Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by xschi (administrator) on NBHORAK (HP HP Spectre x360 Convertible 15-df1xxx) (21-04-2021 12:45:53)
Running from C:\Users\xschi\Desktop
Loaded Profiles: xschi & SQLTELEMETRY & MSSQLFDLauncher & MSSQLSERVER
Platform: Windows 10 Home Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe
(Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe
(Docker Inc -> Docker.Service) C:\Program Files\Docker\Docker\com.docker.service
(F.lux Software LLC -> f.lux Software LLC) C:\Users\xschi\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <26>
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.BangOlufsenAudioControl_1.3.181.0_x64__v10z8vjag6ke6\BangOlufsenAudioControl.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_05de635879d45aad\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_05de635879d45aad\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_84ac76b659e5ce8f\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_84ac76b659e5ce8f\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_62a0e7f4cd3e6c99\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server Management Studio 18\Common7\IDE\Ssms.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\devenv.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\Extensions\Microsoft\LiveShare\Agent\vsls-agent.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\Extensions\TestPlatform\vstest.console.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\Microsoft.VisualStudio.Web.Host.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\PerfWatson2.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\PrivateAssemblies\Microsoft.Alm.Shared.Remoting.RemoteContainer.dll
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\PrivateAssemblies\ScriptedSandbox64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\xschi\AppData\Local\Microsoft\OneDrive\21.067.0404.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\xschi\AppData\Local\Microsoft\OneDrive\OneDrive.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\xschi\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\ServiceHub\controller\Microsoft.ServiceHub.Controller.exe <2>
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\ServiceHub\Hosts\ServiceHub.Host.CLR.AnyCPU\ServiceHub.RoslynCodeAnalysisService.exe <2>
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\ServiceHub\Hosts\ServiceHub.Host.CLR.AnyCPU\ServiceHub.TestWindowStoreHost.exe
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\ServiceHub\Hosts\ServiceHub.Host.CLR.x64\ServiceHub.DataWarehouseHost.exe
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\ServiceHub\Hosts\ServiceHub.Host.CLR.x86\ServiceHub.Host.CLR.x86.exe <5>
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\ServiceHub\Hosts\ServiceHub.Host.CLR.x86\ServiceHub.IdentityHost.exe <2>
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\ServiceHub\Hosts\ServiceHub.Host.CLR.x86\ServiceHub.SettingsHost.exe <2>
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\ServiceHub\Hosts\ServiceHub.Host.CLR.x86\ServiceHub.ThreadedWaitDialog.exe <2>
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\ServiceHub\Hosts\ServiceHub.Host.CLR.x86\ServiceHub.VSDetouredHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.31055.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.76.8001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Open Technologies Inc -> ) C:\ProgramData\chocolatey\lib\redis-64\redis-server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\MSBuild\Microsoft\VisualStudio\NodeJs\node.exe <3>
(Notepad++ -> Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_a15bbc31588a3c38\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe <5>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [878368 2019-06-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\RunOnce: [msedge_cleanup_{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}] => C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.42\Installer\setup.exe [3771784 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\xschi\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-08] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\Run: [f.lux] => C:\Users\xschi\AppData\Local\FluxSoftware\Flux\flux.exe [1511824 2021-02-04] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [2248360 2020-11-04] (Docker Inc -> Docker Desktop)
HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2020-11-30] () [File not signed]
HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\Common7\IDE\devenv.exe [752040 2021-04-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft SQL Server Management Studio 18\Common7\IDE\Ssms.exe [698800 2020-10-23] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
Startup: C:\Users\xschi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-04-19]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0954EC4E-BC4E-42E2-B4DB-90EC439D8A03} - System32\Tasks\FriuGGTkRHAbYL => rundll32 "C:\Program Files (x86)\UIuZPIhUFafU2\iBbzbFgknjhbx.dll",#1
Task: {1AF22D15-16CE-4490-94E0-F8A63781158F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-12-26] (HP Inc. -> HP Inc.)
