Prosím o kontrolu - napadeno Ransomware Vyřešeno

[jaro3]

Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware, windowsDefender
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
https://uloz.to/file/nFH1LwSrGioP/zoek1-rar

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.


Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe

(posuvník dolu na download)
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat nyní“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Vykonat“ ( vymazat). Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, klikni vlevo na „zprávy“ a pak na „otevři zprávu“ a zkopíruj sem celý obsah té zprávy.

pak zkus znovu malwarebytes.

Vlož nový log z HJT + informuj o problémech.

[Reklama]

[Brabenecsiafu]

ZA-Scan V1.0.0.6 Updated 03-May-2018
Tool run by drjan_000 on p  29. 07. 2022 at 21:01:33,23.
Microsoft Windows 10 Home 10.0.18363 x64
Running in: Normal Mode No Internet Access Detected

==== Older Logs ======================

C:\zoek-results2022-07-28-160416.log 928153 bytes
C:\zoek-results2022-07-29-134659.log 53550 bytes

==== C:\zoek_backup content ======================

C:\zoek_backup (files=13152 folders=13152 1704012308 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not found

==== EOF on p  29. 07. 2022 at 21:24:36,18 ======================

[Brabenecsiafu]

Informace o kontroly
Název produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončena
Datum kontroly    :  29. 7. 2022 21:14:27
Typ kontroly    :  Inteligentní kontrola
Čas trvání    :  00:02:30
Zkontrolované objekty    :  2135
Zjištěné objekty    :  7
Vyloučené objekty    :  0
Automatické odesílání    :  Ano
Operační systém    :  Windows 10 x64
Procesor    :  4X Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Režim systému BIOS    :  UEFI
Informace o doméně    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  12C3CF2CCDA289275EE52F


Odhalení
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  c:\users\drjan_000\appdata\local\google\chrome\user data\default\extensions\jdopnakmnlnccgpfpmjmdjjohmcdgabp
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:ChromePlugin/Screen Recorder
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  c:\users\drjan_000\appdata\local\google\chrome\user data\default\extensions\lhlflcpjmbmnhfehipheboagibdjgmog
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:ChromePlugin/Rozšířená úvodní strana
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  c:\users\drjan_000\appdata\local\google\chrome\user data\default\extensions\nidaimoaiogijcjpfjgkbhooeghpgklf
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:ChromePlugin/Sklik plugin
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  c:\users\drjan_000\appdata\local\google\chrome\user data\default\extensions\njgehaondchbmjmajphnhlojfnbfokng
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:ChromePlugin/Video Downloader PLUS
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  http://www.centrum.cz/
Vydavatel    :  
Velikost    :  0
Odhalení    :  Hijack:Browser/ChromeHomepage
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  --profile-directory
Vydavatel    :  
Velikost    :  0
Odhalení    :  Hijack:Browser/Chrome Shortcut
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  --profile-directory
Vydavatel    :  
Velikost    :  0
Odhalení    :  Hijack:Browser/Chrome Shortcut
Akce    :  Vymazat

[Brabenecsiafu]

Ten malwarebytes nejde nainstalovat, potřebuje net. Teď dělám scan AdwCleaner a potom sem hodím log z HJT. Zatím se to chová pořád stejně. Na obrazovce stále upozornění a soubory neotevřu.

[jaro3]

Stáhni si z jiného PC Kaspersky Rescue Disk 10
http://rescuedisk.kaspersky-labs.com/re ... cue_10.iso

Soubor .iso vypal na CD v tomto programu:
http://www.slunecnice.cz/sw/active-iso-burner/
Při startu windows drž klávesu Delete a dostaneš se do BIOSu. V něm , na záložce BOOT, změň boot na prvním místě na CD/DVD. Potvrď změnu (Save and Exit).
Po restartu se na chvíli objeví BIOS a poté černá obrazovka ,nahoře s textem:
Boot z CD/DVD pokračujte libovolnou klávesou- nějakou hned stiskni.
Pak se již nabootuje Kaspersky Rescue Disk. V tomto programu můžeš odstranit viry, spyware nebo jiný nebezpečný a škodlivý software.
Po nabootování vyber z nabídky „Kaspersky Rescue Disk Graphic Mode“ , pak pokračuj.
Měl by si vybrat myslím tu druhou možnost od shora, pak vybrat :
All peripherialls ( to je všechny disky- oddíly), flešky, mechaniky, MBR atd.
Při pokračování trvá někdy dlouho černá obrazovka , vydrž , program stále pracuje.

