Re: Zavirované PC - pomoc s odvirováním
Napsal: 02 zář 2020 23:59
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2020
Ran by Ziharna (administrator) on ZIHARNA-PC (LENOVO 7484W6F) (02-09-2020 23:54:35)
Running from C:\Users\Ziharna\Desktop
Loaded Profiles: Ziharna
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKU\S-1-5-21-711302050-3009418862-4191154230-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-711302050-3009418862-4191154230-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-711302050-3009418862-4191154230-1000\...\Run: [Steam] => "C:\programy\Steam\steam.exe" -silent
HKU\S-1-5-21-711302050-3009418862-4191154230-1000\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\Installer\chrmstp.exe [2020-08-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11B5A0BB-56C4-4030-AF9D-692473EB94BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1B3DF706-BAFA-4E5F-A7E5-ACDDD38E022C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23204E7E-E022-4F8F-8DB7-D341D792F9F8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {29DBE9AF-C9BE-467B-B8EC-1C237EF49526} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {327FFDAE-955B-4392-BED0-D2BBB9F406EF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {768D07EA-2E13-4499-8F30-9D367F1130EE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DBC8897-13D0-4EFF-AE97-F3B5471948DD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DC9206D-0AC3-4DD7-B2D3-12B4DE516E68} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2019-04-16] () [File not signed]
Task: {80C76656-9C98-4B3F-B114-1A60CBBFC273} - System32\Tasks\{9A32986E-6E87-4122-9F6F-3161DE55706E} => C:\Windows\system32\pcalua.exe -a "C:\programy\Stronghold Legends\GameuxInstall.exe" -d "C:\programy\Stronghold Legends"
Task: {816B2E9E-1D98-4222-9675-245A5EF1F5D7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8A5F7543-D364-4A63-845F-0E2E88C43EEE} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {90969E64-7099-4AA3-859A-BB090174E427} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-03] (Google Inc -> Google LLC)
Task: {AB857D2D-D83B-4910-96EC-51928CFECA7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-03] (Google Inc -> Google LLC)
Task: {C4EB1CE0-ED6E-40D8-BD6C-0D03843AB8F7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE6FC058-8977-4087-B813-59EADBF19C60} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D94215ED-9B10-4DDB-A53E-8B0DC1A34E44} - System32\Tasks\AdobeAAMUpdater-1.0-Ziharna-PC-Ziharna => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E03709DB-7828-45E5-BAE7-18E417094F14} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [24173480 2020-08-26] (GridinSoft, LLC -> Gridinsoft LLC)
Task: {FBDCE1A9-6049-4AAD-9FC5-010AEB620114} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{49EA9F4A-9E18-41BA-91C1-71AEBF4A301D}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{EA36C962-446D-4F78-BF8F-9EF002477001}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-711302050-3009418862-4191154230-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Ziharna\AppData\Local\Google\Chrome\User Data\Default [2020-09-02]
CHR Extension: (McAfee® Web Boost) - C:\Users\Ziharna\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2020-08-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ziharna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-31]
CHR Extension: (Chrome Media Router) - C:\Users\Ziharna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-08-31]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [529568 2020-03-04] (Gameforge 4D GmbH -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\MBAMService.exe [7138296 2020-08-25] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13599288 2020-08-24] (Adlice -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-08-31] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 DLPortIO; C:\Windows\SysWOW64\DRIVERS\DLPortIO.SYS [3584 2000-06-29] () [File not signed]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 GridinSoftInetSecurityDriver; C:\Windows\System32\DRIVERS\gsInetSecurity.sys [107784 2020-08-18] (GridinSoft, LLC -> GridinSoft LLC)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2019-10-13] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
