Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2022
Ran by Woytman (administrator) on WOYTMAN-NTB (Micro-Star International Co., Ltd. GF75 Thin 9SC) (07-11-2022 22:44:19)
Running from C:\Users\Woytman\Desktop
Loaded Profiles: Woytman
Platform: Microsoft Windows 11 Home Version 21H2 22000.1098 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\AudioVisualizer\ChromaVisualizer.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_9b67516eb3c8ed0a\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9b67516eb3c8ed0a\igfxEM.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9b67516eb3c8ed0a\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_11001eacf352e253\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_11001eacf352e253\IntelCpHeciSvc.exe
(services.exe ->) (Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe
(services.exe ->) (Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_3c492dde906d8149\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Razer USA Ltd. -> THX) C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.765.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe [3498408 2022-07-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [THX22adHelper] => C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22ad.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM\...\Run: [THX0520Helper] => C:\Program Files (x86)\Razer\APO0520Drv\Drivers\x64\THXHelper0520.exe [386008 2019-09-18] (Razer USA Ltd. -> )
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [6315480 2022-03-05] (Adguard Software Limited -> Adguard Software Ltd)
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [MicrosoftEdgeAutoLaunch_211F9FEB1C1D0C6ED6DD47C70C7E0A4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32696784 2022-11-03] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13668840 2022-10-11] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\...\MountPoints2: {4da3b049-162e-11ed-8c8f-4889e716f2dc} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.ScreenSaver.scr
HKU\S-1-5-18\...\Run: [RazerAxon] => "C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe" -autorun (No File)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\Woytman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2022-11-05]
ShortcutTarget: DeepL auto-start.lnk -> (No File)
BootExecute: autocheck autochk * Partizan
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-3110588475-2115266248-3539613761-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00AAE17D-5854-4922-8396-86326F51A6D2} - System32\Tasks\update-S-1-5-21-3110588475-2115266248-3539613761-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (No File)
Task: {07B2C277-B2F3-4518-AC45-813D211DE09E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4995a14b-6ac3-42f4-81c8-496d95a5dd1a" --version "6.05.10110" --silent
Task: {0CCE62CC-DD5A-4AD4-96F0-6A26802D4A53} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4FF921FB-F882-448B-A433-CCC3A563DCB5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {52510CA0-CD65-48FC-99C5-CF57314CEC65} - \Microsoft\Windows\Management\Provisioning\xiHM0g\046E4CE2-D25A-4B57-A2E2-3AD7D55DFBDB -> No File <==== ATTENTION
Task: {5FDD0220-E4B9-4462-AC20-4D9BDB16070E} - System32\Tasks\Microsoft\Windows\Management\Provisioning\User => powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\WINDOWS\System32\57540306-c3ad-454f-bbe7-1c56160757fe.ps1" <==== ATTENTION
Task: {6A7B9D49-E5BF-4199-8990-7D182ADBB306} - System32\Tasks\GoogleUpdateTaskMachineCore{07D74F8D-CE32-4182-A77B-CF36AB803647} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-26] (Google LLC -> Google LLC)
Task: {759CFE0A-3FD2-4DDC-88ED-03B512AA677A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154960 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7704A820-CACF-4338-A77F-B5C190ADE09E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8A790555-880A-4BCD-89E3-C48221871A6B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8C08485A-D3A1-428D-B46B-7418CCFE0528} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {90412B12-C449-4E08-8793-C4A048C9414D} - System32\Tasks\CCleanerSkipUAC - Woytman => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {96BB2A72-BBD3-4A21-B7F2-C23A745E8678} - System32\Tasks\Microsoft\Windows\MUI\LPRemovea93Lqu => powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\WINDOWS\System32\D5910F34-9B2F-4E01-80CF-49460B7AF191.ps1" <==== ATTENTION
Task: {9DCE65F7-945F-4A44-9583-A631CB7C8A0B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {A206CE14-2270-46F0-A5FC-4289B1D96F0E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4C668D0-8AD0-45AF-BDA6-1B7075D167AD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {ADC88314-0FAD-42E4-BB17-E9B7279ED5FD} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [66936 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2121AC3-64D0-4926-80EF-D656AC873F89} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B2F82E57-5A82-46F4-88DC-C41367AF04D9} - System32\Tasks\GoogleUpdateTaskMachineUA{6B43DE8F-643D-4522-8024-BB1F417C3440} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-26] (Google LLC -> Google LLC)
Task: {B56CF85C-13CE-4251-98B8-7B20E0F28E48} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BB33B0D9-DD95-40F5-879B-665D56EEEE4F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C84F27BD-C0A4-4A2B-B7D2-B776E78D1B5D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D33291ED-EBB4-4E46-8BD2-70CB7F3457EE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D7AFD09A-07CA-4136-926C-CB0629F7DF98} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DD5C7A52-7A1A-49D5-A684-E588487C21E1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144312 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF86D5F7-3565-4940-8A0C-69614DA27496} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E477AEF4-01F5-4174-853E-C49C3F5874D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154960 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {E71ACF64-B9AB-4B09-AA8D-9E6DF8ED4FEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3ED570E-C6D2-4C9E-964E-E3430B16320F} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (No File)