Task: {26CC24B9-29EC-4111-973A-388F6A0213B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27317C9F-0CA8-4B8F-A23E-22A9C9DFB684} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BE17FB8-8F39-4D34-B6B3-5A1131EC509F} - System32\Tasks\kJdGmrYBfUPzgOEJh => C:\Windows\Temp\oNmaQRTdqdgSfwxw\oQLBqOEujNAsUQB\KDPJzBN.exe <==== ATTENTION
Task: {5BBEACA8-F230-4E0A-8C1E-4CE3C941C1ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
Task: {5F692989-389B-439F-872F-05FBEAE5E906} - System32\Tasks\SENaPjFsBEwzYJWgl2 => rundll32 "C:\Program Files (x86)\dDfMVsGHIpKHwiglbAR\fXlpOBx.dll",#1
Task: {629A3FF9-E608-4E0C-B812-96BDD8201F7F} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-03-18] (Overwolf Ltd -> Overwolf LTD)
Task: {65EEEB48-FB25-43F7-BB8E-FF970C8FA388} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6921EFB5-8D3D-49EC-A1F2-ABA722A3A3D0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {69D40F2C-7003-443E-869F-73148240CD82} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7AB26AAE-A3AB-4A10-98B6-ED7DEE14A9AF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {839502C8-4D61-4740-9755-7A19794B9772} - System32\Tasks\bfVdUeYceEZsFkwoQbz2 => rundll32 "C:\Program Files (x86)\LsApxKgZVyAKC\vcoWdEM.dll",#1
Task: {83E4910B-847E-43CE-873E-E5AE557CA690} - System32\Tasks\FmlQKFUIsOJUGRw2 => rundll32 "C:\Program Files (x86)\ZAFgvPfvU\BzFkjb.dll",#1
Task: {8DBCA781-D9EB-44CD-9DD0-A1AB71FE13DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A2468E1-9E7D-4522-B4BF-BDCA62098BA6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B8B6B3F-D5A2-4F81-B9C8-B3818EDB3623} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B96CB8D7-4F85-4097-A974-AF2AB57153A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BD1FEE98-4608-43F9-9CDC-7E978FA15D2C} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-04-06] (Microsoft Corporation -> Microsoft)
Task: {C38B4996-4652-4D4A-9FDE-E5203BC77D7A} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-04-06] (Microsoft Corporation -> Microsoft)
Task: {C8A7A580-E30F-4693-A102-899902C6A018} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD1BDEC9-F4B8-40FB-B695-57F21C84ED23} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-04-06] (Microsoft Corporation -> Microsoft)
"C:\Windows\System32\Tasks\Intel\Intel Telemetry 2 (x86)" was unlocked. <==== ATTENTION
Task: {CD639BF9-0BA8-4FC8-A36E-FB568F98B170} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {D0F5E5DF-75E0-4091-AA7A-570924CFD187} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-3039489114-2094619844-3197177633-1001 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2021-04-06] (Microsoft Corporation -> Microsoft)
Task: {D8D2FBB8-5407-448E-BF4D-2D960D334A5C} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [210808 2021-04-06] (Microsoft Corporation -> )
Task: {DD923290-6A0B-420A-AE30-547BCDCAE648} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F182981A-BFA3-4E1E-9F9F-89644C274ABB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F85F8DDA-49B8-4B77-9EEC-E84BD450A17F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\kJdGmrYBfUPzgOEJh.job => C:\Windows\Temp\oNmaQRTdqdgSfwxw\oQLBqOEujNAsUQB\KDPJzBN.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.35.0.1
Tcpip\..\Interfaces\{83afcffc-0356-4787-aa79-f080c4829a79}: [DhcpNameServer] 10.35.0.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\xschi\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-21]

FireFox:
========
FF DefaultProfile: li2z8de8.default
FF ProfilePath: C:\Users\xschi\AppData\Roaming\Mozilla\Firefox\Profiles\li2z8de8.default [2020-12-11]
FF ProfilePath: C:\Users\xschi\AppData\Roaming\Mozilla\Firefox\Profiles\ft96kggl.default-release [2021-04-09]
FF Notifications: Mozilla\Firefox\Profiles\ft96kggl.default-release -> hxxps://mail-notification.info
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{68162B31-B81C-474B-9724-20E3F64923D6}.xpi [2021-03-10] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-09] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default [2021-04-21]
CHR Notifications: Default -> hxxps://mail-notification.info; hxxps://meet.google.com; hxxps://www.messenger.com
CHR HomePage: Default -> hxxp://eu.ask.com/?o=41647935&l=dis&gct=hp
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc","hxxp://plus4u.net/"
CHR NewTab: Default ->  Active:"chrome-extension://ifghnndojpnpglanmibnpkaalpoeloin/index.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-03]