S0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-08-25] (Malwarebytes Inc -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R1 MpKslDrv; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F7405357-EABF-44B3-B367-7F3EE2AE2F63}\MpKslDrv.sys [78056 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [393880 2019-04-07] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [38216 2020-08-18] (GridinSoft, LLC -> GridinSoft LLC)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R1 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\WinRing0\WinRing0x64.sys [14536 2019-06-24] (EVGA -> OpenLibSys.org)
U3 a2thwwq1; C:\Windows\System32\Drivers\a2thwwq1.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U3 ahb42i4f; no ImagePath
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-02 23:54 - 2020-09-02 23:55 - 000015500 _____ C:\Users\Ziharna\Desktop\FRST.txt
2020-09-02 23:54 - 2020-09-02 23:55 - 000000000 ____D C:\FRST
2020-09-02 23:51 - 2020-09-02 23:51 - 002298880 _____ (Farbar) C:\Users\Ziharna\Desktop\FRST64.exe
2020-09-01 22:43 - 2020-09-01 22:43 - 000000000 ____D C:\Users\Ziharna\Downloads\emsisoft_decrypter
2020-09-01 22:36 - 2020-09-01 22:42 - 058286335 _____ C:\Users\Ziharna\Downloads\emsisoft_decrypter.zip
2020-09-01 22:34 - 2020-09-01 22:34 - 000000000 ____D C:\Users\Ziharna\Downloads\backups
2020-08-31 10:47 - 2020-08-31 10:48 - 011029532 _____ C:\Users\Ziharna\Downloads\asetup_gridinsoft-anti-malware-4.1_9005953902550.zip
2020-08-31 10:21 - 2020-09-02 07:21 - 000003236 _____ C:\Windows\system32\Tasks\GridinSoft Anti-Malware
2020-08-31 10:21 - 2020-08-31 10:42 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2020-08-31 10:21 - 2020-08-31 10:21 - 000000893 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2020-08-31 10:21 - 2020-08-31 10:21 - 000000893 _____ C:\ProgramData\Desktop\GridinSoft Anti-Malware.lnk
2020-08-31 10:21 - 2020-08-31 10:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2020-08-31 10:21 - 2020-08-31 10:21 - 000000000 ____D C:\ProgramData\GridinSoft
2020-08-31 10:19 - 2020-08-31 10:19 - 000989584 _____ (GridinSoft LLC) C:\Users\Ziharna\Downloads\install-antimalware-fix.exe
2020-08-31 08:05 - 2020-09-02 23:55 - 000172158 _____ C:\Windows\ZAM.krnl.trace
2020-08-31 08:05 - 2020-08-31 08:05 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-08-31 08:05 - 2020-08-31 08:05 - 000003478 _____ C:\Windows\system32\Tasks\AMHelper
2020-08-31 08:05 - 2020-08-31 08:05 - 000001256 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-08-31 08:05 - 2020-08-31 08:05 - 000001256 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-08-31 08:05 - 2020-08-31 08:05 - 000000000 ____D C:\Users\Ziharna\AppData\Local\Zemana
2020-08-31 08:05 - 2020-08-31 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-08-31 08:05 - 2020-08-31 08:05 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-08-31 08:04 - 2020-08-31 08:05 - 000000000 ____D C:\Users\Ziharna\AppData\Local\AMSDK
2020-08-31 07:51 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-08-31 07:26 - 2020-08-31 07:47 - 000000000 ____D C:\zoek_backup
2020-08-31 07:24 - 2020-08-31 07:24 - 012795472 _____ (Zemana Ltd. ) C:\Users\Ziharna\Desktop\AntiMalware_Setup.exe
2020-08-31 07:23 - 2020-08-31 07:23 - 002038755 _____ C:\Users\Ziharna\Desktop\zoek.exe
2020-08-29 22:31 - 2020-08-29 22:31 - 003748870 _____ C:\Users\Ziharna\Downloads\strings.zip
2020-08-28 00:10 - 2020-08-28 00:10 - 004196729 _____ C:\Users\Ziharna\Downloads\R. S. Sharma - 2 knihy - Mnich, který prodal své ferrari, Juliánova cesta aneb putování s Mnichem, který prodal své ferrari(2001-2010)(Cz).zip
