﻿Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021
Ran by John (administrator) on JOHN-PC (23-03-2021 11:56:18)
Running from C:\Users\John\AppData\Local\Temp\scoped_dir3452_1928228025
Loaded Profiles: John
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Cold Turkey Software, Inc. -> Cold Turkey Software Inc.) C:\Program Files\Cold Turkey\CTMsgHostChrome.exe <2>
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(Discord Inc. -> Discord Inc.) C:\Users\John\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(Figma, Inc. -> ) C:\Users\John\AppData\Local\FigmaAgent\figma_agent.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\74.0.3911.218\opera.exe <50>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\74.0.3911.218\opera_crashreporter.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgc.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Rockstar Games, Inc. -> Rockstar Games) C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe
(SolidWorks) [File not signed] C:\Program Files (x86)\Common Files\SOLIDWORKS Shared\Service\SolidWorksLicensing.exe
(South River Technologies -> South River Technologies, Inc.) C:\Program Files\WebDrive\wdService.exe
(Sublime HQ Pty Ltd -> ) C:\Program Files\Sublime Text 3\plugin_host.exe
(Sublime HQ Pty Ltd -> Sublime HQ Pty Ltd) C:\Program Files\Sublime Text 3\sublime_text.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Trace Software International -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Wen Jia Liu -> wj32) C:\Program Files\Process Hacker 2\ProcessHacker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353400 2021-03-19] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [WebDriveTray] => C:\Program Files\WebDrive\webdrive.exe [13844360 2019-12-20] (South River Technologies -> South River Technologies, Inc.)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-949114339-2066100574-2594248327-1000\...\Run: [Figma Agent] => C:\Users\John\AppData\Local\FigmaAgent\figma_agent.exe [5655264 2021-03-04] (Figma, Inc. -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6960.198\Installer\chrmstp.exe [2020-11-24] (Avast Software s.r.o. -> AVAST Software)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {089601DF-BA51-4033-922C-96D282935CBB} - System32\Tasks\Power_a17007 => C:\Program Files\Cold Turkey\CTServiceInstaller.exe [20984 2020-04-08] (Cold Turkey Software, Inc. -> Cold Turkey Software Inc.)
Task: {0A9D12E3-3DCF-40E3-80B9-803013CD2C22} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {19F754DB-05F4-49DB-91A9-68FF271737DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {265BECBD-BD56-4AA3-9DAF-3E499D846F05} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2020-12-27] (Microsoft Corporation -> Microsoft)
Task: {41D08211-8A07-4B1A-948A-B4B8BF58632A} - System32\Tasks\Robotka
Task: {4D82607E-7526-4BF6-9F28-C3328EC91A74} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {67AA288A-70DC-4C75-97C3-A46E5F221595} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {6B681D84-73C0-42F0-816A-FAC346025961} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7CFEE3F8-8B75-41AC-8467-E25B8016D615} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-04] (Google Inc -> Google Inc.)
Task: {8E912AEC-C392-4AC4-9C4F-9F43B07289E1} - System32\Tasks\Opera scheduled Autoupdate 1473525916 => C:\Program Files (x86)\Opera\launcher.exe [1598616 2021-03-11] (Opera Software AS -> Opera Software)
Task: {9723D4CA-9DCD-4972-BBDA-3766B8E9BE3C} - System32\Tasks\AdobeGCInvoker-1.0-John-PC-John => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {9D6C3930-F621-4296-A748-5865083AD527} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-22] (Avast Software s.r.o. -> Avast Software)
Task: {9E18C082-3092-4BE3-8773-1BD30BDC4F79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-04] (Google Inc -> Google Inc.)
Task: {A30993DD-B4C8-45A6-B8B7-83DDFCF1B0D1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AAAA1BA0-9973-47D1-B128-DD3F1CC9DEF6} - System32\Tasks\Motivacia
Task: {B6215906-8048-45F1-AC2E-0D0F74C0649A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1933408 2020-11-13] (Avast Software s.r.o. -> AVAST Software)
Task: {C2B756A2-8142-4B50-B9C0-C715DB45B991} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1933408 2020-11-13] (Avast Software s.r.o. -> AVAST Software)
Task: {C826FD7A-B8B6-40D8-A041-2076C47165CA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E99D9A46-1DF5-4DDF-A0F9-35B987BAFEF1} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-12] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-949114339-2066100574-2594248327-1000] => 39.137.95.72:80
Winsock: Catalog9 11 C:\Windows\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 12 C:\Windows\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 11 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 12 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{54287F57-F62E-4A77-887F-98CFD53339ED}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B1477436-BDB7-43DB-8368-4FEBFCEBABA8}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF DefaultProfile: dpdx1dpi.default
FF DefaultProfile: 39pruj5d.default
FF DefaultProfile: 5fn2593k.default
FF ProfilePath: C:\Users\John\AppData\Roaming\old Mozilla\Firefox\Profiles\dpdx1dpi.default [2019-07-14]
FF NetworkProxy: old Mozilla\Firefox\Profiles\dpdx1dpi.default -> backup.ftp", "127.0.0.1"
FF Extension: (Flash Debugger) - C:\Users\John\AppData\Roaming\old Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\@flash_debugger.xpi [2019-07-14]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Roaming\old Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\sp@avast.com.xpi [2019-01-23]
FF Extension: (Avast Online Security) - C:\Users\John\AppData\Roaming\old Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Extension: (Video DownloadHelper) - C:\Users\John\AppData\Roaming\old Mozilla\Firefox\Profiles\dpdx1dpi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-07-22]
FF ProfilePath: C:\Users\John\AppData\Roaming\old 2 Mozilla\Firefox\Profiles\pt428uqu.dev-edition-default [2019-07-14]
FF Extension: (Flash Debugger) - C:\Users\John\AppData\Roaming\old 2 Mozilla\Firefox\Profiles\pt428uqu.dev-edition-default\Extensions\@flash_debugger.xpi [2019-07-14]
FF ProfilePath: C:\Users\John\AppData\Roaming\old 2 Mozilla\Firefox\Profiles\39pruj5d.default [2019-07-14]
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ly01ikd2.default-release [2021-03-23]
FF NetworkProxy: Mozilla\Firefox\Profiles\ly01ikd2.default-release -> backup.ftp", "89.221.223.204"
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\5fn2593k.default [2019-07-14]
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1jhytjt4.dev-edition-default [2021-03-23]
FF NetworkProxy: Mozilla\Firefox\Profiles\1jhytjt4.dev-edition-default -> ftp", "127.0.0.1"