http://www.softpedia.com/progScreenshot ... 00454.html
http://www.softpedia.com/get/Antivirus/ ... Disk.shtml

How to record Kaspersky Rescue Disk 10 to a USB device and boot a computer from it
http://support.kaspersky.com/8092
Po nabootování vyber z nabídky „Kaspersky Rescue Disk Graphic Mode“ , pak pokračuj.

[Brabenecsiafu]

Situace je pořád stejná. Sice to něco našlo a asi vyčistilo,
Takže budu dělat reinstalaci Win a pokud ani to nepomuze, tak format c:
Nějaká rada jak nejlépe vyčistit disk a jak nainstalovat Windows , když nemá licenční kíč nalepený na notebooku?
Dá se někde přečíst?
Díky.

[petr22]

Klic neni nalepeny jiz mnoho a mnoho let, neni potreba. Windows 10/11 pokud byly jednou nainstalovany
tak se aktivuji samy, staci pristup k internetu.

https://tb.rg-adguard.net/public.php

Stahni ISO nejnovejsi verze verze Windows 10. Pres Rufus udelej instalacni flashku a nabootuj z ni pri zapnuti PC,
tim se spusti instalace. V prubehu staci smazat cely obsah systemoveho disku. Vse co z disku chces napred zalohuj.

Jako prcni nainstaluj poradny antivir, treba Comodo Internet Security. Jestli tam byl jen Defender, tak ten je znamy
tim ze ransomware nedokaze prakticky nikdy detekovat a ignoruje ho, i kdyz sifruje data na disku.

[Brabenecsiafu]

OK,tak to asi takto udelám rovnou a nebudu zkoušet reinstalaci ze současné instalace. Antivir mám, koupený Eset aten to pustil a ještě se nechal vypnout :) Takže Combo doporučuješ jako kvalitní antivir? Ještě nějaké bezpečností doporučení,co funguje, mimo toho, že neklikat na podezřelé soubory:)?

[jaro3]

Ještě můžeš zkusit poslední nástroj:
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Brabenecsiafu]

Tak jsem přes noc zapnul instalaci do továrního nastavení a nepovedlo se :( Každý soubor je nějak blokovaný, ale jen v tom pc. Data jsou z disku normálně přístupná.
Udělal jsem ten scan a níže logy.

