo [2021-11-12]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-10]
CHR Extension: (Meow, The Cat Pet) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ejgnolahdlcimijhloboakpjogbfdkkp [2023-03-10]
CHR Extension: (Paint Online) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ekjkklcgfckldgeihbnnckofgilnmafm [2022-04-24]
CHR Extension: (Scratch Addons) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fbeffbjdlemaoicjdapfpikkikjoneco [2023-03-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-10]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-03-10]
CHR Extension: (Emoji Pets) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kmpienmlhgboooblifeplelmpaaccafc [2022-09-10]
CHR Extension: ([FNF] Friday Night Funkin' Games) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ljpehdpmajakdfbfefniiofjegegffaj [2023-03-10]
CHR Extension: (PiggyBank Money Clicker - Idle Game) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mkccemimdjbojildcllapppfhphcfmkn [2023-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-29]
CHR Extension: (Custom Cursor for Chrome™ - Vlastní kurzor) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2023-03-10]
CHR Profile: C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-12-06]
CHR Notifications: Profile 5 -> hxxps://www.youtube.com
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-04]
CHR Profile: C:\Users\TOMCAT\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-12]
CHR HKU\S-1-5-21-4136874423-1320431272-4261636104-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKU\S-1-5-21-4136874423-1320431272-4261636104-1006) Opera GXStable - "C:\Users\finkd\AppData\Local\Programs\Opera GX\Launcher.exe"

Brave: 
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-12-31]
BRA Notifications: Default -> hxxps://calendar.google.com
BRA Extension: (Překladač Google) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-04-01]
BRA Extension: (Save My Ass) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ahpcdkakbmidkdmdepakolfpafnggnmc [2021-06-26]
BRA Extension: (Sticky Password - správce hesel) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2023-10-30]
BRA Extension: (OneTab) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2023-10-13]
BRA Extension: (Play in VLC™) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjjiafgjjkoonchbncbebpghoojakbgm [2021-06-26]
BRA Extension: (Adblock na Youtube™) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-12-07]
BRA Extension: (TinySketch) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eekbbmglbfldjpgbmajenafphnfjonnc [2021-10-22]
BRA Extension: (Fidget Spinner) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fnjlfdbkccdjdimfeodmflindgceoadi [2021-06-26]
BRA Extension: (Uložit na Pinterest) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2023-12-28]
BRA Extension: (Open in VLC™ media player) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihpiinojhnfhpdmmacgmpoonphhimkaj [2023-08-07]
BRA Extension: (Imagus) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2021-06-26]
BRA Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mceplokdebjaneacdmhgacicphdkenab [2023-11-15]
BRA Extension: (CrossPilot) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\migomhggnppjdijnfkiimcpjgnhmnale [2022-01-31]
BRA Extension: (Microsoft 365) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2023-12-21]
BRA Extension: (Postlight Reader) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2023-03-02]
BRA Extension: (Online Download Manager - Video Downloader) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\opjjpmhoiojifppkkcdabiobhakljdgm [2023-08-22]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-12-31]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-12-31]
BRA Extension: (Brave NTP background images) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-09-18]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-12-31]
BRA Extension: (Wallet Data Files Updater) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-12-31]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-12-31]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-11-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-12-31]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-15]
BRA Extension: (Brave Ads Resources) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2023-12-28]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-12-31]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-31]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-12-07]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-12-31]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2022-11-18]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\TOMCAT\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-26]

Vivaldi: 
=======
VIV DefaultProfile: Default
VIV Profile: C:\Users\TOMCAT\AppData\Local\Vivaldi\User Data\Default [2023-08-02]
VIV Extension: (Sticky Password - správce hesel) - C:\Users\TOMCAT\AppData\Local\Vivaldi\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2023-08-02]
VIV Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\TOMCAT\AppData\Local\Vivaldi\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-08-02]
VIV Profile: C:\Users\TOMCAT\AppData\Local\Vivaldi\User Data\System Profile [2023-03-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; D:\Program Files (x86)\AOMEI\AOMEI Backupper 6.4.0\ABService.exe [995760 2021-01-27] (AOMEI International Network Limited -> AOMEI International Network Limited)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-10] (BattlEye Innovations e.K. -> )
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-09] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-09] (bookingDesktopApp.) [File not signed]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\120.1.61.116\brave_vpn_helper.exe [2765336 2024-01-10] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\120.1.61.116\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10837528 2024-01-10] (Brave Software, Inc. -> Brave Software, Inc.)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [156552 2020-06-30] (Canon Inc. -> CANON INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777592 2024-01-04] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-12-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-10-20] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-10-24] (Epic Games Inc. -> Epic Games, Inc.)