2020-08-28 00:10 - 2017-01-09 15:23 - 000212251 _____ C:\Users\Ziharna\Downloads\1. R. S. Sharma - Mnich, který prodal své ferrari.pdb
2020-08-28 00:10 - 2017-01-09 15:22 - 000346108 _____ C:\Users\Ziharna\Downloads\1. R. S. Sharma - Mnich, který prodal své ferrari.mobi
2020-08-28 00:10 - 2017-01-09 15:22 - 000239203 _____ C:\Users\Ziharna\Downloads\1. R. S. Sharma - Mnich, který prodal své ferrari.epub
2020-08-28 00:10 - 2017-01-09 15:21 - 001342830 _____ C:\Users\Ziharna\Downloads\1. R. S. Sharma - Mnich, který prodal své ferrari.pdf
2020-08-28 00:10 - 2017-01-09 15:12 - 000250878 _____ C:\Users\Ziharna\Downloads\2. R. S. Sharma - Juliánova cesta aneb putování s Mnichem, který prodal své ferrari.pdb
2020-08-28 00:10 - 2017-01-09 15:11 - 000414321 _____ C:\Users\Ziharna\Downloads\2. R. S. Sharma - Juliánova cesta aneb putování s Mnichem, který prodal své ferrari.mobi
2020-08-28 00:10 - 2017-01-09 15:11 - 000258562 _____ C:\Users\Ziharna\Downloads\2. R. S. Sharma - Juliánova cesta aneb putování s Mnichem, který prodal své ferrari.epub
2020-08-28 00:10 - 2017-01-09 14:55 - 000997418 _____ C:\Users\Ziharna\Downloads\2. R. S. Sharma - Juliánova cesta aneb putování s Mnichem, který prodal své ferrari.pdf
2020-08-28 00:08 - 2020-08-28 00:08 - 000997418 _____ C:\Users\Ziharna\Downloads\Robin-S.-Sharma---Juliánova-cesta-aneb-putování-s-Mnichem,-který-prodal-své-ferrari..pdf
2020-08-28 00:08 - 2020-08-28 00:08 - 000000000 ____D C:\Users\Ziharna\Downloads\Robin S. Sharma - Mnich, který prodal své ferrari
2020-08-27 21:36 - 2020-08-27 21:36 - 000000000 ____D C:\ProgramData\Sophos
2020-08-27 21:34 - 2020-08-27 21:34 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-08-27 21:34 - 2020-08-27 21:34 - 000002759 _____ C:\ProgramData\Desktop\Sophos Virus Removal Tool.lnk
2020-08-27 21:34 - 2020-08-27 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-08-27 21:34 - 2020-08-27 21:34 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-08-27 19:21 - 2020-08-27 19:25 - 206758184 _____ (Sophos Limited) C:\Users\Ziharna\Downloads\Sophos Virus Removal Tool.exe
2020-08-27 14:16 - 2020-08-27 14:16 - 000001931 _____ C:\Users\Ziharna\Downloads\JRT.txt
2020-08-27 14:06 - 2020-08-27 14:06 - 000001931 _____ C:\Users\Ziharna\Desktop\JRT.txt
2020-08-27 14:01 - 2020-08-27 14:01 - 001790024 _____ (Malwarebytes) C:\Users\Ziharna\Desktop\JRT.exe
2020-08-27 14:01 - 2020-08-27 14:01 - 000001667 _____ C:\Users\Ziharna\Downloads\aaa.txt
2020-08-26 21:55 - 2020-08-26 21:58 - 000000000 ____D C:\AdwCleaner
2020-08-26 21:53 - 2020-08-26 21:53 - 000000000 ____D C:\Users\Ziharna\AppData\Local\Adobe
2020-08-26 21:44 - 2020-08-26 21:44 - 008414384 _____ (Malwarebytes) C:\Users\Ziharna\Desktop\adwcleaner_8.0.7.exe
2020-08-26 21:43 - 2020-08-26 21:43 - 000448512 _____ (OldTimer Tools) C:\Users\Ziharna\Downloads\TFC.exe
2020-08-26 21:43 - 2020-08-26 21:43 - 000050688 _____ (Atribune.org) C:\Users\Ziharna\Downloads\ATF-Cleaner.exe
2020-08-26 14:55 - 2020-08-26 14:55 - 000000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-08-26 14:55 - 2020-08-26 14:55 - 000000858 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-08-26 14:55 - 2020-08-26 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-08-26 14:55 - 2020-08-26 14:55 - 000000000 ____D C:\Program Files\RogueKiller
2020-08-26 14:53 - 2020-08-26 14:54 - 040337176 _____ (Adlice Software ) C:\Users\Ziharna\Downloads\RogueKiller_setup.exe
2020-08-25 13:36 - 2020-08-25 13:37 - 000388608 _____ (Trend Micro Inc.) C:\Users\Ziharna\Downloads\hijackthis.exe
2020-08-25 08:18 - 2020-08-25 08:26 - 000000000 ____D C:\elsawin2013
2020-08-25 07:21 - 2020-09-02 07:42 - 000000000 ____D C:\Users\Ziharna\AppData\LocalLow\IGDump
2020-08-25 07:20 - 2020-08-25 07:20 - 000000000 ____D C:\Users\Ziharna\AppData\Local\mbam