CHR Extension: (Duolingo on the Web) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2020-11-03]
CHR Extension: (Dokumenty) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-03]
CHR Extension: (Disk Google) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (YouTube) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-03]
CHR Extension: (uBlock Origin) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-03-22]
CHR Extension: (Adblocker for Youtube™) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiipfbhfpfbimglojobcokeccnbhaeil [2021-03-10] [UpdateUrl:hxxps://clients13.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Tabulky) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-03]
CHR Extension: (Backspace Back) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmphfaaenbdccndfgbkdplhidhchagfk [2020-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-18]
CHR Extension: (SimpleStart) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifghnndojpnpglanmibnpkaalpoeloin [2020-11-03]
CHR Extension: (Porovnání cen) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmhkgcmmgjblnkjkbgjggkaeifacakgi [2020-11-03]
CHR Extension: (Evernote Web) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2020-11-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2021-04-19]
CHR Extension: (Simplify Gmail) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbmlfaiicoikhdbjagjbglnbfcbcojpj [2021-04-15]
CHR Extension: (Ethereum Dapper Legacy) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pghmmgdinmfblodenlenkcnmndlnffeo [2021-03-16]
CHR Extension: (Gmail) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-13]
CHR Extension: (Hlídač Shopů) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2021-03-08]
CHR Extension: (Rozšíření Kontrola hesel) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncabnpcffmalkkjpajodfhijclecjno [2020-11-03]
CHR Extension: (TSC) - D:\Projects\Lotraco\TSC.Service [2020-11-16]
CHR Profile: C:\Users\xschi\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-10]
CHR Extension: (Adblocker for Youtube™) - C:\Users\xschi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\eiipfbhfpfbimglojobcokeccnbhaeil [2021-03-10] [UpdateUrl:hxxps://clients87.google.com/service/update2/crx] <==== ATTENTION

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788392 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
R2 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [17096 2020-11-04] (Docker Inc -> Docker.Service)
S2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [244888 2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R2 HPAppHelperCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe [731152 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe [729608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe [480280 2021-03-17] (HP Inc. -> HP Inc.)
S2 Memurai; C:\Program Files\Memurai\memurai.exe [3510600 2020-07-17] (Janea Systems, Inc. -> Janea Systems, Inc.)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [85600 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [623504 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-03-18] (Overwolf Ltd -> Overwolf LTD)
R2 Redis; C:\ProgramData\chocolatey\lib\redis-64\redis-server.exe [1561576 2020-11-03] (Microsoft Open Technologies Inc -> )
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [689040 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [283536 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13273104 2020-10-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_a15bbc31588a3c38\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_a15bbc31588a3c38\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 FortiFilter; C:\Windows\system32\DRIVERS\FortiFilter.sys [35400 2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\Windows\System32\drivers\fortips.sys [159728 2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\Windows\System32\drivers\FortiShield.sys [110080 2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S1 FortiTransCtrl; C:\Windows\System32\drivers\FortiTransCtrl.sys [63504 2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 ftsvnic; C:\Windows\System32\drivers\ftsvnic.sys [64752 2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\Windows\System32\drivers\ftvnic.sys [70368 2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R3 HPCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [23960 2018-07-06] (HP Inc. -> HP Inc.)