[Brabenecsiafu]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2022
Ran by drjan_000 (administrator) on HONZA (LENOVO 20351) (31-07-2022 09:30:13)
Running from C:\Users\drjan_000\Desktop
Loaded Profiles: drjan_000 & postgres
Platform: Microsoft Windows 10 Home Version 1909 18363.1556 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SmartInteractAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\60.0.2.0\crashpad_handler.exe <4>
(C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe ->) (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7>
(C:\Windows\runSW.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) () [File not signed] C:\Program Files\AkVirtualCamera.plugin\x64\AkVCamAssistant.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (ManyCam -> Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\SAgent4.exe
(services.exe ->) (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (LENOVO -> Lenovo) [File not signed] C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5456392 2016-10-07] (Realtek Semiconductor Corp. -> Realtek semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe (No File)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [168064 2022-04-24] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-08-04] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\Wondershare\UniConverter 13\WSVCUUpdateHelper.exe (No File)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11186440 2022-07-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\AllMyTube\DelayPluginI.exe [1969888 2017-03-29] (Wondershare Technology Co.,Ltd -> )
HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2015-08-24] (LENOVO -> Lenovo) [File not signed]
HKLM-x32\...\Run: [WsmUpdater] => C:\Program Files (x86)\Fake Webcam 7.4\Fake Webcam Codecs Pack\Updater.exe [292208 2012-05-18] (Web Solution Mart -> Web Solution Mart)
HKLM-x32\...\Run: [VCamRun.exe] => C:\Program Files (x86)\Fake Webcam 7.4\7.4.0.0\VCamRun.exe [26464 2014-03-26] (Web Solution Mart -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [19959616 2015-08-24] (Wiziple software -> NGWIN)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [EPSON (Epson Stylus SX525WD)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE [224768 2010-01-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [Keybase.Keybase.GUI] => C:\Users\drjan_000\AppData\Local\Keybase\Gui\Keybase.exe (No File)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [Discord] => C:\Users\drjan_000\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [I0X5CBZH-T2RV-494B-X1V2-Y0G6W3E1K47L-] => C:\Users\drjan_000\AppData\Roaming\msconfig\5SNHK5ZZ-5SEA-XCLG-C13X-1FWCLL2UBN13.exe [153782267 2022-07-16] (FileCrypt) [File not signed]
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\MountPoints2: E - "E:\autorun.exe"
HKU\S-1-5-21-441044182-2704751091-3235625209-1014\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [EPSON (Epson Stylus SX525WD)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE [224768 2010-01-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON SX525WD Series 64MonitorBE: C:\WINDOWS\system32\E_ILMGAE.DLL [118784 2008-11-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-06] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-11-15]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\drjan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2020-10-23]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0014F449-5497-40CB-A531-33195F8A3B9A} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {090CA2E5-20FE-43FB-BDA5-AA6F191622B8} - System32\Tasks\G2MUploadTask-S-1-5-21-441044182-2704751091-3235625209-1001 => C:\Users\drjan_000\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-21] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {10CF3411-5A21-4048-AE1B-734A4C388669} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {11D2FEA0-0B62-434D-ACAD-93B9E0FB938B} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [8416808 2020-11-27] (NCH Software, Inc. -> NCH Software)
Task: {1E65D644-88F7-4D42-AA6C-1A264402C510} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc -> Google Inc.)
Task: {293B8C50-54A8-412B-9153-F72A323933EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc -> Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {372A9C8C-5E29-4AE2-8448-52994052F449} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {4F107D2B-51E0-41C4-B27B-0800DD325427} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {4F3D8B34-BBD0-4A9D-ABBB-4723FCA7C4E9} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {555F74C1-D16C-4615-A7D3-46936BE5BF52} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {56B69EFA-20D9-44F4-BD97-85DE47F3460E} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-01-11] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {76C1C80A-8468-4C0A-B51D-871A55F71687} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {801A54D8-8EFA-4699-9B62-2EE4EB825D35} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-dr.jan@centrum.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9004FB7C-6F56-43CB-AB6F-B31E25F9D657} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {94EDD095-170D-455D-91E3-B312F2E96891} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {97F2B67C-F9DB-4057-9608-69729B820B46} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {9B09F436-0EDD-498A-A029-265C3A9811D8} - System32\Tasks\lenovo mobile auto run => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2015-08-24] (LENOVO -> Lenovo) [File not signed]
Task: {9DE55730-7156-454F-972D-19DF344B5222} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {B7DF0718-983A-4232-93E9-D913ECFD5521} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C2647D57-964A-4FB6-A59D-458B3156C37A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CB15F01D-8518-46D3-BC43-34D94EF23291} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {CBE4D7A7-713F-4AD8-B337-B294194D9603} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {E628919D-0BEF-471E-9E76-1DAC3836AC7D} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {EABBE640-E4C7-423E-909F-16C5EA075DD2} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {EEA309C0-3B39-44C9-8D28-DB7B74E1FBC0} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F4990901-51BA-468A-8A4F-81863094E4E6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8A7C6F0-F11F-4095-8D94-65840124E207} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FBA6B585-21AD-49E2-9459-6E02402144F0} - System32\Tasks\G2MUpdateTask-S-1-5-21-441044182-2704751091-3235625209-1001 => C:\Users\drjan_000\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-21] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FBB10E06-4AA2-483F-AA07-CADEDDF2BB45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-441044182-2704751091-3235625209-1001.job => C:\Users\drjan_000\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-441044182-2704751091-3235625209-1001.job => C:\Users\drjan_000\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.191.1
Tcpip\..\Interfaces\{09e8e9eb-3a4a-4077-b9e3-75777bfd109e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8a3ebfae-df3e-42b4-866f-bc7fae1eecf0}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bafaf044-7bc6-4dac-9aab-7504ed50ead3}: [DhcpNameServer] 192.168.191.1