2020-08-25 07:19 - 2020-08-25 07:19 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-08-25 07:19 - 2020-08-25 07:19 - 000001775 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-25 07:19 - 2020-08-25 07:19 - 000001763 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-25 07:19 - 2020-08-25 07:19 - 000001763 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-08-25 07:19 - 2020-08-25 07:18 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-08-25 07:18 - 2020-08-25 07:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-25 07:17 - 2020-09-02 21:30 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-23 21:58 - 2020-08-23 21:58 - 000001116 _____ C:\Users\Ziharna\_readme.txt
2020-08-23 21:57 - 2020-08-23 21:58 - 000000000 ____D C:\Users\Ziharna\AppData\LocalLow\3098htrhpen8ifg0
2020-08-23 21:56 - 2020-08-23 22:11 - 000000000 ____D C:\Windows\SysWOW64\denmepax
2020-08-23 21:56 - 2020-08-23 21:56 - 000000000 ____D C:\SystemID
2020-08-23 00:10 - 2020-08-23 00:10 - 000000000 ____D C:\Users\Ziharna\Downloads\seattoledo-manual
2020-08-18 14:50 - 2020-08-18 14:50 - 000107784 _____ (GridinSoft LLC) C:\Windows\system32\Drivers\gsInetSecurity.sys
2020-08-18 14:50 - 2020-08-18 14:50 - 000038216 _____ (GridinSoft LLC) C:\Windows\system32\Drivers\gtkdrv.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-02 12:25 - 2020-05-31 18:16 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-02 07:30 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-09-02 07:30 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-09-02 07:21 - 2020-06-09 21:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-09-02 07:20 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-01 23:23 - 2019-04-07 06:11 - 000000000 ____D C:\Users\Public\Documents\Pinnacle
2020-09-01 23:23 - 2019-04-07 06:11 - 000000000 ____D C:\ProgramData\Documents\Pinnacle
2020-09-01 23:23 - 2019-04-03 16:33 - 000000000 ____D C:\programy
2020-08-31 10:43 - 2019-04-04 22:13 - 000000000 ____D C:\Users\Ziharna\AppData\Roaming\uTorrent
2020-08-31 07:53 - 2019-06-06 15:50 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-08-31 07:47 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2020-08-31 07:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-08-29 22:03 - 2019-11-06 10:44 - 000000000 ____D C:\Users\Ziharna\AppData\Roaming\Notepad++
2020-08-28 00:30 - 2020-07-16 14:27 - 000000000 ____D C:\Users\Ziharna\Downloads\Martin Svatba Faruga
2020-08-26 14:09 - 2019-10-24 05:30 - 000000000 ____D C:\Windows\pss
2020-08-26 13:54 - 2019-04-03 16:00 - 000000000 ____D C:\Users\Ziharna\AppData\Local\VirtualStore
2020-08-25 07:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-08-25 06:49 - 2020-06-09 21:13 - 000000000 ____D C:\Users\Ziharna\AppData\Roaming\TeamViewer
2020-08-24 04:48 - 2019-04-03 16:27 - 000000000 ____D C:\Users\Ziharna\AppData\Roaming\vlc
2020-08-23 22:36 - 2010-11-21 11:27 - 000668640 _____ C:\Windows\system32\perfh005.dat
2020-08-23 22:36 - 2010-11-21 11:27 - 000141300 _____ C:\Windows\system32\perfc005.dat
2020-08-23 22:36 - 2009-07-14 07:13 - 001583642 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-23 22:26 - 2019-04-03 16:02 - 000000000 ____D C:\Users\Ziharna\AppData\Local\Google
2020-08-23 22:00 - 2019-10-28 18:57 - 000000482 _____ C:\Users\Ziharna\GrblController.log.boop
2020-08-23 22:00 - 2019-04-03 15:59 - 000000000 ____D C:\Users\Ziharna
2020-08-20 18:48 - 2019-04-03 16:02 - 000000000 ____D C:\Program Files (x86)\Google
2020-08-20 00:45 - 2020-05-31 21:05 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-08-20 00:45 - 2020-05-31 21:05 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-08-20 00:45 - 2019-04-03 16:03 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories ========
2019-08-19 08:16 - 2019-09-04 09:03 - 000033661 _____ () C:\Users\Ziharna\AppData\Roaming\downloads.json
2019-12-18 02:58 - 2019-12-18 02:58 - 000000882 _____ () C:\Users\Ziharna\AppData\Local\recently-used.xbel
2019-11-13 00:11 - 2020-07-18 05:48 - 000007605 _____ () C:\Users\Ziharna\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-08-25 00:46