FF Extension: (Flash Debugger) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1jhytjt4.dev-edition-default\Extensions\@flash_debugger [2017-04-12] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2019-07-14] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.212.2 -> C:\Program Files\Java\jre1.8.0_212\bin\dtplugin\npDeployJava1.dll [2019-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.212.2 -> C:\Program Files\Java\jre1.8.0_212\bin\plugin2\npjp2.dll [2019-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2019-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems Incorporated -> Adobe Systems)
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2021-03-23]
CHR DownloadDir: C:\Users\John\Downloads
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPDDB91BBD-BA11-4584-980A-F18600097BBE&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321897&octid=EB_ORIGINAL_CTID&ISID=8ee4eefc-caaa-4584-9b6d-b86e8a904540&SearchSource=55&CUI=&UM=4&UP=SP88D27383-B046-4276-A219-31A6DC90F073&SSPV=","hxxp://www.istartsurf.com/?type=hp&ts=1409154743&from=smt&uid=ST1000DM003-1CH162_Z1D81TPZXXXXZ1D81TPZ","hxxp://www.istartsurf.com/?type=hp&ts=1409169345&from=smt&uid=ST1000DM003-1CH162_Z1D81TPZXXXXZ1D81TPZ","hxxp://www.istartsurf.com/?type=hp&ts=1432474055&z=cdd769bed736c3dcd7efba2gaz8cao1zcmfzce4w8c&from=obw&uid=ST1000DM003-1ER162_Z4Y3Y2NTXXXXZ4Y3Y2NT","hxxps://encrypted.google.com","hxxps://www.google.com/"
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (Steam Inventory Helper) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-03-15]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2021-02-11]
CHR Extension: (BuiltWith Technology Profiler) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn [2020-12-20]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-06-12]
CHR Extension: (Session Buddy) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2020-05-21]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-09]
CHR Extension: (DarkOrbit SID Login) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkcmijdllamjcbfeeheebbphpnbmbco [2019-07-01]
CHR Extension: (Video Downloader PLUS) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2020-09-29]
CHR Extension: (Avast Online Security) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (Multi Session Box - Multi login any website) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmmbfmaddjdkkcgbiipkphdcfmkhge [2019-07-29]
CHR Extension: (Stream Video Downloader) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkngaibigegepnlckfcbecjoilcjbhf [2019-10-14]
CHR Extension: (Unseen for Facebook) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiomcgpfgkeefipihnplhadgdoollmap [2021-01-08]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2020-11-05]
CHR Extension: (PowerPoint Online) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2020-03-24]
CHR Extension: (SessionBox - Multi login to any website) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\megbklhjamjbcafknkgmokldgolkdfig [2020-12-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Proxy SwitchyOmega) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\padekgcemlokbadohgkifijomclgjgif [2020-12-20]
CHR Extension: (Cold Turkey Blocker) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pganeibhckoanndahmnfggfoeofncnii [2021-02-19]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-20]
CHR HKU\S-1-5-21-949114339-2066100574-2594248327-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

Opera: 
=======
OPR Profile: C:\Users\John\AppData\Roaming\Opera Software\Opera Stable [2021-03-23]
OPR DownloadDir: C:\Users\John\Downloads
OPR Notifications: Opera Stable -> hxxps://aternos.org; hxxps://forum24.os.tc; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://opencsgo.com; hxxps://skinodds.com; hxxps://www.pvpro.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (AdBlock) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-09-10]
OPR Extension: (Block Site) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\chnfkipjmhdpmammffdbifccnggmejbp [2020-08-03]
OPR Extension: (Cold Turkey Blocker) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\efnolkfmdbinpkbnfigocgfglnhahldj [2021-02-19]
OPR Extension: (Rich Hints Agent) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-11]
OPR Extension: (Steam Trader Helper) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\fljmocdpncmhecbphaechibhfgiiefpe [2021-02-28]
OPR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2018-05-08]
OPR Extension: (Twitch Now) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2018-02-20]
OPR Extension: (Scripter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\hpochgedhgonjnpbepkbnkkibkjigknc [2018-04-19]
OPR Extension: (Direct Currency Converter) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\jionklhcihkojemcnabgmdahckalngcl [2019-06-05]
OPR Extension: (Quasimodo) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbioggfbkfijplhkfhaedclnadjdcbnn [2018-07-05]
OPR Extension: (Onion Browser Button) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\lilflogangngbfkpiijccmfokhjcbhcl [2020-06-09]
OPR Extension: (Freedom - Website Blocker for Opera) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\linaecddcadajnclkmnkaenhapnfdgoa [2020-08-03]
OPR Extension: (Tampermonkey) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2020-11-06]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\John\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-02-02]
StartMenuInternet: (HKLM) Opera GXStable - C:\Program Files\Opera GX\Launcher.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S4 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S4 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S4 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S4 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6960.198\elevation_service.exe [1136920 2020-11-13] (Avast Software s.r.o. -> AVAST Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8567960 2020-03-24] (BattlEye Innovations e.K. -> )
S4 CDROM_Detect; C:\Program Files\4G LTE Modem\4G_Server.exe [327680 2016-11-19] () [File not signed]
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2020-11-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-02-26] (Trace Software International -> )
S4 FACEITService; C:\Program Files\FACEIT AC\FACEITService.exe [20756320 2020-05-01] (FACE IT LIMITED -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2021-02-17] (Mixbyte Inc -> Freemake)
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S4 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2018-02-26] (Intel(R) Software Development Products -> Intel Corporation)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc -> Logitech Inc.)