Edge:
=======
DownloadDir: C:\Users\drjan_000\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-13]
Edge HomePage: Default -> hxxp://www.centrum.cz/
Edge Extension: (Překladač Google) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-05-13]
Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2022-05-13]
Edge Extension: (Tipli do prohlížeče) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2021-06-23]
Edge Extension: (Sumo) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dlgipkaoljiajmolhibpngjppeckkjjp [2020-06-04]
Edge Extension: (Jump Send) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdflpocfdeacfjmpmhkmgnhgklbpebcm [2020-06-04]
Edge Extension: (Facebook Pixel Helper) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2020-10-15]
Edge Extension: (Backit Plugin) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hfdhpmpfpcnbboppkkkblilhbloejijj [2020-10-15]
Edge Extension: (Grepsr - Web Scraping Tool) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hjdijkhlfpeafghibmiabeofkiicdnjm [2021-11-03]
Edge Extension: (FormApps Extension) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2020-06-04]
Edge Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggnegiphhh [2020-06-04]
Edge Extension: (Tag Assistant Legacy (by Google)) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2021-10-16]
Edge Extension: (Turbo Ad Finder) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kjbjojolojmokicddfeaamkodihccdcl [2021-04-23]
Edge Extension: (Rozšířená úvodní strana) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2020-06-04]
Edge Extension: (Scraper) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd [2020-06-04]
Edge Extension: (Amz Superman Seller tool) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndhncndbgnmheelpkdmldlcdhmieiagm [2021-06-23]
Edge Extension: (Sklik plugin) - C:\Users\drjan_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nidaimoaiogijcjpfjgkbhooeghpgklf [2020-06-04]