==================== End of FRST.txt ========================
Ran by Ziharna (administrator) on ZIHARNA-PC (LENOVO 7484W6F) (02-09-2020 23:54:35)
Running from C:\Users\Ziharna\Desktop
Loaded Profiles: Ziharna
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKU\S-1-5-21-711302050-3009418862-4191154230-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-711302050-3009418862-4191154230-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-711302050-3009418862-4191154230-1000\...\Run: [Steam] => "C:\programy\Steam\steam.exe" -silent
HKU\S-1-5-21-711302050-3009418862-4191154230-1000\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\Installer\chrmstp.exe [2020-08-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11B5A0BB-56C4-4030-AF9D-692473EB94BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1B3DF706-BAFA-4E5F-A7E5-ACDDD38E022C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23204E7E-E022-4F8F-8DB7-D341D792F9F8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {29DBE9AF-C9BE-467B-B8EC-1C237EF49526} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {327FFDAE-955B-4392-BED0-D2BBB9F406EF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {768D07EA-2E13-4499-8F30-9D367F1130EE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DBC8897-13D0-4EFF-AE97-F3B5471948DD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DC9206D-0AC3-4DD7-B2D3-12B4DE516E68} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2019-04-16] () [File not signed]
Task: {80C76656-9C98-4B3F-B114-1A60CBBFC273} - System32\Tasks\{9A32986E-6E87-4122-9F6F-3161DE55706E} => C:\Windows\system32\pcalua.exe -a "C:\programy\Stronghold Legends\GameuxInstall.exe" -d "C:\programy\Stronghold Legends"
Task: {816B2E9E-1D98-4222-9675-245A5EF1F5D7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8A5F7543-D364-4A63-845F-0E2E88C43EEE} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {90969E64-7099-4AA3-859A-BB090174E427} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-03] (Google Inc -> Google LLC)
Task: {AB857D2D-D83B-4910-96EC-51928CFECA7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-03] (Google Inc -> Google LLC)
Task: {C4EB1CE0-ED6E-40D8-BD6C-0D03843AB8F7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE6FC058-8977-4087-B813-59EADBF19C60} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D94215ED-9B10-4DDB-A53E-8B0DC1A34E44} - System32\Tasks\AdobeAAMUpdater-1.0-Ziharna-PC-Ziharna => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E03709DB-7828-45E5-BAE7-18E417094F14} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [24173480 2020-08-26] (GridinSoft, LLC -> Gridinsoft LLC)
Task: {FBDCE1A9-6049-4AAD-9FC5-010AEB620114} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{49EA9F4A-9E18-41BA-91C1-71AEBF4A301D}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{EA36C962-446D-4F78-BF8F-9EF002477001}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-711302050-3009418862-4191154230-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Ziharna\AppData\Local\Google\Chrome\User Data\Default [2020-09-02]
CHR Extension: (McAfee® Web Boost) - C:\Users\Ziharna\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2020-08-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ziharna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-31]
CHR Extension: (Chrome Media Router) - C:\Users\Ziharna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-08-31]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [529568 2020-03-04] (Gameforge 4D GmbH -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\MBAMService.exe [7138296 2020-08-25] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13599288 2020-08-24] (Adlice -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-08-31] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 DLPortIO; C:\Windows\SysWOW64\DRIVERS\DLPortIO.SYS [3584 2000-06-29] () [File not signed]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 GridinSoftInetSecurityDriver; C:\Windows\System32\DRIVERS\gsInetSecurity.sys [107784 2020-08-18] (GridinSoft, LLC -> GridinSoft LLC)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2019-10-13] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
