Jen pro kontrolu
Napsal: 01 bře 2021 22:51
Dobrý večer,
posílám log z počítače syna, můžete se na to prosím mrknout? Stahuje samé hacky kraviny, nešly mu spustit některé programy, adwcleaner v příloze. Jestli to je na pohlavek, prosím napište mi. děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by tomasek (administrator) on DESKTOP-3JV1PF5 (01-03-2021 22:42:00)
Running from C:\Users\tomasek\Downloads
Loaded Profiles: tomasek
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(Apps Delivered Ltd -> Traditional Ceryhe) [File not signed] [File is in use] C:\Program Files (x86)\TraditionalCeryhe\TraditionalCeryhe.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AutoIt Consulting Ltd -> AutoIt Team) C:\Users\tomasek\AppData\Local\Disk\AutoIt3\AutoIt3_x64.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusClient.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe
(Globalhop Ltd TOO -> ) C:\Users\tomasek\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(libMPVPlayer) [File not signed] C:\Users\tomasek\AppData\Local\Programs\Lively Wallpaper\plugins\libMPVPlayer\libMPVPlayer.exe
(livelySubProcess) [File not signed] C:\Users\tomasek\AppData\Local\Programs\Lively Wallpaper\plugins\subproc\livelySubProcess.exe
(livelywpf) [File not signed] C:\Users\tomasek\AppData\Local\Programs\Lively Wallpaper\livelywpf.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(MAGIX Software GmbH -> MAGIX Software GmbH) C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCMaintainService.exe
(MAGIX Software GmbH -> MAGIX) C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\tomasek\Downloads\adwcleaner_8.1.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\tomasek\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeraByte, Inc. -> TeraByte, Inc.) C:\Program Files (x86)\TeraByte Drive Image Backup and Restore Suite\tbinotify.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-12-27] (Adobe Inc. -> )
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2880034797-3857021402-3440946435-1001\...\Run: [livelywpf] => C:\Users\tomasek\AppData\Local\Programs\Lively Wallpaper\livelywpf.exe [195072 2021-01-11] (livelywpf) [File not signed]
HKU\S-1-5-21-2880034797-3857021402-3440946435-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe [858360 2019-08-13] (MAGIX Software GmbH -> MAGIX)
HKU\S-1-5-21-2880034797-3857021402-3440946435-1001\...\Run: [Taskbar system] => C:\Users\tomasek\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe [918040 2021-01-13] (Globalhop Ltd TOO -> )
HKU\S-1-5-21-2880034797-3857021402-3440946435-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\tomasek\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-02-28] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-29] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TBI Notify.lnk [2021-02-19]
ShortcutTarget: TBI Notify.lnk -> C:\Program Files (x86)\TeraByte Drive Image Backup and Restore Suite\tbinotify.exe (TeraByte, Inc. -> TeraByte, Inc.)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2D09A541-D6DA-4F28-AE58-21DFCE0D4BE2} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2021-02-19] (bookingDesktopApp.) [File not signed]
Task: {35B78D87-9B76-423F-AB9A-0AFB5BF9DA0D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {495325BD-0611-494E-9CF3-51D52F2F63DC} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2021-02-19] (bookingDesktopApp.) [File not signed]
Task: {663C9786-8A08-415B-91B7-F169D84501ED} - System32\Tasks\MAGIX PC Check & Tuning 2021 (PCMaintainService.exe) => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCMaintainService.exe [1757768 2019-12-19] (MAGIX Software GmbH -> MAGIX Software GmbH)
Task: {7AFBBC1A-0209-45A7-8070-2A62AAC36390} - System32\Tasks\Services\Diagnostic => C:\Users\tomasek\AppData\Local\Disk\AutoIt3\AutoIt3_x64.exe [1013928 2018-03-15] (AutoIt Consulting Ltd -> AutoIt Team) -> "C:\Users\tomasek\AppData\Local\Disk\AutoIt3\Settings.au3"
Task: {906EDE40-59F8-4C14-834C-89D14BB6370B} - System32\Tasks\Opera scheduled Autoupdate 1609853199 => C:\Users\tomasek\AppData\Local\Programs\Opera\launcher.exe [1793664 2021-02-26] (Opera Software AS -> Opera Software)
Task: {A75569C4-2F10-46D4-8045-2443C262575E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B928C857-D17A-430D-B8A8-A7883FC4E004} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {C7FA0B56-F5F0-4454-B1E8-AA8DECAE64F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E409927A-C556-409B-919B-D6402429B072} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-3JV1PF5-tomasek => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EAC192D3-8990-493A-A6F6-A87549247548} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB0DDDC7-E0AE-4BB2-B108-8B4027950C95} - System32\Tasks\MAGIX PC Check & Tuning 2021 => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCCT.exe [2486856 2019-12-19] (MAGIX Software GmbH -> MAGIX Software GmbH)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\MAGIX PC Check & Tuning 2021 (PCMaintainService.exe).job => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCMaintainService.exe C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\DESKTOP-3JV1PF5\tomasek5MAGIX PC Check & Tuning 2021 (PCMaintainService.exe
Task: C:\Windows\Tasks\MAGIX PC Check & Tuning 2021.job => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCCT.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42d5e22c-9575-4454-8a68-21d1a84a4acf}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-01]
Edge Notifications: Default -> hxxps://linkvertise.com
Edge Extension: (Outlook) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-12-27]
Edge Extension: (Microsoft Protect) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fcppdfelojakeahklfgkjegnpbgndoch [2021-02-20]
Edge Extension: (Word) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-12-27]
Edge Extension: (Excel) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-12-27]
Edge Extension: (Multi Find) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mkofacajmfbednlblgglmpbidklocddm [2021-02-18]
Edge Extension: (PowerPoint) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-12-27]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2021-01-01] (Adobe Systems Incorporated -> )
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2021-02-19] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2021-02-19] (bookingDesktopApp.) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default [2021-03-01]
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Prezentace) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-24]
CHR Extension: (Dokumenty) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-24]
CHR Extension: (Disk Google) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-24]
CHR Extension: (YouTube) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-24]
CHR Extension: (Tabulky) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-24]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-24]
CHR Extension: (Search Manager) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnplhahbcoldbildffdchneaepapccbn [2021-02-19]
CHR Extension: (Grammarly for Chrome) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-02-23]
CHR Extension: (Swift Select) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\molponhobmbbinjnghgafbfampcgamln [2021-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-24]
CHR Extension: (Chrome Media Router) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gnplhahbcoldbildffdchneaepapccbn]
Opera:
=======
OPR Profile: C:\Users\tomasek\AppData\Roaming\Opera Software\Opera Stable [2021-01-05]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"SAntivirusIC" => service was unlocked. <==== ATTENTION
"TraditionalCeryhe" => service was unlocked. <==== ATTENTION
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-01-30] (BattlEye Innovations e.K. -> )
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2021-02-19] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2021-02-19] (bookingDesktopApp.) [File not signed]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10897296 2021-01-14] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-01] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-12] (McAfee, LLC -> McAfee, LLC)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Rockstar Service; D:\GTAV\Launcher\RockstarService.exe [1631360 2020-12-02] (Rockstar Games, Inc. -> Rockstar Games)
R2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe [6939968 2021-02-18] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
R2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [628544 2021-02-18] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TraditionalCeryhe; C:\Program Files (x86)\TraditionalCeryhe\TraditionalCeryhe.exe [6032368 2018-05-04] (Apps Delivered Ltd -> Traditional Ceryhe) [File not signed] [File is in use]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16832 2021-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469472 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216984 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326064 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-24] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
S3 HWiNFO_155; C:\Users\tomasek\AppData\Local\Temp\HWiNFO64A_155.SYS [64008 2021-02-04] (Martin Malik - REALiX -> REALiX(tm)) <==== ATTENTION
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\73248\driver_cpu_temperature\logi_core_temp.sys [25448 2021-01-14] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [38136 2020-12-30] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [26672 2020-12-30] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66808 2020-12-30] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220616 2021-03-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-03-01] (Malwarebytes Inc -> Malwarebytes)
R0 phylock; C:\Windows\System32\drivers\phylock.sys [37488 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> TeraByte, Inc.)
R1 ProtectIt; C:\Windows\System32\drivers\ProtectIt.sys [17472 2018-01-09] (Microsoft Windows Hardware Compatibility Publisher -> TeraByte, Inc.)
R1 TASANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [85504 2021-02-18] (Digital Communications Inc -> Corp DCom) <==== ATTENTION
S3 TBIMount; C:\Windows\System32\drivers\tbimount.sys [146936 2019-04-25] (Microsoft Windows Hardware Compatibility Publisher -> TeraByte, Inc.)
