s velkou pravděpodobností se mi povedlo spustit fake aplikaci z fake stránek:
, originální doména má com
Děkuji za kontrolu, nebo rady co teď (PC zatím funguje normálně)
Díky
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2021
Ran by winki (administrator) on DESKTOP-0S50FER (MSI MS-7816) (08-10-2021 00:38:52)
Running from C:\Users\winki\Desktop
Loaded Profiles: winki
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe <26>
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Logitech Inc -> Logitech) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\winki\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2110.1001.3.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.57.20005.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.57.20005.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe <2>
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2176648 2018-06-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-08-04] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4105424 2021-10-05] (Opera Software AS -> Opera Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20229112 2020-08-27] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Google Update] => C:\Users\winki\AppData\Local\Google\Update\1.3.36.112\GoogleUpdateCore.exe [223816 2021-10-01] (Google LLC -> Google LLC)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Discord] => C:\Users\winki\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Chromium] => "c:\users\winki\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [BingWallpaperApp] => C:\Users\winki\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [8537992 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c54-fea3-11e6-84cd-d43d7ebdf362} - "L:\setup.exe"
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c68-fea3-11e6-84cd-d43d7ebdf362} - "M:\setup.exe"
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-04-19]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2018-11-20]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CBBB98C-185E-4E3F-9534-378A7B6AA85F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {1EE03511-592B-4CE9-86D3-7347A05D6666} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {22433C11-6461-48E1-A7D7-C7BC91E3B3C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {225032E8-C932-4DE4-8C3E-29331FFA3B8E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {29496495-DBEA-4A25-8A1B-F1A2E6758D3E} - System32\Tasks\BlueStacksHelper => E:\BlueStacks\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {365BA5C9-DA36-4487-A189-94FCA75D566E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {37FCFF72-FB4C-43E8-8E6F-44F3C5C8325D} - System32\Tasks\CCleanerSkipUAC - winki => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4546E0B9-1CAE-45C8-A5D9-3909CA58A036} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47DE83FC-56A5-47CE-8CE7-EFC3F8BBD991} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5852828C-5F23-4BBC-8398-A87BAF28FA4C} - System32\Tasks\update-S-1-5-21-116116240-444440880-2871013289-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5C779B50-E435-4927-96B5-2DD5019408B7} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {618F94CF-8D2C-44F6-8A75-D879641D0389} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6325AA52-C076-457C-8B4C-D1A8936425DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {6806018A-361B-4255-9B9C-D4CB6D759316} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {688B931F-ABB5-4F77-92D3-18F4F7A3D913} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {6A6D4688-3816-41D1-AEB0-C1F5020E2F5E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71688812-9B43-4196-8392-ED30620DBB6F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [110660344 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {7238502E-7979-4C81-9689-EF6C98D0F531} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7306F5F2-F345-43BD-B903-82068DC5492E} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {7E185508-AB5F-4E3D-AF92-D727B92ED555} - System32\Tasks\Opera scheduled assistant Autoupdate 1600814896 => C:\Program Files\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {7F7FFB5C-9549-43CF-BC93-7F788ED456E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {81D5CB1A-E49C-40BD-BF83-03D22B51AF1E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {85BA77A5-7847-4FCE-8BF3-5C8E42E54FCA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {85D780AF-E3CD-4EC2-9F6E-451ACA91817E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {95203962-B68A-4868-95A1-B4B317918CC0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C3B4B18-C671-4402-8872-CD0C2B97AD8B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {9CE455CC-F7D6-4FD5-83AB-F84D314E641A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {9FF06ED2-C1C1-40D0-9E0A-A6A935FAA6D3} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-0S50FER-winki => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A2D0BDBB-44F7-430A-B6F8-FF363BCB30AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4A0E901-69F7-46B4-9CD2-B719D143A794} - System32\Tasks\Opera scheduled Autoupdate 1525300582 => C:\Program Files\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software)
