Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
Ran by Predator (administrator) on LAPTOP-2UV0H9VG (Acer Predator PH317-53) (25-07-2021 12:49:49)
Running from C:\Users\poper\AppData\Local\Temp\scoped_dir15712_1213979991
Loaded Profiles: Predator
Platform: Windows 10 Home Version 21H1 19043.1110 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\PredatorSense Service\PSAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\PredatorSense Service\PSAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\PredatorSense Service\PSSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3026.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.PredatorSenseV30_3.0.3136.0_x64__48frkmn4z8aw4\Win32\PredatorSense.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7201e626b4d0f6fe\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7201e626b4d0f6fe\IntelCpHeciSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_c2cb13ef5ef8addf\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\poper\AppData\Local\Programs\Opera GX\77.0.4054.275\opera.exe <25>
(Opera Software AS -> Opera Software) C:\Users\poper\AppData\Local\Programs\Opera GX\77.0.4054.275\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(Runic Games, Inc. -> Runic Games, Inc.) D:\Program Files (x86)\SteamLibrary\steamapps\common\Torchlight II\Torchlight2.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <9>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1082592 2020-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe [1464728 2019-01-31] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-02-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKU\S-1-5-21-1028854792-605204066-1811816243-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-1028854792-605204066-1811816243-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\poper\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.107\Installer\chrmstp.exe [2021-07-23] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B5A346-D210-48EE-964D-C7994A38C40F} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {0990A11A-FFD5-4800-B74A-93E29CD628D5} - \StorPSCTL -> No File <==== ATTENTION
Task: {13386803-2EB8-4491-8C84-1DBF9FE46AE0} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {16A056E5-A1FF-4EA1-AFAD-AFCB2D1E2525} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {28ACA4B7-D8E1-4FBA-95AD-89BBC0EA9BAC} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {37BB87EB-BD20-4988-887E-993F50FBB469} - \ACC -> No File <==== ATTENTION
Task: {3FD6EE2A-E56A-4524-B95E-2AE14C742F4A} - \ACCBackgroundApplication -> No File <==== ATTENTION
Task: {4899168C-6B4E-471F-8636-9C4479C1F555} - \UbtFrameworkService -> No File <==== ATTENTION
Task: {52D2B6B2-0A5D-45DB-B1D3-EC3C201EFAAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-03] (Google LLC -> Google LLC)
Task: {57ADFACE-39B4-4887-A4B4-EA0A27ED86CC} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {58140992-F7A2-4D6E-A9A9-A5729366EF11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BF01C08-30B6-4056-9753-C8CE2137710B} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.1.151\SymErr.exe
Task: {5F54D63A-9D65-4261-94F2-E0359056DD1A} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {673F0FE6-CE04-431C-9432-A352257E3BC4} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {684FFB95-6695-4A43-AFB1-EE61024127DE} - System32\Tasks\Opera GX scheduled Autoupdate 1619788710 => C:\Users\poper\AppData\Local\Programs\Opera GX\launcher.exe [1896656 2021-07-21] (Opera Software AS -> Opera Software)
Task: {68A2C43A-3569-4351-9205-1918CE799898} - \NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6A7F182D-0DB1-4827-B5CF-DC81B26957F0} - \UEIPInvitation -> No File <==== ATTENTION
Task: {6BCA56FA-0551-48EB-BCE4-5FAC396F5169} - \NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6C2B44C2-AEC2-471A-8F44-B29ED5E2269C} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.21.1.151\SymErr.exe
Task: {8742AACE-9BAB-4779-928F-C8B16B209104} - System32\Tasks\update-S-1-5-21-1028854792-605204066-1811816243-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {892A6D08-152A-40DB-BE28-321C4E267D68} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> )
Task: {8BDA5275-16C3-48C3-97E5-EC36060E3577} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {8CE88D89-4C18-4296-A1B0-C83E3DBBE6F8} - \ACCAgent -> No File <==== ATTENTION
Task: {8E36F375-612D-431F-9152-6ABC6BBD5FA8} - \NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {9007339A-587B-4FE0-BD45-75C7DF7BEBA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CB33D77-00E4-4C35-958F-B198446ED4AA} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {9D3E3909-29DE-4479-8246-768625652EDC} - \NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {AD515F89-32A1-4BB7-8099-1C48C2C1E870} - System32\Tasks\PredatorSense UI => C:\Program Files\Acer\PredatorSense Service\PSLauncher.exe [580888 2019-10-09] (Acer Incorporated -> Acer Incorporated)