R3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-01-01] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [48136 2021-01-13] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 HWiNFO_152; \??\C:\Users\tomasek\AppData\Local\Temp\HWiNFO64A_152.SYS [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-01 22:42 - 2021-03-01 22:42 - 000025642 _____ C:\Users\tomasek\Downloads\FRST.txt
2021-03-01 22:41 - 2021-03-01 22:42 - 000000000 ____D C:\FRST
2021-03-01 22:40 - 2021-03-01 22:40 - 002301440 _____ (Farbar) C:\Users\tomasek\Downloads\FRST64.exe
2021-03-01 22:33 - 2021-03-01 22:33 - 000220616 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-03-01 22:32 - 2021-03-01 22:32 - 000220392 _____ (AVAST Software) C:\Users\tomasek\Downloads\avast_free_antivirus_setup_online.exe
2021-03-01 21:09 - 2021-03-01 21:09 - 000000000 ____D C:\Users\tomasek\AppData\Local\mbam
2021-03-01 21:08 - 2021-03-01 21:08 - 002084016 _____ (Malwarebytes) C:\Users\tomasek\Downloads\MBSetup.exe
2021-03-01 21:08 - 2021-03-01 21:08 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-03-01 21:08 - 2021-03-01 21:08 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-03-01 21:08 - 2021-03-01 21:08 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-03-01 21:08 - 2021-03-01 21:08 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-01 21:08 - 2021-03-01 21:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-01 21:08 - 2021-03-01 21:08 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-01 20:15 - 2021-03-01 20:15 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\santivirusclient
2021-03-01 19:16 - 2021-03-01 20:14 - 000000000 ____D C:\AdwCleaner
2021-03-01 19:16 - 2021-03-01 19:16 - 008463216 _____ (Malwarebytes) C:\Users\tomasek\Downloads\adwcleaner_8.1.exe
2021-02-28 19:25 - 2021-02-28 19:25 - 000002378 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-28 19:25 - 2021-02-28 19:25 - 000002370 _____ C:\Users\tomasek\Desktop\Microsoft Teams.lnk
2021-02-28 19:25 - 2021-02-28 19:25 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Teams
2021-02-25 10:42 - 2021-02-25 10:42 - 009573547 _____ C:\Users\tomasek\Downloads\TGX_V3.0.9.zip
2021-02-24 21:04 - 2021-02-24 21:04 - 018066536 _____ C:\Users\tomasek\Downloads\[GD] _Mountain King_ by Xyle (Daily level) _ Geometry Dash 2.113.mp4
2021-02-24 15:53 - 2021-02-24 15:53 - 000000026 _____ C:\Users\tomasek\Downloads\Oxygen U - Linkvertise.txt
2021-02-24 14:51 - 2021-02-24 14:52 - 000000000 ____D C:\Users\tomasek\AppData\Local\Coco_Z2
2021-02-24 12:18 - 2021-02-24 12:18 - 080521728 _____ C:\Users\tomasek\Downloads\LITTLE NIGHTMARES 2 Thin Man Boss Fight 4K ULTRA HD.mp4
2021-02-24 12:03 - 2021-02-24 12:03 - 013395845 _____ C:\Users\tomasek\Downloads\The Simpsons - Travel into the future couch gag.mp4
2021-02-24 12:01 - 2021-02-24 12:01 - 000845580 _____ C:\Users\tomasek\Downloads\GREEN SCREEN GLITCH EFFECT.mp4
2021-02-24 11:26 - 2021-02-24 11:26 - 004764414 _____ C:\Users\tomasek\Downloads\Green Screen Lightning And Thunder Video Effect.mp4
2021-02-24 11:23 - 2021-02-24 11:23 - 000391686 _____ C:\Users\tomasek\Downloads\Greenscreen Portal Like Effect HD.mp4
2021-02-23 18:52 - 2021-02-23 18:52 - 001024432 _____ C:\Users\tomasek\Downloads\filmora-idco_setup_full1901 (2).exe
2021-02-23 18:37 - 2021-02-23 18:37 - 012590829 _____ C:\Users\tomasek\Downloads\5_39pm - A Tornado of starlings.mp4
2021-02-23 17:17 - 2021-02-27 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sp Disk Cleaner
2021-02-23 17:17 - 2021-02-23 17:17 - 000000000 ____D C:\Program Files (x86)\Sp
2021-02-23 10:40 - 2021-02-23 10:40 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\CreamAPI
2021-02-23 10:38 - 2021-02-23 10:39 - 058504632 _____ C:\Users\tomasek\Downloads\Among.Us.v2020.12.9s_Adrian29.rar
2021-02-23 10:18 - 2021-02-23 10:21 - 000000000 ____D C:\Users\tomasek\krnl
2021-02-22 19:07 - 2021-02-23 11:28 - 2257350816 _____ C:\Users\tomasek\AppData\Roaming\2.txt
2021-02-22 19:07 - 2021-02-23 09:38 - 1570849912 _____ C:\Users\tomasek\AppData\Roaming\3.txt
2021-02-22 19:07 - 2021-02-22 19:16 - 3240346760 _____ C:\Users\tomasek\AppData\Roaming\10.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\9.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\8.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\7.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\6.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\5.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\4.txt
2021-02-22 15:31 - 2021-02-26 21:35 - 000001447 _____ C:\Users\tomasek\Desktop\Roblox Studio.lnk
2021-02-22 15:31 - 2021-02-26 21:35 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-02-22 15:31 - 2021-02-25 10:43 - 000001427 _____ C:\Users\tomasek\Desktop\Roblox Player.lnk
2021-02-22 15:15 - 2021-02-27 16:04 - 000000000 ____D C:\Program Files (x86)\Xydia
2021-02-22 15:15 - 2021-02-23 18:12 - 000001097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xydia.lnk
2021-02-22 15:15 - 2021-02-22 15:15 - 000000000 ____D C:\Users\tomasek\AppData\Local\Xyba_Studios
2021-02-20 19:58 - 2021-02-24 14:44 - 000000037 _____ C:\Users\tomasek\AppData\Local\link.txt
2021-02-20 19:30 - 2021-02-21 12:56 - 008908335 _____ C:\Users\tomasek\Downloads\Zeus 0.2.32.zip
2021-02-20 17:39 - 2021-02-20 19:22 - 000000000 ____D C:\Users\tomasek\Downloads\bin
2021-02-20 17:11 - 2021-02-24 15:59 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\WinHost
2021-02-20 16:00 - 2021-02-20 16:00 - 008658973 _____ C:\Users\tomasek\Downloads\video (3).mkv
2021-02-20 08:41 - 2021-02-20 09:04 - 000000209 _____ C:\Users\tomasek\AppData\Roaming\jjv5conf.json
2021-02-20 08:41 - 2021-02-20 09:04 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\jjsploitv5
2021-02-20 08:41 - 2021-02-20 09:03 - 000000000 ____D C:\Users\tomasek\AppData\Local\jjsploitv5-updater
2021-02-20 08:41 - 2021-02-20 08:41 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\JJSploit v5
2021-02-20 08:06 - 2021-02-20 08:06 - 000000000 ____D C:\Skisploit
2021-02-20 07:45 - 2021-02-20 07:45 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\booking-nativefier-9f4f54
2021-02-20 07:45 - 2021-02-20 07:45 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Booking
2021-02-20 00:36 - 2021-02-20 00:36 - 000000000 ____D C:\Windows\system32\Tasks\Services
2021-02-20 00:35 - 2021-02-20 00:35 - 000000000 __SHD C:\Users\tomasek\AppData\Local\Disk
2021-02-20 00:35 - 2021-02-20 00:35 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Real
2021-02-20 00:35 - 2021-02-20 00:35 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Bazertu
2021-02-20 00:34 - 2021-02-22 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sk Disk Cleaner
2021-02-20 00:34 - 2021-02-20 00:34 - 000000012 _____ C:\ProgramData\kaosdma.txt
2021-02-20 00:34 - 2021-02-20 00:34 - 000000000 ____D C:\Program Files (x86)\Sk
2021-02-19 22:52 - 2021-02-19 22:52 - 000000035 _____ C:\Users\tomasek\Downloads\SxWhitelist.txt
2021-02-19 22:40 - 2021-02-19 22:40 - 000000000 ____D C:\Users\tomasek\Documents\My Backups
2021-02-19 22:40 - 2021-02-19 22:40 - 000000000 ____D C:\ProgramData\TBIView
2021-02-19 22:40 - 2021-02-19 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraByte Drive Image Backup and Restore Suite
2021-02-19 22:40 - 2021-02-19 22:40 - 000000000 ____D C:\Program Files (x86)\TeraByte Drive Image Backup and Restore Suite
2021-02-19 22:40 - 2019-04-25 19:11 - 000146936 _____ (TeraByte, Inc.) C:\Windows\system32\Drivers\TBIMount.sys
2021-02-19 22:40 - 2018-01-09 17:44 - 000017472 _____ (TeraByte, Inc.) C:\Windows\system32\Drivers\ProtectIt.sys
2021-02-19 22:40 - 2017-04-01 15:30 - 000081880 _____ C:\Windows\tbicd2hd.exe
2021-02-19 22:40 - 2016-08-24 23:01 - 000037488 _____ (TeraByte, Inc.) C:\Windows\system32\Drivers\phylock.sys
2021-02-19 21:58 - 2021-01-19 16:00 - 001691648 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7z.dll
2021-02-19 21:58 - 2021-01-19 16:00 - 000881664 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7zFM.exe
2021-02-19 21:58 - 2021-01-19 16:00 - 000595968 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7zG.exe
2021-02-19 21:58 - 2021-01-19 16:00 - 000483840 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7z.exe
2021-02-19 21:58 - 2021-01-19 16:00 - 000209408 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7z.sfx
2021-02-19 21:58 - 2021-01-19 16:00 - 000189952 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7zCon.sfx
2021-02-19 21:58 - 2021-01-19 16:00 - 000077312 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7-zip.dll
2021-02-19 21:58 - 2021-01-19 16:00 - 000052224 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7-zip32.dll
2021-02-19 21:58 - 2021-01-19 16:00 - 000014848 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\Uninstall.exe
2021-02-19 21:58 - 2021-01-19 14:51 - 000001696 _____ C:\Users\tomasek\Downloads\readme.txt
2021-02-19 21:58 - 2021-01-19 14:49 - 000051254 _____ C:\Users\tomasek\Downloads\History.txt
2021-02-19 21:58 - 2021-01-17 17:00 - 000108436 _____ C:\Users\tomasek\Downloads\7-zip.chm
2021-02-19 21:58 - 2021-01-17 16:12 - 000003990 _____ C:\Users\tomasek\Downloads\License.txt
2021-02-19 21:58 - 2018-01-28 10:00 - 000000366 _____ C:\Users\tomasek\Downloads\descript.ion
2021-02-19 21:26 - 2021-02-19 21:26 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\FinlinSploit
2021-02-19 21:08 - 2021-02-19 21:08 - 000003548 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2021-02-19 21:08 - 2021-02-19 21:08 - 000003424 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2021-02-19 21:08 - 2021-02-19 21:08 - 000003268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2021-02-19 21:08 - 2021-02-19 21:08 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2021-02-19 21:07 - 2021-02-19 21:08 - 000000000 ____D C:\Program Files (x86)\Booking
2021-02-19 20:57 - 2021-02-19 20:57 - 000000000 ____D C:\Program Files (x86)\DabihKeennesscdvSetup
2021-02-18 19:34 - 2021-02-18 19:34 - 007220768 _____ C:\Users\tomasek\Downloads\§cGlitc§9h [16x].zip
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taskbar system
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\Users\tomasek\AppData\Local\TaskbarSystem
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\ProgramData\SAntivirus
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\ProgramData\IdleBuddy
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\Program Files (x86)\IBuddy
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\Program Files (x86)\Digital Communications