FireFox:
========
FF DefaultProfile: hkzxkmgk.default
FF ProfilePath: C:\Users\drjan_000\AppData\Roaming\Mozilla\Firefox\Profiles\hkzxkmgk.default [2019-09-28]
FF ProfilePath: C:\Users\drjan_000\AppData\Roaming\Mozilla\Firefox\Profiles\tb5us2gz.default-release [2022-07-29]
FF Homepage: Mozilla\Firefox\Profiles\tb5us2gz.default-release -> about:home
FF NewTab: Mozilla\Firefox\Profiles\tb5us2gz.default-release -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\tb5us2gz.default-release -> http", "fe80::2c61:2976:f8f9:75b2"
FF Extension: (To Google Translate) - C:\Users\drjan_000\AppData\Roaming\Mozilla\Firefox\Profiles\tb5us2gz.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-02-19]
FF HKLM-x32\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi
FF Extension: (Wondershare AllMyTube) - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi [2018-02-11] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-441044182-2704751091-3235625209-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2021-08-11] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-441044182-2704751091-3235625209-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2021-08-11] (TD Ameritrade -> TD Ameritrade)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-07-31]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default [2022-07-31]
CHR Notifications: Default -> hxxps://best.aliexpress.ru; hxxps://calendar.google.com; hxxps://stockchase.com; hxxps://www.lynxbroker.cz; hxxps://www.tradingview.com
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR Extension: (Překladač Google) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
CHR Extension: (Dictanote) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjekmpappghadlogpigifkghlmebjk [2017-03-27]
CHR Extension: (Tipli do prohlížeče) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2022-06-19]
CHR Extension: (Sumo) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlgipkaoljiajmolhibpngjppeckkjjp [2017-03-01]
CHR Extension: (Kalendář Google) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-06]
CHR Extension: (Jump Send) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdflpocfdeacfjmpmhkmgnhgklbpebcm [2016-12-18]
CHR Extension: (Facebook Pixel Helper) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2020-10-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-22]
CHR Extension: (Tlačítko Uložit pro Pinterest) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2022-03-02]
CHR Extension: (VoiceNote II - Speech to text) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm [2016-12-18]
CHR Extension: (Grepsr - Web Scraping Tool) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdijkhlfpeafghibmiabeofkiicdnjm [2021-10-27]
CHR Extension: (Kindle Cloud Reader) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2016-12-18]
CHR Extension: (Voice Recognition) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2016-12-18]
CHR Extension: (FormApps Extension) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-14]
CHR Extension: (Speech Recognition & Translation) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjgohjmefljmabkekbfgfhockfegohfp [2016-12-18]
CHR Extension: (Page Ruler) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2018-07-06]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-07-14]
CHR Extension: (Tag Assistant Legacy (by Google)) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2021-09-24]
CHR Extension: (Turbo Ad Finder) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjbjojolojmokicddfeaamkodihccdcl [2021-01-21]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-25]
CHR Extension: (Mapy Google) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-12-18]
CHR Extension: (AirDroid Remote Control Plugin) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2019-11-18]
CHR Extension: (Morpheon Dark) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2022-01-23]
CHR Extension: (Scraper) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd [2016-12-18]
CHR Extension: (Amz Superman Seller tool) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhncndbgnmheelpkdmldlcdhmieiagm [2021-05-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (AliRadar - помощник в покупках) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfjibkklgpfcfdlhijfglamdnkjnpdeg [2022-07-07]
CHR Extension: (SpeakIt! - Text to speech for Chrome) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2019-10-15]
CHR Profile: C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-07-18]
CHR Profile: C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-07-13]
CHR Extension: (No Name) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2022-06-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-19]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-06-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-19]
CHR Profile: C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-10-17]
CHR HomePage: Profile 2 -> hxxp://www.centrum.cz/
CHR StartupUrls: Profile 2 -> "hxxp://www.centrum.cz/"
CHR Extension: (Překladač Google) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2019-10-17]
CHR Extension: (Prezentace) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-18]
CHR Extension: (YouTube) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-18]
CHR Extension: (Kalendář Google) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-10-14]
CHR Extension: (Tabulky) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-10-17]
CHR Extension: (Send to Evernote) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gnilckpgiopfcokcijkhpghppekcoafm [2016-12-18]
CHR Extension: (Dropbox) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2019-10-17]
CHR Extension: (Evernote Web) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2016-12-18]
CHR Extension: (Mapy Google) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-17]
CHR Extension: (Gmail) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-17]
CHR Profile: C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-02-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-14]
CHR Extension: (Chrome Media Router) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-24]
CHR Profile: C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-01-23]
CHR Extension: (Prezentace) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-20]
CHR Extension: (Dokumenty) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-20]
CHR Extension: (Disk Google) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-05]
CHR Extension: (YouTube) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-20]
CHR Extension: (Tabulky) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-21]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Extension: (Gmail) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-05]
CHR Profile: C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5 [2021-10-28]
CHR Extension: (Prezentace) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-17]
CHR Extension: (Dokumenty) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-17]
CHR Extension: (Disk Google) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-28]
CHR Extension: (YouTube) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-17]
CHR Extension: (Tabulky) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-28]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-28]
CHR Extension: (Gmail) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-28]
CHR Profile: C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-18]
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx <not found>
CHR HKU\S-1-5-21-441044182-2704751091-3235625209-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\DRJAN_~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-441044182-2704751091-3235625209-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