S0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-08-25] (Malwarebytes Inc -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R1 MpKslDrv; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F7405357-EABF-44B3-B367-7F3EE2AE2F63}\MpKslDrv.sys [78056 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [393880 2019-04-07] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [38216 2020-08-18] (GridinSoft, LLC -> GridinSoft LLC)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R1 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\WinRing0\WinRing0x64.sys [14536 2019-06-24] (EVGA -> OpenLibSys.org)
U3 a2thwwq1; C:\Windows\System32\Drivers\a2thwwq1.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U3 ahb42i4f; no ImagePath
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-02 23:54 - 2020-09-02 23:55 - 000015500 _____ C:\Users\Ziharna\Desktop\FRST.txt
2020-09-02 23:54 - 2020-09-02 23:55 - 000000000 ____D C:\FRST
2020-09-02 23:51 - 2020-09-02 23:51 - 002298880 _____ (Farbar) C:\Users\Ziharna\Desktop\FRST64.exe
2020-09-01 22:43 - 2020-09-01 22:43 - 000000000 ____D C:\Users\Ziharna\Downloads\emsisoft_decrypter
2020-09-01 22:36 - 2020-09-01 22:42 - 058286335 _____ C:\Users\Ziharna\Downloads\emsisoft_decrypter.zip
2020-09-01 22:34 - 2020-09-01 22:34 - 000000000 ____D C:\Users\Ziharna\Downloads\backups
2020-08-31 10:47 - 2020-08-31 10:48 - 011029532 _____ C:\Users\Ziharna\Downloads\asetup_gridinsoft-anti-malware-4.1_9005953902550.zip
2020-08-31 10:21 - 2020-09-02 07:21 - 000003236 _____ C:\Windows\system32\Tasks\GridinSoft Anti-Malware
2020-08-31 10:21 - 2020-08-31 10:42 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2020-08-31 10:21 - 2020-08-31 10:21 - 000000893 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2020-08-31 10:21 - 2020-08-31 10:21 - 000000893 _____ C:\ProgramData\Desktop\GridinSoft Anti-Malware.lnk
2020-08-31 10:21 - 2020-08-31 10:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2020-08-31 10:21 - 2020-08-31 10:21 - 000000000 ____D C:\ProgramData\GridinSoft
2020-08-31 10:19 - 2020-08-31 10:19 - 000989584 _____ (GridinSoft LLC) C:\Users\Ziharna\Downloads\install-antimalware-fix.exe
2020-08-31 08:05 - 2020-09-02 23:55 - 000172158 _____ C:\Windows\ZAM.krnl.trace
2020-08-31 08:05 - 2020-08-31 08:05 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-08-31 08:05 - 2020-08-31 08:05 - 000003478 _____ C:\Windows\system32\Tasks\AMHelper
2020-08-31 08:05 - 2020-08-31 08:05 - 000001256 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-08-31 08:05 - 2020-08-31 08:05 - 000001256 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-08-31 08:05 - 2020-08-31 08:05 - 000000000 ____D C:\Users\Ziharna\AppData\Local\Zemana
2020-08-31 08:05 - 2020-08-31 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-08-31 08:05 - 2020-08-31 08:05 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-08-31 08:04 - 2020-08-31 08:05 - 000000000 ____D C:\Users\Ziharna\AppData\Local\AMSDK
2020-08-31 07:51 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-08-31 07:26 - 2020-08-31 07:47 - 000000000 ____D C:\zoek_backup
2020-08-31 07:24 - 2020-08-31 07:24 - 012795472 _____ (Zemana Ltd. ) C:\Users\Ziharna\Desktop\AntiMalware_Setup.exe
2020-08-31 07:23 - 2020-08-31 07:23 - 002038755 _____ C:\Users\Ziharna\Desktop\zoek.exe
2020-08-29 22:31 - 2020-08-29 22:31 - 003748870 _____ C:\Users\Ziharna\Downloads\strings.zip
2020-08-28 00:10 - 2020-08-28 00:10 - 004196729 _____ C:\Users\Ziharna\Downloads\R. S. Sharma - 2 knihy - Mnich, který prodal své ferrari, Juliánova cesta aneb putování s Mnichem, který prodal své ferrari(2001-2010)(Cz).zip
2020-08-28 00:10 - 2017-01-09 15:23 - 000212251 _____ C:\Users\Ziharna\Downloads\1. R. S. Sharma - Mnich, který prodal své ferrari.pdb