2021-02-18 12:50 - 2021-02-19 21:56 - 000016438 _____ C:\Users\tomasek\AppData\Local\partner.bmp
2021-02-18 12:50 - 2021-02-18 12:51 - 000000000 ____D C:\Program Files (x86)\TraditionalCeryhe
2021-02-18 12:50 - 2021-02-18 12:50 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\PumoriRealm
2021-02-17 19:17 - 2021-02-17 19:17 - 000000000 ___HD C:\Users\tomasek\.Wurst encryption
2021-02-17 19:16 - 2021-02-17 19:16 - 000686157 _____ C:\Users\tomasek\Downloads\fabric-api-0.28.5+1.15.jar
2021-02-17 19:11 - 2021-02-17 19:11 - 000308924 _____ C:\Users\tomasek\Downloads\fabric-installer-0.6.1.51.jar
2021-02-17 18:14 - 2021-02-17 18:14 - 971727141 _____ C:\Users\tomasek\Downloads\512x Pulchra Revisited 1.13+.rar
2021-02-17 14:28 - 2021-02-17 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Sharpen AI
2021-02-17 14:27 - 2021-02-17 14:27 - 000002183 _____ C:\Users\tomasek\Desktop\Topaz Sharpen AI.lnk
2021-02-17 13:55 - 2021-02-17 14:28 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Topaz Labs LLC
2021-02-17 13:55 - 2021-02-17 14:28 - 000000000 ____D C:\Users\tomasek\AppData\Local\Topaz Labs LLC
2021-02-17 13:55 - 2021-02-17 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Gigapixel AI
2021-02-17 13:54 - 2021-02-17 14:28 - 000000000 ____D C:\ProgramData\Topaz Labs LLC
2021-02-17 13:54 - 2021-02-17 14:27 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs LLC
2021-02-17 13:54 - 2021-02-17 14:27 - 000000000 ____D C:\Program Files\Topaz Labs LLC
2021-02-17 13:54 - 2021-02-17 13:54 - 032757736 _____ (Topaz Labs LLC) C:\Users\tomasek\Downloads\TopazSharpenAI-Online-Installer.exe
2021-02-17 13:46 - 2021-02-17 13:46 - 029778664 _____ (Topaz Labs LLC) C:\Users\tomasek\Downloads\TopazGigapixelAI-Online-Installer.exe
2021-02-15 16:56 - 2021-02-15 17:27 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\CitizenFX
2021-02-15 16:55 - 2021-02-15 21:08 - 000000000 ____D C:\Users\tomasek\AppData\Local\DigitalEntitlements
2021-02-15 16:54 - 2021-02-16 10:45 - 000000000 ____D C:\Users\tomasek\AppData\Local\FiveM
2021-02-15 16:54 - 2021-02-15 17:49 - 000002142 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2021-02-15 16:54 - 2021-02-15 16:54 - 005539552 _____ (Cfx.re) C:\Users\tomasek\Downloads\FiveM.exe
2021-02-15 16:54 - 2021-02-15 16:54 - 000002134 _____ C:\Users\tomasek\Desktop\FiveM.lnk
2021-02-15 12:56 - 2021-02-15 12:56 - 005376627 _____ C:\Users\tomasek\Downloads\bandicam 2021-02-15 11-13-11-116.mp4
2021-02-15 11:01 - 2021-02-15 11:01 - 010615724 _____ C:\Users\tomasek\Downloads\Ĉ̴͉͇̝͉̃̊̇̓̉̑͂̾̕R̷͖͍̘͉̺̬̱̂̀̿Ù̵̧̧̞̙̯̻̍͑̚ͅN̵̡̛̺̝̲̣̥͓̒͂́͊͋͑͘̕ͅC̶̡̩͈̭̼̙͓͉̽̏Ȟ̷̨̲̲͎̚.mp4
2021-02-14 20:58 - 2021-02-14 20:58 - 017269612 _____ C:\Users\tomasek\Downloads\lucka VS já.mp4
2021-02-14 20:11 - 2021-02-14 20:11 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-02-14 20:11 - 2021-02-14 20:11 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-02-14 20:11 - 2021-02-14 20:11 - 001314112 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-02-14 20:11 - 2021-02-14 20:11 - 000231232 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-02-14 20:11 - 2021-02-14 20:11 - 000010892 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-02-11 11:27 - 2021-02-11 11:27 - 000005918 _____ C:\Users\tomasek\Downloads\MotionBlurOnly.zip
2021-02-11 11:09 - 2021-02-11 11:09 - 000056820 _____ C:\Users\tomasek\Downloads\Patrix_1.16_models.zip
2021-02-11 11:08 - 2021-02-11 11:08 - 043351573 _____ C:\Users\tomasek\Downloads\Patrix_1.16_32x_basic.zip
2021-02-11 11:08 - 2021-02-11 11:08 - 002360612 _____ C:\Users\tomasek\Downloads\Patrix_1.16_32x_bonus.zip
2021-02-11 11:07 - 2021-02-11 11:08 - 006633452 _____ C:\Users\tomasek\Downloads\Patrix_1.16_32x_addon.zip
2021-02-09 21:23 - 2021-02-17 14:45 - 000000784 _____ C:\Users\tomasek\Desktop\Stažené soubory – zástupce.lnk
2021-02-09 20:17 - 2021-02-09 20:18 - 335086998 _____ C:\Users\tomasek\Downloads\Učím youtubery parkour #2 _ Wedry.mp4
2021-02-09 19:54 - 2021-02-09 19:54 - 045509412 _____ C:\Users\tomasek\Downloads\Chuchel #1.mp4
2021-02-09 17:04 - 2021-02-09 17:04 - 000000758 _____ C:\Users\tomasek\Downloads\Plocha – zástupce.lnk
2021-02-09 16:05 - 2021-02-09 16:05 - 000389633 _____ C:\Users\tomasek\Downloads\Inertia Client Installer.jar
2021-02-09 13:43 - 2021-02-09 13:44 - 015116066 _____ C:\Users\tomasek\Downloads\Moon (1).rar
2021-02-09 13:00 - 2021-02-09 13:00 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Goldberg SteamEmu Saves
2021-02-09 13:00 - 2021-02-09 13:00 - 000000000 ____D C:\Users\tomasek\AppData\LocalLow\Innersloth
2021-02-09 12:58 - 2021-02-09 12:59 - 109920864 _____ C:\Users\tomasek\Downloads\AMONG US (v2020.12.9s) @MaStEr F.zip
2021-02-09 12:57 - 2021-02-09 12:57 - 000000000 ____D C:\Users\tomasek\AppData\Local\Alizer
2021-02-07 19:59 - 2021-02-07 19:59 - 001245104 _____ C:\Users\tomasek\Downloads\filmorapro_setup_full4622 (1).exe
2021-02-07 19:58 - 2021-02-07 19:58 - 001113520 _____ C:\Users\tomasek\Downloads\filmora_setup_full846 (1).exe
2021-02-07 19:48 - 2021-02-07 19:48 - 004325374 _____ C:\Users\tomasek\Downloads\mimiko.wfpproj
2021-02-07 19:22 - 2021-02-07 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare FilmoraPro
2021-02-07 19:22 - 2021-02-07 19:22 - 000001246 _____ C:\Users\tomasek\Desktop\Wondershare FilmoraPro.lnk
2021-02-07 19:21 - 2021-02-07 19:21 - 001245104 _____ C:\Users\tomasek\Downloads\filmorapro_setup_full4622.exe
2021-02-07 18:56 - 2021-02-07 18:56 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2021-02-07 18:40 - 2021-02-07 18:40 - 015991240 _____ C:\Users\tomasek\Downloads\mimi.mp4
2021-02-07 17:54 - 2021-02-07 17:54 - 003242191 _____ C:\Users\tomasek\Downloads\Fire Green Screen (2).mp4
2021-02-07 17:42 - 2021-02-07 17:42 - 201547282 _____ C:\Users\tomasek\Downloads\Rounded Neon Multicolored lines Background Looped Animation HD _ Free Version.mp4
2021-02-06 17:31 - 2021-02-06 17:31 - 102372728 _____ C:\Users\tomasek\Downloads\FilmoraX.zip
2021-02-06 17:22 - 2021-02-06 17:22 - 001113520 _____ C:\Users\tomasek\Downloads\filmora_setup_full846.exe
2021-02-06 17:12 - 2021-02-06 17:16 - 297860020 _____ C:\Users\tomasek\Downloads\_Getintopc.com_Wondershare_Filmora_v10.0.0.94x64_Multilingual.rar
2021-02-05 18:39 - 2021-02-05 18:39 - 004402258 _____ C:\Users\tomasek\Downloads\SEUS_PTGI_HRR_Test_2.1.zip
2021-02-05 17:05 - 2021-02-05 17:07 - 680987520 _____ C:\Users\tomasek\Downloads\LEGENDARY RT Textures RT8 1024x (1.16.5) (1).zip
2021-02-05 16:28 - 2021-02-05 16:29 - 032297616 _____ C:\Users\tomasek\Downloads\moderne house 123.rar
2021-02-05 16:16 - 2021-02-05 16:16 - 039037283 _____ C:\Users\tomasek\Downloads\Modern Mountain House.zip
2021-02-05 15:47 - 2021-02-05 16:00 - 000000000 ____D C:\Users\tomasek\AppData\Local\MusicMaker
2021-02-05 15:46 - 2021-02-27 13:08 - 000000000 ___RD C:\Users\tomasek\Documents\MAGIX
2021-02-05 15:46 - 2021-02-27 13:08 - 000000000 ____D C:\ProgramData\MAGIX
2021-02-05 15:46 - 2021-02-27 13:08 - 000000000 ____D C:\Program Files (x86)\MAGIX
2021-02-05 15:46 - 2021-02-10 21:15 - 000000574 _____ C:\Windows\Tasks\MAGIX PC Check & Tuning 2021 (PCMaintainService.exe).job
2021-02-05 15:46 - 2021-02-10 21:15 - 000000422 _____ C:\Windows\Tasks\MAGIX PC Check & Tuning 2021.job
2021-02-05 15:46 - 2021-02-05 15:46 - 000003128 _____ C:\Windows\system32\Tasks\MAGIX PC Check & Tuning 2021 (PCMaintainService.exe)
2021-02-05 15:46 - 2021-02-05 15:46 - 000002928 _____ C:\Windows\system32\Tasks\MAGIX PC Check & Tuning 2021
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\Users\tomasek\AppData\Local\QMxNetworkSync
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\ProgramData\simplitec
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\System optimization
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\Program Files\MAGIX
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services
2021-02-05 15:42 - 2021-02-27 13:08 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\MAGIX
2021-02-05 15:42 - 2021-02-05 15:42 - 000000000 ____D C:\Users\tomasek\Documents\MAGIX Downloads
2021-02-04 13:30 - 2021-02-04 13:30 - 004309452 _____ C:\Users\tomasek\Downloads\worldedit-forge-mc1.16.3-7.2.2-dist.jar
2021-02-03 22:14 - 2021-02-03 22:14 - 000000000 ____D C:\ProgramData\Intel
2021-02-03 22:13 - 2021-03-01 22:33 - 000000000 ____D C:\Intel
2021-02-03 22:13 - 2021-02-10 21:09 - 000000000 __SHD C:\Users\tomasek\IntelGraphicsProfiles
2021-02-03 22:13 - 2021-02-04 11:04 - 000000000 ____D C:\Users\tomasek\AppData\Local\Intel
2021-02-03 22:13 - 2021-02-03 22:13 - 000000000 ____D C:\Users\tomasek\AppData\LocalLow\Intel
2021-02-03 22:12 - 2021-02-03 22:12 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2021-02-03 21:06 - 2021-02-03 21:06 - 010699190 _____ C:\Users\tomasek\Downloads\R16 Textures 512x (umsoea).zip
2021-02-03 20:57 - 2021-02-03 20:57 - 008442059 _____ C:\Users\tomasek\Downloads\R17 Textures 512x (umsoea).zip
2021-02-03 20:39 - 2021-02-03 20:39 - 011282168 _____ C:\Users\tomasek\Downloads\! # §l§3Notro §l§5Fade (1).zip
2021-02-03 17:41 - 2021-02-03 17:41 - 003681747 _____ C:\Users\tomasek\Downloads\EXTRACT-JAR-INTO-MODS-FOLDER-for-1.12.2.zip
2021-02-03 15:27 - 2021-02-03 15:27 - 223713938 _____ C:\Users\tomasek\Downloads\miejojo512 v1.16.zip
2021-02-02 17:52 - 2021-02-06 10:58 - 000000004 _____ C:\ProgramData\rc.dat
2021-02-02 17:51 - 2021-02-06 10:58 - 000000004 _____ C:\ProgramData\lock.dat
2021-02-02 17:51 - 2021-02-05 10:28 - 000000100 _____ C:\ProgramData\lir.bats
2021-02-02 17:51 - 2021-02-02 17:51 - 000000008 _____ C:\ProgramData\ts.dat
2021-02-02 17:50 - 2021-02-06 10:49 - 000000000 ____D C:\ProgramData\TranslateService
2021-02-02 17:12 - 2021-02-10 21:16 - 000000000 ____D C:\Users\tomasek\AppData\Local\Secure File Deleter 6
2021-02-02 17:12 - 2021-02-10 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure File Deleter 6
2021-02-02 17:12 - 2021-02-02 17:13 - 000000000 ____D C:\GX Action Backup
2021-02-02 17:12 - 2014-04-03 20:22 - 000645592 _____ C:\Windows\SysWOW64\sqlite3.dll
2021-02-02 17:11 - 2021-01-19 16:33 - 008870184 ___RH (Glarysoft Ltd) C:\Users\tomasek\Desktop\tesetup.exe
2021-02-02 16:41 - 2021-02-02 16:41 - 003663753 _____ C:\Users\tomasek\Downloads\[1.12.2] Ultimate Immersion by Hunger_Legend.rar
2021-02-02 16:02 - 2021-02-02 16:04 - 680987520 _____ C:\Users\tomasek\Downloads\LEGENDARY RT Textures RT8 1024x (1.16.5).zip
2021-02-01 18:13 - 2021-02-04 19:04 - 000006410 _____ C:\Users\tomasek\Downloads\OCCT.config.json
2021-02-01 18:10 - 2021-02-01 18:10 - 018012912 _____ (OCCT - Ocbase - Adrien Mercier) C:\Users\tomasek\Downloads\OCCT7.3.0.exe