[Brabenecsiafu]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AkVCamAssistant; C:\Program Files\AkVirtualCamera.plugin\x64\AkVCamAssistant.exe [1169920 2021-11-24] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46872 2022-07-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-08-30] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [3210720 2022-04-24] (ESET, spol. s r.o. -> ESET)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (ManyCam -> Visicom Media Inc.)
R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14592472 2022-06-13] (ADLICE -> )
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2021-01-28] (Realtek Semiconductor Corp -> )
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 StatusAgent4; C:\WINDOWS\SysWOW64\SAgent4.exe [136576 2017-01-06] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH -> TeamViewer GmbH)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2022-07-29] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 ApkbfiltrService; C:\WINDOWS\System32\drivers\Apkbfiltr.sys [31016 2015-07-23] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2022-01-11] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [230712 2015-05-24] (DEV47 APPS -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183888 2022-04-24] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107944 2022-04-24] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [226264 2022-04-24] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [44968 2022-04-24] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-04-24] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-04-24] (ESET, spol. s r.o. -> ESET)
S3 fiddrv64; no ImagePath
R3 fwdrv; C:\WINDOWS\System32\drivers\fwdrv.sys [27840 2019-03-17] (Web Solution Mart -> Web Solution Mart)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-20] (Logitech Inc -> Logitech Inc.)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [7139184 2017-09-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [121616 2012-08-13] (High Criteria Inc -> High Criteria inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-08] (Microsoft Windows -> Microsoft Corporation)
R3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [39112 2017-03-29] (Wondershare Technology Co.,Ltd -> Wondershare)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-31 09:30 - 2022-07-31 09:34 - 000052157 _____ C:\Users\drjan_000\Desktop\FRST.txt
2022-07-31 09:29 - 2022-07-31 09:32 - 000000000 ____D C:\FRST
2022-07-31 09:28 - 2022-07-31 09:04 - 002369536 _____ (Farbar) C:\Users\drjan_000\Desktop\FRST64.exe
2022-07-31 09:05 - 2022-07-31 09:05 - 000041920 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2022-07-31 08:18 - 2022-07-31 08:21 - 000000000 ____D C:\$Windows.~BT
2022-07-31 08:15 - 2022-07-31 08:57 - 000000000 ___HD C:\$SysReset
2022-07-30 13:16 - 2022-07-30 13:17 - 000000000 ____D C:\KRD2018_Data
2022-07-29 21:31 - 2022-07-26 22:19 - 002556344 _____ (Malwarebytes) C:\Users\drjan_000\Desktop\MBSetup-3997FCF0-37335.37335.exe
2022-07-29 21:17 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2022-07-29 21:11 - 2022-07-31 09:35 - 000194309 _____ C:\WINDOWS\ZAM.krnl.trace
2022-07-29 21:11 - 2022-07-29 21:11 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2022-07-29 21:11 - 2022-07-29 21:11 - 000003546 _____ C:\WINDOWS\system32\Tasks\AMHelper
2022-07-29 21:11 - 2022-07-29 21:11 - 000002656 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2022-07-29 21:11 - 2022-07-29 21:11 - 000001329 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2022-07-29 21:11 - 2022-07-29 21:11 - 000000000 ____D C:\Users\drjan_000\AppData\Local\Zemana
2022-07-29 21:11 - 2022-07-29 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2022-07-29 21:11 - 2022-07-29 21:11 - 000000000 ____D C:\Program Files (x86)\Zemana
2022-07-29 21:10 - 2022-07-31 09:20 - 000000000 ____D C:\Users\drjan_000\AppData\Local\AMSDK
2022-07-29 21:09 - 2022-07-28 15:53 - 013922376 _____ (Zemana Ltd. ) C:\Users\drjan_000\Desktop\Zemana.AntiMalware.Setup.exe
2022-07-29 20:40 - 2022-07-29 20:40 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2022-07-28 16:11 - 2020-09-07 00:04 - 002038755 _____ C:\Users\drjan_000\Desktop\zoek (1).exe
2022-07-28 16:09 - 2022-07-29 15:50 - 000000000 ____D C:\zoek_backup
2022-07-27 19:24 - 2022-07-27 19:04 - 043599792 _____ (Adlice Software ) C:\Users\drjan_000\Desktop\RogueKiller_setup.exe
2022-07-27 19:16 - 2022-07-27 19:27 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2022-07-27 19:16 - 2022-07-27 19:27 - 000000000 ____D C:\ProgramData\RogueKiller
2022-07-27 19:16 - 2022-07-27 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2022-07-27 19:16 - 2022-07-27 19:27 - 000000000 ____D C:\Program Files\RogueKiller
2022-07-27 11:11 - 2022-07-27 11:11 - 000000000 ____D C:\ProgramData\Sophos
2022-07-27 11:10 - 2022-07-27 11:10 - 000000000 _____ C:\SophosBootTasks.txt
2022-07-27 11:07 - 2022-07-27 11:07 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2022-07-27 11:07 - 2022-07-27 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2022-07-27 11:07 - 2022-07-27 11:07 - 000000000 ____D C:\Program Files (x86)\Sophos
2022-07-27 10:38 - 2022-07-27 10:38 - 000001081 _____ C:\Users\drjan_000\Desktop\JRT.txt
2022-07-26 23:10 - 2022-07-26 23:11 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-07-26 23:10 - 2022-07-26 23:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-07-26 23:06 - 2022-07-26 23:06 - 000000000 ____D C:\Program Files\Malwarebytes
2022-07-17 20:55 - 2022-07-30 08:35 - 001283076 _____ C:\WINDOWS\ntbtlog.txt
2022-07-17 18:35 - 2022-07-17 20:21 - 000000000 ____D C:\Users\drjan_000\AppData\Local\FileCrypt
2022-07-17 18:35 - 2022-07-17 18:38 - 000000000 ____D C:\Users\drjan_000\AppData\Roaming\msconfig
2022-07-13 08:53 - 2022-07-13 08:53 - 000001411 _____ C:\Users\Public\Desktop\Logitech.lnk