2020-08-28 00:10 - 2017-01-09 15:22 - 000346108 _____ C:\Users\Ziharna\Downloads\1. R. S. Sharma - Mnich, který prodal své ferrari.mobi
2020-08-28 00:10 - 2017-01-09 15:22 - 000239203 _____ C:\Users\Ziharna\Downloads\1. R. S. Sharma - Mnich, který prodal své ferrari.epub
2020-08-28 00:10 - 2017-01-09 15:21 - 001342830 _____ C:\Users\Ziharna\Downloads\1. R. S. Sharma - Mnich, který prodal své ferrari.pdf
2020-08-28 00:10 - 2017-01-09 15:12 - 000250878 _____ C:\Users\Ziharna\Downloads\2. R. S. Sharma - Juliánova cesta aneb putování s Mnichem, který prodal své ferrari.pdb
2020-08-28 00:10 - 2017-01-09 15:11 - 000414321 _____ C:\Users\Ziharna\Downloads\2. R. S. Sharma - Juliánova cesta aneb putování s Mnichem, který prodal své ferrari.mobi
2020-08-28 00:10 - 2017-01-09 15:11 - 000258562 _____ C:\Users\Ziharna\Downloads\2. R. S. Sharma - Juliánova cesta aneb putování s Mnichem, který prodal své ferrari.epub
2020-08-28 00:10 - 2017-01-09 14:55 - 000997418 _____ C:\Users\Ziharna\Downloads\2. R. S. Sharma - Juliánova cesta aneb putování s Mnichem, který prodal své ferrari.pdf
2020-08-28 00:08 - 2020-08-28 00:08 - 000997418 _____ C:\Users\Ziharna\Downloads\Robin-S.-Sharma---Juliánova-cesta-aneb-putování-s-Mnichem,-který-prodal-své-ferrari..pdf
2020-08-28 00:08 - 2020-08-28 00:08 - 000000000 ____D C:\Users\Ziharna\Downloads\Robin S. Sharma - Mnich, který prodal své ferrari
2020-08-27 21:36 - 2020-08-27 21:36 - 000000000 ____D C:\ProgramData\Sophos
2020-08-27 21:34 - 2020-08-27 21:34 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-08-27 21:34 - 2020-08-27 21:34 - 000002759 _____ C:\ProgramData\Desktop\Sophos Virus Removal Tool.lnk
2020-08-27 21:34 - 2020-08-27 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-08-27 21:34 - 2020-08-27 21:34 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-08-27 19:21 - 2020-08-27 19:25 - 206758184 _____ (Sophos Limited) C:\Users\Ziharna\Downloads\Sophos Virus Removal Tool.exe
2020-08-27 14:16 - 2020-08-27 14:16 - 000001931 _____ C:\Users\Ziharna\Downloads\JRT.txt
2020-08-27 14:06 - 2020-08-27 14:06 - 000001931 _____ C:\Users\Ziharna\Desktop\JRT.txt
2020-08-27 14:01 - 2020-08-27 14:01 - 001790024 _____ (Malwarebytes) C:\Users\Ziharna\Desktop\JRT.exe
2020-08-27 14:01 - 2020-08-27 14:01 - 000001667 _____ C:\Users\Ziharna\Downloads\aaa.txt
2020-08-26 21:55 - 2020-08-26 21:58 - 000000000 ____D C:\AdwCleaner
2020-08-26 21:53 - 2020-08-26 21:53 - 000000000 ____D C:\Users\Ziharna\AppData\Local\Adobe
2020-08-26 21:44 - 2020-08-26 21:44 - 008414384 _____ (Malwarebytes) C:\Users\Ziharna\Desktop\adwcleaner_8.0.7.exe
2020-08-26 21:43 - 2020-08-26 21:43 - 000448512 _____ (OldTimer Tools) C:\Users\Ziharna\Downloads\TFC.exe
2020-08-26 21:43 - 2020-08-26 21:43 - 000050688 _____ (Atribune.org) C:\Users\Ziharna\Downloads\ATF-Cleaner.exe
2020-08-26 14:55 - 2020-08-26 14:55 - 000000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-08-26 14:55 - 2020-08-26 14:55 - 000000858 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-08-26 14:55 - 2020-08-26 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-08-26 14:55 - 2020-08-26 14:55 - 000000000 ____D C:\Program Files\RogueKiller
2020-08-26 14:53 - 2020-08-26 14:54 - 040337176 _____ (Adlice Software ) C:\Users\Ziharna\Downloads\RogueKiller_setup.exe
2020-08-25 13:36 - 2020-08-25 13:37 - 000388608 _____ (Trend Micro Inc.) C:\Users\Ziharna\Downloads\hijackthis.exe
2020-08-25 08:18 - 2020-08-25 08:26 - 000000000 ____D C:\elsawin2013
2020-08-25 07:21 - 2020-09-02 07:42 - 000000000 ____D C:\Users\Ziharna\AppData\LocalLow\IGDump
2020-08-25 07:20 - 2020-08-25 07:20 - 000000000 ____D C:\Users\Ziharna\AppData\Local\mbam