2021-02-01 18:09 - 2021-02-01 18:13 - 259708359 _____ (Unigine Corp. ) C:\Users\tomasek\Downloads\Unigine_Heaven-4.0.exe
2021-02-01 16:28 - 2021-02-01 16:28 - 282502470 _____ C:\Users\tomasek\Downloads\People.Playground.v1.13.1.rar
2021-01-31 14:50 - 2021-02-20 16:01 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\HandBrake
2021-01-31 14:49 - 2021-01-31 14:50 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2021-01-31 14:49 - 2021-01-31 14:50 - 000000000 ____D C:\Program Files\HandBrake
2021-01-31 14:49 - 2021-01-31 14:49 - 013534240 _____ C:\Users\tomasek\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2021-01-31 14:49 - 2021-01-31 14:49 - 000000865 _____ C:\Users\tomasek\Desktop\HandBrake.lnk
2021-01-31 14:31 - 2021-01-31 14:31 - 015690862 _____ C:\Users\tomasek\Downloads\video (2).mkv
2021-01-31 14:23 - 2021-01-31 14:23 - 000150502 _____ C:\Users\tomasek\Downloads\Lucky blocky (mod) 1#.mp4.crdownload
2021-01-31 14:23 - 2021-01-31 14:23 - 000150502 _____ C:\Users\tomasek\Downloads\Lucky blocky (mod) 1#.mp4 (1).crdownload
2021-01-31 13:24 - 2021-01-31 13:24 - 001697661 _____ C:\Users\tomasek\Downloads\Lightning strike green screen.mp4
2021-01-31 13:21 - 2021-01-31 13:21 - 001161215 _____ C:\Users\tomasek\Downloads\Green Screen Lightning and Thunder Effect.mp4
2021-01-31 13:20 - 2021-01-31 13:20 - 027507576 _____ C:\Users\tomasek\Downloads\Lighting & Thunder Storm Green Screen Effects __ YTschool..mp4
2021-01-31 13:16 - 2021-01-31 13:16 - 000393344 _____ C:\Users\tomasek\Downloads\Green Screen Vs Text Style Effect.mp4
2021-01-31 11:17 - 2021-01-31 11:17 - 000001339 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lively Wallpaper.lnk
2021-01-31 11:17 - 2021-01-31 11:17 - 000001331 _____ C:\Users\tomasek\Desktop\Lively Wallpaper.lnk
2021-01-31 11:16 - 2021-01-31 11:17 - 193255194 _____ (rocksdanister ) C:\Users\tomasek\lively_setup_x86_full_v1180.exe
2021-01-31 11:16 - 2021-01-31 11:16 - 003544104 _____ C:\Users\tomasek\Downloads\video (1).mkv
2021-01-30 19:13 - 2021-01-30 19:13 - 000000345 _____ C:\Users\tomasek\Desktop\ARK Survival Evolved.url
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-01 22:38 - 2019-12-07 15:41 - 000682184 _____ C:\Windows\system32\perfh005.dat
2021-03-01 22:38 - 2019-12-07 15:41 - 000137000 _____ C:\Windows\system32\perfc005.dat
2021-03-01 22:38 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-03-01 22:38 - 2019-12-07 08:12 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-03-01 22:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-01 22:33 - 2020-12-16 15:48 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-03-01 22:33 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-03-01 22:33 - 2019-12-07 08:07 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-01 22:33 - 2019-12-07 08:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-03-01 22:31 - 2020-12-25 17:58 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1
2021-03-01 22:24 - 2020-12-26 22:45 - 000000000 ____D C:\Program Files (x86)\Bandicam.v4.1.3 ( CZ HanzyKisik )
2021-03-01 22:23 - 2019-12-07 08:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-03-01 21:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-03-01 20:48 - 2021-01-21 09:44 - 000004216 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0087AB00-A545-4531-AFE1-404CF38D4D3A}
2021-03-01 20:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-03-01 19:37 - 2020-12-24 20:47 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\audacity
2021-03-01 15:44 - 2020-12-24 20:26 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\.minecraft
2021-03-01 15:34 - 2020-12-16 15:57 - 000000000 ____D C:\Users\tomasek\AppData\Local\D3DSCache
2021-03-01 13:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-01 11:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-02-28 19:36 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek\AppData\Local\ConnectedDevicesPlatform
2021-02-28 19:25 - 2020-12-25 12:43 - 000000000 ____D C:\Users\tomasek\AppData\Local\SquirrelTemp
2021-02-28 17:33 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek
2021-02-28 12:56 - 2019-12-07 08:07 - 000483896 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-28 09:52 - 2020-12-27 10:51 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-27 16:10 - 2021-01-16 10:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-27 13:08 - 2020-12-17 10:20 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-27 12:14 - 2019-12-07 08:12 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2880034797-3857021402-3440946435-1001
2021-02-27 12:14 - 2019-12-07 08:12 - 000000000 ___RD C:\Users\tomasek\OneDrive
2021-02-27 12:14 - 2019-12-07 08:10 - 000002371 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-26 21:35 - 2021-01-17 20:14 - 000000256 _____ C:\Users\tomasek\AppData\LocalLow\rbxcsettings.rbx
2021-02-26 21:35 - 2021-01-17 20:14 - 000000000 ____D C:\Users\tomasek\AppData\Local\Roblox
2021-02-26 13:35 - 2021-01-05 14:26 - 000004226 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1609853199
2021-02-26 13:35 - 2021-01-05 14:26 - 000001415 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-02-26 11:27 - 2020-12-25 12:43 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\discord
2021-02-24 21:51 - 2021-01-07 14:28 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-02-24 15:30 - 2021-01-05 14:19 - 000000000 ____D C:\Users\tomasek\AppData\Local\GeometryDash
2021-02-24 15:05 - 2020-12-30 20:52 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\.tlauncher
2021-02-24 11:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-02-23 18:54 - 2021-01-07 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-02-23 18:53 - 2021-01-07 14:28 - 000000000 ____D C:\Program Files\Wondershare
2021-02-23 18:44 - 2020-12-16 15:57 - 000000000 ____D C:\Users\tomasek\AppData\Local\AMD
2021-02-22 11:17 - 2021-01-24 10:56 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-20 17:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2021-02-19 17:33 - 2020-12-25 13:26 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\lunarclient
2021-02-18 15:18 - 2021-01-22 14:57 - 000000000 ____D C:\Users\tomasek\AppData\Local\Voicemod
2021-02-18 15:14 - 2021-01-22 14:56 - 000000000 ____D C:\ProgramData\Voicemod
2021-02-17 13:54 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Adobe
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Keywords
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-15 08:14 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-02-14 21:05 - 2020-12-24 20:26 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-02-14 20:13 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-02-14 20:08 - 2020-12-26 22:30 - 000000000 ____D C:\Windows\system32\MRT
2021-02-14 20:07 - 2020-12-26 20:37 - 130141752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-02-12 10:00 - 2019-12-07 08:07 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-02-08 20:07 - 2020-12-27 10:50 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-08 20:07 - 2020-12-27 10:50 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-07 19:22 - 2021-01-15 15:28 - 000000000 ____D C:\Users\tomasek\AppData\Local\cache
2021-02-07 19:22 - 2021-01-07 14:30 - 000000000 ____D C:\ProgramData\Wondershare
2021-02-07 19:22 - 2021-01-07 14:29 - 000000000 ____D C:\Users\tomasek\AppData\Local\Wondershare
2021-02-07 19:22 - 2021-01-07 14:28 - 000000000 ____D C:\Users\tomasek\Documents\Wondershare
2021-02-07 18:56 - 2020-12-26 22:37 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-07 18:56 - 2020-12-26 22:37 - 000000000 ____D C:\Program Files\Adobe
2021-02-07 17:07 - 2021-01-22 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voicemod Desktop
2021-02-07 17:07 - 2021-01-22 14:56 - 000000000 ____D C:\Program Files\Voicemod Desktop
2021-02-07 17:05 - 2021-01-01 19:17 - 000000000 ____D C:\Users\tomasek\Documents\Audacity
2021-02-05 20:04 - 2021-01-24 10:56 - 000734016 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2021-02-05 20:03 - 2021-01-24 10:56 - 000470848 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2021-02-05 15:47 - 2021-01-12 17:49 - 000000000 ____D C:\Users\tomasek\Documents\Image-Line
2021-02-05 15:40 - 2020-12-26 22:40 - 000000000 ____D C:\Users\tomasek\Documents\Adobe
2021-02-03 22:13 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek\AppData\Local\Publishers
2021-02-03 22:13 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek\AppData\Local\Packages
2021-02-03 22:13 - 2019-12-07 08:10 - 000000000 ____D C:\ProgramData\Packages
2021-02-01 18:16 - 2020-12-16 15:57 - 001065984 _____ C:\Users\tomasek\AppData\Local\file__0.localstorage
2021-02-01 18:07 - 2020-12-26 01:26 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\HD Tune Pro
2021-01-31 14:44 - 2020-12-30 11:50 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\LGHUB
2021-01-31 14:44 - 2020-12-30 11:50 - 000000000 ____D C:\Users\tomasek\AppData\Local\LGHUB
==================== Files in the root of some directories ========
2021-02-02 17:51 - 2021-02-06 10:58 - 000000004 _____ () C:\ProgramData\lock.dat
2021-02-02 17:52 - 2021-02-06 10:58 - 000000004 _____ () C:\ProgramData\rc.dat
2021-02-02 17:51 - 2021-02-02 17:51 - 000000008 _____ () C:\ProgramData\ts.dat
2021-01-31 11:16 - 2021-01-31 11:17 - 193255194 _____ (rocksdanister ) C:\Users\tomasek\lively_setup_x86_full_v1180.exe
2021-02-22 19:07 - 2021-02-22 19:16 - 3240346760 _____ () C:\Users\tomasek\AppData\Roaming\10.txt
2021-02-22 19:07 - 2021-02-23 11:28 - 2257350816 _____ () C:\Users\tomasek\AppData\Roaming\2.txt
2021-02-22 19:07 - 2021-02-23 09:38 - 1570849912 _____ () C:\Users\tomasek\AppData\Roaming\3.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\4.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\5.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\6.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\7.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\8.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\9.txt
2020-12-30 17:38 - 2020-12-30 17:38 - 000000000 _____ () C:\Users\tomasek\AppData\Roaming\90e410a49ea95c18085aaf88ebbf8100.tmp
2021-02-20 08:41 - 2021-02-20 09:04 - 000000209 _____ () C:\Users\tomasek\AppData\Roaming\jjv5conf.json
2021-01-03 13:28 - 2021-01-03 13:28 - 000000015 _____ () C:\Users\tomasek\AppData\Roaming\obs-virtualcam.txt
2020-12-16 15:57 - 2021-02-01 18:16 - 001065984 _____ () C:\Users\tomasek\AppData\Local\file__0.localstorage
2021-02-20 19:58 - 2021-02-24 14:44 - 000000037 _____ () C:\Users\tomasek\AppData\Local\link.txt
