Re: Prosím o kontrolu - pravděpodobně nějakej bordel Vyřešeno
Napsal: 25 lis 2023 21:52
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by Dee (administrator) on LAPTOP-5E42HBG8 (Acer Aspire E5-573G) (25-11-2023 21:32:04)
Running from C:\Users\Dee\Downloads\FRST64.exe
Loaded Profiles: Dee
Platform: Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Users\Dee\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Dee\AppData\Local\Programs\Opera GX\104.0.4944.74\opera_crashreporter.exe
(Discord Inc. -> Discord Inc.) C:\Users\Dee\AppData\Local\Discord\app-1.0.9024\Discord.exe <7>
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PubPlatform.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Opera Norway AS -> Opera Software) C:\Users\Dee\AppData\Local\Programs\Opera GX\opera.exe <27>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacig.inf_amd64_b7653e998d156664\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ctfmon] => C:\Windows\System32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1103480 2022-09-26] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (No File)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\Dee\AppData\Local\Microsoft\Teams\Update.exe [2588640 2023-11-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Dee\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [MicrosoftEdgeAutoLaunch_E1FFA6E4CF5EE06BE425AD6516A9CAC3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [Discord] => C:\Users\Dee\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [RiotClient] => C:\Leauge2.0\Riot Games\Riot Client\RiotClientServices.exe [70912472 2023-11-25] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [Gaijin.Net Updater] => "C:\Users\Dee\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe" (No File)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Dee\AppData\Local\Microsoft\Teams\Update.exe [2588640 2023-11-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\MountPoints2: {62e594f9-164e-11ed-9d45-54ab3a476bdc} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\MountPoints2: {a4ff9eb1-1878-11ec-9d06-54ab3a476bdc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\MountPoints2: {aacd9a41-cab9-11eb-9cf1-c8ff280f0279} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\MountPoints2: {f2a053ed-ac73-11ec-9d26-c8ff280f0279} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MP260 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9G.DLL [27648 2008-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP460 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD81.DLL [27136 2006-09-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP260 series: C:\Windows\system32\CNMLM9G.DLL [279040 2008-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP460: C:\Windows\system32\CNMLM81.DLL [235520 2008-04-03] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-16] (Google LLC -> Google LLC)
Startup: C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Discord.lnk [2021-09-23]
ShortcutTarget: Discord.lnk -> C:\Users\Dee\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
Startup: C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2016-07-22]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B6A9428-B423-4CAE-BCA1-5898B04F3EA4} - \Microsoft\Windows\AppListBackup\BackupNonMaintenance -> No File <==== ATTENTION
Task: {0E5449C5-5AE4-425D-808E-0900CA7FE2A5} - \Microsoft\Windows\Application Experience\MareBackup -> No File <==== ATTENTION
Task: {42924238-738F-4B82-B73E-BA9DCEC815E7} - \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange -> No File <==== ATTENTION
Task: {4BC85114-38BE-42BB-9740-3618B8F13A89} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {665A00E9-732B-42DF-A596-9FE82A6B91D3} - \Microsoft\Windows\PI\SecureBootEncodeUEFI -> No File <==== ATTENTION
Task: {7F91A628-B915-43A3-AF07-66D388AA7AC3} - \Microsoft\Windows\Management\Autopilot\DetectHardwareChange -> No File <==== ATTENTION
Task: {807A6468-AA37-47EF-BB35-021A6C556681} - \Microsoft\Windows\Registry\OOBE-Maintenance -> No File <==== ATTENTION
Task: {88E2DF20-0B21-49D0-82A6-12F013BEA369} - \Microsoft\Windows\Shell\ThemesSyncedImageDownload -> No File <==== ATTENTION
Task: {8F87510C-118C-4E78-A80B-3FEDBD08975D} - \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache -> No File <==== ATTENTION
Task: {9F72CF44-9290-4134-85C2-B191DCD42ACF} - \Microsoft\Windows\Printing\PrinterCleanupTask -> No File <==== ATTENTION
Task: {D900F660-679A-4259-ADCE-1785CB35F67F} - \Microsoft\Windows\CloudRestore\Backup -> No File <==== ATTENTION
Task: {EDC00E4E-BD6B-477F-B6CA-440ECD6558A6} - \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask -> No File <==== ATTENTION
Task: {FBE1992D-A1B2-44DD-9601-A1A2F799B096} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (No File)
Task: {AE82E0EC-5055-4444-BEE2-0C91FC767031} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {04A05EB8-F698-4DD0-8D7C-A8F54E64FC1E} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe (No File)
Task: {46D44DF3-9763-445A-8AF4-79979D759782} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (No File)
Task: {587D2393-5971-44A9-9695-C35804EEA4B6} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {4255B467-65DE-4952-B13A-DB5BA51063CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-14] (Google Inc -> Google Inc.)
Task: {7CE803AA-00EE-4C51-BA2E-013E5931B255} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-14] (Google Inc -> Google Inc.)
Task: {2CBE2450-06FE-4CAF-8FC3-12117C6BE4E2} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {998EC8F4-B60A-4FB4-BC8C-91710EB41413} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEA78E44-9CF8-4C1C-880A-2DFB7A197EFC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {473A78EE-2C20-4D31-8D4D-8BDF2D200402} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {830D770B-E011-45BD-93BB-D7A7A9603771} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {16880FDA-D3AE-4098-A118-5403149BEC3C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7308337-0373-42F1-A4F6-96CEA72E73EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (No File)
Task: {3BEC7743-C78C-49A5-9948-A125AE07861C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (No File)
Task: {AADDFD4F-EBA0-472A-85F3-3120A8C81380} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-311264145-2370866077-2721877644-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {7374DC1B-835D-48F6-9543-CAF35E958EEA} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1649674925 => C:\Users\Dee\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-22] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Dee\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {6483D094-2AC9-460D-B544-18028F2059ED} - System32\Tasks\Opera GX scheduled Autoupdate 1649002902 => C:\Users\Dee\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-22] (Opera Norway AS -> Opera Software)
Task: {80879B4F-8B7A-41C4-AB5B-6C49A5EFE185} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (No File)