2020-08-25 07:19 - 2020-08-25 07:19 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-08-25 07:19 - 2020-08-25 07:19 - 000001775 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-25 07:19 - 2020-08-25 07:19 - 000001763 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-25 07:19 - 2020-08-25 07:19 - 000001763 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-08-25 07:19 - 2020-08-25 07:18 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-08-25 07:18 - 2020-08-25 07:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-25 07:17 - 2020-09-02 21:30 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-23 21:58 - 2020-08-23 21:58 - 000001116 _____ C:\Users\Ziharna\_readme.txt
2020-08-23 21:57 - 2020-08-23 21:58 - 000000000 ____D C:\Users\Ziharna\AppData\LocalLow\3098htrhpen8ifg0
2020-08-23 21:56 - 2020-08-23 22:11 - 000000000 ____D C:\Windows\SysWOW64\denmepax
2020-08-23 21:56 - 2020-08-23 21:56 - 000000000 ____D C:\SystemID
2020-08-23 00:10 - 2020-08-23 00:10 - 000000000 ____D C:\Users\Ziharna\Downloads\seattoledo-manual
2020-08-18 14:50 - 2020-08-18 14:50 - 000107784 _____ (GridinSoft LLC) C:\Windows\system32\Drivers\gsInetSecurity.sys
2020-08-18 14:50 - 2020-08-18 14:50 - 000038216 _____ (GridinSoft LLC) C:\Windows\system32\Drivers\gtkdrv.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-02 12:25 - 2020-05-31 18:16 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-02 07:30 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-09-02 07:30 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-09-02 07:21 - 2020-06-09 21:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-09-02 07:20 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-01 23:23 - 2019-04-07 06:11 - 000000000 ____D C:\Users\Public\Documents\Pinnacle
2020-09-01 23:23 - 2019-04-07 06:11 - 000000000 ____D C:\ProgramData\Documents\Pinnacle
2020-09-01 23:23 - 2019-04-03 16:33 - 000000000 ____D C:\programy
2020-08-31 10:43 - 2019-04-04 22:13 - 000000000 ____D C:\Users\Ziharna\AppData\Roaming\uTorrent
2020-08-31 07:53 - 2019-06-06 15:50 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-08-31 07:47 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2020-08-31 07:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-08-29 22:03 - 2019-11-06 10:44 - 000000000 ____D C:\Users\Ziharna\AppData\Roaming\Notepad++
2020-08-28 00:30 - 2020-07-16 14:27 - 000000000 ____D C:\Users\Ziharna\Downloads\Martin Svatba Faruga
2020-08-26 14:09 - 2019-10-24 05:30 - 000000000 ____D C:\Windows\pss
2020-08-26 13:54 - 2019-04-03 16:00 - 000000000 ____D C:\Users\Ziharna\AppData\Local\VirtualStore
2020-08-25 07:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-08-25 06:49 - 2020-06-09 21:13 - 000000000 ____D C:\Users\Ziharna\AppData\Roaming\TeamViewer
2020-08-24 04:48 - 2019-04-03 16:27 - 000000000 ____D C:\Users\Ziharna\AppData\Roaming\vlc
2020-08-23 22:36 - 2010-11-21 11:27 - 000668640 _____ C:\Windows\system32\perfh005.dat
2020-08-23 22:36 - 2010-11-21 11:27 - 000141300 _____ C:\Windows\system32\perfc005.dat
2020-08-23 22:36 - 2009-07-14 07:13 - 001583642 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-23 22:26 - 2019-04-03 16:02 - 000000000 ____D C:\Users\Ziharna\AppData\Local\Google
2020-08-23 22:00 - 2019-10-28 18:57 - 000000482 _____ C:\Users\Ziharna\GrblController.log.boop
2020-08-23 22:00 - 2019-04-03 15:59 - 000000000 ____D C:\Users\Ziharna
2020-08-20 18:48 - 2019-04-03 16:02 - 000000000 ____D C:\Program Files (x86)\Google
2020-08-20 00:45 - 2020-05-31 21:05 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-08-20 00:45 - 2020-05-31 21:05 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-08-20 00:45 - 2019-04-03 16:03 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories ========
2019-08-19 08:16 - 2019-09-04 09:03 - 000033661 _____ () C:\Users\Ziharna\AppData\Roaming\downloads.json
2019-12-18 02:58 - 2019-12-18 02:58 - 000000882 _____ () C:\Users\Ziharna\AppData\Local\recently-used.xbel
2019-11-13 00:11 - 2020-07-18 05:48 - 000007605 _____ () C:\Users\Ziharna\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-08-25 00:46
==================== End of FRST.txt ========================