2021-02-18 12:50 - 2021-02-19 21:56 - 000016438 _____ () C:\Users\tomasek\AppData\Local\partner.bmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
posílám log z počítače syna, můžete se na to prosím mrknout? Stahuje samé hacky kraviny, nešly mu spustit některé programy, adwcleaner v příloze. Jestli to je na pohlavek, prosím napište mi. děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by tomasek (administrator) on DESKTOP-3JV1PF5 (01-03-2021 22:42:00)
Running from C:\Users\tomasek\Downloads
Loaded Profiles: tomasek
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(Apps Delivered Ltd -> Traditional Ceryhe) [File not signed] [File is in use] C:\Program Files (x86)\TraditionalCeryhe\TraditionalCeryhe.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AutoIt Consulting Ltd -> AutoIt Team) C:\Users\tomasek\AppData\Local\Disk\AutoIt3\AutoIt3_x64.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusClient.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe
(Globalhop Ltd TOO -> ) C:\Users\tomasek\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(libMPVPlayer) [File not signed] C:\Users\tomasek\AppData\Local\Programs\Lively Wallpaper\plugins\libMPVPlayer\libMPVPlayer.exe
(livelySubProcess) [File not signed] C:\Users\tomasek\AppData\Local\Programs\Lively Wallpaper\plugins\subproc\livelySubProcess.exe
(livelywpf) [File not signed] C:\Users\tomasek\AppData\Local\Programs\Lively Wallpaper\livelywpf.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(MAGIX Software GmbH -> MAGIX Software GmbH) C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCMaintainService.exe
(MAGIX Software GmbH -> MAGIX) C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\tomasek\Downloads\adwcleaner_8.1.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\tomasek\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeraByte, Inc. -> TeraByte, Inc.) C:\Program Files (x86)\TeraByte Drive Image Backup and Restore Suite\tbinotify.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-12-27] (Adobe Inc. -> )
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2880034797-3857021402-3440946435-1001\...\Run: [livelywpf] => C:\Users\tomasek\AppData\Local\Programs\Lively Wallpaper\livelywpf.exe [195072 2021-01-11] (livelywpf) [File not signed]
HKU\S-1-5-21-2880034797-3857021402-3440946435-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe [858360 2019-08-13] (MAGIX Software GmbH -> MAGIX)
HKU\S-1-5-21-2880034797-3857021402-3440946435-1001\...\Run: [Taskbar system] => C:\Users\tomasek\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe [918040 2021-01-13] (Globalhop Ltd TOO -> )
HKU\S-1-5-21-2880034797-3857021402-3440946435-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\tomasek\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-02-28] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-29] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TBI Notify.lnk [2021-02-19]
ShortcutTarget: TBI Notify.lnk -> C:\Program Files (x86)\TeraByte Drive Image Backup and Restore Suite\tbinotify.exe (TeraByte, Inc. -> TeraByte, Inc.)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2D09A541-D6DA-4F28-AE58-21DFCE0D4BE2} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2021-02-19] (bookingDesktopApp.) [File not signed]
Task: {35B78D87-9B76-423F-AB9A-0AFB5BF9DA0D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {495325BD-0611-494E-9CF3-51D52F2F63DC} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2021-02-19] (bookingDesktopApp.) [File not signed]
Task: {663C9786-8A08-415B-91B7-F169D84501ED} - System32\Tasks\MAGIX PC Check & Tuning 2021 (PCMaintainService.exe) => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCMaintainService.exe [1757768 2019-12-19] (MAGIX Software GmbH -> MAGIX Software GmbH)
Task: {7AFBBC1A-0209-45A7-8070-2A62AAC36390} - System32\Tasks\Services\Diagnostic => C:\Users\tomasek\AppData\Local\Disk\AutoIt3\AutoIt3_x64.exe [1013928 2018-03-15] (AutoIt Consulting Ltd -> AutoIt Team) -> "C:\Users\tomasek\AppData\Local\Disk\AutoIt3\Settings.au3"
Task: {906EDE40-59F8-4C14-834C-89D14BB6370B} - System32\Tasks\Opera scheduled Autoupdate 1609853199 => C:\Users\tomasek\AppData\Local\Programs\Opera\launcher.exe [1793664 2021-02-26] (Opera Software AS -> Opera Software)
Task: {A75569C4-2F10-46D4-8045-2443C262575E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B928C857-D17A-430D-B8A8-A7883FC4E004} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {C7FA0B56-F5F0-4454-B1E8-AA8DECAE64F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E409927A-C556-409B-919B-D6402429B072} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-3JV1PF5-tomasek => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EAC192D3-8990-493A-A6F6-A87549247548} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB0DDDC7-E0AE-4BB2-B108-8B4027950C95} - System32\Tasks\MAGIX PC Check & Tuning 2021 => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCCT.exe [2486856 2019-12-19] (MAGIX Software GmbH -> MAGIX Software GmbH)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\MAGIX PC Check & Tuning 2021 (PCMaintainService.exe).job => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCMaintainService.exe C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\DESKTOP-3JV1PF5\tomasek5MAGIX PC Check & Tuning 2021 (PCMaintainService.exe
Task: C:\Windows\Tasks\MAGIX PC Check & Tuning 2021.job => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2021\PCCT.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42d5e22c-9575-4454-8a68-21d1a84a4acf}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-01]
Edge Notifications: Default -> hxxps://linkvertise.com
Edge Extension: (Outlook) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-12-27]
Edge Extension: (Microsoft Protect) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fcppdfelojakeahklfgkjegnpbgndoch [2021-02-20]
Edge Extension: (Word) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-12-27]
Edge Extension: (Excel) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-12-27]
Edge Extension: (Multi Find) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mkofacajmfbednlblgglmpbidklocddm [2021-02-18]
Edge Extension: (PowerPoint) - C:\Users\tomasek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-12-27]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2021-01-01] (Adobe Systems Incorporated -> )
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2021-02-19] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2021-02-19] (bookingDesktopApp.) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default [2021-03-01]
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Prezentace) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-24]
CHR Extension: (Dokumenty) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-24]
CHR Extension: (Disk Google) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-24]
CHR Extension: (YouTube) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-24]
CHR Extension: (Tabulky) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-24]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-24]
CHR Extension: (Search Manager) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnplhahbcoldbildffdchneaepapccbn [2021-02-19]
CHR Extension: (Grammarly for Chrome) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-02-23]
CHR Extension: (Swift Select) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\molponhobmbbinjnghgafbfampcgamln [2021-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-24]
CHR Extension: (Chrome Media Router) - C:\Users\tomasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gnplhahbcoldbildffdchneaepapccbn]
Opera:
=======
OPR Profile: C:\Users\tomasek\AppData\Roaming\Opera Software\Opera Stable [2021-01-05]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"SAntivirusIC" => service was unlocked. <==== ATTENTION
"TraditionalCeryhe" => service was unlocked. <==== ATTENTION
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-01-30] (BattlEye Innovations e.K. -> )
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2021-02-19] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2021-02-19] (bookingDesktopApp.) [File not signed]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10897296 2021-01-14] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-01] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-12] (McAfee, LLC -> McAfee, LLC)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Rockstar Service; D:\GTAV\Launcher\RockstarService.exe [1631360 2020-12-02] (Rockstar Games, Inc. -> Rockstar Games)
R2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe [6939968 2021-02-18] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
R2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [628544 2021-02-18] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TraditionalCeryhe; C:\Program Files (x86)\TraditionalCeryhe\TraditionalCeryhe.exe [6032368 2018-05-04] (Apps Delivered Ltd -> Traditional Ceryhe) [File not signed] [File is in use]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16832 2021-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469472 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216984 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326064 2021-01-05] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-24] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
S3 HWiNFO_155; C:\Users\tomasek\AppData\Local\Temp\HWiNFO64A_155.SYS [64008 2021-02-04] (Martin Malik - REALiX -> REALiX(tm)) <==== ATTENTION
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\73248\driver_cpu_temperature\logi_core_temp.sys [25448 2021-01-14] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [38136 2020-12-30] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [26672 2020-12-30] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66808 2020-12-30] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220616 2021-03-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-03-01] (Malwarebytes Inc -> Malwarebytes)
R0 phylock; C:\Windows\System32\drivers\phylock.sys [37488 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> TeraByte, Inc.)
R1 ProtectIt; C:\Windows\System32\drivers\ProtectIt.sys [17472 2018-01-09] (Microsoft Windows Hardware Compatibility Publisher -> TeraByte, Inc.)
R1 TASANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [85504 2021-02-18] (Digital Communications Inc -> Corp DCom) <==== ATTENTION
S3 TBIMount; C:\Windows\System32\drivers\tbimount.sys [146936 2019-04-25] (Microsoft Windows Hardware Compatibility Publisher -> TeraByte, Inc.)