Task: {4F117C79-2706-4FBF-A748-C0259F51CEFA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {227AA5D5-1B04-418C-BD18-E46A8FA5F4EE} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => C:\WINDOWS\System32\Wscript.exe [170496 2023-10-13] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\ASC_PerformanceMonitor.job => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: C:\WINDOWS\Tasks\ASC_SkipUac_Dee.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DivXUpdate.job => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe
Task: C:\WINDOWS\Tasks\iTopVPN_SkipUAC_Dee.job => C:\Program Files (x86)\iTop VPN\iTopVPN.exe
Task: C:\WINDOWS\Tasks\OWUninstallerRun.job => C:\Program Files (x86)\Overwolf\Overwolf.exe
Task: C:\WINDOWS\Tasks\SmartDefrag_AutoAnalyze.job => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{45f56f70-3efe-4bc0-8a05-6a023a1151b7}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c33a99a6-908f-4edd-9a20-70f8428df167}: [DhcpNameServer] 10.0.0.138 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Dee\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Dee\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-24]
Edge Extension: (Dokumenty Google offline) - C:\Users\Dee\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-04]
Edge Extension: (Edge relevant text changes) - C:\Users\Dee\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-04]
FireFox:
========
FF DefaultProfile: 1ii45z59.default
FF ProfilePath: C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\1ii45z59.default [2023-11-24]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\1ii45z59.default\Extensions\langpack-cs@firefox.mozilla.org [2016-06-14] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\1ii45z59.default\Extensions\partnerdefaults@mozilla.com [2016-06-14] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2016-02-06] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-02-06] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-08] (BYOND) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default [2023-11-24]
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (BetterTTV) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-09-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-28]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-05-28]
CHR Extension: (SteamDB) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2023-09-06]
CHR Extension: (Story Saver) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2023-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-311264145-2370866077-2721877644-1001) Opera GXStable - "C:\Users\Dee\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-06-06] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11182184 2023-11-22] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-05-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [8430736 2021-11-12] (Int3 Software AB -> Int3 Software AB)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel(R) Software Development Products -> )
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-28] (Hi-Rez Studios) [File not signed]
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432 2022-10-20] (IObit CO., LTD -> IObit)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287968 2023-10-14] (Malwarebytes Inc. -> Malwarebytes)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16036272 2023-11-03] (ADLICE -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel(R) Software Development Products -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CCDMonitorService; "C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe" [X]
S2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [X]
S3 ePowerSvc; "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_b7653e998d156664\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_b7653e998d156664\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 QALSvc; "C:\Program Files\Acer\Acer Quick Access\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2023-11-24] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-09] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-09] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [264552 2016-06-22] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2015-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [186784 2016-06-22] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [170792 2016-06-22] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2022-10-20] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2022-10-20] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2022-10-20] (IObit Information Technology -> IObit)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Qcamain; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.) [File not signed]
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 EQU8_HELPER_19; \??\C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
S3 PHYMEM2; \??\C:\Program Files (x86)\Leawo\Blu-ray Player\phymem_ext64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-11-25 21:32 - 2023-11-25 21:37 - 000035036 _____ C:\Users\Dee\Downloads\FRST.txt
2023-11-25 21:30 - 2023-11-25 21:36 - 000000000 ____D C:\FRST
2023-11-25 21:25 - 2023-11-25 21:25 - 002383872 _____ (Farbar) C:\Users\Dee\Downloads\FRST64.exe
2023-11-25 11:15 - 2023-11-25 11:15 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-11-25 11:11 - 2023-11-25 21:40 - 000198250 _____ C:\WINDOWS\ZAM.krnl.trace
2023-11-24 22:21 - 2023-11-24 22:21 - 000000000 ____D C:\ProgramData\Sophos
2023-11-24 22:20 - 2023-11-24 22:20 - 000002841 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2023-11-24 22:20 - 2023-11-24 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-11-24 22:20 - 2023-11-24 22:20 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-11-24 22:09 - 2023-11-24 22:15 - 185115928 _____ (Sophos Limited) C:\Users\Dee\Downloads\Sophos Virus Removal Tool.exe
2023-11-24 17:36 - 2023-11-24 17:36 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2023-11-24 17:36 - 2023-11-24 17:36 - 000001337 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2023-11-24 17:36 - 2023-11-24 17:36 - 000000000 ____D C:\Users\Dee\AppData\Local\Zemana
2023-11-24 17:36 - 2023-11-24 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2023-11-24 17:36 - 2023-11-24 17:36 - 000000000 ____D C:\Program Files (x86)\Zemana
2023-11-24 17:35 - 2023-11-24 22:24 - 000000000 ____D C:\Users\Dee\AppData\Local\AMSDK
2023-11-24 17:34 - 2023-11-24 17:34 - 013922376 _____ (Zemana Ltd. ) C:\Users\Dee\Downloads\Zemana.AntiMalware.Setup.exe
2023-11-24 17:08 - 2023-11-24 17:08 - 000000000 ____D C:\ProgramData\ProductData
2023-11-24 15:49 - 2023-11-24 15:49 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-11-24 15:41 - 2023-11-24 15:42 - 000000000 ____D C:\ProgramData\RogueKiller
2023-11-24 15:41 - 2023-11-24 15:41 - 000000909 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2023-11-24 15:41 - 2023-11-24 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-11-24 15:41 - 2023-11-24 15:41 - 000000000 ____D C:\Program Files\RogueKiller
2023-11-24 15:21 - 2023-11-24 15:49 - 000000000 ____D C:\Program Files\CCleaner
2023-11-24 15:21 - 2023-11-24 15:21 - 000000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-11-24 15:21 - 2023-11-24 15:21 - 000000300 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2023-11-24 15:21 - 2023-11-24 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-11-24 15:05 - 2023-11-24 15:05 - 047819824 _____ (Adlice Software ) C:\Users\Dee\Downloads\RogueKiller_setup.exe