Task: {AF13A9CA-7FA9-4CC6-A4A4-28CB6D3D1BD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B05178EB-CD6A-4E31-B104-99E0084BE814} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3FD8B9E-DDA8-476E-B29C-4627DDD1323B} - \Software Update Application -> No File <==== ATTENTION
Task: {C1CE4BFC-BD55-4902-9DF4-92BC72B5AF3F} - \NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {CFB47A14-9ADF-4D8A-B298-27C664FA1EF0} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1621423660 => C:\Users\poper\AppData\Local\Programs\Opera GX\launcher.exe [1896656 2021-07-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\poper\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {D042A007-C07B-4BC7-9A64-A2D5CF4B0098} - \OneDrive Standalone Update Task-S-1-5-21-4159090267-1894372778-590262586-500 -> No File <==== ATTENTION
Task: {D9999B42-BD66-4306-9C8A-EE4BED8A9F2C} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.1.151\SymErr.exe
Task: {E7288A0E-A5E2-4887-8940-6D912C3768D8} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {EEE339E2-8E13-46E2-877D-4509A1896EE4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-03] (Google LLC -> Google LLC)
Task: {EFCD7579-A96D-4845-B3D6-1E7969355093} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {F5AF6E4F-A26E-493C-A71B-3E620142B809} - \Microsoft\Windows\Speech\HeadsetButtonPress -> No File <==== ATTENTION
Task: {F818290D-892B-416E-A9C3-225FC9BF8E00} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {FC5F94A5-C2C8-4712-B74E-760A008C9341} - System32\Tasks\PredatorSense => C:\Program Files\Acer\PredatorSense Service\PSLauncher.exe [580888 2019-10-09] (Acer Incorporated -> Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-1028854792-605204066-1811816243-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 46.151.57.84 46.151.60.244 46.151.57.85
Tcpip\..\Interfaces\{7f6cf546-28c0-44df-8c5b-b13acaa9c6ca}: [DhcpNameServer] 192.168.100.252
Tcpip\..\Interfaces\{d59fcf00-665e-436f-b68c-f5037c52c389}: [DhcpNameServer] 192.168.88.1 46.151.57.84 46.151.60.244 46.151.57.85

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\poper\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-25]

FireFox:
========
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com.xpi [2019-05-14] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Slovak (SK) Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-sk@firefox.mozilla.org.xpi [2019-05-14]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-03-12] [Legacy]

Chrome: 
=======
CHR Profile: C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default [2021-05-27]
CHR Notifications: Default -> hxxps://mail.google.com
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://google.sk/"
CHR Extension: (Prezentácie) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-03]
CHR Extension: (Just Black) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-04-03]
CHR Extension: (Dokumenty) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-03]
CHR Extension: (Disk Google) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-03]
CHR Extension: (YouTube) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-03]
CHR Extension: (Google Apps Script) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2021-04-03]
CHR Extension: (Tabuľky) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-27]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-27]
CHR Extension: (The West) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2021-04-03]
CHR Extension: (XLS Editor) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobjaooppmgjlgomfpaohhncpfjpigaf [2021-04-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-03]
CHR Extension: (Script Installation Services/Website Setup) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkfkmbechelifpehnokcfhlamloapmc [2021-04-03]
CHR Extension: (Gmail) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\poper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-27]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

Opera: 
=======
StartMenuInternet: (HKU\S-1-5-21-1028854792-605204066-1811816243-1001) Opera GXStable - "C:\Users\poper\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300336 2019-04-22] (Acer Incorporated -> Acer Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-05-02] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2021-07-19] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2616424 2019-06-17] (Rivet Networks LLC -> Rivet Networks)
S3 KNDBWM; C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [72800 2019-02-01] (Rivet Networks LLC -> CloudBees, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9414880 2020-10-15] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R3 PSSvc; C:\Program Files\Acer\PredatorSense Service\PSSvc.exe [979736 2019-10-09] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [6973168 2021-05-02] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2018-12-18] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72808 2019-06-17] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72816 2019-06-17] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [7256720 2021-05-02] (PUBG CORPORATION -> PUBG Corporation)