Task: {A5CFED16-5809-4D56-A84B-6223E5E4875A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A62F56C3-1646-41BA-8694-6C56ED09F572} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AAC03E66-81F8-45AF-91AD-2A45F90B641D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAFFAAD3-7110-4AE3-AF5A-A0E361CD54CE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC38554B-50DD-4AB5-A97F-A43BFFED0CFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B13AE8B6-9ACC-4FA3-A220-D79E3300EA89} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {B62C7899-F0EE-4494-BB2A-A1802E5B5065} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BB0935CC-BD63-464F-886F-D1CC7280830E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {BBA3FD37-275D-4B33-A946-D68E471B46A1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {C0C1754E-C513-417D-9E3B-DD500587F2DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C35C5792-B244-49A0-90E4-556E4999A02A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {C3854B7A-2F25-4BA7-B66B-8844F2E12BE1} - System32\Tasks\ProtonVPN Update => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-09-01] (ProtonVPN AG -> )
Task: {C9DCDCDF-B853-4F86-8282-B2C28762A32E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D10E0421-F103-4AA3-998A-D5BBDDDA0C61} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {D59A6508-6049-4F6C-802D-3047A26F7FE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {D652AFA8-4973-45FA-8155-F46F17329808} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCF73F1E-2CE2-4139-8AAF-D303E5CA75EC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7A8EDEC-A7E6-439E-B333-0C3E1130D771} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977072 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFE93434-60D4-4446-A1CA-457F3C800134} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {F6F527BD-98C3-4B47-A272-F4F4A8BA5FD1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD3D6E59-19D1-4E34-A813-430D0A075BBA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-116116240-444440880-2871013289-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f6f79c62-3dd4-4c57-afbc-ad196e28e681}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\winki\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-08]
FireFox:
========
FF DefaultProfile: 8k8cupjw.default
FF ProfilePath: C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981 [2021-10-08]
FF Extension: (Disconnect) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\2.0@disconnect.me.xpi [2021-02-22]
FF Extension: (TubeBuddy) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2021-09-22]
FF Extension: (BetterTTV) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\firefox@betterttv.net.xpi [2021-10-07]
FF Extension: (vidIQ Vision for YouTube) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\firefox@vid.io.xpi [2021-09-29]
FF Extension: (Twitch Clip Downloader) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{242c2204-f50c-4495-8ec1-57c9d722524a}.xpi [2021-06-28]
FF Extension: (Downloader for Instagram™) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{83bdc210-e037-4d76-8889-2e127ecc06c7}.xpi [2020-05-12]
FF Extension: (The Unofficial Social Blade Extension) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{a5213d5f-2958-4370-848c-91caac3d96bc}.xpi [2020-05-16]
FF Extension: (Video DownloadHelper) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-03]
FF Extension: (No Name) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-03]
FF Extension: (M Clip Twitch) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{d663b001-775c-4cef-aa5f-b757be3d896b}.xpi [2020-06-12]
FF ProfilePath: C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default [2021-02-22]
FF Extension: (Seznam doplněk - Esko) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\sko-extension@firma.seznam.cz.xpi [2020-01-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\sp@avast.com.xpi [2020-01-18]
FF Extension: (Avast Online Security) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\wrc@avast.com.xpi [2019-10-06] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (No Name) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-25]
FF Extension: (M Clip Twitch) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\{d663b001-775c-4cef-aa5f-b757be3d896b}.xpi [2020-02-01]
FF Extension: (No Name) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default [2021-10-08]
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Easy Auto Refresh) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2021-04-12]
CHR Extension: (Překladač Google) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-14]
CHR Extension: (Prezentace) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (BetterTTV) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-10-06]
CHR Extension: (Dokumenty) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-26]
CHR Extension: (Honey) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-09-28]
CHR Extension: (Social Blade) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2021-05-31] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
CHR Extension: (NeatClip) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhflbphjbcnpeebdbgbambmohadfaok [2020-05-16]