2023-11-24 15:04 - 2023-11-24 15:05 - 078165328 _____ (Piriform Software Ltd) C:\Users\Dee\Downloads\ccsetup618.exe
2023-11-24 14:58 - 2023-11-24 14:58 - 001790024 _____ (Malwarebytes) C:\Users\Dee\Downloads\JRT.exe
2023-11-24 13:18 - 2023-11-24 13:19 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-11-24 13:18 - 2023-11-24 13:18 - 000001840 _____ C:\Users\Dee\Desktop\CrystalDiskInfo.lnk
2023-11-24 13:18 - 2023-11-24 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-11-24 12:34 - 2023-11-24 15:01 - 000000000 ____D C:\AdwCleaner
2023-11-24 12:24 - 2023-11-24 12:24 - 000000929 _____ C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2023-11-24 12:24 - 2023-11-24 12:24 - 000000899 _____ C:\Users\Dee\Desktop\Temp File Cleaner.lnk
2023-11-24 12:24 - 2023-11-24 12:24 - 000000000 ____D C:\Users\Dee\AppData\Roaming\addpcs
2023-11-24 12:24 - 2023-11-24 12:24 - 000000000 ____D C:\Program Files\Temp File Cleaner
2023-11-24 00:10 - 2023-11-24 00:10 - 005795360 _____ (Crystal Dew World ) C:\Users\Dee\Downloads\CrystalDiskInfo9_2_1.exe
2023-11-24 00:04 - 2023-11-24 00:04 - 008791352 _____ (Malwarebytes) C:\Users\Dee\Downloads\AdwCleaner.exe
2023-11-24 00:03 - 2023-11-24 00:03 - 002103230 _____ C:\Users\Dee\Downloads\TempFileCleaner_4.5.0_Setup.exe
2023-11-24 00:02 - 2023-11-24 00:02 - 000050688 _____ (Atribune.org) C:\Users\Dee\Downloads\ATF-Cleaner.exe
2023-11-23 22:10 - 2023-11-23 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\Dee\Downloads\HijackThis.exe
2023-11-23 21:59 - 2023-11-23 21:59 - 000001426 _____ C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2023-11-22 23:40 - 2023-11-22 23:41 - 000005608 _____ C:\Users\Dee\AppData\Roaming\Network Persistent State
2023-11-22 23:40 - 2023-11-22 23:41 - 000003529 _____ C:\Users\Dee\AppData\Roaming\TransportSecurity
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Session Storage
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Platform Notifications
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 ____D C:\Users\Dee\AppData\Roaming\blob_storage
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 _____ C:\Users\Dee\AppData\Roaming\Cookies-journal
2023-11-22 23:40 - 2023-11-22 23:40 - 000131072 _____ C:\Users\Dee\AppData\Roaming\Visited Links
2023-11-22 23:40 - 2023-11-22 23:40 - 000003593 _____ C:\Users\Dee\AppData\LocalLow\lpm.dat
2023-11-22 23:40 - 2023-11-22 23:40 - 000000075 _____ C:\Users\Dee\AppData\Roaming\user_prefs.json
2023-11-22 23:40 - 2023-11-22 23:40 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Local Storage
2023-11-22 23:40 - 2023-11-22 23:40 - 000000000 ____D C:\Users\Dee\AppData\Local\DivX
2023-11-22 23:38 - 2023-11-23 15:28 - 000000000 ____D C:\Users\Dee\AppData\Roaming\DivX
2023-11-22 23:38 - 2023-11-22 23:38 - 000000302 _____ C:\WINDOWS\Tasks\DivXUpdate.job
2023-11-22 23:27 - 2023-11-23 17:42 - 000000000 ____D C:\ProgramData\DivX
2023-11-22 23:12 - 2023-11-22 23:12 - 000000000 ____D C:\Users\Dee\AppData\Local\Leawo Blu-ray Player
2023-11-22 22:45 - 2023-11-22 23:12 - 000000000 ____D C:\ProgramData\Leawo
2023-11-22 22:44 - 2023-11-22 22:44 - 000000000 ____D C:\Program Files (x86)\Leawo
2023-11-22 22:39 - 2023-11-22 23:12 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Leawo
2023-11-22 22:31 - 2023-11-22 22:31 - 000000000 ____D C:\Users\Dee\AppData\Local\vlc
2023-11-21 13:43 - 2023-11-21 13:43 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2023-11-21 13:08 - 2023-11-21 13:08 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-11-21 13:05 - 2023-11-21 13:05 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-11-19 13:17 - 2023-11-19 13:17 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\Iceflake Studios
2023-11-17 14:19 - 2023-11-18 13:54 - 000000000 ____D C:\Users\Dee\AppData\Roaming\StardewValley
2023-11-17 14:12 - 2023-11-17 14:12 - 000001763 _____ C:\Users\Public\Desktop\Stardew Valley.lnk
2023-11-17 13:40 - 2023-11-17 13:40 - 000000000 ____D C:\Users\Dee\Downloads\Stardew.Valley.v1.5.5.1835528477-GOG
2023-11-15 19:12 - 2023-11-15 19:12 - 000000000 ___HD C:\$WinREAgent
2023-11-14 21:02 - 2023-11-23 15:37 - 000000000 ____D C:\Program Files (x86)\4Classic
2023-11-06 15:36 - 2023-11-06 15:36 - 020345527 _____ C:\Users\Dee\Downloads\sims-4-updater-v1.2.3.zip
2023-11-04 18:17 - 2023-11-21 18:21 - 000000000 ____D C:\Users\Dee\AppData\Roaming\BYOND
2023-10-31 13:40 - 2023-10-31 13:40 - 000000945 _____ C:\Users\Dee\Desktop\Cheat Engine.lnk
2023-10-31 13:40 - 2023-10-31 13:40 - 000000000 ____D C:\Users\Dee\Documents\My Cheat Tables
2023-10-31 13:40 - 2023-10-31 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.5
2023-10-31 13:40 - 2023-10-31 13:40 - 000000000 ____D C:\Program Files\Cheat Engine 7.5
2023-10-29 21:18 - 2023-10-29 21:42 - 005039597 ____H C:\Users\Dee\Downloads\.d6920559874971f4cac7cd0dfc4ec92ff81ea23f.parts
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-11-25 21:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-25 21:29 - 2022-06-08 13:40 - 000000000 ____D C:\Users\Dee\AppData\Local\Discord
2023-11-25 21:25 - 2016-07-02 14:43 - 000000000 ____D C:\Users\Dee\AppData\Local\Battle.net
2023-11-25 21:23 - 2021-12-17 17:44 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-25 21:23 - 2016-06-14 17:14 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-25 21:20 - 2020-09-27 06:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-25 20:39 - 2020-06-10 14:39 - 000000000 ____D C:\Users\Dee\AppData\Local\Spotify
2023-11-25 19:53 - 2020-06-10 14:38 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Spotify
2023-11-25 18:34 - 2016-06-15 17:09 - 000000000 ____D C:\Users\Dee\Documents\ShareX
2023-11-25 16:32 - 2022-12-11 16:40 - 000000000 ____D C:\ProgramData\Riot Games
2023-11-25 16:28 - 2018-03-03 15:55 - 000000000 ____D C:\Users\Dee\AppData\Roaming\discord
2023-11-25 12:04 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-25 11:58 - 2023-02-18 11:57 - 000003676 _____ C:\WINDOWS\SysWOW64\pubfreeware.ini
2023-11-25 11:15 - 2016-06-14 16:54 - 000000000 __SHD C:\Users\Dee\IntelGraphicsProfiles
2023-11-25 11:13 - 2021-05-07 22:10 - 000000000 ____D C:\Users\Dee
2023-11-25 11:11 - 2020-09-27 06:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-25 11:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-11-25 11:11 - 2017-10-10 16:58 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-24 22:25 - 2016-06-17 19:53 - 000000000 ____D C:\Users\Dee\AppData\Local\CrashDumps
2023-11-24 18:41 - 2016-06-14 20:10 - 000000000 ____D C:\Users\Dee\AppData\Roaming\vlc
2023-11-24 17:56 - 2022-02-16 11:06 - 000000000 ____D C:\Program Files\RUXIM
2023-11-24 17:31 - 2016-07-02 14:44 - 000000000 ____D C:\Users\Dee\AppData\Local\Blizzard Entertainment
2023-11-24 17:31 - 2016-07-02 14:43 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2023-11-24 16:56 - 2020-04-25 22:08 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Telegram Desktop
2023-11-24 16:55 - 2016-06-14 17:17 - 000000000 ____D C:\Program Files (x86)\Steam
2023-11-24 16:40 - 2016-06-14 17:20 - 000000000 ____D C:\Users\Dee\AppData\Local\Steam
2023-11-24 16:35 - 2016-11-13 18:02 - 000000000 ____D C:\Games