2022-07-07 19:31 - 2022-07-07 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-07-04 16:42 - 2022-07-04 16:42 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-07-04 16:42 - 2022-07-04 16:42 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-07-04 16:42 - 2022-07-04 16:42 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-07-04 16:42 - 2022-07-04 16:42 - 000046872 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-07-02 09:13 - 2022-07-02 09:13 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-31 09:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-31 09:25 - 2019-10-03 18:54 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-07-31 09:20 - 2016-12-17 12:43 - 000000000 ____D C:\Users\drjan_000\AppData\Local\Adobe
2022-07-31 09:13 - 2018-04-03 18:24 - 000000000 ____D C:\Users\drjan_000\AppData\Local\CrashDumps
2022-07-31 09:12 - 2016-12-18 17:02 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-31 09:07 - 2016-12-16 21:56 - 000000000 __SHD C:\Users\drjan_000\IntelGraphicsProfiles
2022-07-31 09:06 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-31 09:06 - 2017-06-15 23:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-31 09:05 - 2017-10-07 11:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-07-31 09:04 - 2019-08-18 17:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-30 22:07 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-07-30 21:53 - 2016-12-18 14:57 - 000000000 ____D C:\Users\drjan_000\Documents\Soubory aplikace Outlook
2022-07-30 21:06 - 2019-08-18 16:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-30 18:51 - 2017-09-09 10:48 - 000000000 ____D C:\Program Files\SoftPerfect Network Scanner
2022-07-30 08:48 - 2016-12-18 11:12 - 000000000 ____D C:\Users\drjan_000\AppData\Local\Lenovo
2022-07-30 08:30 - 2019-03-19 06:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-07-29 21:17 - 2019-03-17 19:04 - 000001237 _____ C:\Users\drjan_000\Desktop\Honza (Siafu).lnk
2022-07-29 21:17 - 2018-12-20 20:07 - 000001237 _____ C:\Users\drjan_000\Desktop\Osoba 1.lnk
2022-07-28 17:59 - 2019-08-18 16:32 - 000000000 ____D C:\Users\drjan_000
2022-07-27 18:36 - 2016-12-20 12:16 - 000000000 ___RD C:\Users\drjan_000\Desktop\Pracovní
2022-07-27 10:23 - 2021-04-18 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2022-07-27 10:23 - 2021-04-18 10:47 - 000000000 ____D C:\Users\drjan_000\AppData\Roaming\Samsung
2022-07-27 10:23 - 2021-04-18 10:46 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-07-27 10:23 - 2020-03-13 08:13 - 000000000 ____D C:\WINDOWS\Lenovo
2022-07-27 10:23 - 2019-08-18 17:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-07-27 10:23 - 2016-12-17 15:34 - 000000000 ____D C:\ProgramData\Lenovo
2022-07-26 23:07 - 2016-12-25 11:18 - 000000000 ____D C:\Users\drjan_000\AppData\Local\DD864547-3188-4778-99D0-AC4139A280D4.aplzod
2022-07-26 23:07 - 2016-12-25 11:17 - 000000000 ___RD C:\Users\drjan_000\iCloudDrive
2022-07-26 22:59 - 2017-01-26 12:02 - 000000000 ____D C:\AdwCleaner
2022-07-26 19:58 - 2019-12-22 12:27 - 000000000 ____D C:\Program Files\Google
2022-07-26 16:51 - 2018-07-12 07:02 - 000000000 ____D C:\Users\drjan_000\AppData\Local\D3DSCache
2022-07-25 00:54 - 2018-02-11 13:31 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-07-18 16:21 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-18 15:58 - 2019-12-22 12:32 - 000000000 ___RD C:\Users\drjan_000\Disk Google
2022-07-18 13:55 - 2021-01-12 17:34 - 000000000 ____D C:\Users\postgres
2022-07-18 13:48 - 2022-05-11 12:33 - 000661360 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-18 13:48 - 2022-05-11 12:33 - 000136496 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-18 13:48 - 2019-08-18 16:46 - 001562980 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-17 20:56 - 2017-01-26 12:26 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-07-17 18:35 - 2017-01-24 19:12 - 138887168 _____ C:\Users\drjan_000\AppData\Local\SageThumbs.db3
2022-07-16 19:30 - 2020-06-04 16:35 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-15 20:06 - 2021-12-14 00:06 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-441044182-2704751091-3235625209-1001
2022-07-15 20:05 - 2019-08-18 17:08 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-441044182-2704751091-3235625209-1001
2022-07-15 20:05 - 2019-08-18 16:32 - 000002424 _____ C:\Users\drjan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-13 01:16 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2022-07-13 01:06 - 2016-12-17 14:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 00:56 - 2016-12-17 14:56 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-11 14:42 - 2021-09-01 15:27 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-07-11 14:42 - 2021-09-01 15:27 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-07-11 14:42 - 2021-09-01 15:27 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-07-11 14:42 - 2021-09-01 15:27 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-07-08 10:30 - 2022-04-29 10:58 - 000000796 _____ C:\WINDOWS\storelibdebug.txt
2022-07-08 09:29 - 2016-12-20 12:15 - 000000000 ___RD C:\Users\drjan_000\Desktop\PLR
2022-07-07 19:32 - 2017-03-05 19:26 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-07-06 23:42 - 2016-12-24 08:56 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-06 07:10 - 2016-12-20 19:02 - 000000000 ____D C:\Users\drjan_000\AppData\Roaming\vlc
2022-07-04 18:27 - 2017-12-19 08:36 - 000000000 ____D C:\Users\drjan_000\AppData\Local\Packages
2022-07-02 11:38 - 2019-08-18 17:03 - 000346695 _____ C:\WINDOWS\diagwrn.xml
2022-07-02 11:38 - 2019-08-18 17:03 - 000346695 _____ C:\WINDOWS\diagerr.xml
2022-07-02 11:18 - 2019-08-18 07:50 - 000000000 ___DC C:\WINDOWS\Panther
2022-07-02 02:26 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-07-01 11:08 - 2020-12-09 10:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software