R3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-01-01] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [48136 2021-01-13] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 HWiNFO_152; \??\C:\Users\tomasek\AppData\Local\Temp\HWiNFO64A_152.SYS [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-01 22:42 - 2021-03-01 22:42 - 000025642 _____ C:\Users\tomasek\Downloads\FRST.txt
2021-03-01 22:41 - 2021-03-01 22:42 - 000000000 ____D C:\FRST
2021-03-01 22:40 - 2021-03-01 22:40 - 002301440 _____ (Farbar) C:\Users\tomasek\Downloads\FRST64.exe
2021-03-01 22:33 - 2021-03-01 22:33 - 000220616 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-03-01 22:32 - 2021-03-01 22:32 - 000220392 _____ (AVAST Software) C:\Users\tomasek\Downloads\avast_free_antivirus_setup_online.exe
2021-03-01 21:09 - 2021-03-01 21:09 - 000000000 ____D C:\Users\tomasek\AppData\Local\mbam
2021-03-01 21:08 - 2021-03-01 21:08 - 002084016 _____ (Malwarebytes) C:\Users\tomasek\Downloads\MBSetup.exe
2021-03-01 21:08 - 2021-03-01 21:08 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-03-01 21:08 - 2021-03-01 21:08 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-03-01 21:08 - 2021-03-01 21:08 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-03-01 21:08 - 2021-03-01 21:08 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-01 21:08 - 2021-03-01 21:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-01 21:08 - 2021-03-01 21:08 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-01 20:15 - 2021-03-01 20:15 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\santivirusclient
2021-03-01 19:16 - 2021-03-01 20:14 - 000000000 ____D C:\AdwCleaner
2021-03-01 19:16 - 2021-03-01 19:16 - 008463216 _____ (Malwarebytes) C:\Users\tomasek\Downloads\adwcleaner_8.1.exe
2021-02-28 19:25 - 2021-02-28 19:25 - 000002378 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-28 19:25 - 2021-02-28 19:25 - 000002370 _____ C:\Users\tomasek\Desktop\Microsoft Teams.lnk
2021-02-28 19:25 - 2021-02-28 19:25 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Teams
2021-02-25 10:42 - 2021-02-25 10:42 - 009573547 _____ C:\Users\tomasek\Downloads\TGX_V3.0.9.zip
2021-02-24 21:04 - 2021-02-24 21:04 - 018066536 _____ C:\Users\tomasek\Downloads\[GD] _Mountain King_ by Xyle (Daily level) _ Geometry Dash 2.113.mp4
2021-02-24 15:53 - 2021-02-24 15:53 - 000000026 _____ C:\Users\tomasek\Downloads\Oxygen U - Linkvertise.txt
2021-02-24 14:51 - 2021-02-24 14:52 - 000000000 ____D C:\Users\tomasek\AppData\Local\Coco_Z2
2021-02-24 12:18 - 2021-02-24 12:18 - 080521728 _____ C:\Users\tomasek\Downloads\LITTLE NIGHTMARES 2 Thin Man Boss Fight 4K ULTRA HD.mp4
2021-02-24 12:03 - 2021-02-24 12:03 - 013395845 _____ C:\Users\tomasek\Downloads\The Simpsons - Travel into the future couch gag.mp4
2021-02-24 12:01 - 2021-02-24 12:01 - 000845580 _____ C:\Users\tomasek\Downloads\GREEN SCREEN GLITCH EFFECT.mp4
2021-02-24 11:26 - 2021-02-24 11:26 - 004764414 _____ C:\Users\tomasek\Downloads\Green Screen Lightning And Thunder Video Effect.mp4
2021-02-24 11:23 - 2021-02-24 11:23 - 000391686 _____ C:\Users\tomasek\Downloads\Greenscreen Portal Like Effect HD.mp4
2021-02-23 18:52 - 2021-02-23 18:52 - 001024432 _____ C:\Users\tomasek\Downloads\filmora-idco_setup_full1901 (2).exe
2021-02-23 18:37 - 2021-02-23 18:37 - 012590829 _____ C:\Users\tomasek\Downloads\5_39pm - A Tornado of starlings.mp4
2021-02-23 17:17 - 2021-02-27 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sp Disk Cleaner
2021-02-23 17:17 - 2021-02-23 17:17 - 000000000 ____D C:\Program Files (x86)\Sp
2021-02-23 10:40 - 2021-02-23 10:40 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\CreamAPI
2021-02-23 10:38 - 2021-02-23 10:39 - 058504632 _____ C:\Users\tomasek\Downloads\Among.Us.v2020.12.9s_Adrian29.rar
2021-02-23 10:18 - 2021-02-23 10:21 - 000000000 ____D C:\Users\tomasek\krnl
2021-02-22 19:07 - 2021-02-23 11:28 - 2257350816 _____ C:\Users\tomasek\AppData\Roaming\2.txt
2021-02-22 19:07 - 2021-02-23 09:38 - 1570849912 _____ C:\Users\tomasek\AppData\Roaming\3.txt
2021-02-22 19:07 - 2021-02-22 19:16 - 3240346760 _____ C:\Users\tomasek\AppData\Roaming\10.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\9.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\8.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\7.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\6.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\5.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ C:\Users\tomasek\AppData\Roaming\4.txt
2021-02-22 15:31 - 2021-02-26 21:35 - 000001447 _____ C:\Users\tomasek\Desktop\Roblox Studio.lnk
2021-02-22 15:31 - 2021-02-26 21:35 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-02-22 15:31 - 2021-02-25 10:43 - 000001427 _____ C:\Users\tomasek\Desktop\Roblox Player.lnk
2021-02-22 15:15 - 2021-02-27 16:04 - 000000000 ____D C:\Program Files (x86)\Xydia
2021-02-22 15:15 - 2021-02-23 18:12 - 000001097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xydia.lnk
2021-02-22 15:15 - 2021-02-22 15:15 - 000000000 ____D C:\Users\tomasek\AppData\Local\Xyba_Studios
2021-02-20 19:58 - 2021-02-24 14:44 - 000000037 _____ C:\Users\tomasek\AppData\Local\link.txt
2021-02-20 19:30 - 2021-02-21 12:56 - 008908335 _____ C:\Users\tomasek\Downloads\Zeus 0.2.32.zip
2021-02-20 17:39 - 2021-02-20 19:22 - 000000000 ____D C:\Users\tomasek\Downloads\bin
2021-02-20 17:11 - 2021-02-24 15:59 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\WinHost
2021-02-20 16:00 - 2021-02-20 16:00 - 008658973 _____ C:\Users\tomasek\Downloads\video (3).mkv
2021-02-20 08:41 - 2021-02-20 09:04 - 000000209 _____ C:\Users\tomasek\AppData\Roaming\jjv5conf.json
2021-02-20 08:41 - 2021-02-20 09:04 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\jjsploitv5
2021-02-20 08:41 - 2021-02-20 09:03 - 000000000 ____D C:\Users\tomasek\AppData\Local\jjsploitv5-updater
2021-02-20 08:41 - 2021-02-20 08:41 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\JJSploit v5
2021-02-20 08:06 - 2021-02-20 08:06 - 000000000 ____D C:\Skisploit
2021-02-20 07:45 - 2021-02-20 07:45 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\booking-nativefier-9f4f54
2021-02-20 07:45 - 2021-02-20 07:45 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Booking
2021-02-20 00:36 - 2021-02-20 00:36 - 000000000 ____D C:\Windows\system32\Tasks\Services
2021-02-20 00:35 - 2021-02-20 00:35 - 000000000 __SHD C:\Users\tomasek\AppData\Local\Disk
2021-02-20 00:35 - 2021-02-20 00:35 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Real
2021-02-20 00:35 - 2021-02-20 00:35 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Bazertu
2021-02-20 00:34 - 2021-02-22 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sk Disk Cleaner
2021-02-20 00:34 - 2021-02-20 00:34 - 000000012 _____ C:\ProgramData\kaosdma.txt
2021-02-20 00:34 - 2021-02-20 00:34 - 000000000 ____D C:\Program Files (x86)\Sk
2021-02-19 22:52 - 2021-02-19 22:52 - 000000035 _____ C:\Users\tomasek\Downloads\SxWhitelist.txt
2021-02-19 22:40 - 2021-02-19 22:40 - 000000000 ____D C:\Users\tomasek\Documents\My Backups
2021-02-19 22:40 - 2021-02-19 22:40 - 000000000 ____D C:\ProgramData\TBIView
2021-02-19 22:40 - 2021-02-19 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraByte Drive Image Backup and Restore Suite
2021-02-19 22:40 - 2021-02-19 22:40 - 000000000 ____D C:\Program Files (x86)\TeraByte Drive Image Backup and Restore Suite
2021-02-19 22:40 - 2019-04-25 19:11 - 000146936 _____ (TeraByte, Inc.) C:\Windows\system32\Drivers\TBIMount.sys
2021-02-19 22:40 - 2018-01-09 17:44 - 000017472 _____ (TeraByte, Inc.) C:\Windows\system32\Drivers\ProtectIt.sys
2021-02-19 22:40 - 2017-04-01 15:30 - 000081880 _____ C:\Windows\tbicd2hd.exe
2021-02-19 22:40 - 2016-08-24 23:01 - 000037488 _____ (TeraByte, Inc.) C:\Windows\system32\Drivers\phylock.sys
2021-02-19 21:58 - 2021-01-19 16:00 - 001691648 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7z.dll
2021-02-19 21:58 - 2021-01-19 16:00 - 000881664 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7zFM.exe
2021-02-19 21:58 - 2021-01-19 16:00 - 000595968 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7zG.exe
2021-02-19 21:58 - 2021-01-19 16:00 - 000483840 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7z.exe
2021-02-19 21:58 - 2021-01-19 16:00 - 000209408 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7z.sfx
2021-02-19 21:58 - 2021-01-19 16:00 - 000189952 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7zCon.sfx
2021-02-19 21:58 - 2021-01-19 16:00 - 000077312 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7-zip.dll
2021-02-19 21:58 - 2021-01-19 16:00 - 000052224 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\7-zip32.dll
2021-02-19 21:58 - 2021-01-19 16:00 - 000014848 _____ (Igor Pavlov) C:\Users\tomasek\Downloads\Uninstall.exe
2021-02-19 21:58 - 2021-01-19 14:51 - 000001696 _____ C:\Users\tomasek\Downloads\readme.txt
2021-02-19 21:58 - 2021-01-19 14:49 - 000051254 _____ C:\Users\tomasek\Downloads\History.txt
2021-02-19 21:58 - 2021-01-17 17:00 - 000108436 _____ C:\Users\tomasek\Downloads\7-zip.chm
2021-02-19 21:58 - 2021-01-17 16:12 - 000003990 _____ C:\Users\tomasek\Downloads\License.txt
2021-02-19 21:58 - 2018-01-28 10:00 - 000000366 _____ C:\Users\tomasek\Downloads\descript.ion
2021-02-19 21:26 - 2021-02-19 21:26 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\FinlinSploit
2021-02-19 21:08 - 2021-02-19 21:08 - 000003548 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2021-02-19 21:08 - 2021-02-19 21:08 - 000003424 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2021-02-19 21:08 - 2021-02-19 21:08 - 000003268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2021-02-19 21:08 - 2021-02-19 21:08 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2021-02-19 21:07 - 2021-02-19 21:08 - 000000000 ____D C:\Program Files (x86)\Booking
2021-02-19 20:57 - 2021-02-19 20:57 - 000000000 ____D C:\Program Files (x86)\DabihKeennesscdvSetup
2021-02-18 19:34 - 2021-02-18 19:34 - 007220768 _____ C:\Users\tomasek\Downloads\§cGlitc§9h [16x].zip
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taskbar system
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\Users\tomasek\AppData\Local\TaskbarSystem
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\ProgramData\SAntivirus
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\ProgramData\IdleBuddy
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\Program Files (x86)\IBuddy
2021-02-18 12:51 - 2021-02-18 12:51 - 000000000 ____D C:\Program Files (x86)\Digital Communications
2021-02-18 12:50 - 2021-02-19 21:56 - 000016438 _____ C:\Users\tomasek\AppData\Local\partner.bmp