2023-11-24 16:26 - 2016-08-09 11:04 - 000000000 ____D C:\Users\Dee\Desktop\Screenshots
2023-11-24 16:24 - 2020-05-12 22:31 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-24 16:22 - 2016-09-29 15:19 - 000000000 ____D C:\Program Files\Epic Games
2023-11-24 16:08 - 2017-10-28 21:01 - 000000000 ____D C:\Users\Dee\AppData\Local\Packages
2023-11-24 15:54 - 2019-09-08 21:53 - 000000000 ____D C:\Users\Dee\Desktop\ps mastah
2023-11-24 15:39 - 2016-06-23 17:42 - 000000000 ____D C:\Users\Dee\AppData\Roaming\uTorrent
2023-11-24 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-24 15:02 - 2015-08-31 11:52 - 000000000 ____D C:\Program Files\Acer
2023-11-24 15:02 - 2015-08-31 11:50 - 000000000 ____D C:\ProgramData\Acer
2023-11-24 15:02 - 2015-08-31 11:50 - 000000000 ____D C:\Program Files (x86)\Acer
2023-11-24 15:01 - 2022-12-11 16:17 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\IObit
2023-11-24 15:01 - 2022-12-11 16:16 - 000000000 ____D C:\Program Files (x86)\IObit
2023-11-24 15:01 - 2022-12-11 16:15 - 000000000 ____D C:\Users\Dee\AppData\Roaming\IObit
2023-11-24 15:01 - 2022-12-11 16:15 - 000000000 ____D C:\ProgramData\IObit
2023-11-24 12:42 - 2023-05-11 21:04 - 000000000 ____D C:\Users\Dee\AppData\Local\Malwarebytes
2023-11-24 12:27 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-11-24 12:25 - 2018-05-31 16:39 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\Temp
2023-11-24 12:25 - 2016-02-06 03:02 - 000000000 ____D C:\ProgramData\Temp
2023-11-23 21:29 - 2016-06-28 21:53 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Microsoft\MMC
2023-11-23 19:29 - 2021-05-08 11:50 - 000991708 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-23 19:29 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-11-23 19:29 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-11-23 19:29 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-23 18:45 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-23 16:13 - 2017-05-26 20:20 - 000000000 ____D C:\Program Files (x86)\Overwatch
2023-11-23 15:48 - 2020-05-04 22:31 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Microsoft\Teams
2023-11-23 15:39 - 2016-07-02 14:42 - 000000000 ____D C:\ProgramData\Battle.net
2023-11-23 15:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-23 15:27 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-23 14:45 - 2020-09-27 06:50 - 005172072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-23 00:00 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-22 23:53 - 2022-06-26 16:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2023-11-22 23:53 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-22 23:50 - 2022-06-26 16:47 - 000000000 ____D C:\WINDOWS\en-GB
2023-11-22 23:50 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-22 23:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-22 23:49 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-22 23:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-22 23:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-22 23:34 - 2016-02-06 02:26 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-22 22:35 - 2023-05-23 18:39 - 000000920 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-11-22 22:26 - 2019-12-07 12:08 - 000000000 ____D C:\Users\Dee\AppData\Roaming\qBittorrent
2023-11-22 13:39 - 2020-05-12 22:57 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Microsoft\Word
2023-11-22 13:34 - 2020-05-12 22:57 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Microsoft\Office
2023-11-22 13:22 - 2018-08-30 20:52 - 000000000 ____D C:\Users\Dee\AppData\Local\D3DSCache
2023-11-22 13:21 - 2017-08-29 00:59 - 000000000 ____D C:\Users\Dee\AppData\Local\SquirrelTemp
2023-11-22 13:17 - 2016-08-26 23:39 - 000000000 ____D C:\Users\Dee\AppData\Local\ConnectedDevicesPlatform
2023-11-21 13:43 - 2020-05-12 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-11-21 13:08 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-11-20 13:10 - 2022-05-13 19:00 - 000001996 _____ C:\Users\Public\Desktop\BYOND.lnk
2023-11-19 21:55 - 2020-12-29 21:42 - 000001456 _____ C:\Users\Dee\AppData\Local\Adobe Save for Web 13.0 Prefs
2023-11-19 13:27 - 2023-03-18 16:05 - 000000000 ____D C:\Users\Dee\AppData\Roaming\paradox-launcher-v2
2023-11-19 13:16 - 2023-02-20 21:20 - 000000000 ____D C:\Users\Dee\Documents\Paradox Interactive
2023-11-18 12:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-18 12:58 - 2020-09-27 08:53 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-17 13:49 - 2017-12-19 23:21 - 000000000 ____D C:\GOG Games
2023-11-16 23:51 - 2016-06-14 17:15 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-16 16:15 - 2022-09-18 12:51 - 000000000 ____D C:\Users\Dee\AppData\Local\anadius
2023-11-16 16:15 - 2022-09-18 12:35 - 000000000 ____D C:\Users\Dee\Desktop\sim 4 updater
2023-11-15 20:42 - 2020-09-27 08:53 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-15 19:02 - 2016-06-14 20:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-15 18:51 - 2016-06-14 20:17 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-10 14:12 - 2020-07-25 22:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-07 13:33 - 2020-09-27 08:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-29 21:30 - 2023-07-12 15:23 - 000000000 ____D C:\Users\Dee\Downloads\Supernatural (2005) Season 9 S09 (1080p BluRay x265 HEVC 10bit AAC 5.1 Silence)
2023-10-28 23:03 - 2017-04-03 17:02 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2023-10-28 12:53 - 2022-05-13 17:38 - 000000000 ____D C:\Users\Dee\Documents\BYOND
2023-10-26 18:09 - 2016-07-19 14:11 - 000000000 ____D C:\Users\Dee\Documents\my games
2023-10-26 18:06 - 2022-12-11 15:27 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
==================== Files in the root of some directories ========
2021-05-18 13:51 - 2021-05-24 13:25 - 000000032 _____ () C:\Users\Dee\AppData\Roaming\.machineId
2023-11-22 23:40 - 2023-11-22 23:41 - 000032768 _____ () C:\Users\Dee\AppData\Roaming\Cookies
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 _____ () C:\Users\Dee\AppData\Roaming\Cookies-journal
2023-11-22 23:40 - 2023-11-22 23:41 - 000005608 _____ () C:\Users\Dee\AppData\Roaming\Network Persistent State
2023-11-22 23:40 - 2023-11-22 23:41 - 000003529 _____ () C:\Users\Dee\AppData\Roaming\TransportSecurity
2023-11-22 23:40 - 2023-11-22 23:40 - 000000075 _____ () C:\Users\Dee\AppData\Roaming\user_prefs.json
2023-11-22 23:40 - 2023-11-22 23:40 - 000131072 _____ () C:\Users\Dee\AppData\Roaming\Visited Links
2016-07-10 13:54 - 2016-10-15 22:53 - 000003935 _____ () C:\Users\Dee\AppData\Roaming\VoiceMeeterDefault.xml
2020-12-29 21:42 - 2023-11-19 21:55 - 000001456 _____ () C:\Users\Dee\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-06-28 21:44 - 2020-12-09 20:30 - 000001480 _____ () C:\Users\Dee\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-02-21 17:55 - 2019-02-21 17:55 - 000000000 _____ () C:\Users\Dee\AppData\Local\oobelibMkey.log
2021-07-28 13:00 - 2021-11-12 11:07 - 000030748 _____ () C:\Users\Dee\AppData\Local\PlariumPlay.log
2018-03-01 22:36 - 2022-06-08 12:27 - 000007597 _____ () C:\Users\Dee\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by Dee (administrator) on LAPTOP-5E42HBG8 (Acer Aspire E5-573G) (25-11-2023 21:32:04)