S4 memcached; c:\memcached\memcached.exe [507640 2009-12-16] () [File not signed]
S4 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S2 Power_a17007; C:\Program Files\Cold Turkey\\ServiceHub.Power.exe [104952 2020-07-31] (Cold Turkey Software, Inc. -> )
S4 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [100672 2020-04-17] (ProtonVPN AG -> )
S4 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-04-17] (ProtonVPN AG -> )
S4 QMEmulatorService; D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [166384 2019-12-20] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] (Razer USA Ltd. -> )
R2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [264704 2018-02-26] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
R2 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1679240 2021-02-20] (Rockstar Games, Inc. -> Rockstar Games)
R2 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2018-05-27] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 SWVisualize2018.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [59280 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 SWVisualize2018.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [24976 2018-02-26] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-11-05] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S2 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R2 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10290288 2021-03-19] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15477208 2020-03-07] (VMware, Inc. -> )
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation -> Microsoft Corporation)
S4 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S4 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] (MariaDB Corporation Ab -> )
S4 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]
R2 WebDriveService; C:\Program Files\WebDrive\wdService.exe [12388232 2019-12-20] (South River Technologies -> South River Technologies, Inc.)
S2 IpOverUsbSvc; "C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 amdkmdap; C:\Windows\System32\Drivers\amdkmdap.sys [614280 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [140032 2013-08-16] (MCCI Corporation -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [424192 2013-08-16] (MCCI Corporation -> ASMedia Technology Inc)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469472 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216984 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326064 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2009-06-02] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 CMUAC; C:\Windows\System32\DRIVERS\Headset6400x1.SYS [386560 2013-10-03] (C-MEDIA ELECTRONICS INC. -> A4Tech Inc.)
S3 CT_QUALCOMM_U_drv; C:\Windows\System32\DRIVERS\CT_QUALCOMM_U_drv.sys [118016 2009-04-27] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-04] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [1890440 2020-11-14] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2016-07-05] (NTONYX Ltd. -> Eugene V. Muzychenko)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [20193656 2020-05-01] (FACE IT LIMITED -> )
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-05-03] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 HidNt; C:\Windows\System32\DRIVERS\HIDNt.sys [22576 2008-04-18] (Futime Manufacturing Ltd -> Microsoft Corporation) [File not signed]
S3 HidNt; C:\Windows\SysWOW64\DRIVERS\HIDNt.sys [18992 2008-04-18] (Futime Manufacturing Ltd -> Microsoft Corporation) [File not signed]
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 KProcessHacker3; C:\Program Files\Process Hacker 2\kprocesshacker.sys [45208 2016-03-29] (Wen Jia Liu -> wj32)
R2 LdBoxDrv; C:\Program Files\dnplayerext2\LdBoxDrv.sys [319376 2020-06-18] (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [37408 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [26912 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2018-07-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 Mac606; C:\Windows\System32\DRIVERS\Mac606.sys [33200 2008-04-18] (Futime Manufacturing Ltd -> ) [File not signed]
S3 Mac606; C:\Windows\SysWOW64\DRIVERS\Mac606.sys [26672 2008-04-18] (Futime Manufacturing Ltd -> ) [File not signed]
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc. -> Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc. -> Visicom Media Inc.)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [69432 2019-09-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.SplitTunnelDriver.sys [22456 2020-01-15] (ProtonVPN AG -> Proton Technologies AG)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51224 2016-05-12] (Razer USA Ltd. -> Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer Inc. -> Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer Inc. -> Razer, Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2015-02-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [39864 2020-04-06] (ProtonVPN AG -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Apple, Inc.) [File not signed]
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2019-01-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2019-01-05] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-06-28] (Oracle Corporation -> Oracle Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6383536 2021-03-19] (Riot Games, Inc. -> Riot Games, Inc.)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2020-03-07] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [66368 2020-03-07] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [103736 2019-08-14] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R2 WebDriveFSD; C:\Program Files\WebDrive\wdfsd.sys [108960 2018-09-25] (South River Technologies -> South River Technologies, Inc.)