2021-02-18 12:50 - 2021-02-18 12:51 - 000000000 ____D C:\Program Files (x86)\TraditionalCeryhe
2021-02-18 12:50 - 2021-02-18 12:50 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\PumoriRealm
2021-02-17 19:17 - 2021-02-17 19:17 - 000000000 ___HD C:\Users\tomasek\.Wurst encryption
2021-02-17 19:16 - 2021-02-17 19:16 - 000686157 _____ C:\Users\tomasek\Downloads\fabric-api-0.28.5+1.15.jar
2021-02-17 19:11 - 2021-02-17 19:11 - 000308924 _____ C:\Users\tomasek\Downloads\fabric-installer-0.6.1.51.jar
2021-02-17 18:14 - 2021-02-17 18:14 - 971727141 _____ C:\Users\tomasek\Downloads\512x Pulchra Revisited 1.13+.rar
2021-02-17 14:28 - 2021-02-17 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Sharpen AI
2021-02-17 14:27 - 2021-02-17 14:27 - 000002183 _____ C:\Users\tomasek\Desktop\Topaz Sharpen AI.lnk
2021-02-17 13:55 - 2021-02-17 14:28 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Topaz Labs LLC
2021-02-17 13:55 - 2021-02-17 14:28 - 000000000 ____D C:\Users\tomasek\AppData\Local\Topaz Labs LLC
2021-02-17 13:55 - 2021-02-17 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Gigapixel AI
2021-02-17 13:54 - 2021-02-17 14:28 - 000000000 ____D C:\ProgramData\Topaz Labs LLC
2021-02-17 13:54 - 2021-02-17 14:27 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs LLC
2021-02-17 13:54 - 2021-02-17 14:27 - 000000000 ____D C:\Program Files\Topaz Labs LLC
2021-02-17 13:54 - 2021-02-17 13:54 - 032757736 _____ (Topaz Labs LLC) C:\Users\tomasek\Downloads\TopazSharpenAI-Online-Installer.exe
2021-02-17 13:46 - 2021-02-17 13:46 - 029778664 _____ (Topaz Labs LLC) C:\Users\tomasek\Downloads\TopazGigapixelAI-Online-Installer.exe
2021-02-15 16:56 - 2021-02-15 17:27 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\CitizenFX
2021-02-15 16:55 - 2021-02-15 21:08 - 000000000 ____D C:\Users\tomasek\AppData\Local\DigitalEntitlements
2021-02-15 16:54 - 2021-02-16 10:45 - 000000000 ____D C:\Users\tomasek\AppData\Local\FiveM
2021-02-15 16:54 - 2021-02-15 17:49 - 000002142 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2021-02-15 16:54 - 2021-02-15 16:54 - 005539552 _____ (Cfx.re) C:\Users\tomasek\Downloads\FiveM.exe
2021-02-15 16:54 - 2021-02-15 16:54 - 000002134 _____ C:\Users\tomasek\Desktop\FiveM.lnk
2021-02-15 12:56 - 2021-02-15 12:56 - 005376627 _____ C:\Users\tomasek\Downloads\bandicam 2021-02-15 11-13-11-116.mp4
2021-02-15 11:01 - 2021-02-15 11:01 - 010615724 _____ C:\Users\tomasek\Downloads\Ĉ̴͉͇̝͉̃̊̇̓̉̑͂̾̕R̷͖͍̘͉̺̬̱̂̀̿Ù̵̧̧̞̙̯̻̍͑̚ͅN̵̡̛̺̝̲̣̥͓̒͂́͊͋͑͘̕ͅC̶̡̩͈̭̼̙͓͉̽̏Ȟ̷̨̲̲͎̚.mp4
2021-02-14 20:58 - 2021-02-14 20:58 - 017269612 _____ C:\Users\tomasek\Downloads\lucka VS já.mp4
2021-02-14 20:11 - 2021-02-14 20:11 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-02-14 20:11 - 2021-02-14 20:11 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-02-14 20:11 - 2021-02-14 20:11 - 001314112 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-02-14 20:11 - 2021-02-14 20:11 - 000231232 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-02-14 20:11 - 2021-02-14 20:11 - 000010892 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-02-11 11:27 - 2021-02-11 11:27 - 000005918 _____ C:\Users\tomasek\Downloads\MotionBlurOnly.zip
2021-02-11 11:09 - 2021-02-11 11:09 - 000056820 _____ C:\Users\tomasek\Downloads\Patrix_1.16_models.zip
2021-02-11 11:08 - 2021-02-11 11:08 - 043351573 _____ C:\Users\tomasek\Downloads\Patrix_1.16_32x_basic.zip
2021-02-11 11:08 - 2021-02-11 11:08 - 002360612 _____ C:\Users\tomasek\Downloads\Patrix_1.16_32x_bonus.zip
2021-02-11 11:07 - 2021-02-11 11:08 - 006633452 _____ C:\Users\tomasek\Downloads\Patrix_1.16_32x_addon.zip
2021-02-09 21:23 - 2021-02-17 14:45 - 000000784 _____ C:\Users\tomasek\Desktop\Stažené soubory – zástupce.lnk
2021-02-09 20:17 - 2021-02-09 20:18 - 335086998 _____ C:\Users\tomasek\Downloads\Učím youtubery parkour #2 _ Wedry.mp4
2021-02-09 19:54 - 2021-02-09 19:54 - 045509412 _____ C:\Users\tomasek\Downloads\Chuchel #1.mp4
2021-02-09 17:04 - 2021-02-09 17:04 - 000000758 _____ C:\Users\tomasek\Downloads\Plocha – zástupce.lnk
2021-02-09 16:05 - 2021-02-09 16:05 - 000389633 _____ C:\Users\tomasek\Downloads\Inertia Client Installer.jar
2021-02-09 13:43 - 2021-02-09 13:44 - 015116066 _____ C:\Users\tomasek\Downloads\Moon (1).rar
2021-02-09 13:00 - 2021-02-09 13:00 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Goldberg SteamEmu Saves
2021-02-09 13:00 - 2021-02-09 13:00 - 000000000 ____D C:\Users\tomasek\AppData\LocalLow\Innersloth
2021-02-09 12:58 - 2021-02-09 12:59 - 109920864 _____ C:\Users\tomasek\Downloads\AMONG US (v2020.12.9s) @MaStEr F.zip
2021-02-09 12:57 - 2021-02-09 12:57 - 000000000 ____D C:\Users\tomasek\AppData\Local\Alizer
2021-02-07 19:59 - 2021-02-07 19:59 - 001245104 _____ C:\Users\tomasek\Downloads\filmorapro_setup_full4622 (1).exe
2021-02-07 19:58 - 2021-02-07 19:58 - 001113520 _____ C:\Users\tomasek\Downloads\filmora_setup_full846 (1).exe
2021-02-07 19:48 - 2021-02-07 19:48 - 004325374 _____ C:\Users\tomasek\Downloads\mimiko.wfpproj
2021-02-07 19:22 - 2021-02-07 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare FilmoraPro
2021-02-07 19:22 - 2021-02-07 19:22 - 000001246 _____ C:\Users\tomasek\Desktop\Wondershare FilmoraPro.lnk
2021-02-07 19:21 - 2021-02-07 19:21 - 001245104 _____ C:\Users\tomasek\Downloads\filmorapro_setup_full4622.exe
2021-02-07 18:56 - 2021-02-07 18:56 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2021-02-07 18:40 - 2021-02-07 18:40 - 015991240 _____ C:\Users\tomasek\Downloads\mimi.mp4
2021-02-07 17:54 - 2021-02-07 17:54 - 003242191 _____ C:\Users\tomasek\Downloads\Fire Green Screen (2).mp4
2021-02-07 17:42 - 2021-02-07 17:42 - 201547282 _____ C:\Users\tomasek\Downloads\Rounded Neon Multicolored lines Background Looped Animation HD _ Free Version.mp4
2021-02-06 17:31 - 2021-02-06 17:31 - 102372728 _____ C:\Users\tomasek\Downloads\FilmoraX.zip
2021-02-06 17:22 - 2021-02-06 17:22 - 001113520 _____ C:\Users\tomasek\Downloads\filmora_setup_full846.exe
2021-02-06 17:12 - 2021-02-06 17:16 - 297860020 _____ C:\Users\tomasek\Downloads\_Getintopc.com_Wondershare_Filmora_v10.0.0.94x64_Multilingual.rar
2021-02-05 18:39 - 2021-02-05 18:39 - 004402258 _____ C:\Users\tomasek\Downloads\SEUS_PTGI_HRR_Test_2.1.zip
2021-02-05 17:05 - 2021-02-05 17:07 - 680987520 _____ C:\Users\tomasek\Downloads\LEGENDARY RT Textures RT8 1024x (1.16.5) (1).zip
2021-02-05 16:28 - 2021-02-05 16:29 - 032297616 _____ C:\Users\tomasek\Downloads\moderne house 123.rar
2021-02-05 16:16 - 2021-02-05 16:16 - 039037283 _____ C:\Users\tomasek\Downloads\Modern Mountain House.zip
2021-02-05 15:47 - 2021-02-05 16:00 - 000000000 ____D C:\Users\tomasek\AppData\Local\MusicMaker
2021-02-05 15:46 - 2021-02-27 13:08 - 000000000 ___RD C:\Users\tomasek\Documents\MAGIX
2021-02-05 15:46 - 2021-02-27 13:08 - 000000000 ____D C:\ProgramData\MAGIX
2021-02-05 15:46 - 2021-02-27 13:08 - 000000000 ____D C:\Program Files (x86)\MAGIX
2021-02-05 15:46 - 2021-02-10 21:15 - 000000574 _____ C:\Windows\Tasks\MAGIX PC Check & Tuning 2021 (PCMaintainService.exe).job
2021-02-05 15:46 - 2021-02-10 21:15 - 000000422 _____ C:\Windows\Tasks\MAGIX PC Check & Tuning 2021.job
2021-02-05 15:46 - 2021-02-05 15:46 - 000003128 _____ C:\Windows\system32\Tasks\MAGIX PC Check & Tuning 2021 (PCMaintainService.exe)
2021-02-05 15:46 - 2021-02-05 15:46 - 000002928 _____ C:\Windows\system32\Tasks\MAGIX PC Check & Tuning 2021
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\Users\tomasek\AppData\Local\QMxNetworkSync
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\ProgramData\simplitec
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\System optimization
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\Program Files\MAGIX
2021-02-05 15:46 - 2021-02-05 15:46 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services
2021-02-05 15:42 - 2021-02-27 13:08 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\MAGIX
2021-02-05 15:42 - 2021-02-05 15:42 - 000000000 ____D C:\Users\tomasek\Documents\MAGIX Downloads
2021-02-04 13:30 - 2021-02-04 13:30 - 004309452 _____ C:\Users\tomasek\Downloads\worldedit-forge-mc1.16.3-7.2.2-dist.jar
2021-02-03 22:14 - 2021-02-03 22:14 - 000000000 ____D C:\ProgramData\Intel
2021-02-03 22:13 - 2021-03-01 22:33 - 000000000 ____D C:\Intel
2021-02-03 22:13 - 2021-02-10 21:09 - 000000000 __SHD C:\Users\tomasek\IntelGraphicsProfiles
2021-02-03 22:13 - 2021-02-04 11:04 - 000000000 ____D C:\Users\tomasek\AppData\Local\Intel
2021-02-03 22:13 - 2021-02-03 22:13 - 000000000 ____D C:\Users\tomasek\AppData\LocalLow\Intel
2021-02-03 22:12 - 2021-02-03 22:12 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2021-02-03 21:06 - 2021-02-03 21:06 - 010699190 _____ C:\Users\tomasek\Downloads\R16 Textures 512x (umsoea).zip
2021-02-03 20:57 - 2021-02-03 20:57 - 008442059 _____ C:\Users\tomasek\Downloads\R17 Textures 512x (umsoea).zip
2021-02-03 20:39 - 2021-02-03 20:39 - 011282168 _____ C:\Users\tomasek\Downloads\! # §l§3Notro §l§5Fade (1).zip
2021-02-03 17:41 - 2021-02-03 17:41 - 003681747 _____ C:\Users\tomasek\Downloads\EXTRACT-JAR-INTO-MODS-FOLDER-for-1.12.2.zip
2021-02-03 15:27 - 2021-02-03 15:27 - 223713938 _____ C:\Users\tomasek\Downloads\miejojo512 v1.16.zip
2021-02-02 17:52 - 2021-02-06 10:58 - 000000004 _____ C:\ProgramData\rc.dat
2021-02-02 17:51 - 2021-02-06 10:58 - 000000004 _____ C:\ProgramData\lock.dat
2021-02-02 17:51 - 2021-02-05 10:28 - 000000100 _____ C:\ProgramData\lir.bats
2021-02-02 17:51 - 2021-02-02 17:51 - 000000008 _____ C:\ProgramData\ts.dat
2021-02-02 17:50 - 2021-02-06 10:49 - 000000000 ____D C:\ProgramData\TranslateService
2021-02-02 17:12 - 2021-02-10 21:16 - 000000000 ____D C:\Users\tomasek\AppData\Local\Secure File Deleter 6
2021-02-02 17:12 - 2021-02-10 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure File Deleter 6
2021-02-02 17:12 - 2021-02-02 17:13 - 000000000 ____D C:\GX Action Backup
2021-02-02 17:12 - 2014-04-03 20:22 - 000645592 _____ C:\Windows\SysWOW64\sqlite3.dll
2021-02-02 17:11 - 2021-01-19 16:33 - 008870184 ___RH (Glarysoft Ltd) C:\Users\tomasek\Desktop\tesetup.exe
2021-02-02 16:41 - 2021-02-02 16:41 - 003663753 _____ C:\Users\tomasek\Downloads\[1.12.2] Ultimate Immersion by Hunger_Legend.rar
2021-02-02 16:02 - 2021-02-02 16:04 - 680987520 _____ C:\Users\tomasek\Downloads\LEGENDARY RT Textures RT8 1024x (1.16.5).zip
2021-02-01 18:13 - 2021-02-04 19:04 - 000006410 _____ C:\Users\tomasek\Downloads\OCCT.config.json
2021-02-01 18:10 - 2021-02-01 18:10 - 018012912 _____ (OCCT - Ocbase - Adrien Mercier) C:\Users\tomasek\Downloads\OCCT7.3.0.exe
2021-02-01 18:09 - 2021-02-01 18:13 - 259708359 _____ (Unigine Corp. ) C:\Users\tomasek\Downloads\Unigine_Heaven-4.0.exe