CHR Extension: (Adobe Acrobat) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-09-07]
CHR Extension: (Fonts Ninja) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2021-08-19]
CHR Extension: (FrankerFaceZ) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-03-27]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2021-07-17]
CHR Extension: (Tabulky) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Plex) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2017-10-11]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-17]
CHR Extension: (Night Mode Pro) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbilbeoogenjmnabenfjfoockmpfnjoh [2021-07-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-28]
CHR Extension: (FormApps Extension) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-14]
CHR Extension: (M Clip Twitch) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaipghhkfodkjbodidbgnekkkdbagade [2021-02-22]
CHR Extension: (TREZOR Chrome Extension) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcjjhjgimijdkoamemaghajlhegmoclj [2017-12-11]
CHR Extension: (WavesLiteApp) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2018-09-04]
CHR Extension: (Google Play) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-02-26]
CHR Extension: (Mapy Google) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-02-26]
CHR Extension: (Morpheon Dark) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-09-14]
CHR Extension: (Twitch Clip Downloader 2020) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnenbmhckgnahghjhelklajobocdiijf [2021-02-22]
CHR Extension: (MetaMask) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-09-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Enhanced Steam) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2019-02-01]
CHR Extension: (Twitch Channel Points Autoclicker) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbeamibpehihpjljabhnchghlbneiane [2021-02-22]
CHR Extension: (Evernote Web Clipper) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2021-07-27]
CHR Extension: (Gmail) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Hlídač Shopů) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2021-09-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\winki\AppData\Roaming\Opera Software\Opera Stable [2021-10-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\winki\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-07-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-08-26] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [42632 2020-04-15] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R2 EBC Client; C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe [95880 2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncHelper.exe [3249520 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
S3 MagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [348728 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [314232 2020-08-05] (Locktime Software s.r.o. -> Locktime Software)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\OneDriveUpdaterService.exe [3718016 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-10-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475680 2021-10-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1412592 2020-08-27] (Plex, Inc. -> Plex, Inc.)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [98624 2020-09-01] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-09-01] (ProtonVPN AG -> )
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [348728 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13353768 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (Anvsoft Inc. -> AnvSoft Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73448 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53504 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [183528 2020-08-05] (Locktime Software s.r.o. -> Locktime Software)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-08 01:24 - 2021-10-08 01:24 - 110100480 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-10-08 01:20 - 2021-10-08 01:24 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-10-08 00:38 - 2021-10-08 00:39 - 000046902 ____C C:\Users\winki\Desktop\FRST.txt
2021-10-08 00:38 - 2021-10-08 00:39 - 000000000 ____D C:\FRST
2021-10-08 00:37 - 2021-10-08 00:37 - 002308096 _____ (Farbar) C:\Users\winki\Desktop\FRST64.exe
2021-10-08 00:32 - 2021-10-08 00:32 - 020049213 _____ C:\Users\winki\Downloads\CzechCloud_1633645962735.mp4
2021-10-08 00:00 - 2021-10-08 00:00 - 000000000 ____D C:\Users\winki\AppData\Local\Yandex
2021-10-07 23:59 - 2021-10-07 23:59 - 000000000 ____D C:\Users\winki\Downloads\LetaSoft_Sound_Booster
2021-10-07 19:15 - 2021-10-07 19:15 - 009311798 _____ C:\Users\winki\Downloads\MichalDecit_1633626912109.mp4
2021-10-07 19:03 - 2021-10-07 19:03 - 038019751 _____ C:\Users\winki\Downloads\TommyQuestionMark_1633626183260.mp4
2021-10-07 18:45 - 2021-10-07 18:45 - 013677898 _____ C:\Users\winki\Downloads\LadyHoonigan_1633625118326.mp4
2021-10-07 18:43 - 2021-10-07 18:43 - 006343796 _____ C:\Users\winki\Downloads\LadyHoonigan_1633624989107.mp4