S2 GoogleUpdaterInternalService122.0.6234.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6234.0\updater.exe [4639520 2024-01-08] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService122.0.6234.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6234.0\updater.exe [4639520 2024-01-08] (Google LLC -> Google LLC) <==== ATTENTION
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-05] (HP Inc. -> HP Inc.)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446360 2022-04-27] (Canon Inc. -> )
R2 Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [1929216 2016-09-12] (Rivet Networks) [File not signed]
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [9114464 2021-02-19] (O&O Software GmbH -> O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2347824 2019-10-05] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3222320 2019-10-05] (Electronic Arts, Inc. -> Electronic Arts)
S3 OVRLibraryService; F:\Oculus\Support\oculus-librarian\OVRLibraryService.exe [148024 2023-12-12] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; F:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [508984 2023-12-12] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2017-11-26] (Even Balance, Inc. -> )
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [371280 2021-02-24] (Synology Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\120.1.61.116\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_675be35f1ba2315e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_675be35f1ba2315e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [31760 2023-09-15] (AOMEI International Network Limited -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\Windows\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [69024 2019-05-29] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 gdrv; C:\Windows\gdrv.sys [26192 2017-07-12] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47928 2020-10-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2021-06-27] (北京铠信神州科技有限责任公司 -> )
R3 MpKsl307f382a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B5F5B7EB-E1D7-45A0-BD29-52A01042ED49}\MpKslDrv.sys [263560 2024-01-12] (Microsoft Windows -> Microsoft Corporation)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [74744 2021-04-21] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:\Windows\System32\drivers\oculusvad.sys [75280 2022-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\Windows\System32\drivers\Oculus_ViGEmBus.sys [32856 2022-07-14] (Oculus VR, LLC -> Facebook Inc.)
S0 ProtectedELAM; C:\Windows\System32\drivers\protected_elam.sys [18912 2023-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> TODO: <Company name>)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R2 RfeCoSvc; C:\Windows\system32\DRIVERS\RfeCo10X64.sys [86344 2016-09-12] (Rivet Networks LLC -> Rivet Networks, LLC.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2021-03-13] (Microsoft Corporation) [File not signed]
S3 usbser; C:\Windows\SysWOW64\drivers\usbser.sys [25600 2018-04-19] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-11 05:44 - 2024-01-11 05:44 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2024-01-11 05:04 - 2024-01-11 05:04 - 000000000 ___HD C:\$WinREAgent
2024-01-10 05:37 - 2024-01-10 15:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-01-10 05:19 - 2024-01-10 05:19 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-09 16:44 - 2024-01-10 12:51 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Scratch
2024-01-09 16:44 - 2024-01-09 16:44 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch 3.lnk
2024-01-09 16:44 - 2024-01-09 16:44 - 000002187 _____ C:\Users\Public\Desktop\Scratch 3.lnk