R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider)
U4 npcap_wifi; no ImagePath
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-23 11:37 - 2021-03-23 11:37 - 002300928 _____ (Farbar) C:\Users\John\Downloads\FRST64 (4).exe
2021-03-23 11:37 - 2021-03-23 11:37 - 000000021 _____ C:\Users\John\Desktop\forum viry.txt
2021-03-22 23:49 - 2021-03-22 23:49 - 000000222 _____ C:\Users\John\Desktop\Z1 Battle Royale.url
2021-03-22 17:30 - 2021-03-22 17:30 - 001609635 _____ C:\Users\John\Downloads\to ti je npaicu.mp4
2021-03-22 17:28 - 2021-03-22 17:28 - 001826895 _____ C:\Users\John\Downloads\yt1s.com - Celkom rád odpisujem vodomery  Dano Drevo a turnaj Mekyho Žbirku_360p.mp4
2021-03-22 14:52 - 2021-03-22 14:52 - 000021861 _____ C:\Users\John\Downloads\18VirtualnySvet03-skupina.zip
2021-03-22 14:34 - 2021-03-22 14:34 - 000205053 _____ C:\Users\John\Downloads\02x13-Virtualny_svet.pptx
2021-03-22 14:30 - 2021-03-22 14:30 - 000135709 _____ C:\Users\John\Downloads\02x16-Manipulacia_so_skupinou.pptx
2021-03-22 14:02 - 2021-03-22 14:02 - 000108961 _____ C:\Users\John\Downloads\02x15-Manipulacia_s_komponentom.pptx
2021-03-22 14:02 - 2021-03-22 14:02 - 000020547 _____ C:\Users\John\Downloads\17VirtualnySvet02-focus.zip
2021-03-22 11:25 - 2021-03-22 11:25 - 002659743 _____ C:\Users\John\Downloads\JFLAP7.1.jar
2021-03-21 23:03 - 2021-03-21 23:03 - 002659743 _____ C:\Users\John\Downloads\JFLAP7.1 (1).jar
2021-03-21 14:36 - 2021-03-21 14:37 - 000012272 _____ C:\Users\John\Downloads\Les_MartinChotar.zip
2021-03-20 14:34 - 2021-03-20 14:34 - 000197151 _____ C:\Users\John\Desktop\Text+Hypm.zip
2021-03-20 14:26 - 2021-03-20 14:26 - 002196263 _____ C:\Users\John\Downloads\Free-Sans (1).zip
2021-03-20 14:25 - 2021-03-20 14:25 - 000094516 _____ C:\Users\John\Downloads\PragmaticaMedium.otf
2021-03-20 14:24 - 2021-03-20 14:24 - 002196263 _____ C:\Users\John\Downloads\Free-Sans.zip
2021-03-20 01:38 - 2021-03-20 01:38 - 005072230 _____ C:\Users\John\Downloads\t-rex_0.13.0_amd64.deb
2021-03-20 01:36 - 2021-03-20 01:36 - 062045912 _____ C:\Users\John\Downloads\gminer_2_47_linux64.tar.xz
2021-03-20 01:23 - 2021-03-20 01:23 - 021063015 _____ C:\Users\John\Downloads\nanominer-linux-3.3.2.tar.gz
2021-03-18 15:41 - 2021-03-18 15:41 - 000433076 _____ C:\Users\John\Downloads\Rozhodnutie - Rozhodnutie PL. ÚS 4_2012 (2).pdf
2021-03-18 15:40 - 2021-03-18 15:40 - 000433076 _____ C:\Users\John\Downloads\Rozhodnutie - Rozhodnutie PL. ÚS 4_2012 (1).pdf
2021-03-18 15:29 - 2021-03-18 15:29 - 000000000 ____D C:\Users\John\Desktop\AnyDesk_Traces_20210318152904541
2021-03-18 10:44 - 2021-03-18 10:57 - 000001310 _____ C:\Users\John\Desktop\tupci
2021-03-17 21:01 - 2021-03-17 21:01 - 000465818 _____ C:\Users\John\Desktop\Trimay_Domáca úloha - týždeň 4.zip
2021-03-17 20:43 - 2021-03-17 20:43 - 000669615 _____ C:\Users\John\Downloads\zzz_scrapper.csv.gz
2021-03-17 20:16 - 2021-03-17 20:16 - 000310585 _____ C:\Users\John\Downloads\Cvičenie 4 (Vágová 11.00).pptx
2021-03-17 12:01 - 2021-03-17 12:01 - 000001835 _____ C:\Users\John\Documents\panbach.ffs_gui
2021-03-17 11:36 - 2021-03-17 11:36 - 001354600 _____ C:\Users\John\Downloads\Poppins.zip
2021-03-16 11:39 - 2021-03-16 11:39 - 000000589 _____ C:\Users\John\Desktop\scan naposledy.txt
2021-03-15 16:43 - 2021-03-15 16:43 - 001776128 _____ C:\Users\John\Downloads\prehlad-poskytovanych-sluzieb-postovymi-dorucovatelmi.xls
2021-03-15 16:41 - 2021-03-15 16:41 - 000406450 _____ C:\Users\John\Downloads\prehlad-poskytovanych-sluzieb-na-postach.xlsx
2021-03-15 12:16 - 2021-03-15 12:16 - 000012590 _____ C:\Users\John\Downloads\Balon.rar
2021-03-15 12:13 - 2021-03-15 12:13 - 000010963 _____ C:\Users\John\Downloads\Jakub Žáčik - Baloniky.java.zip
2021-03-15 12:08 - 2021-03-15 12:08 - 000009654 _____ C:\Users\John\Downloads\Baloniky.java.zip
2021-03-15 12:06 - 2021-03-15 12:06 - 000009656 _____ C:\Users\John\Downloads\baloniky.zip
2021-03-15 12:01 - 2021-03-15 12:01 - 000014633 _____ C:\Users\John\Downloads\Baloniki.zip