R3 MpKslf5db39e0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{015368F3-8DB1-49D0-92B0-E604D07A6D7A}\MpKslDrv.sys [97528 2021-04-21] (Microsoft Windows -> Microsoft Corporation)
R3 pppop; C:\Windows\System32\drivers\pppop64.sys [54344 2021-02-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S4 RsFx0600; C:\Windows\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-21 12:45 - 2021-04-21 12:46 - 000033971 _____ C:\Users\xschi\Desktop\FRST.txt
2021-04-21 12:45 - 2021-04-21 12:46 - 000000000 ____D C:\FRST
2021-04-21 12:45 - 2021-04-21 12:44 - 002298368 _____ (Farbar) C:\Users\xschi\Desktop\FRST64.exe
2021-04-21 12:43 - 2021-04-21 12:43 - 000000000 ____D C:\Windows\LastGood
2021-04-21 12:41 - 2021-04-13 09:23 - 001855208 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-21 12:41 - 2021-04-13 09:23 - 001855208 _____ C:\Windows\system32\vulkaninfo.exe
2021-04-21 12:41 - 2021-04-13 09:23 - 001452320 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-04-21 12:41 - 2021-04-13 09:23 - 001435880 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-21 12:41 - 2021-04-13 09:23 - 001435880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-04-21 12:41 - 2021-04-13 09:23 - 001191712 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-04-21 12:41 - 2021-04-13 09:23 - 001094888 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-04-21 12:41 - 2021-04-13 09:23 - 001094888 _____ C:\Windows\system32\vulkan-1.dll
2021-04-21 12:41 - 2021-04-13 09:23 - 000948968 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-21 12:41 - 2021-04-13 09:23 - 000948968 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-04-21 12:41 - 2021-04-13 09:20 - 000626976 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-04-21 12:40 - 2021-04-13 09:20 - 038706992 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2021-04-21 12:40 - 2021-04-13 09:20 - 000715568 _____ C:\Windows\system32\nvofapi64.dll
2021-04-21 12:40 - 2021-04-13 09:20 - 000675120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-04-21 12:40 - 2021-04-13 09:20 - 000575776 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-04-21 12:40 - 2021-04-13 09:19 - 002106136 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-04-21 12:40 - 2021-04-13 09:19 - 001590560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-04-21 12:40 - 2021-04-13 09:19 - 001514800 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-04-21 12:40 - 2021-04-13 09:19 - 001166112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-04-21 12:40 - 2021-04-13 09:19 - 000811800 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-04-21 12:40 - 2021-04-13 09:19 - 000689952 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-04-21 12:40 - 2021-04-13 09:19 - 000656152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-04-21 12:40 - 2021-04-13 09:19 - 000564000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-04-21 12:40 - 2021-04-13 09:18 - 008317232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-04-21 12:40 - 2021-04-13 09:18 - 007434032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-04-21 12:40 - 2021-04-13 09:18 - 004795184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-04-21 12:40 - 2021-04-13 09:18 - 002823472 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-04-21 12:40 - 2021-04-13 09:18 - 000445728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-04-21 12:40 - 2021-04-13 09:16 - 000848664 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-04-21 12:40 - 2021-04-13 09:15 - 006159160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-04-21 12:40 - 2021-04-13 02:03 - 000087164 _____ C:\Windows\system32\nvinfo.pb
2021-04-20 13:23 - 2021-04-20 13:23 - 000000000 ____D C:\Users\xschi\Documents\Visual Studio 2019
2021-04-16 16:41 - 2021-04-16 16:41 - 000374072 _____ C:\Windows\system32\vp9fs.dll
2021-04-16 16:41 - 2021-04-16 16:41 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-04-16 16:40 - 2021-04-16 16:40 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-04-16 16:39 - 2021-04-16 16:39 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-04-15 00:50 - 2021-04-15 00:50 - 000840220 _____ C:\Windows\Minidump\041521-39578-01.dmp
2021-04-13 10:39 - 2021-04-20 10:28 - 000000000 ____D C:\Users\xschi\AppData\Local\FortiClient