2024-01-09 16:44 - 2024-01-09 16:44 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\scratch-desktop-updater
2024-01-09 16:44 - 2024-01-09 16:44 - 000000000 ____D C:\Program Files (x86)\Scratch 3
2024-01-09 15:10 - 2024-01-09 15:10 - 003039063 _____ ( ) C:\Windows\unins000.exe
2024-01-09 15:10 - 2024-01-09 15:10 - 000011873 _____ C:\Windows\unins000.dat
2024-01-09 15:10 - 2024-01-09 15:10 - 000000000 ____D C:\ProgramData\Fulapa
2024-01-08 12:33 - 2024-01-08 12:33 - 000000000 _____ C:\Users\TOMCAT\Desktop\Nový textový dokument (2).txt
2024-01-06 17:29 - 2024-01-06 17:29 - 000000223 _____ C:\Users\TOMCAT\Desktop\The Ouroboros King Demo.url
2024-01-04 15:49 - 2024-01-04 16:05 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\OrcaSlicer
2024-01-04 15:49 - 2024-01-04 15:49 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\OrcaSlicer
2024-01-04 15:26 - 2024-01-04 15:26 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Ultimaker B.V
2024-01-04 15:25 - 2024-01-04 15:25 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\cura
2024-01-04 15:25 - 2024-01-04 15:25 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\cura
2024-01-04 15:25 - 2024-01-04 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiMaker Cura
2024-01-04 11:00 - 2024-01-04 11:18 - 000001089 _____ C:\Users\TOMCAT\Desktop\Nový textový dokument.txt
2024-01-03 13:56 - 2024-01-03 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2023-12-30 09:05 - 2023-12-30 09:08 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\enlisted
2023-12-30 09:05 - 2023-12-30 09:05 - 000000000 ____D C:\ProgramData\enlisted
2023-12-30 02:19 - 2023-12-30 02:27 - 367001600 _____ C:\Users\TOMCAT\Downloads\KODI20231230
2023-12-30 02:16 - 2023-12-30 02:16 - 000000789 _____ C:\Users\TOMCAT\Desktop\Win32DiskImager.lnk
2023-12-30 02:03 - 2023-12-30 02:03 - 000000000 ____D C:\Users\TOMCAT\Desktop\Nová složka (2)
2023-12-29 16:06 - 2023-12-29 16:06 - 000001088 _____ C:\Users\TOMCAT\Desktop\Enlisted.lnk
2023-12-29 16:06 - 2023-12-29 16:06 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enlisted
2023-12-29 06:26 - 2023-12-29 06:26 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\SpaceClaim
2023-12-29 06:26 - 2023-12-29 06:26 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\LicenseSpring
2023-12-29 06:12 - 2023-12-29 06:26 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\SpaceClaim
2023-12-29 06:12 - 2023-12-29 06:25 - 000000000 ____D C:\ProgramData\SpaceClaim
2023-12-29 06:12 - 2023-12-29 06:12 - 000001947 _____ C:\Users\Public\Desktop\DSM Viewer.lnk
2023-12-29 06:12 - 2023-12-29 06:12 - 000001929 _____ C:\Users\Public\Desktop\Designspark Mechanical 6.0.3.lnk
2023-12-29 06:12 - 2023-12-29 06:12 - 000001929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Designspark Mechanical 6.0.3.lnk
2023-12-29 05:37 - 2023-12-29 05:37 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Python
2023-12-28 06:52 - 2023-12-28 06:52 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Blender Foundation
2023-12-28 06:44 - 2023-12-28 06:44 - 000000933 _____ C:\Users\TOMCAT\Desktop\Blender 4.0.lnk
2023-12-27 09:01 - 2023-12-27 09:01 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Fusion360
2023-12-27 09:01 - 2023-12-27 09:01 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\CadSoft
2023-12-27 08:58 - 2023-12-27 09:01 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Autodesk
2023-12-27 08:58 - 2023-12-27 08:58 - 000002717 _____ C:\Users\TOMCAT\Desktop\Autodesk Fusion 360.lnk
2023-12-27 08:58 - 2023-12-27 08:58 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2023-12-27 08:58 - 2023-12-27 08:58 - 000000000 ____D C:\ProgramData\Autodesk
2023-12-27 08:53 - 2023-12-27 08:58 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Autodesk