2021-03-15 10:29 - 2021-03-15 10:30 - 000722634 _____ C:\Users\John\Desktop\skola automatz.psd
2021-03-15 10:09 - 2021-03-15 10:09 - 000190496 _____ C:\Users\John\Downloads\Zadanie_3.pptx
2021-03-15 09:32 - 2021-03-15 09:32 - 000027739 _____ C:\Users\John\Downloads\Detail-platby.pdf
2021-03-14 18:14 - 2021-03-14 18:14 - 000011334 _____ C:\Users\John\Downloads\KameneMiesanie4hod_Sem.zip
2021-03-14 17:55 - 2021-03-14 17:55 - 000012418 _____ C:\Users\John\Downloads\SK PROCES realizacji inwestycji Wolna Energia.xlsx
2021-03-14 17:47 - 2021-03-14 17:47 - 003049743 _____ C:\Users\John\Downloads\SK preklady.zip
2021-03-14 12:25 - 2021-03-14 12:25 - 000000521 _____ C:\Users\John\Desktop\europe.txt
2021-03-14 09:49 - 2021-03-14 09:49 - 055921650 _____ C:\Users\John\Downloads\Maťo & Dev1 - Maťova JEBAČKA SO Samarou, PARANORMÁLNE JAVY.mp4
2021-03-14 01:07 - 2021-03-14 01:07 - 000000516 _____ C:\Users\John\Desktop\alibaba.txt
2021-03-13 23:11 - 2021-03-13 23:11 - 000000492 _____ C:\Users\John\Desktop\Mato v2.txt
2021-03-13 10:37 - 2021-03-13 10:37 - 000053725 _____ C:\Users\John\Downloads\Dodaci_list_772102401.pdf
2021-03-12 18:51 - 2021-03-12 18:51 - 000000024 _____ C:\Users\John\Desktop\cas masinori.txt
2021-03-11 20:55 - 2021-03-11 20:55 - 000001808 _____ C:\Users\John\Documents\laravel-ucenie.ffs_batch
2021-03-11 00:27 - 2021-03-11 00:27 - 000000052 _____ C:\Users\John\.gitconfig
2021-03-10 23:34 - 2021-03-10 23:34 - 000390330 _____ C:\Users\John\Downloads\Cv_DM2_3_Vagova_11.pptx
2021-03-10 20:34 - 2021-03-10 20:35 - 008545915 _____ C:\Users\John\Downloads\memtest86-usb.zip
2021-03-10 09:26 - 2021-03-10 18:14 - 000000314 _____ C:\Users\John\Desktop\panbach.txt
2021-03-10 09:19 - 2021-03-10 09:19 - 000000030 _____ C:\Users\John\Downloads\iprp59mgzybevnbjxwtxoksfbr54gy.html
2021-03-10 00:07 - 2021-03-10 00:07 - 002612545 _____ C:\Users\John\Downloads\mysql57-websupport-sk-3311.sql.gz
2021-03-09 21:43 - 2021-03-09 21:43 - 000219880 _____ C:\Users\John\Downloads\ubuntu-20.04.2.0-desktop-amd64.iso.torrent
2021-03-09 12:35 - 2021-03-09 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hubstaff
2021-03-08 13:00 - 2021-03-08 13:02 - 000008513 _____ C:\Users\John\Downloads\Tabuľka bez názvu.xlsx
2021-03-08 10:25 - 2021-03-08 10:25 - 000000046 _____ C:\Users\John\Desktop\ulozenie.txt
2021-03-07 23:21 - 2021-03-07 23:24 - 000011957 _____ C:\Users\John\Downloads\Michalickova3hodina.zip
2021-03-07 12:08 - 2021-03-07 12:08 - 000212935 _____ C:\Users\John\Downloads\FJA_Uvod_2_zadanie_4.PDF
2021-03-05 19:52 - 2021-03-05 19:52 - 000038542 _____ C:\Users\John\Downloads\Umowa serwisowa (1).rar
2021-03-05 15:26 - 2021-03-05 15:26 - 002846718 _____ C:\Users\John\Downloads\PL to ENG translate (1).rar
2021-03-02 19:04 - 2021-03-02 19:04 - 000896384 _____ C:\Windows\Minidump\030221-118607-01.dmp
2021-03-02 18:43 - 2021-03-02 18:43 - 000000163 _____ C:\Users\John\Desktop\stranka.txt
2021-03-02 18:10 - 2021-03-02 18:11 - 000000000 ____D C:\Users\John\Desktop\plocha old
2021-03-02 13:35 - 2021-03-02 13:35 - 000224593 _____ C:\Users\John\Downloads\AUDYT_FOTOWOLTAIKI_2018.pdf
2021-03-01 08:25 - 2021-03-01 08:26 - 041271017 _____ C:\Users\John\Downloads\openjfx-15.0.1_windows-x64_bin-sdk.zip
2021-03-01 08:25 - 2021-03-01 08:25 - 041930368 _____ C:\Users\John\Downloads\openjfx-11.0.2_windows-x64_bin-sdk.zip
2021-03-01 08:24 - 2021-03-01 08:24 - 000000000 ____D C:\Program Files\Common Files\Oracle
2021-03-01 08:09 - 2021-03-01 08:09 - 000009379 _____ C:\Users\John\Downloads\Seminar2_minecraft_tvar.zip
2021-03-01 08:09 - 2021-03-01 08:09 - 000009286 _____ C:\Users\John\Downloads\Seminar2_vlajka.zip
2021-03-01 08:09 - 2021-03-01 08:09 - 000009096 _____ C:\Users\John\Downloads\Seminar2_Ciarovy_kod.zip
2021-03-01 08:09 - 2021-03-01 08:09 - 000009074 _____ C:\Users\John\Downloads\Seminar2_Znacka.zip
2021-02-28 17:39 - 2021-02-28 17:39 - 002846718 _____ C:\Users\John\Downloads\PL to SK translate.rar
2021-02-28 14:17 - 2021-02-28 14:17 - 000020538 _____ C:\Users\John\Downloads\A3624F40AE475BC6E2145EFDA80E6BD40F121B26.torrent