2021-04-13 10:39 - 2021-04-13 10:39 - 000000000 ____D C:\Users\xschi\AppData\Roaming\FortiClient
2021-04-13 10:39 - 2021-04-13 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FortiClient
2021-04-13 10:39 - 2021-04-13 10:39 - 000000000 ____D C:\ProgramData\Applications
2021-04-13 10:39 - 2021-04-13 10:39 - 000000000 ____D C:\Program Files\Fortinet
2021-04-13 10:39 - 2021-04-13 10:39 - 000000000 ____D C:\Program Files\Common Files\Fortinet
2021-04-09 23:53 - 2021-04-09 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-04-09 23:53 - 2021-04-09 23:53 - 000000000 ____D C:\Program Files\Speccy
2021-04-08 14:12 - 2021-04-19 09:40 - 000000000 ____D C:\Users\xschi\AppData\Roaming\Bitwarden
2021-04-08 14:12 - 2021-04-08 14:12 - 000001956 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitwarden.lnk
2021-04-08 14:12 - 2021-04-08 14:12 - 000000000 ____D C:\Users\xschi\AppData\Local\bitwarden-updater
2021-04-08 14:12 - 2021-04-08 14:12 - 000000000 ____D C:\Program Files\Bitwarden
2021-03-25 09:08 - 2021-04-15 00:50 - 2436280519 _____ C:\Windows\MEMORY.DMP
2021-03-25 09:08 - 2021-03-25 09:08 - 000000000 _____ C:\Windows\Minidump\032521-21484-01.dmp
2021-03-22 17:15 - 2021-03-22 17:19 - 000000000 ____D C:\Users\xschi\AppData\Roaming\vlc
2021-03-22 17:11 - 2021-03-22 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-03-22 17:11 - 2021-03-22 17:11 - 000000000 ____D C:\Program Files\VideoLAN
2021-03-22 17:01 - 2021-03-22 17:01 - 000000000 ____D C:\Users\xschi\AppData\Roaming\Daum
2021-03-22 15:40 - 2021-03-22 17:01 - 000000000 ____D C:\Users\xschi\AppData\Roaming\PotPlayerMini64
2021-03-22 15:40 - 2021-03-22 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2021-03-22 15:40 - 2021-03-22 15:40 - 000000000 ____D C:\Program Files\DAUM
2021-03-22 09:28 - 2021-03-22 09:28 - 000000085 _____ C:\Windows\wininit.ini
2021-03-22 09:28 - 2021-03-22 09:28 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-21 12:43 - 2020-11-05 10:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-21 12:43 - 2020-11-04 23:36 - 000000000 ___SD C:\Windows\system32\lxss
2021-04-21 12:43 - 2020-11-03 16:28 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2021-04-21 12:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-04-21 12:43 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-04-21 12:41 - 2020-11-03 17:31 - 000000000 ____D C:\Users\xschi\AppData\Local\.IdentityService
2021-04-21 12:39 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-21 12:34 - 2020-11-05 01:12 - 000000000 ____D C:\Users\xschi\AppData\Local\CrashDumps
2021-04-21 11:47 - 2020-11-05 17:51 - 000000000 ____D C:\Users\xschi\AppData\Roaming\npm-cache
2021-04-21 08:32 - 2020-12-26 13:19 - 000000000 ____D C:\Program Files\CCleaner
2021-04-21 08:17 - 2020-09-27 09:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-21 08:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-21 08:16 - 2020-09-27 07:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-04-21 00:23 - 2020-11-03 16:28 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 00:23 - 2020-11-03 16:28 - 000003348 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-20 10:29 - 2020-11-03 16:22 - 000000000 ____D C:\Users\xschi\AppData\Local\PlaceholderTileLogoFolder
2021-04-20 10:28 - 2021-03-10 12:09 - 000000270 __RSH C:\ProgramData\ntuser.pol
2021-04-20 08:58 - 2020-11-03 16:21 - 000000000 ___RD C:\Users\xschi\OneDrive
2021-04-19 15:41 - 2020-11-03 16:33 - 000000000 ____D C:\Users\xschi\AppData\Roaming\KeePass
2021-04-19 15:25 - 2020-11-06 14:06 - 000000000 ____D C:\Users\xschi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-04-19 10:44 - 2020-11-03 16:20 - 000000000 ____D C:\Users\xschi\AppData\Local\Packages
2021-04-18 04:01 - 2020-11-03 16:21 - 002118662 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-18 04:01 - 2019-12-07 16:41 - 000865762 _____ C:\Windows\system32\perfh005.dat
2021-04-18 04:01 - 2019-12-07 16:41 - 000211958 _____ C:\Windows\system32\perfc005.dat
2021-04-18 03:56 - 2020-11-03 17:30 - 000000000 ___RD C:\Users\xschi\Lotraco s.r.o
2021-04-18 03:55 - 2020-11-03 16:22 - 000000000 __SHD C:\Users\xschi\IntelGraphicsProfiles
2021-04-18 03:54 - 2020-11-09 17:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-18 03:54 - 2020-11-04 23:37 - 000001575 _____ C:\Windows\system32\config\VSMIDK