Running from C:\Users\Dee\Downloads\FRST64.exe
Loaded Profiles: Dee
Platform: Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Users\Dee\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Dee\AppData\Local\Programs\Opera GX\104.0.4944.74\opera_crashreporter.exe
(Discord Inc. -> Discord Inc.) C:\Users\Dee\AppData\Local\Discord\app-1.0.9024\Discord.exe <7>
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PubPlatform.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Opera Norway AS -> Opera Software) C:\Users\Dee\AppData\Local\Programs\Opera GX\opera.exe <27>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacig.inf_amd64_b7653e998d156664\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ctfmon] => C:\Windows\System32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1103480 2022-09-26] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (No File)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\Dee\AppData\Local\Microsoft\Teams\Update.exe [2588640 2023-11-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Dee\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [MicrosoftEdgeAutoLaunch_E1FFA6E4CF5EE06BE425AD6516A9CAC3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [Discord] => C:\Users\Dee\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [RiotClient] => C:\Leauge2.0\Riot Games\Riot Client\RiotClientServices.exe [70912472 2023-11-25] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [Gaijin.Net Updater] => "C:\Users\Dee\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe" (No File)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Dee\AppData\Local\Microsoft\Teams\Update.exe [2588640 2023-11-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\MountPoints2: {62e594f9-164e-11ed-9d45-54ab3a476bdc} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\MountPoints2: {a4ff9eb1-1878-11ec-9d06-54ab3a476bdc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\MountPoints2: {aacd9a41-cab9-11eb-9cf1-c8ff280f0279} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-311264145-2370866077-2721877644-1001\...\MountPoints2: {f2a053ed-ac73-11ec-9d26-c8ff280f0279} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MP260 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9G.DLL [27648 2008-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP460 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD81.DLL [27136 2006-09-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP260 series: C:\Windows\system32\CNMLM9G.DLL [279040 2008-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP460: C:\Windows\system32\CNMLM81.DLL [235520 2008-04-03] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-16] (Google LLC -> Google LLC)
Startup: C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Discord.lnk [2021-09-23]
ShortcutTarget: Discord.lnk -> C:\Users\Dee\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
Startup: C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2016-07-22]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B6A9428-B423-4CAE-BCA1-5898B04F3EA4} - \Microsoft\Windows\AppListBackup\BackupNonMaintenance -> No File <==== ATTENTION
Task: {0E5449C5-5AE4-425D-808E-0900CA7FE2A5} - \Microsoft\Windows\Application Experience\MareBackup -> No File <==== ATTENTION
Task: {42924238-738F-4B82-B73E-BA9DCEC815E7} - \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange -> No File <==== ATTENTION
Task: {4BC85114-38BE-42BB-9740-3618B8F13A89} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {665A00E9-732B-42DF-A596-9FE82A6B91D3} - \Microsoft\Windows\PI\SecureBootEncodeUEFI -> No File <==== ATTENTION
Task: {7F91A628-B915-43A3-AF07-66D388AA7AC3} - \Microsoft\Windows\Management\Autopilot\DetectHardwareChange -> No File <==== ATTENTION
Task: {807A6468-AA37-47EF-BB35-021A6C556681} - \Microsoft\Windows\Registry\OOBE-Maintenance -> No File <==== ATTENTION
Task: {88E2DF20-0B21-49D0-82A6-12F013BEA369} - \Microsoft\Windows\Shell\ThemesSyncedImageDownload -> No File <==== ATTENTION
Task: {8F87510C-118C-4E78-A80B-3FEDBD08975D} - \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache -> No File <==== ATTENTION
Task: {9F72CF44-9290-4134-85C2-B191DCD42ACF} - \Microsoft\Windows\Printing\PrinterCleanupTask -> No File <==== ATTENTION
Task: {D900F660-679A-4259-ADCE-1785CB35F67F} - \Microsoft\Windows\CloudRestore\Backup -> No File <==== ATTENTION
Task: {EDC00E4E-BD6B-477F-B6CA-440ECD6558A6} - \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask -> No File <==== ATTENTION
Task: {FBE1992D-A1B2-44DD-9601-A1A2F799B096} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (No File)
Task: {AE82E0EC-5055-4444-BEE2-0C91FC767031} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {04A05EB8-F698-4DD0-8D7C-A8F54E64FC1E} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe (No File)
Task: {46D44DF3-9763-445A-8AF4-79979D759782} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (No File)
Task: {587D2393-5971-44A9-9695-C35804EEA4B6} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {4255B467-65DE-4952-B13A-DB5BA51063CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-14] (Google Inc -> Google Inc.)
Task: {7CE803AA-00EE-4C51-BA2E-013E5931B255} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-14] (Google Inc -> Google Inc.)
Task: {2CBE2450-06FE-4CAF-8FC3-12117C6BE4E2} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {998EC8F4-B60A-4FB4-BC8C-91710EB41413} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEA78E44-9CF8-4C1C-880A-2DFB7A197EFC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {473A78EE-2C20-4D31-8D4D-8BDF2D200402} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {830D770B-E011-45BD-93BB-D7A7A9603771} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {16880FDA-D3AE-4098-A118-5403149BEC3C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7308337-0373-42F1-A4F6-96CEA72E73EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (No File)
Task: {3BEC7743-C78C-49A5-9948-A125AE07861C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (No File)
Task: {AADDFD4F-EBA0-472A-85F3-3120A8C81380} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-311264145-2370866077-2721877644-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {7374DC1B-835D-48F6-9543-CAF35E958EEA} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1649674925 => C:\Users\Dee\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-22] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Dee\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {6483D094-2AC9-460D-B544-18028F2059ED} - System32\Tasks\Opera GX scheduled Autoupdate 1649002902 => C:\Users\Dee\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-22] (Opera Norway AS -> Opera Software)
Task: {80879B4F-8B7A-41C4-AB5B-6C49A5EFE185} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (No File)
Task: {4F117C79-2706-4FBF-A748-C0259F51CEFA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {227AA5D5-1B04-418C-BD18-E46A8FA5F4EE} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => C:\WINDOWS\System32\Wscript.exe [170496 2023-10-13] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\ASC_PerformanceMonitor.job => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: C:\WINDOWS\Tasks\ASC_SkipUac_Dee.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DivXUpdate.job => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe