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignd35d656c894c5254
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignc61808b9b4e611ac
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign96c5100ed341cc31
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign438be2a159abfef6
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign21868dc2bb330680
2021-10-06 20:33 - 2021-10-06 20:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfea7eeda10b488e2
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsigne9617f44df25e024
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5faef233732d4b57
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign1a66f7f7af69ec84
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign0d80ec30daac9ffb
2021-10-04 11:25 - 2021-10-04 11:25 - 000000000 ____D C:\ProgramData\MisterHorse
2021-10-04 11:19 - 2021-10-04 11:19 - 000001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mister Horse Product Manager.lnk
2021-10-04 11:19 - 2021-10-04 11:19 - 000000000 ____D C:\Program Files\Mister Horse Product Manager
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7ffa8645d77248ea
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5d09c92f4e366c97
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign448f7c893d418a32
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign112c6f201cb45eb4
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign0ad97743e7e5056f
2021-09-30 09:57 - 2021-10-08 00:25 - 000000000 ____D C:\Users\winki\AppData\Roaming\Samsung Magician
2021-09-30 09:56 - 2021-09-30 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2021-09-29 12:55 - 2021-09-29 12:55 - 000000000 ____D C:\ProgramData\obs-studio-hook
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignf24d6d8fbeace066
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7d5e077878c175db
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign6e6a46a1f6a8b565
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5544b13200ce83c1
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign3142bfa8ac30eeb2
2021-09-28 15:14 - 2021-09-28 15:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignad878ce8351eda02
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfc2726b2f5a23c34
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignf096127ac11ffb49
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignd48a327a02481dc1
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign02646bfec6f23f98
2021-09-24 20:12 - 2021-09-24 20:12 - 000000976 _____ C:\Users\Public\Desktop\Mafia - Definitve Edition.lnk
2021-09-24 20:12 - 2021-09-24 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia - Definitve Edition
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignc9f9d1132b7628d9
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignb50aa54adaaf6bdb
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7f29fc86089fdb08
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign11c262b46da5fa16
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign03a5a58ffd752a8a
2021-09-21 22:19 - 2021-09-21 22:19 - 000000000 ____D C:\Users\winki\AppData\Local\Kena
2021-09-21 19:05 - 2021-09-21 19:05 - 000000754 ____C C:\Users\winki\Desktop\Kena Bridge of Spirits.lnk
2021-09-21 19:05 - 2021-09-21 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kena Bridge of Spirits
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsigne7d18d7a5e4bdf3c
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsigndfb4a061bdfd6a48
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignbcd6a6232eec1e57
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign8b077e82aba62c03
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign1fa36c4fc10f3045
2021-09-20 10:51 - 2021-09-20 10:51 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-09-17 13:23 - 2021-09-17 13:23 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfbf058ed866cd640
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignf1c9895ca7d5faa1
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignc45a2b640df51291
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7b9f1d426052269e
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7399cd02574ef573
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign6bb2c9d2853c9b38
2021-09-17 12:30 - 2021-09-17 12:30 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 12:30 - 2021-09-17 12:30 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 12:30 - 2021-09-17 12:30 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 12:30 - 2021-09-17 12:30 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 12:30 - 2021-09-17 12:30 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 12:30 - 2021-09-17 12:30 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 12:30 - 2021-09-17 12:30 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 12:30 - 2021-09-17 12:30 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 12:30 - 2021-09-17 12:30 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 12:29 - 2021-09-17 12:29 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 12:29 - 2021-09-17 12:29 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 12:29 - 2021-09-17 12:29 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 12:29 - 2021-09-17 12:29 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 12:29 - 2021-09-17 12:29 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 12:29 - 2021-09-17 12:29 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 12:29 - 2021-09-17 12:29 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-17 12:29 - 2021-09-17 12:29 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 12:23 - 2021-09-17 12:23 - 000000000 ___HD C:\$WinREAgent