2021-02-28 14:04 - 2021-02-28 14:04 - 000048556 _____ C:\Users\John\Downloads\AUDYT FOTOWOLTAIKI 2018 v2.pdf
2021-02-28 14:03 - 2021-02-25 00:49 - 000120459 _____ C:\Users\John\Downloads\AUDYT FOTOWOLTAIKI 2018 - Copy.pdf
2021-02-28 14:00 - 2021-02-28 14:00 - 000000000 ____D C:\Users\John\AppData\Roaming\LibreOffice
2021-02-28 13:56 - 2021-02-28 13:56 - 000001450 _____ C:\ProgramData\Desktop\LibreOffice 7.1.lnk
2021-02-28 13:56 - 2021-02-28 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1
2021-02-28 13:52 - 2021-02-28 13:55 - 000000000 ____D C:\Program Files\LibreOffice
2021-02-27 18:30 - 2021-02-27 18:30 - 000083529 _____ C:\Users\John\Downloads\transakcia_96595.pdf
2021-02-26 10:10 - 2021-02-26 10:10 - 002846718 _____ C:\Users\John\Downloads\PL to ENG translate.rar
2021-02-25 00:52 - 2021-02-25 00:52 - 000086046 _____ C:\Users\John\Downloads\2019-05 - Procedura instalacji PV - farma PV 500_1000MW (1).pdf
2021-02-25 00:51 - 2021-02-25 00:51 - 002325871 _____ C:\Users\John\Downloads\wolna energia OFERTA FORMULARZ 01-2021 (1).pdf
2021-02-25 00:50 - 2021-02-25 00:50 - 000419806 _____ C:\Users\John\Downloads\WE-Karta-Gwarancyjna-wer05 (1).pdf
2021-02-25 00:49 - 2021-02-25 00:49 - 002325871 _____ C:\Users\John\Downloads\wolna energia OFERTA FORMULARZ 01-2021.pdf
2021-02-25 00:49 - 2021-02-25 00:49 - 000419806 _____ C:\Users\John\Downloads\WE-Karta-Gwarancyjna-wer05.pdf
2021-02-25 00:49 - 2021-02-25 00:49 - 000120459 _____ C:\Users\John\Downloads\AUDYT FOTOWOLTAIKI 2018.pdf
2021-02-25 00:49 - 2021-02-25 00:49 - 000086046 _____ C:\Users\John\Downloads\2019-05 - Procedura instalacji PV - farma PV 500_1000MW.pdf
2021-02-25 00:49 - 2021-02-25 00:49 - 000038542 _____ C:\Users\John\Downloads\Umowa serwisowa.rar
2021-02-25 00:49 - 2021-02-25 00:49 - 000012829 _____ C:\Users\John\Downloads\PROCES realizacji inwestycji Wolna Energia.xlsx
2021-02-24 21:21 - 2021-02-24 21:21 - 065468885 _____ C:\Users\John\Downloads\Dev1ho_miner.zip
2021-02-24 18:05 - 2021-02-24 18:06 - 000189474 _____ C:\Users\John\Downloads\Zadanie-č.-1a-1b-1c-Kartézske-a-polárne-súradnice (2).pdf
2021-02-23 22:42 - 2021-02-23 22:42 - 000000000 ____D C:\Users\John\Documents\Freemake
2021-02-23 22:42 - 2021-02-23 22:42 - 000000000 ____D C:\Users\John\AppData\Local\FreemakeVideoConverter
2021-02-23 22:41 - 2021-02-23 22:46 - 000000000 ____D C:\Program Files (x86)\Freemake
2021-02-23 22:41 - 2021-02-23 22:42 - 000000000 ____D C:\ProgramData\Freemake
2021-02-23 22:38 - 2021-02-23 22:38 - 000002668 _____ C:\Users\John\Downloads\yt1s.com - We changed the QR code menus at restaurants to dirty websites AGE RESTRICTED_720p (2).mp4
2021-02-23 22:38 - 2021-02-23 22:38 - 000002668 _____ C:\Users\John\Downloads\yt1s.com - We changed the QR code menus at restaurants to dirty websites AGE RESTRICTED_720p (1).mp4
2021-02-23 22:36 - 2021-02-23 22:36 - 000002668 _____ C:\Users\John\Downloads\yt1s.com - We changed the QR code menus at restaurants to dirty websites AGE RESTRICTED_720p.mp4
2021-02-23 17:46 - 2021-02-23 17:46 - 000000205 _____ C:\Users\John\Downloads\sql (1).csv.gz
2021-02-23 17:46 - 2021-02-23 17:46 - 000000203 _____ C:\Users\John\Downloads\sql.csv.gz
2021-02-23 15:36 - 2021-02-23 15:36 - 000272283 _____ C:\Users\John\Downloads\Zadanie-č.-2a-2b-Úchopy-kružnice-oblúky.pdf
2021-02-23 15:34 - 2021-02-23 15:34 - 000189474 _____ C:\Users\John\Downloads\Zadanie-č.-1a-1b-1c-Kartézske-a-polárne-súradnice (1).pdf
2021-02-23 12:25 - 2021-02-23 12:25 - 000000390 _____ C:\Users\John\Downloads\mvozar.vcf
2021-02-22 21:35 - 2021-02-22 21:35 - 008519906 _____ C:\Users\John\Downloads\modest-menu_v0.8.10.rar
2021-02-21 19:20 - 2021-02-21 19:20 - 000010579 _____ C:\Users\John\Downloads\Kocka-Martin_Chotar.zip
2021-02-21 16:41 - 2021-02-21 16:41 - 002095092 _____ C:\Users\John\Downloads\localhost (4).sql.gz
2021-02-21 15:13 - 2021-02-21 15:13 - 000475877 _____ C:\Users\John\Downloads\adminer2.php