Task: C:\WINDOWS\Tasks\iTopVPN_SkipUAC_Dee.job => C:\Program Files (x86)\iTop VPN\iTopVPN.exe
Task: C:\WINDOWS\Tasks\OWUninstallerRun.job => C:\Program Files (x86)\Overwolf\Overwolf.exe
Task: C:\WINDOWS\Tasks\SmartDefrag_AutoAnalyze.job => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{45f56f70-3efe-4bc0-8a05-6a023a1151b7}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c33a99a6-908f-4edd-9a20-70f8428df167}: [DhcpNameServer] 10.0.0.138 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Dee\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Dee\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-24]
Edge Extension: (Dokumenty Google offline) - C:\Users\Dee\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-04]
Edge Extension: (Edge relevant text changes) - C:\Users\Dee\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-04]
FireFox:
========
FF DefaultProfile: 1ii45z59.default
FF ProfilePath: C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\1ii45z59.default [2023-11-24]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\1ii45z59.default\Extensions\langpack-cs@firefox.mozilla.org [2016-06-14] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\1ii45z59.default\Extensions\partnerdefaults@mozilla.com [2016-06-14] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2016-02-06] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-02-06] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-08] (BYOND) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default [2023-11-24]
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (BetterTTV) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-09-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-28]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-05-28]
CHR Extension: (SteamDB) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2023-09-06]
CHR Extension: (Story Saver) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2023-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-311264145-2370866077-2721877644-1001) Opera GXStable - "C:\Users\Dee\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-06-06] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11182184 2023-11-22] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-05-30] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [8430736 2021-11-12] (Int3 Software AB -> Int3 Software AB)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel(R) Software Development Products -> )
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-28] (Hi-Rez Studios) [File not signed]
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432 2022-10-20] (IObit CO., LTD -> IObit)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287968 2023-10-14] (Malwarebytes Inc. -> Malwarebytes)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16036272 2023-11-03] (ADLICE -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel(R) Software Development Products -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CCDMonitorService; "C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe" [X]
S2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [X]
S3 ePowerSvc; "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_b7653e998d156664\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_b7653e998d156664\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 QALSvc; "C:\Program Files\Acer\Acer Quick Access\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2023-11-24] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-09] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-09] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [264552 2016-06-22] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2015-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [186784 2016-06-22] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [170792 2016-06-22] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2022-10-20] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2022-10-20] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2022-10-20] (IObit Information Technology -> IObit)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Qcamain; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.) [File not signed]
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 EQU8_HELPER_19; \??\C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
S3 PHYMEM2; \??\C:\Program Files (x86)\Leawo\Blu-ray Player\phymem_ext64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-11-25 21:32 - 2023-11-25 21:37 - 000035036 _____ C:\Users\Dee\Downloads\FRST.txt
2023-11-25 21:30 - 2023-11-25 21:36 - 000000000 ____D C:\FRST
2023-11-25 21:25 - 2023-11-25 21:25 - 002383872 _____ (Farbar) C:\Users\Dee\Downloads\FRST64.exe
2023-11-25 11:15 - 2023-11-25 11:15 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-11-25 11:11 - 2023-11-25 21:40 - 000198250 _____ C:\WINDOWS\ZAM.krnl.trace
2023-11-24 22:21 - 2023-11-24 22:21 - 000000000 ____D C:\ProgramData\Sophos
2023-11-24 22:20 - 2023-11-24 22:20 - 000002841 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2023-11-24 22:20 - 2023-11-24 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-11-24 22:20 - 2023-11-24 22:20 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-11-24 22:09 - 2023-11-24 22:15 - 185115928 _____ (Sophos Limited) C:\Users\Dee\Downloads\Sophos Virus Removal Tool.exe
2023-11-24 17:36 - 2023-11-24 17:36 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2023-11-24 17:36 - 2023-11-24 17:36 - 000001337 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2023-11-24 17:36 - 2023-11-24 17:36 - 000000000 ____D C:\Users\Dee\AppData\Local\Zemana
2023-11-24 17:36 - 2023-11-24 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2023-11-24 17:36 - 2023-11-24 17:36 - 000000000 ____D C:\Program Files (x86)\Zemana
2023-11-24 17:35 - 2023-11-24 22:24 - 000000000 ____D C:\Users\Dee\AppData\Local\AMSDK
2023-11-24 17:34 - 2023-11-24 17:34 - 013922376 _____ (Zemana Ltd. ) C:\Users\Dee\Downloads\Zemana.AntiMalware.Setup.exe
2023-11-24 17:08 - 2023-11-24 17:08 - 000000000 ____D C:\ProgramData\ProductData
2023-11-24 15:49 - 2023-11-24 15:49 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-11-24 15:41 - 2023-11-24 15:42 - 000000000 ____D C:\ProgramData\RogueKiller
2023-11-24 15:41 - 2023-11-24 15:41 - 000000909 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2023-11-24 15:41 - 2023-11-24 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-11-24 15:41 - 2023-11-24 15:41 - 000000000 ____D C:\Program Files\RogueKiller
2023-11-24 15:21 - 2023-11-24 15:49 - 000000000 ____D C:\Program Files\CCleaner
2023-11-24 15:21 - 2023-11-24 15:21 - 000000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-11-24 15:21 - 2023-11-24 15:21 - 000000300 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2023-11-24 15:21 - 2023-11-24 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-11-24 15:05 - 2023-11-24 15:05 - 047819824 _____ (Adlice Software ) C:\Users\Dee\Downloads\RogueKiller_setup.exe
2023-11-24 15:04 - 2023-11-24 15:05 - 078165328 _____ (Piriform Software Ltd) C:\Users\Dee\Downloads\ccsetup618.exe