2023-12-26 09:56 - 2023-12-26 10:05 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\PrusaSlicer
2023-12-26 09:56 - 2023-12-26 09:56 - 000000875 _____ C:\Users\Public\Desktop\Prusa G-code Viewer.lnk
2023-12-26 09:56 - 2023-12-26 09:56 - 000000860 _____ C:\Users\Public\Desktop\PrusaSlicer 2.7.1.lnk
2023-12-26 09:56 - 2023-12-26 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2023-12-25 04:20 - 2023-12-25 04:25 - 000000823 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Creality Print.lnk
2023-12-25 04:20 - 2023-12-25 04:20 - 000000781 _____ C:\Users\Public\Desktop\Creality Print.lnk
2023-12-25 04:20 - 2023-12-25 04:20 - 000000781 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creality Print.lnk
2023-12-25 04:20 - 2023-12-25 04:20 - 000000533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative3D.lnk
2023-12-25 04:20 - 2023-12-25 04:20 - 000000523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\License.lnk
2023-12-25 03:03 - 2023-12-25 03:03 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Creality
2023-12-25 03:03 - 2023-12-25 03:03 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Creality
2023-12-25 03:00 - 2023-12-25 03:00 - 000000000 ____D C:\ProgramData\Creality
2023-12-23 12:17 - 2023-12-23 12:17 - 000000222 _____ C:\Users\TOMCAT\Desktop\Armored Warfare.url
2023-12-23 10:46 - 2023-12-23 10:46 - 000000000 ____D C:\Users\TOMCAT\AppData\LocalLow\Krieg Games Ltd
2023-12-21 17:05 - 2023-12-21 17:05 - 000000000 ____D C:\Users\TOMCAT\AppData\LocalLow\Rundisc
2023-12-21 16:21 - 2023-12-22 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-12-21 16:21 - 2023-12-21 16:42 - 000000723 _____ C:\Users\Public\Desktop\Klient Riotu.lnk
2023-12-21 16:21 - 2023-12-21 16:21 - 000000799 _____ C:\Users\Public\Desktop\Riot Client.lnk
2023-12-21 16:21 - 2023-12-21 16:21 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-12-21 16:19 - 2023-12-21 17:55 - 000000000 ____D C:\ProgramData\Riot Games
2023-12-21 16:19 - 2023-12-21 16:36 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Riot Games
2023-12-21 09:53 - 2023-12-21 10:53 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\RYB
2023-12-21 09:53 - 2023-12-21 09:53 - 000000223 _____ C:\Users\TOMCAT\Desktop\Chants of Sennaar Demo.url
2023-12-21 09:52 - 2023-12-21 09:52 - 000000222 _____ C:\Users\TOMCAT\Desktop\RYB.url
2023-12-16 10:35 - 2023-12-16 10:35 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\The Creative Assembly
2023-12-16 09:24 - 2023-12-16 09:24 - 000000372 _____ C:\Users\TOMCAT\Desktop\Alien Isolation.url
2023-12-15 16:57 - 2023-12-15 16:57 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\WELLBIA
2023-12-15 05:49 - 2023-12-15 05:49 - 000000799 _____ C:\Users\TOMCAT\Desktop\World of Tanks EU.lnk
2023-12-14 14:09 - 2023-12-14 14:09 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\WarThunder
2023-12-14 14:09 - 2023-12-14 14:09 - 000000000 ____D C:\ProgramData\WarThunder
2023-12-14 07:32 - 2023-12-25 06:36 - 000001102 _____ C:\Users\TOMCAT\Desktop\WarThunder.lnk
2023-12-14 07:32 - 2023-12-25 06:36 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 ____D C:\Windows\InboxApps
2023-12-13 17:00 - 2023-12-13 17:00 - 000016707 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-12 15:30 - 2023-01-15 15:03 - 000000000 ____D C:\FRST
2024-01-12 15:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-12 13:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-12 12:25 - 2017-07-12 13:30 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-12 10:19 - 2021-03-13 18:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-12 06:41 - 2022-02-18 08:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-12 06:07 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-01-12 06:07 - 2017-09-08 05:29 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Adobe