2021-02-21 15:13 - 2021-02-21 15:13 - 000364461 _____ C:\Users\John\Downloads\adminer.php
2021-02-21 15:09 - 2021-02-21 15:09 - 000035528 _____ C:\Users\John\Downloads\mysql-apt-config_0.8.16-1_all.deb
2021-02-21 15:07 - 2021-02-21 15:07 - 000035560 _____ C:\Users\John\Downloads\mysql-apt-config_0.8.13-1_all.deb
2021-02-21 14:27 - 2021-02-21 14:27 - 000189474 _____ C:\Users\John\Downloads\Zadanie-č.-1a-1b-1c-Kartézske-a-polárne-súradnice.pdf
2021-02-21 14:09 - 2021-02-21 14:09 - 000002000 _____ C:\Users\John\Downloads\Untitled.pdf
2021-02-21 11:45 - 2021-02-21 11:48 - 001200293 _____ C:\Users\John\Downloads\convertcsv (13).sql
2021-02-21 11:41 - 2021-02-21 11:41 - 002656316 _____ C:\Users\John\Downloads\geckodriver-v0.29.0-linux64.tar.gz

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-23 11:56 - 2020-08-03 10:55 - 000000000 ____D C:\ProgramData\Cold Turkey
2021-03-23 11:56 - 2017-02-03 15:18 - 000000000 ____D C:\FRST
2021-03-23 11:46 - 2018-07-28 23:15 - 000000000 ____D C:\Users\John\AppData\Roaming\discord
2021-03-23 11:27 - 2019-01-31 03:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2021-03-23 10:46 - 2019-02-03 09:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-23 08:53 - 2017-06-12 11:19 - 000000000 ____D C:\Users\John\AppData\Roaming\VMware
2021-03-23 08:53 - 2017-06-12 11:19 - 000000000 ____D C:\Users\John\AppData\Local\VMware
2021-03-23 07:46 - 2009-07-14 05:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-03-23 07:46 - 2009-07-14 05:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-03-23 07:41 - 2017-06-12 11:10 - 000000000 ____D C:\ProgramData\VMware
2021-03-23 07:39 - 2020-04-15 23:16 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2021-03-23 07:38 - 2020-11-29 22:35 - 000000000 ____D C:\ProgramData\VirtualBox
2021-03-23 07:37 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-03-23 02:12 - 2016-06-04 16:49 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-23 02:12 - 2016-06-04 16:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-03-23 02:11 - 2019-01-08 15:42 - 000034183 _____ C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2021-03-23 02:11 - 2016-06-05 17:45 - 000000000 ____D C:\Users\John\AppData\Roaming\TS3Client
2021-03-23 00:38 - 2016-06-05 14:18 - 000000000 ____D C:\ProgramData\Riot Games
2021-03-22 23:49 - 2016-06-04 16:53 - 000000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-22 10:25 - 2017-02-21 16:47 - 000000000 ____D C:\Users\John\AppData\Roaming\obs-studio
2021-03-22 09:25 - 2016-06-04 16:39 - 000000000 ____D C:\stahovania
2021-03-21 13:39 - 2018-01-31 23:19 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
2021-03-21 10:03 - 2018-03-12 09:31 - 005304832 _____ C:\Windows\system32\FNTCACHE.DAT
2021-03-20 20:31 - 2018-01-28 23:40 - 000000600 _____ C:\Users\John\AppData\Local\PUTTY.RND
2021-03-20 19:41 - 2020-05-24 14:31 - 000000000 ____D C:\Users\John\AppData\Roaming\Atom
2021-03-20 19:41 - 2020-05-24 14:31 - 000000000 ____D C:\Users\John\.atom
2021-03-20 19:09 - 2018-03-11 14:57 - 000158672 _____ C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
2021-03-20 11:14 - 2021-01-07 17:30 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-03-20 03:20 - 2020-07-24 18:13 - 000045056 _____ C:\Users\John\.wakatime.db
2021-03-20 03:20 - 2016-08-21 23:14 - 000000000 ____D C:\Users\John\AppData\Roaming\FileZilla
2021-03-20 03:20 - 2016-06-04 14:57 - 000000000 ____D C:\Users\John
2021-03-19 12:22 - 2020-07-24 18:37 - 000000000 ____D C:\Users\John\AppData\Roaming\Hubstaff
2021-03-16 07:29 - 2016-09-10 17:45 - 000000000 ____D C:\Program Files (x86)\Opera
2021-03-15 18:51 - 2018-08-02 20:19 - 000000000 ____D C:\Program Files\Sublime Text 3
2021-03-15 09:14 - 2020-10-05 07:25 - 000003844 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1473525916
2021-03-15 04:25 - 2016-07-12 09:05 - 000000000 ____D C:\Users\John\.VirtualBox
2021-03-14 11:59 - 2020-06-09 13:09 - 000000000 ____D C:\Users\John\AppData\Roaming\.minecraft
2021-03-14 11:58 - 2020-03-17 01:47 - 000000000 ____D C:\Users\John\AppData\Roaming\.tlauncher