2023-11-24 14:58 - 2023-11-24 14:58 - 001790024 _____ (Malwarebytes) C:\Users\Dee\Downloads\JRT.exe
2023-11-24 13:18 - 2023-11-24 13:19 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-11-24 13:18 - 2023-11-24 13:18 - 000001840 _____ C:\Users\Dee\Desktop\CrystalDiskInfo.lnk
2023-11-24 13:18 - 2023-11-24 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-11-24 12:34 - 2023-11-24 15:01 - 000000000 ____D C:\AdwCleaner
2023-11-24 12:24 - 2023-11-24 12:24 - 000000929 _____ C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2023-11-24 12:24 - 2023-11-24 12:24 - 000000899 _____ C:\Users\Dee\Desktop\Temp File Cleaner.lnk
2023-11-24 12:24 - 2023-11-24 12:24 - 000000000 ____D C:\Users\Dee\AppData\Roaming\addpcs
2023-11-24 12:24 - 2023-11-24 12:24 - 000000000 ____D C:\Program Files\Temp File Cleaner
2023-11-24 00:10 - 2023-11-24 00:10 - 005795360 _____ (Crystal Dew World ) C:\Users\Dee\Downloads\CrystalDiskInfo9_2_1.exe
2023-11-24 00:04 - 2023-11-24 00:04 - 008791352 _____ (Malwarebytes) C:\Users\Dee\Downloads\AdwCleaner.exe
2023-11-24 00:03 - 2023-11-24 00:03 - 002103230 _____ C:\Users\Dee\Downloads\TempFileCleaner_4.5.0_Setup.exe
2023-11-24 00:02 - 2023-11-24 00:02 - 000050688 _____ (Atribune.org) C:\Users\Dee\Downloads\ATF-Cleaner.exe
2023-11-23 22:10 - 2023-11-23 22:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\Dee\Downloads\HijackThis.exe
2023-11-23 21:59 - 2023-11-23 21:59 - 000001426 _____ C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2023-11-22 23:40 - 2023-11-22 23:41 - 000005608 _____ C:\Users\Dee\AppData\Roaming\Network Persistent State
2023-11-22 23:40 - 2023-11-22 23:41 - 000003529 _____ C:\Users\Dee\AppData\Roaming\TransportSecurity
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Session Storage
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Platform Notifications
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 ____D C:\Users\Dee\AppData\Roaming\blob_storage
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 _____ C:\Users\Dee\AppData\Roaming\Cookies-journal
2023-11-22 23:40 - 2023-11-22 23:40 - 000131072 _____ C:\Users\Dee\AppData\Roaming\Visited Links
2023-11-22 23:40 - 2023-11-22 23:40 - 000003593 _____ C:\Users\Dee\AppData\LocalLow\lpm.dat
2023-11-22 23:40 - 2023-11-22 23:40 - 000000075 _____ C:\Users\Dee\AppData\Roaming\user_prefs.json
2023-11-22 23:40 - 2023-11-22 23:40 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Local Storage
2023-11-22 23:40 - 2023-11-22 23:40 - 000000000 ____D C:\Users\Dee\AppData\Local\DivX
2023-11-22 23:38 - 2023-11-23 15:28 - 000000000 ____D C:\Users\Dee\AppData\Roaming\DivX
2023-11-22 23:38 - 2023-11-22 23:38 - 000000302 _____ C:\WINDOWS\Tasks\DivXUpdate.job
2023-11-22 23:27 - 2023-11-23 17:42 - 000000000 ____D C:\ProgramData\DivX
2023-11-22 23:12 - 2023-11-22 23:12 - 000000000 ____D C:\Users\Dee\AppData\Local\Leawo Blu-ray Player
2023-11-22 22:45 - 2023-11-22 23:12 - 000000000 ____D C:\ProgramData\Leawo
2023-11-22 22:44 - 2023-11-22 22:44 - 000000000 ____D C:\Program Files (x86)\Leawo
2023-11-22 22:39 - 2023-11-22 23:12 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Leawo
2023-11-22 22:31 - 2023-11-22 22:31 - 000000000 ____D C:\Users\Dee\AppData\Local\vlc
2023-11-21 13:43 - 2023-11-21 13:43 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2023-11-21 13:08 - 2023-11-21 13:08 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-11-21 13:05 - 2023-11-21 13:05 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-11-19 13:17 - 2023-11-19 13:17 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\Iceflake Studios
2023-11-17 14:19 - 2023-11-18 13:54 - 000000000 ____D C:\Users\Dee\AppData\Roaming\StardewValley
2023-11-17 14:12 - 2023-11-17 14:12 - 000001763 _____ C:\Users\Public\Desktop\Stardew Valley.lnk
2023-11-17 13:40 - 2023-11-17 13:40 - 000000000 ____D C:\Users\Dee\Downloads\Stardew.Valley.v1.5.5.1835528477-GOG
2023-11-15 19:12 - 2023-11-15 19:12 - 000000000 ___HD C:\$WinREAgent
2023-11-14 21:02 - 2023-11-23 15:37 - 000000000 ____D C:\Program Files (x86)\4Classic
2023-11-06 15:36 - 2023-11-06 15:36 - 020345527 _____ C:\Users\Dee\Downloads\sims-4-updater-v1.2.3.zip
2023-11-04 18:17 - 2023-11-21 18:21 - 000000000 ____D C:\Users\Dee\AppData\Roaming\BYOND
2023-10-31 13:40 - 2023-10-31 13:40 - 000000945 _____ C:\Users\Dee\Desktop\Cheat Engine.lnk
2023-10-31 13:40 - 2023-10-31 13:40 - 000000000 ____D C:\Users\Dee\Documents\My Cheat Tables
2023-10-31 13:40 - 2023-10-31 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.5
2023-10-31 13:40 - 2023-10-31 13:40 - 000000000 ____D C:\Program Files\Cheat Engine 7.5
2023-10-29 21:18 - 2023-10-29 21:42 - 005039597 ____H C:\Users\Dee\Downloads\.d6920559874971f4cac7cd0dfc4ec92ff81ea23f.parts
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-11-25 21:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-25 21:29 - 2022-06-08 13:40 - 000000000 ____D C:\Users\Dee\AppData\Local\Discord
2023-11-25 21:25 - 2016-07-02 14:43 - 000000000 ____D C:\Users\Dee\AppData\Local\Battle.net
2023-11-25 21:23 - 2021-12-17 17:44 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-25 21:23 - 2016-06-14 17:14 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-25 21:20 - 2020-09-27 06:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-25 20:39 - 2020-06-10 14:39 - 000000000 ____D C:\Users\Dee\AppData\Local\Spotify
2023-11-25 19:53 - 2020-06-10 14:38 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Spotify
2023-11-25 18:34 - 2016-06-15 17:09 - 000000000 ____D C:\Users\Dee\Documents\ShareX
2023-11-25 16:32 - 2022-12-11 16:40 - 000000000 ____D C:\ProgramData\Riot Games
2023-11-25 16:28 - 2018-03-03 15:55 - 000000000 ____D C:\Users\Dee\AppData\Roaming\discord
2023-11-25 12:04 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-25 11:58 - 2023-02-18 11:57 - 000003676 _____ C:\WINDOWS\SysWOW64\pubfreeware.ini
2023-11-25 11:15 - 2016-06-14 16:54 - 000000000 __SHD C:\Users\Dee\IntelGraphicsProfiles
2023-11-25 11:13 - 2021-05-07 22:10 - 000000000 ____D C:\Users\Dee
2023-11-25 11:11 - 2020-09-27 06:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-25 11:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-11-25 11:11 - 2017-10-10 16:58 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-24 22:25 - 2016-06-17 19:53 - 000000000 ____D C:\Users\Dee\AppData\Local\CrashDumps
2023-11-24 18:41 - 2016-06-14 20:10 - 000000000 ____D C:\Users\Dee\AppData\Roaming\vlc
2023-11-24 17:56 - 2022-02-16 11:06 - 000000000 ____D C:\Program Files\RUXIM
2023-11-24 17:31 - 2016-07-02 14:44 - 000000000 ____D C:\Users\Dee\AppData\Local\Blizzard Entertainment
2023-11-24 17:31 - 2016-07-02 14:43 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2023-11-24 16:56 - 2020-04-25 22:08 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Telegram Desktop
2023-11-24 16:55 - 2016-06-14 17:17 - 000000000 ____D C:\Program Files (x86)\Steam
2023-11-24 16:40 - 2016-06-14 17:20 - 000000000 ____D C:\Users\Dee\AppData\Local\Steam
2023-11-24 16:35 - 2016-11-13 18:02 - 000000000 ____D C:\Games
2023-11-24 16:26 - 2016-08-09 11:04 - 000000000 ____D C:\Users\Dee\Desktop\Screenshots
2023-11-24 16:24 - 2020-05-12 22:31 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-24 16:22 - 2016-09-29 15:19 - 000000000 ____D C:\Program Files\Epic Games