2024-01-12 06:05 - 2021-12-17 12:35 - 000000000 ____D C:\Windows\SystemTemp
2024-01-12 06:05 - 2017-07-13 19:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-12 06:05 - 2017-07-04 15:18 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-12 06:04 - 2022-07-14 12:32 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Oculus
2024-01-11 19:34 - 2018-05-24 11:59 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\D3DSCache
2024-01-11 18:49 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-11 13:30 - 2021-03-09 11:21 - 000002434 _____ C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2024-01-11 13:30 - 2021-03-09 11:21 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Vivaldi
2024-01-11 05:44 - 2017-07-13 19:34 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-11 05:17 - 2021-06-26 12:16 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-01-11 05:15 - 2021-03-13 18:22 - 001707166 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-11 05:15 - 2019-12-07 15:41 - 000721210 _____ C:\Windows\system32\perfh005.dat
2024-01-11 05:15 - 2019-12-07 15:41 - 000147000 _____ C:\Windows\system32\perfc005.dat
2024-01-11 04:59 - 2023-09-15 12:41 - 000000208 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2024-01-11 04:59 - 2023-09-15 12:41 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat
2024-01-11 04:59 - 2021-03-13 18:20 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-11 04:59 - 2021-03-13 18:12 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-10 18:06 - 2021-03-13 18:12 - 000335744 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-10 18:05 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-10 18:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-10 18:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-01-10 18:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-01-10 18:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-10 18:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-01-10 18:05 - 2019-12-07 10:03 - 001310720 _____ C:\Windows\system32\config\BBI
2024-01-10 15:57 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-01-10 15:26 - 2017-07-12 13:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-10 12:18 - 2017-07-12 13:53 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-10 10:42 - 2017-07-04 15:17 - 000000000 ____D C:\Windows\system32\MRT
2024-01-10 10:37 - 2017-07-04 15:17 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-10 05:19 - 2021-08-29 01:39 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-09 08:10 - 2023-03-25 08:11 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-01-09 05:53 - 2021-04-06 03:17 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Kodi
2024-01-08 22:15 - 2021-03-13 18:14 - 000000000 ____D C:\Users\TOMCAT
2024-01-08 22:15 - 2017-08-26 06:35 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\CrashDumps
2024-01-08 13:04 - 2017-10-08 02:55 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\vlc
2024-01-08 12:05 - 2022-10-18 12:21 - 000004184 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1666092092
2024-01-08 12:05 - 2022-10-18 12:21 - 000001452 _____ C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2024-01-07 17:26 - 2017-07-13 20:58 - 000000000 ___SD C:\Users\TOMCAT\AppData\Roaming\Microsoft\Credentials
2024-01-07 16:20 - 2023-01-17 08:10 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-01-07 16:20 - 2020-06-09 00:47 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-07 13:32 - 2023-10-08 11:04 - 000000956 _____ C:\Users\TOMCAT\Desktop\Aslain's WoT Modpack Installer.lnk