2021-03-13 10:40 - 2016-06-04 19:55 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-12 18:51 - 2020-03-26 13:27 - 000000000 ____D C:\Users\John\AppData\Roaming\Figma
2021-03-12 10:47 - 2020-03-13 19:30 - 000000000 ____D C:\Users\John\AppData\Local\CrashDumps
2021-03-10 21:26 - 2020-05-24 14:31 - 000000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2021-03-10 21:26 - 2020-05-24 14:30 - 000000000 ____D C:\Users\John\AppData\Local\atom
2021-03-10 21:25 - 2017-06-03 09:11 - 000000000 ____D C:\Users\John\AppData\Local\SquirrelTemp
2021-03-09 22:54 - 2019-06-04 22:22 - 000000000 ____D C:\Users\John\AppData\Local\BitTorrentHelper
2021-03-09 22:54 - 2016-06-04 16:36 - 000000000 ____D C:\Users\John\AppData\Roaming\uTorrent
2021-03-09 21:29 - 2009-07-14 03:34 - 000017463 _____ C:\Windows\system32\Drivers\etc\services
2021-03-09 12:35 - 2020-07-24 18:36 - 000000000 ____D C:\Program Files\Hubstaff
2021-03-06 18:34 - 2019-11-27 15:47 - 000000000 ____D C:\Zaloha
2021-03-05 23:13 - 2016-07-29 16:42 - 000000000 ____D C:\Users\John\AppData\Roaming\vlc
2021-03-04 14:04 - 2020-03-26 13:27 - 000000000 ____D C:\Users\John\AppData\Local\FigmaAgent
2021-03-04 14:04 - 2020-03-26 13:27 - 000000000 ____D C:\Users\John\AppData\Local\Figma
2021-03-02 21:14 - 2017-04-27 20:03 - 000000000 ____D C:\Program Files\Java
2021-03-02 20:49 - 2019-03-28 16:11 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-02 19:04 - 2016-07-24 21:43 - 000000000 ____D C:\Windows\Minidump
2021-03-02 19:03 - 2021-02-18 23:22 - 1615850872 _____ C:\Windows\MEMORY.DMP
2021-03-01 08:24 - 2019-07-14 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2021-03-01 08:24 - 2017-07-25 00:16 - 000069264 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2021-03-01 08:24 - 2017-07-25 00:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-02-28 21:13 - 2020-02-16 23:44 - 000000000 ____D C:\Users\John\AppData\Roaming\Telegram Desktop
2021-02-27 01:41 - 2021-01-20 14:37 - 000000000 ____D C:\Users\John\AppData\Roaming\Authy Desktop
2021-02-23 21:21 - 2019-10-18 21:45 - 000000000 ____D C:\ProgramData\Documents\AdobeInstalledCodecs
2021-02-21 14:48 - 2020-09-03 12:28 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories ========

2020-05-03 14:07 - 2020-05-03 14:07 - 000000048 ____H () C:\Program Files (x86)\8iq24splw1.dat
2018-12-26 11:13 - 2020-11-05 12:51 - 000000033 _____ () C:\Users\John\AppData\Roaming\AdobeWLCMCache.dat
2020-06-18 22:09 - 2020-06-18 22:09 - 000000068 _____ () C:\Users\John\AppData\Roaming\changzhi_leidian.data
2019-07-14 00:42 - 2020-06-27 12:52 - 000000808 _____ () C:\Users\John\AppData\Roaming\jd-gui.cfg
2018-12-26 11:41 - 2018-12-27 14:25 - 000000028 _____ () C:\Users\John\AppData\Roaming\kulerdata.json
2019-01-08 15:42 - 2021-03-23 02:11 - 000034183 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-01-05 02:03 - 2019-01-06 17:26 - 000004634 _____ () C:\Users\John\AppData\Roaming\VoiceMeeterDefault.xml
2016-11-26 21:00 - 2019-10-04 07:27 - 000001480 _____ () C:\Users\John\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-01-06 03:05 - 2017-01-06 03:05 - 000003584 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-06 08:27 - 2018-09-06 08:27 - 000001111 _____ () C:\Users\John\AppData\Local\gamma_ramp.reg
2018-01-28 23:40 - 2021-03-20 20:31 - 000000600 _____ () C:\Users\John\AppData\Local\PUTTY.RND
2020-11-26 00:29 - 2020-11-26 00:29 - 000000753 _____ () C:\Users\John\AppData\Local\recently-used.xbel
2018-07-27 13:26 - 2018-07-27 13:26 - 000000487 _____ () C:\Users\John\AppData\Local\ReclaiMe.config
2017-06-16 14:06 - 2020-12-02 17:16 - 000007647 _____ () C:\Users\John\AppData\Local\Resmon.ResmonCfg
2019-03-04 16:27 - 2019-03-04 16:27 - 000000003 _____ () C:\Users\John\AppData\Local\updater.log
2019-03-04 16:27 - 2019-03-04 16:27 - 000000425 _____ () C:\Users\John\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-09-04 01:24
==================== End of FRST.txt ========================