==================== Files in the root of some directories ========

2017-12-19 09:45 - 2018-05-28 20:06 - 001388432 _____ () C:\Users\Public\VOIP.dat
2016-12-29 17:03 - 2018-11-27 18:58 - 000000132 _____ () C:\Users\drjan_000\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2020-12-08 22:07 - 2021-02-12 19:43 - 000000096 _____ () C:\Users\drjan_000\AppData\Roaming\Camdata.ini
2020-12-08 22:07 - 2021-02-12 19:43 - 000000408 _____ () C:\Users\drjan_000\AppData\Roaming\CamLayout.ini
2020-12-08 22:07 - 2021-02-12 19:43 - 000000408 _____ () C:\Users\drjan_000\AppData\Roaming\CamShapes.ini
2020-12-08 22:07 - 2021-02-12 19:43 - 000004509 _____ () C:\Users\drjan_000\AppData\Roaming\CamStudio.cfg
2018-08-26 08:19 - 2018-08-26 08:19 - 000003584 _____ () C:\Users\drjan_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-01 20:00 - 2019-09-11 22:29 - 000038179 _____ () C:\Users\drjan_000\AppData\Local\FSDownloader.err
2017-09-01 20:39 - 2019-09-15 16:04 - 000001144 _____ () C:\Users\drjan_000\AppData\Local\FSDownloader.nast
2022-07-29 17:14 - 2022-07-29 17:14 - 000000000 _____ () C:\Users\drjan_000\AppData\Local\oobelibMkey.log
2017-01-24 19:12 - 2022-07-17 18:35 - 138887168 _____ () C:\Users\drjan_000\AppData\Local\SageThumbs.db3

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================