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfdaa669ef0df864e
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignea481d8cd5307a14
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5b7174a54622a7fc
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign511901f3bf70c2eb
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign40931290d88d6d37
2021-09-15 19:37 - 2021-09-15 19:37 - 000000223 ____C C:\Users\winki\Desktop\Gas Station Simulator.url
2021-09-13 18:15 - 2021-09-13 18:15 - 000000681 ____C C:\Users\winki\Desktop\NBA 2K22.lnk
2021-09-13 18:15 - 2021-09-13 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K22
2021-09-13 16:20 - 2021-09-13 16:20 - 003596530 _____ C:\Users\winki\Downloads\KouKiShaK_1631542801675.mp4
2021-09-10 17:17 - 2021-09-10 17:17 - 000000916 ____C C:\Users\winki\Desktop\Life is Strange True Colors.lnk
2021-09-10 17:17 - 2021-09-10 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life is Strange True Colors
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-08 00:37 - 2019-10-03 23:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-10-08 00:32 - 2021-05-14 23:34 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-08 00:32 - 2019-12-07 16:43 - 000716762 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-08 00:32 - 2019-12-07 16:43 - 000144940 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-08 00:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-08 00:27 - 2019-02-18 13:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-08 00:27 - 2018-08-15 19:23 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-08 00:27 - 2017-05-17 15:10 - 000000000 ____D C:\Program Files\CCleaner
2021-10-08 00:27 - 2017-04-19 12:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-08 00:26 - 2017-04-07 11:43 - 000000000 ___DC C:\Users\winki\AppData\LocalLow\Mozilla
2021-10-08 00:25 - 2021-05-14 23:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-08 00:25 - 2021-05-14 22:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-08 00:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-08 00:25 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-08 00:25 - 2019-01-07 02:55 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-10-08 00:25 - 2018-01-04 22:49 - 000000000 ___RD C:\Users\winki\iCloudDrive
2021-10-08 00:25 - 2017-03-13 02:38 - 000000000 ___DC C:\Users\winki\AppData\Local\Plex Media Server
2021-10-08 00:25 - 2017-02-26 11:31 - 000000000 ___RD C:\Users\winki\OneDrive
2021-10-08 00:20 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-08 00:11 - 2017-03-01 23:17 - 000000000 ___DC C:\Users\winki\AppData\Roaming\DAEMON Tools Lite
2021-10-08 00:11 - 2017-02-26 23:35 - 000000000 ____D C:\Program Files (x86)\Steam
2021-10-08 00:11 - 2017-02-26 11:39 - 000000000 ___DC C:\Users\winki\AppData\Local\CrashDumps
2021-10-08 00:08 - 2017-07-21 19:37 - 000000000 ___DC C:\Users\winki\AppData\Roaming\discord
2021-10-08 00:03 - 2017-12-07 14:17 - 000000000 ___DC C:\Users\winki\AppData\Local\Packages
2021-10-07 23:17 - 2017-07-21 19:37 - 000000000 ___DC C:\Users\winki\AppData\Local\Discord
2021-10-07 19:27 - 2017-10-27 09:59 - 000000000 ___DC C:\Users\winki\AppData\Local\Ubisoft Game Launcher
2021-10-07 16:14 - 2020-10-20 21:48 - 000000000 ____D C:\Users\winki\AppData\Local\Ori and the Blind Forest DE
2021-10-07 16:03 - 2017-03-02 19:39 - 000000000 ___DC C:\Users\winki\AppData\Local\Spotify
2021-10-07 16:03 - 2017-03-02 19:37 - 000000000 ___DC C:\Users\winki\AppData\Roaming\Spotify
2021-10-07 15:20 - 2017-02-26 12:02 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-10-07 15:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-07 15:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-07 13:44 - 2017-02-27 11:44 - 000000000 ___DC C:\Users\winki\AppData\Roaming\vlc
2021-10-07 12:20 - 2020-04-18 10:19 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-10-07 12:20 - 2019-12-14 20:37 - 000315856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-10-07 12:20 - 2019-10-10 11:27 - 000061880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-10-07 12:20 - 2019-06-13 22:25 - 002208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-10-07 12:20 - 2019-06-13 22:25 - 000213432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-10-07 12:20 - 2019-06-13 22:25 - 000188880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-10-07 11:16 - 2020-02-05 19:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-07 11:16 - 2017-04-07 11:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-06 20:33 - 2020-02-05 19:00 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-06 19:37 - 2017-02-26 23:26 - 000000000 ___DC C:\Users\winki\AppData\Roaming\Origin