2024-01-07 13:32 - 2023-10-08 11:04 - 000000795 _____ C:\Users\TOMCAT\Desktop\Aslains WoT Logs Archiver.lnk
2024-01-06 18:42 - 2017-07-15 20:47 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-06 17:34 - 2021-02-09 10:57 - 000000000 ____D C:\Users\TOMCAT\AppData\LocalLow\DefaultCompany
2024-01-06 17:29 - 2017-08-25 19:45 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-01-05 18:30 - 2021-09-17 16:06 - 000007601 _____ C:\Users\TOMCAT\AppData\Local\resmon.resmoncfg
2024-01-05 18:19 - 2023-09-08 07:05 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-01-05 18:18 - 2023-11-10 12:58 - 000000000 ____D C:\Windows\system32\Tasks\HP
2024-01-05 10:10 - 2021-04-06 02:41 - 000000000 ____D C:\Users\TOMCAT\Desktop\TXT
2024-01-05 08:39 - 2017-09-08 05:29 - 000000000 ____D C:\Users\TOMCAT\AppData\LocalLow\Adobe
2024-01-05 06:13 - 2023-03-30 15:38 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-01-05 06:13 - 2023-02-20 17:06 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-01-05 06:13 - 2023-02-20 17:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-03 13:56 - 2019-03-20 15:14 - 000001165 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2024-01-03 13:56 - 2019-03-20 15:14 - 000000000 ____D C:\Program Files (x86)\Sticky Password
2023-12-30 09:04 - 2017-10-15 22:27 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\EasyAntiCheat
2023-12-30 02:15 - 2023-09-15 12:49 - 000000789 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk
2023-12-30 02:15 - 2023-09-15 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2023-12-30 02:11 - 2021-04-22 10:34 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2023-12-30 02:10 - 2023-09-15 12:41 - 000001024 ____H C:\SYSTAG.BIN
2023-12-30 02:10 - 2021-04-22 10:34 - 000001024 ____H C:\AMTAG.BIN
2023-12-29 17:30 - 2023-06-15 08:44 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\LibreELEC
2023-12-29 07:19 - 2023-10-13 16:16 - 000001088 _____ C:\Users\TOMCAT\advanced_ip_scanner_MAC.bin
2023-12-29 07:19 - 2023-10-13 16:16 - 000000015 _____ C:\Users\TOMCAT\advanced_ip_scanner_Comments.bin
2023-12-29 07:19 - 2023-10-13 16:16 - 000000015 _____ C:\Users\TOMCAT\advanced_ip_scanner_Aliases.bin
2023-12-28 06:44 - 2021-05-24 05:57 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2023-12-28 06:07 - 2017-12-02 06:04 - 000000000 ___RD C:\Users\TOMCAT\3D Objects
2023-12-25 13:54 - 2018-04-08 06:49 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Twitch
2023-12-24 13:53 - 2021-07-03 10:08 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Signal
2023-12-20 17:41 - 2020-10-24 15:13 - 000000000 ____D C:\_ APLIKACE _
2023-12-19 16:31 - 2017-09-05 08:51 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\discord
2023-12-19 16:12 - 2021-06-15 02:41 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Discord
2023-12-17 15:40 - 2023-02-03 15:57 - 000000000 ___RD C:\Users\TOMCAT\Dropbox
2023-12-16 10:27 - 2022-01-18 09:16 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4136874423-1320431272-4261636104-1003
2023-12-16 10:27 - 2021-03-13 18:20 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4136874423-1320431272-4261636104-1003
2023-12-16 10:27 - 2021-03-13 18:14 - 000002424 _____ C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-15 05:49 - 2019-09-02 09:31 - 000000000 ____D C:\Users\TOMCAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2023-12-14 05:22 - 2017-12-02 09:27 - 000000000 ____D C:\Users\TOMCAT\AppData\Local\Packages