2021-04-18 03:54 - 2020-11-04 23:34 - 000000000 ____D C:\ProgramData\DockerDesktop
2021-04-18 03:54 - 2020-11-03 16:22 - 000000000 ____D C:\Intel
2021-04-18 03:54 - 2020-09-27 09:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-18 03:54 - 2020-09-27 07:50 - 000498768 _____ C:\Windows\system32\FNTCACHE.DAT
2021-04-18 03:54 - 2020-09-27 07:50 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-18 03:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-04-18 03:54 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-04-18 03:53 - 2020-11-03 16:18 - 000000000 ____D C:\Users\xschi
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\inetsrv
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-04-18 03:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-04-16 16:51 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-04-16 16:39 - 2020-09-27 09:53 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-04-16 16:18 - 2020-11-03 16:28 - 000000000 ____D C:\Windows\system32\MRT
2021-04-16 16:15 - 2020-11-03 17:16 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-16 16:15 - 2020-11-03 17:15 - 000000000 ____D C:\Program Files (x86)\dotnet
2021-04-16 16:15 - 2020-11-03 16:28 - 131963968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-04-16 16:14 - 2020-12-12 23:04 - 000000000 ____D C:\Users\Default\.dotnet
2021-04-16 16:14 - 2020-11-03 17:15 - 000000000 ____D C:\Program Files\dotnet
2021-04-16 15:13 - 2020-11-03 16:21 - 000003364 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3039489114-2094619844-3197177633-1001
2021-04-16 15:13 - 2020-11-03 16:18 - 000002365 _____ C:\Users\xschi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-15 08:43 - 2020-11-16 12:31 - 000000000 ____D C:\Users\xschi\AppData\Roaming\StorageExplorer
2021-04-15 00:50 - 2020-11-23 02:27 - 000000000 ____D C:\Windows\Minidump
2021-04-14 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-04-14 00:16 - 2020-11-03 16:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-13 09:15 - 2020-11-03 16:28 - 007212232 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-04-11 13:20 - 2020-09-27 09:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-04-11 13:09 - 2020-11-03 19:31 - 000000000 ____D C:\Program Files\Memurai
2021-04-11 12:13 - 2020-11-03 17:01 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-10 12:51 - 2020-11-03 17:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-04-09 15:29 - 2020-11-16 10:00 - 000000000 ____D C:\Users\xschi\AppData\Roaming\Code
2021-04-09 15:11 - 2021-01-18 15:59 - 000000000 ____D C:\Users\xschi\AppData\Local\TSC
2021-04-09 09:17 - 2020-02-25 22:42 - 000000000 ____D C:\Users\xschi\Desktop\TSC-Manuals
2021-04-08 04:14 - 2020-11-03 17:09 - 000002368 _____ C:\Users\xschi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-06 12:02 - 2020-11-03 17:11 - 000001433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2021-04-05 12:53 - 2020-12-26 13:19 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-04-04 15:23 - 2020-11-03 16:27 - 000000000 ____D C:\Users\xschi\AppData\Local\ElevatedDiagnostics
2021-04-03 15:55 - 2020-05-26 19:07 - 000000000 ____D C:\Users\xschi\Desktop\rblx
2021-03-31 20:58 - 2020-11-06 14:04 - 000000000 ____D C:\Users\xschi\AppData\Local\Roblox
2021-03-31 14:24 - 2020-11-11 14:24 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-03-31 10:07 - 2020-11-06 14:04 - 000000254 _____ C:\Users\xschi\AppData\LocalLow\rbxcsettings.rbx
2021-03-23 13:53 - 2020-11-11 14:24 - 000000000 ____D C:\Users\xschi\AppData\Local\Overwolf
2021-03-22 09:39 - 2020-11-03 16:42 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2021-03-22 09:38 - 2021-03-12 10:07 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-03-22 09:30 - 2020-11-09 17:25 - 000000000 ____D C:\Users\xschi\AppData\Roaming\TeamViewer
2021-03-22 09:28 - 2021-03-12 10:07 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-03-22 09:28 - 2020-11-17 19:12 - 000000000 ____D C:\Users\xschi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-22 09:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP

==================== Files in the root of some directories ========

2020-12-03 10:05 - 2020-12-03 10:05 - 000000110 _____ () C:\Users\xschi\AppData\Roaming\debug.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================