2021-10-06 19:37 - 2017-02-26 23:26 - 000000000 ____D C:\Program Files (x86)\Origin
2021-10-06 19:37 - 2017-02-26 23:22 - 000000000 ___DC C:\Users\winki\AppData\Local\Origin
2021-10-06 19:37 - 2017-02-26 23:22 - 000000000 ____D C:\ProgramData\Origin
2021-10-06 15:25 - 2017-02-26 11:37 - 000002543 ____C C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-06 15:25 - 2017-02-26 11:37 - 000002506 ____C C:\Users\winki\Desktop\Google Chrome.lnk
2021-10-06 14:57 - 2018-05-20 13:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-05 23:56 - 2018-05-03 00:35 - 000000000 ____D C:\Program Files\Opera
2021-10-05 17:32 - 2021-05-14 23:34 - 000004170 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1600814896
2021-10-05 15:24 - 2021-05-14 22:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-05 13:52 - 2021-05-14 23:34 - 000003958 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1525300582
2021-10-05 13:52 - 2018-05-03 00:36 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-10-04 11:47 - 2017-03-06 21:03 - 000000000 ___DC C:\Users\winki\AppData\Local\MisterHorse
2021-10-04 10:10 - 2017-03-10 14:48 - 000000000 ___DC C:\Users\winki\AppData\Roaming\Anvsoft
2021-10-03 13:17 - 2020-10-01 13:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-02 22:10 - 2020-08-22 02:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-02 22:10 - 2020-08-22 02:14 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-02 21:24 - 2017-02-26 23:52 - 000000000 ___DC C:\Users\winki\AppData\Roaming\uTorrent
2021-10-02 12:05 - 2021-06-29 21:06 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7694fd9bd15f6
2021-10-02 12:05 - 2021-05-14 23:34 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-01 17:36 - 2017-02-26 19:42 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-01 10:20 - 2021-06-22 14:21 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-10-01 00:06 - 2021-05-14 23:34 - 000003730 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA
2021-10-01 00:06 - 2021-05-14 23:34 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core
2021-09-30 23:38 - 2021-05-14 23:34 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-30 23:38 - 2021-05-14 23:34 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-30 17:24 - 2021-05-14 23:34 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-09-30 17:24 - 2021-05-14 21:55 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-30 09:56 - 2021-05-17 12:39 - 000003352 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2021-09-29 12:58 - 2017-03-21 13:33 - 000000000 ___DC C:\Users\winki\AppData\Roaming\obs-studio
2021-09-28 22:51 - 2018-01-04 22:49 - 000000000 ___DC C:\Users\winki\Documents\Soubory Outlooku
2021-09-24 20:43 - 2017-03-23 21:11 - 000000000 ___DC C:\Users\winki\Documents\My Games
2021-09-23 11:16 - 2017-07-21 19:37 - 000002272 ____C C:\Users\winki\Desktop\Discord.lnk
2021-09-21 22:19 - 2018-05-30 15:29 - 000000000 ___DC C:\Users\winki\AppData\Local\D3DSCache
2021-09-18 17:43 - 2019-04-18 22:12 - 000000000 ___DC C:\Users\winki\Documents\Euro Truck Simulator 2
2021-09-17 19:01 - 2021-05-14 22:59 - 007073336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-17 16:25 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 16:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-17 13:22 - 2017-03-06 21:24 - 000000033 _____ C:\Users\winki\AppData\Roaming\AdobeWLCMCache.dat
2021-09-17 12:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-17 12:23 - 2017-02-26 19:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-17 12:19 - 2017-02-26 19:28 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 21:15 - 2021-05-14 23:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-15 13:09 - 2021-04-18 16:35 - 000000000 ___DC C:\WINDOWS\Panther
2021-09-15 12:45 - 2021-05-14 23:34 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-10 17:14 - 2021-08-18 21:08 - 000000000 ____D C:\Games
2021-09-08 21:47 - 2020-10-01 13:55 - 000605520 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-09-08 21:47 - 2020-10-01 13:55 - 000486736 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
==================== Files in the root of some directories ========
2017-03-06 21:24 - 2021-09-17 13:22 - 000000033 _____ () C:\Users\winki\AppData\Roaming\AdobeWLCMCache.dat
2020-10-25 22:06 - 2020-10-25 22:06 - 000000047 _____ () C:\Users\winki\AppData\Roaming\~SiMPLEX.ini
2018-07-24 17:29 - 2021-06-19 18:04 - 000001480 ____C () C:\Users\winki\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-02-26 22:32 - 2020-08-27 22:55 - 000000081 ____C () C:\Users\winki\AppData\Local\FILM_AE_LogFile.txt
2018-09-27 21:16 - 2018-09-27 21:16 - 000000000 ____C () C:\Users\winki\AppData\Local\oobelibMkey.log
2020-07-19 22:59 - 2020-08-17 13:58 - 000004995 _____ () C:\Users\winki\AppData\Local\PlariumPlay.log
2017-03-12 12:39 - 2021-05-22 12:33 - 000007640 ____C () C:\Users\winki\AppData\Local\Resmon.ResmonCfg
2018-06-29 12:57 - 2018-06-29 12:57 - 000000003 ____C () C:\Users\winki\AppData\Local\updater.log
2018-06-29 12:57 - 2018-06-29 12:57 - 000000425 ____C () C:\Users\winki\AppData\Local\UserProducts.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================