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-12-13 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-12-13 20:06 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-12-13 17:01 - 2019-12-07 15:44 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-12-13 17:01 - 2019-12-07 15:44 - 000020827 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2023-12-13 17:00 - 2021-03-13 18:15 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-12-13 08:13 - 2021-03-13 18:20 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-13 08:13 - 2021-03-13 18:20 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-13 08:13 - 2021-03-13 18:20 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-13 08:13 - 2021-03-13 18:20 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-13 08:13 - 2021-03-13 18:20 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-13 08:13 - 2021-03-13 18:20 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-13 08:13 - 2021-03-13 18:20 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-13 08:13 - 2021-03-13 18:20 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-13 08:13 - 2021-03-13 18:20 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-13 08:13 - 2018-03-21 12:59 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2023-12-13 08:13 - 2017-07-12 13:29 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-12-13 08:13 - 2017-07-12 13:29 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-12-13 08:13 - 2017-07-12 13:29 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

==================== Files in the root of some directories ========

2023-03-15 09:17 - 2023-05-30 12:10 - 000000324 _____ () C:\Users\TOMCAT\AppData\Roaming\.OculusDebugToolGUI
2018-08-05 00:09 - 2019-07-12 08:31 - 000000132 _____ () C:\Users\TOMCAT\AppData\Roaming\Formát BMP Adobe CC – předvolby
2017-09-30 16:42 - 2019-08-07 09:08 - 000000132 _____ () C:\Users\TOMCAT\AppData\Roaming\Formát PNG Adobe CC – předvolby
2022-06-25 13:25 - 2022-06-25 13:25 - 000045224 _____ () C:\Users\TOMCAT\AppData\Local\17c2d682-52ee-4260-a6e1-87ea633107d1HDGraph.log
2019-07-17 08:46 - 2019-07-17 08:46 - 000001456 _____ () C:\Users\TOMCAT\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-10-22 03:54 - 2017-10-22 03:54 - 000003584 _____ () C:\Users\TOMCAT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-08-08 18:01 - 2021-08-31 19:02 - 000022186 _____ () C:\Users\TOMCAT\AppData\Local\digikamrc
2017-07-15 19:56 - 2019-07-06 08:30 - 000728064 _____ () C:\Users\TOMCAT\AppData\Local\file__0.localstorage
2019-05-17 21:59 - 2019-05-18 12:19 - 000000268 _____ () C:\Users\TOMCAT\AppData\Local\FSDownloader.err
2019-05-17 17:14 - 2019-05-18 12:23 - 000006424 _____ () C:\Users\TOMCAT\AppData\Local\FSDownloader.nast
2017-11-29 05:34 - 2017-11-29 05:34 - 000000094 _____ () C:\Users\TOMCAT\AppData\Local\fusioncache.dat
2020-09-30 11:51 - 2022-07-14 08:02 - 000372224 _____ () C:\Users\TOMCAT\AppData\Local\HDGraph.log
2019-10-20 09:19 - 2019-10-20 09:19 - 000000000 _____ () C:\Users\TOMCAT\AppData\Local\oobelibMkey.log
2021-04-26 08:52 - 2021-04-26 08:52 - 000000001 _____ () C:\Users\TOMCAT\AppData\Local\RawCopy.1.02.agreement
2019-06-04 14:16 - 2019-06-04 14:16 - 000000001 _____ () C:\Users\TOMCAT\AppData\Local\RawCopy.1.10.agreement
2021-05-05 07:47 - 2021-05-23 04:49 - 000000061 _____ () C:\Users\TOMCAT\AppData\Local\RawCopy.opendialog.dir
2021-05-05 07:47 - 2021-05-23 04:49 - 000000001 _____ () C:\Users\TOMCAT\AppData\Local\RawCopy.opendialog.filterindex
2021-05-05 07:49 - 2021-09-20 23:47 - 000000000 _____ () C:\Users\TOMCAT\AppData\Local\RawCopy.sourcedisk.filepath
2021-06-18 09:47 - 2021-06-18 09:47 - 000003110 _____ () C:\Users\TOMCAT\AppData\Local\recently-used.xbel
2021-09-17 16:06 - 2024-01-05 18:30 - 000007601 _____ () C:\Users\TOMCAT\AppData\Local\resmon.resmoncfg
2017-10-29 06:20 - 2017-10-29 06:20 - 000000037 _____ () C:\Users\TOMCAT\AppData\Local\x-plane_install_11.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================