2021-02-01 16:28 - 2021-02-01 16:28 - 282502470 _____ C:\Users\tomasek\Downloads\People.Playground.v1.13.1.rar
2021-01-31 14:50 - 2021-02-20 16:01 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\HandBrake
2021-01-31 14:49 - 2021-01-31 14:50 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2021-01-31 14:49 - 2021-01-31 14:50 - 000000000 ____D C:\Program Files\HandBrake
2021-01-31 14:49 - 2021-01-31 14:49 - 013534240 _____ C:\Users\tomasek\Downloads\HandBrake-1.3.3-x86_64-Win_GUI.exe
2021-01-31 14:49 - 2021-01-31 14:49 - 000000865 _____ C:\Users\tomasek\Desktop\HandBrake.lnk
2021-01-31 14:31 - 2021-01-31 14:31 - 015690862 _____ C:\Users\tomasek\Downloads\video (2).mkv
2021-01-31 14:23 - 2021-01-31 14:23 - 000150502 _____ C:\Users\tomasek\Downloads\Lucky blocky (mod) 1#.mp4.crdownload
2021-01-31 14:23 - 2021-01-31 14:23 - 000150502 _____ C:\Users\tomasek\Downloads\Lucky blocky (mod) 1#.mp4 (1).crdownload
2021-01-31 13:24 - 2021-01-31 13:24 - 001697661 _____ C:\Users\tomasek\Downloads\Lightning strike green screen.mp4
2021-01-31 13:21 - 2021-01-31 13:21 - 001161215 _____ C:\Users\tomasek\Downloads\Green Screen Lightning and Thunder Effect.mp4
2021-01-31 13:20 - 2021-01-31 13:20 - 027507576 _____ C:\Users\tomasek\Downloads\Lighting & Thunder Storm Green Screen Effects __ YTschool..mp4
2021-01-31 13:16 - 2021-01-31 13:16 - 000393344 _____ C:\Users\tomasek\Downloads\Green Screen Vs Text Style Effect.mp4
2021-01-31 11:17 - 2021-01-31 11:17 - 000001339 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lively Wallpaper.lnk
2021-01-31 11:17 - 2021-01-31 11:17 - 000001331 _____ C:\Users\tomasek\Desktop\Lively Wallpaper.lnk
2021-01-31 11:16 - 2021-01-31 11:17 - 193255194 _____ (rocksdanister ) C:\Users\tomasek\lively_setup_x86_full_v1180.exe
2021-01-31 11:16 - 2021-01-31 11:16 - 003544104 _____ C:\Users\tomasek\Downloads\video (1).mkv
2021-01-30 19:13 - 2021-01-30 19:13 - 000000345 _____ C:\Users\tomasek\Desktop\ARK Survival Evolved.url
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-01 22:38 - 2019-12-07 15:41 - 000682184 _____ C:\Windows\system32\perfh005.dat
2021-03-01 22:38 - 2019-12-07 15:41 - 000137000 _____ C:\Windows\system32\perfc005.dat
2021-03-01 22:38 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-03-01 22:38 - 2019-12-07 08:12 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-03-01 22:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-01 22:33 - 2020-12-16 15:48 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-03-01 22:33 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-03-01 22:33 - 2019-12-07 08:07 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-01 22:33 - 2019-12-07 08:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-03-01 22:31 - 2020-12-25 17:58 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1
2021-03-01 22:24 - 2020-12-26 22:45 - 000000000 ____D C:\Program Files (x86)\Bandicam.v4.1.3 ( CZ HanzyKisik )
2021-03-01 22:23 - 2019-12-07 08:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-03-01 21:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-03-01 20:48 - 2021-01-21 09:44 - 000004216 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0087AB00-A545-4531-AFE1-404CF38D4D3A}
2021-03-01 20:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-03-01 19:37 - 2020-12-24 20:47 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\audacity
2021-03-01 15:44 - 2020-12-24 20:26 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\.minecraft
2021-03-01 15:34 - 2020-12-16 15:57 - 000000000 ____D C:\Users\tomasek\AppData\Local\D3DSCache
2021-03-01 13:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-01 11:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-02-28 19:36 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek\AppData\Local\ConnectedDevicesPlatform
2021-02-28 19:25 - 2020-12-25 12:43 - 000000000 ____D C:\Users\tomasek\AppData\Local\SquirrelTemp
2021-02-28 17:33 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek
2021-02-28 12:56 - 2019-12-07 08:07 - 000483896 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-28 09:52 - 2020-12-27 10:51 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-27 16:10 - 2021-01-16 10:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-27 13:08 - 2020-12-17 10:20 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-27 12:14 - 2019-12-07 08:12 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2880034797-3857021402-3440946435-1001
2021-02-27 12:14 - 2019-12-07 08:12 - 000000000 ___RD C:\Users\tomasek\OneDrive
2021-02-27 12:14 - 2019-12-07 08:10 - 000002371 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-26 21:35 - 2021-01-17 20:14 - 000000256 _____ C:\Users\tomasek\AppData\LocalLow\rbxcsettings.rbx
2021-02-26 21:35 - 2021-01-17 20:14 - 000000000 ____D C:\Users\tomasek\AppData\Local\Roblox
2021-02-26 13:35 - 2021-01-05 14:26 - 000004226 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1609853199
2021-02-26 13:35 - 2021-01-05 14:26 - 000001415 _____ C:\Users\tomasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-02-26 11:27 - 2020-12-25 12:43 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\discord
2021-02-24 21:51 - 2021-01-07 14:28 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-02-24 15:30 - 2021-01-05 14:19 - 000000000 ____D C:\Users\tomasek\AppData\Local\GeometryDash
2021-02-24 15:05 - 2020-12-30 20:52 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\.tlauncher
2021-02-24 11:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-02-23 18:54 - 2021-01-07 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-02-23 18:53 - 2021-01-07 14:28 - 000000000 ____D C:\Program Files\Wondershare
2021-02-23 18:44 - 2020-12-16 15:57 - 000000000 ____D C:\Users\tomasek\AppData\Local\AMD
2021-02-22 11:17 - 2021-01-24 10:56 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-20 17:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2021-02-19 17:33 - 2020-12-25 13:26 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\lunarclient
2021-02-18 15:18 - 2021-01-22 14:57 - 000000000 ____D C:\Users\tomasek\AppData\Local\Voicemod
2021-02-18 15:14 - 2021-01-22 14:56 - 000000000 ____D C:\ProgramData\Voicemod
2021-02-17 13:54 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\Adobe
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Keywords
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-02-15 08:14 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-15 08:14 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-02-14 21:05 - 2020-12-24 20:26 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-02-14 20:13 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-02-14 20:08 - 2020-12-26 22:30 - 000000000 ____D C:\Windows\system32\MRT
2021-02-14 20:07 - 2020-12-26 20:37 - 130141752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-02-12 10:00 - 2019-12-07 08:07 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-02-08 20:07 - 2020-12-27 10:50 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-08 20:07 - 2020-12-27 10:50 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-07 19:22 - 2021-01-15 15:28 - 000000000 ____D C:\Users\tomasek\AppData\Local\cache
2021-02-07 19:22 - 2021-01-07 14:30 - 000000000 ____D C:\ProgramData\Wondershare
2021-02-07 19:22 - 2021-01-07 14:29 - 000000000 ____D C:\Users\tomasek\AppData\Local\Wondershare
2021-02-07 19:22 - 2021-01-07 14:28 - 000000000 ____D C:\Users\tomasek\Documents\Wondershare
2021-02-07 18:56 - 2020-12-26 22:37 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-07 18:56 - 2020-12-26 22:37 - 000000000 ____D C:\Program Files\Adobe
2021-02-07 17:07 - 2021-01-22 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voicemod Desktop
2021-02-07 17:07 - 2021-01-22 14:56 - 000000000 ____D C:\Program Files\Voicemod Desktop
2021-02-07 17:05 - 2021-01-01 19:17 - 000000000 ____D C:\Users\tomasek\Documents\Audacity
2021-02-05 20:04 - 2021-01-24 10:56 - 000734016 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2021-02-05 20:03 - 2021-01-24 10:56 - 000470848 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2021-02-05 15:47 - 2021-01-12 17:49 - 000000000 ____D C:\Users\tomasek\Documents\Image-Line
2021-02-05 15:40 - 2020-12-26 22:40 - 000000000 ____D C:\Users\tomasek\Documents\Adobe
2021-02-03 22:13 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek\AppData\Local\Publishers
2021-02-03 22:13 - 2019-12-07 08:10 - 000000000 ____D C:\Users\tomasek\AppData\Local\Packages
2021-02-03 22:13 - 2019-12-07 08:10 - 000000000 ____D C:\ProgramData\Packages
2021-02-01 18:16 - 2020-12-16 15:57 - 001065984 _____ C:\Users\tomasek\AppData\Local\file__0.localstorage
2021-02-01 18:07 - 2020-12-26 01:26 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\HD Tune Pro
2021-01-31 14:44 - 2020-12-30 11:50 - 000000000 ____D C:\Users\tomasek\AppData\Roaming\LGHUB
2021-01-31 14:44 - 2020-12-30 11:50 - 000000000 ____D C:\Users\tomasek\AppData\Local\LGHUB
==================== Files in the root of some directories ========
2021-02-02 17:51 - 2021-02-06 10:58 - 000000004 _____ () C:\ProgramData\lock.dat
2021-02-02 17:52 - 2021-02-06 10:58 - 000000004 _____ () C:\ProgramData\rc.dat
2021-02-02 17:51 - 2021-02-02 17:51 - 000000008 _____ () C:\ProgramData\ts.dat
2021-01-31 11:16 - 2021-01-31 11:17 - 193255194 _____ (rocksdanister ) C:\Users\tomasek\lively_setup_x86_full_v1180.exe
2021-02-22 19:07 - 2021-02-22 19:16 - 3240346760 _____ () C:\Users\tomasek\AppData\Roaming\10.txt
2021-02-22 19:07 - 2021-02-23 11:28 - 2257350816 _____ () C:\Users\tomasek\AppData\Roaming\2.txt
2021-02-22 19:07 - 2021-02-23 09:38 - 1570849912 _____ () C:\Users\tomasek\AppData\Roaming\3.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\4.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\5.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\6.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\7.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\8.txt
2021-02-22 19:07 - 2021-02-22 19:13 - 1437435000 _____ () C:\Users\tomasek\AppData\Roaming\9.txt
2020-12-30 17:38 - 2020-12-30 17:38 - 000000000 _____ () C:\Users\tomasek\AppData\Roaming\90e410a49ea95c18085aaf88ebbf8100.tmp
2021-02-20 08:41 - 2021-02-20 09:04 - 000000209 _____ () C:\Users\tomasek\AppData\Roaming\jjv5conf.json
2021-01-03 13:28 - 2021-01-03 13:28 - 000000015 _____ () C:\Users\tomasek\AppData\Roaming\obs-virtualcam.txt
2020-12-16 15:57 - 2021-02-01 18:16 - 001065984 _____ () C:\Users\tomasek\AppData\Local\file__0.localstorage
2021-02-20 19:58 - 2021-02-24 14:44 - 000000037 _____ () C:\Users\tomasek\AppData\Local\link.txt
2021-02-18 12:50 - 2021-02-19 21:56 - 000016438 _____ () C:\Users\tomasek\AppData\Local\partner.bmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