Task: {F6F93A62-2B96-4E59-95B6-66F954B43D24} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144312 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3110588475-2115266248-3539613761-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 0.0.0.0
Tcpip\..\Interfaces\{07759c78-08b7-499b-9e76-9b1429355859}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2809612c-d134-4c83-9a3f-32c34183507c}: [DhcpNameServer] 192.168.10.1 0.0.0.0
Tcpip\..\Interfaces\{2e4c83d7-15f2-48d4-8ad7-5fd397c1eb13}: [DhcpNameServer] 192.168.10.1 0.0.0.0
Tcpip\..\Interfaces\{41390136-14d9-4ad4-b140-a0d1b94d90a2}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{91f1ad30-beeb-4fbf-885e-1e6e9d6a8c76}: [DhcpNameServer] 192.168.10.1 0.0.0.0
Tcpip\..\Interfaces\{bcbdebf0-34e1-4d08-879c-a923554a03f8}: [DhcpNameServer] 192.168.10.1 0.0.0.0
Tcpip\..\Interfaces\{e34a0e74-b114-4d52-943c-b674323e6033}: [DhcpNameServer] 192.168.10.1 0.0.0.0
Tcpip\..\Interfaces\{f40d0ce8-acff-40fe-a1fd-500b8f330d09}: [DhcpNameServer] 192.168.10.1 0.0.0.0
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-05]
Edge HomePage: Default ->
hxxp://www.google.com/Edge Extension: (7TV) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2022-08-18]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2022-10-23]
Edge Extension: (DuckDuckGo) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2022-11-04]
Edge Extension: (minerBlock) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emikbbbebcdfohonlaifafnoanocnebl [2022-10-19]
Edge Extension: (FrankerFaceZ) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2022-07-11]
Edge Extension: (Return YouTube Dislike) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-10-19]
Edge Extension: (Microsoft Editor: kontrola pravopisu a gramatiky) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2022-10-31]
Edge Extension: (BetterTTV) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2022-10-19]
Edge Extension: (Dark Reader) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2022-10-19]
Edge Extension: (Gladiatus nBot) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npfihoncaeggchfpldnmodmdajngpjib [2022-02-23]
Edge Extension: (I don't care about cookies) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2022-10-31]
Edge Extension: (Blokátor reklam AdGuard) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-10-31]
Edge Extension: (Google Sheets) - C:\Users\Woytman\AppData\Local\Microsoft\Edge\User Data\Default\Extension\rcefqbaerclldjeikmcnmojdknirlfai\2.4.2._0 [2022-07-14]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\dtplugin\npDeployJava1.dll [2022-06-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.331.2 -> C:\Program Files\Java\jre1.8.0_331\bin\plugin2\npjp2.dll [2022-06-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-15] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Default [2022-11-05]
CHR DefaultSearchURL: Default ->
hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default ->
hxxps://duckduckgo.com/chrome_newtabCHR DefaultSuggestURL: Default ->
hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-06-23]
CHR Extension: (DuckDuckGo) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-06-27]
CHR Extension: (Dark Reader) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2022-06-23]
CHR Extension: (I don't care about cookies) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-06-23]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-06-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-05]
CHR Profile: C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-10]
CHR Profile: C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-11-07]
CHR Notifications: Profile 2 ->
hxxps://app.smartsupp.com; hxxps://aukro.czCHR HomePage: Profile 2 ->
hxxp://www.google.com/CHR StartupUrls: Profile 2 -> "hxxps://www.google.com/","hxxp://www.google.com","hxxp://home.torchbrowser.com/?systemid=448&appid=107&ua=Torch","hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.duckduckgo.com"
CHR Extension: (Just Black) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2022-01-22]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30]
CHR Extension: (buykers | slevové kupony a kódy) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dacdinoicboceafielngnmjjplncljhj [2022-10-26]
CHR Extension: (Return YouTube Dislike) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-09-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-01]
CHR Extension: (SponsorBlock pro YouTube - Přeskoč sponzorství) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mnjggcdmjocbbbhaepdhchncahnbgone [2022-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-22]
CHR Profile: C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-11-05]
CHR HomePage: Profile 3 ->
hxxp://www.google.com/CHR StartupUrls: Profile 3 -> "hxxps://www.google.com/","hxxp://www.google.com","hxxp://home.torchbrowser.com/?systemid=448&appid=107&ua=Torch","hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.duckduckgo.com"
CHR Extension: (Ekvalizér pro Chrome browser) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\abikfbojmghmfjdjlbagiamkinbmbaic [2022-05-25]
CHR Extension: (Safe Torrent Scanner) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-08-15]
CHR Extension: (IBM Security Rapport) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2022-05-25]
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\Woytman\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-05-25]