2023-11-24 16:08 - 2017-10-28 21:01 - 000000000 ____D C:\Users\Dee\AppData\Local\Packages
2023-11-24 15:54 - 2019-09-08 21:53 - 000000000 ____D C:\Users\Dee\Desktop\ps mastah
2023-11-24 15:39 - 2016-06-23 17:42 - 000000000 ____D C:\Users\Dee\AppData\Roaming\uTorrent
2023-11-24 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-24 15:02 - 2015-08-31 11:52 - 000000000 ____D C:\Program Files\Acer
2023-11-24 15:02 - 2015-08-31 11:50 - 000000000 ____D C:\ProgramData\Acer
2023-11-24 15:02 - 2015-08-31 11:50 - 000000000 ____D C:\Program Files (x86)\Acer
2023-11-24 15:01 - 2022-12-11 16:17 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\IObit
2023-11-24 15:01 - 2022-12-11 16:16 - 000000000 ____D C:\Program Files (x86)\IObit
2023-11-24 15:01 - 2022-12-11 16:15 - 000000000 ____D C:\Users\Dee\AppData\Roaming\IObit
2023-11-24 15:01 - 2022-12-11 16:15 - 000000000 ____D C:\ProgramData\IObit
2023-11-24 12:42 - 2023-05-11 21:04 - 000000000 ____D C:\Users\Dee\AppData\Local\Malwarebytes
2023-11-24 12:27 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-11-24 12:25 - 2018-05-31 16:39 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\Temp
2023-11-24 12:25 - 2016-02-06 03:02 - 000000000 ____D C:\ProgramData\Temp
2023-11-23 21:29 - 2016-06-28 21:53 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Microsoft\MMC
2023-11-23 19:29 - 2021-05-08 11:50 - 000991708 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-23 19:29 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-11-23 19:29 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-11-23 19:29 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-23 18:45 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-23 16:13 - 2017-05-26 20:20 - 000000000 ____D C:\Program Files (x86)\Overwatch
2023-11-23 15:48 - 2020-05-04 22:31 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Microsoft\Teams
2023-11-23 15:39 - 2016-07-02 14:42 - 000000000 ____D C:\ProgramData\Battle.net
2023-11-23 15:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-23 15:27 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-23 14:45 - 2020-09-27 06:50 - 005172072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-23 00:00 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-23 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-22 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-22 23:53 - 2022-06-26 16:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2023-11-22 23:53 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-22 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-22 23:50 - 2022-06-26 16:47 - 000000000 ____D C:\WINDOWS\en-GB
2023-11-22 23:50 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-22 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-22 23:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-22 23:49 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-22 23:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-22 23:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-22 23:34 - 2016-02-06 02:26 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-22 22:35 - 2023-05-23 18:39 - 000000920 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-11-22 22:26 - 2019-12-07 12:08 - 000000000 ____D C:\Users\Dee\AppData\Roaming\qBittorrent
2023-11-22 13:39 - 2020-05-12 22:57 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Microsoft\Word
2023-11-22 13:34 - 2020-05-12 22:57 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Microsoft\Office
2023-11-22 13:22 - 2018-08-30 20:52 - 000000000 ____D C:\Users\Dee\AppData\Local\D3DSCache
2023-11-22 13:21 - 2017-08-29 00:59 - 000000000 ____D C:\Users\Dee\AppData\Local\SquirrelTemp
2023-11-22 13:17 - 2016-08-26 23:39 - 000000000 ____D C:\Users\Dee\AppData\Local\ConnectedDevicesPlatform
2023-11-21 13:43 - 2020-05-12 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-11-21 13:08 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-11-20 13:10 - 2022-05-13 19:00 - 000001996 _____ C:\Users\Public\Desktop\BYOND.lnk
2023-11-19 21:55 - 2020-12-29 21:42 - 000001456 _____ C:\Users\Dee\AppData\Local\Adobe Save for Web 13.0 Prefs
2023-11-19 13:27 - 2023-03-18 16:05 - 000000000 ____D C:\Users\Dee\AppData\Roaming\paradox-launcher-v2
2023-11-19 13:16 - 2023-02-20 21:20 - 000000000 ____D C:\Users\Dee\Documents\Paradox Interactive
2023-11-18 12:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-18 12:58 - 2020-09-27 08:53 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-17 13:49 - 2017-12-19 23:21 - 000000000 ____D C:\GOG Games
2023-11-16 23:51 - 2016-06-14 17:15 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-16 16:15 - 2022-09-18 12:51 - 000000000 ____D C:\Users\Dee\AppData\Local\anadius
2023-11-16 16:15 - 2022-09-18 12:35 - 000000000 ____D C:\Users\Dee\Desktop\sim 4 updater
2023-11-15 20:42 - 2020-09-27 08:53 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-15 19:02 - 2016-06-14 20:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-15 18:51 - 2016-06-14 20:17 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-10 14:12 - 2020-07-25 22:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-07 13:33 - 2020-09-27 08:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-29 21:30 - 2023-07-12 15:23 - 000000000 ____D C:\Users\Dee\Downloads\Supernatural (2005) Season 9 S09 (1080p BluRay x265 HEVC 10bit AAC 5.1 Silence)
2023-10-28 23:03 - 2017-04-03 17:02 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2023-10-28 12:53 - 2022-05-13 17:38 - 000000000 ____D C:\Users\Dee\Documents\BYOND
2023-10-26 18:09 - 2016-07-19 14:11 - 000000000 ____D C:\Users\Dee\Documents\my games
2023-10-26 18:06 - 2022-12-11 15:27 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
==================== Files in the root of some directories ========
2021-05-18 13:51 - 2021-05-24 13:25 - 000000032 _____ () C:\Users\Dee\AppData\Roaming\.machineId
2023-11-22 23:40 - 2023-11-22 23:41 - 000032768 _____ () C:\Users\Dee\AppData\Roaming\Cookies
2023-11-22 23:40 - 2023-11-22 23:41 - 000000000 _____ () C:\Users\Dee\AppData\Roaming\Cookies-journal
2023-11-22 23:40 - 2023-11-22 23:41 - 000005608 _____ () C:\Users\Dee\AppData\Roaming\Network Persistent State
2023-11-22 23:40 - 2023-11-22 23:41 - 000003529 _____ () C:\Users\Dee\AppData\Roaming\TransportSecurity
2023-11-22 23:40 - 2023-11-22 23:40 - 000000075 _____ () C:\Users\Dee\AppData\Roaming\user_prefs.json
2023-11-22 23:40 - 2023-11-22 23:40 - 000131072 _____ () C:\Users\Dee\AppData\Roaming\Visited Links
2016-07-10 13:54 - 2016-10-15 22:53 - 000003935 _____ () C:\Users\Dee\AppData\Roaming\VoiceMeeterDefault.xml
2020-12-29 21:42 - 2023-11-19 21:55 - 000001456 _____ () C:\Users\Dee\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-06-28 21:44 - 2020-12-09 20:30 - 000001480 _____ () C:\Users\Dee\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-02-21 17:55 - 2019-02-21 17:55 - 000000000 _____ () C:\Users\Dee\AppData\Local\oobelibMkey.log
2021-07-28 13:00 - 2021-11-12 11:07 - 000030748 _____ () C:\Users\Dee\AppData\Local\PlariumPlay.log
2018-03-01 22:36 - 2022-06-08 12:27 - 000007597 _____ () C:\Users\Dee\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================