S3 HnGEpicService; D:\Program Files\Epic Games\HeroesGeneralsWWII\hngservice.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_c2cb13ef5ef8addf\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_c2cb13ef5ef8addf\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [162432 2019-06-17] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 MpKsldefe9a0a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E917B59E-98A0-4EDD-B601-20858A9566F8}\MpKslDrv.sys [107752 2021-07-24] (Microsoft Windows -> Microsoft Corporation)
U5 PSGG64; C:\Program Files (x86)\PS Sistemas\1.0.3.0\PSGG64.sys [25016 2021-05-03] (PS SISTEMAS (DOUGLAS PONTES RUIZ) -> PS Sistemas)
S3 PtpFilterDriver; C:\WINDOWS\System32\drivers\PtpFilterDriver.sys [51840 2016-12-27] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ssbthid; C:\WINDOWS\System32\drivers\ssbthid.sys [45752 2020-10-08] (SteelSeries ApS -> SteelSeries ApS)
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [57440 2020-11-02] (SteelSeries ApS -> SteelSeries ApS)
S3 ThrottleStop; C:\Users\poper\AppData\Local\Temp\ThrottleStop.sys [50216 2021-03-25] (TechPowerUp LLC -> ) <==== ATTENTION
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-07-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-07-24] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2729456 2021-05-02] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-25 12:49 - 2021-07-25 12:50 - 000000000 ____D C:\FRST
2021-07-25 12:49 - 2021-07-25 12:49 - 002300416 _____ (Farbar) C:\Users\poper\Desktop\FRST64.exe
2021-07-25 11:37 - 2021-07-25 11:37 - 000000222 _____ C:\Users\poper\Desktop\Torchlight II.url
2021-07-25 11:26 - 2021-07-25 11:26 - 000000000 ____D C:\Users\poper\AppData\Local\D2EB2.tmpd
2021-07-25 11:26 - 2021-07-25 11:26 - 000000000 _____ C:\Users\poper\AppData\Local\D2EB2.tmp
2021-07-25 11:07 - 2021-07-25 11:07 - 000000000 ____D C:\Users\poper\AppData\Local\D280BD.tmpd
2021-07-25 11:07 - 2021-07-25 11:07 - 000000000 _____ C:\Users\poper\AppData\Local\D280BD.tmp
2021-07-25 11:06 - 2021-07-25 11:06 - 000000000 ____D C:\Users\poper\AppData\Local\D27CAA.tmpd
2021-07-25 11:06 - 2021-07-25 11:06 - 000000000 _____ C:\Users\poper\AppData\Local\D27CAA.tmp
2021-07-25 10:58 - 2021-07-25 10:58 - 000000000 ____D C:\Users\poper\AppData\Local\D223FF.tmpd
2021-07-25 10:58 - 2021-07-25 10:58 - 000000000 _____ C:\Users\poper\AppData\Local\D223FF.tmp
2021-07-25 10:57 - 2021-07-25 10:57 - 000000000 ____D C:\Users\poper\AppData\Local\D24D74.tmpd
2021-07-25 10:57 - 2021-07-25 10:57 - 000000000 _____ C:\Users\poper\AppData\Local\D24D74.tmp
2021-07-25 10:56 - 2021-07-25 10:56 - 000000000 ____D C:\Users\poper\Documents\Diablo II
2021-07-25 10:56 - 2021-07-25 10:56 - 000000000 ____D C:\Users\poper\AppData\Local\D2F0AD.tmpd
2021-07-25 10:56 - 2021-07-25 10:56 - 000000000 _____ C:\Users\poper\AppData\Local\D2F0AD.tmp
2021-07-25 10:23 - 2021-07-25 10:23 - 000000000 ____D C:\ProgramData\EA Desktop
2021-07-23 20:30 - 2021-07-23 22:14 - 000000000 ____D C:\Users\poper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
2021-07-23 19:14 - 2021-07-23 19:15 - 124846312 _____ (miHoYo) C:\Users\poper\Desktop\GenshinImpact_install_mihoyo_20210707154300.exe
2021-07-20 10:25 - 2021-07-20 10:25 - 000000000 ____D C:\Users\poper\AppData\Local\Origin
2021-07-16 23:15 - 2021-07-16 23:15 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-16 23:15 - 2021-07-16 23:15 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-16 23:15 - 2021-07-16 23:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 23:15 - 2021-07-16 23:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 23:15 - 2021-07-16 23:15 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 23:15 - 2021-07-16 23:15 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-15 17:58 - 2021-07-15 18:01 - 000000000 ____D C:\Users\poper\AppData\Local\Two Worlds II
2021-07-15 17:58 - 2021-07-15 17:58 - 000000000 ____D C:\Users\Public\Documents\Steam
2021-07-10 09:25 - 2021-07-10 09:25 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-10 09:25 - 2021-07-10 09:25 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-10 09:25 - 2021-07-10 09:25 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-10 09:25 - 2021-07-10 09:25 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-10 09:25 - 2021-07-10 09:25 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-10 09:25 - 2021-07-10 09:25 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-10 09:24 - 2021-07-10 09:24 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-10 09:24 - 2021-07-10 09:24 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-10 09:24 - 2021-07-10 09:24 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-10 09:24 - 2021-07-10 09:24 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-05 15:42 - 2021-07-05 15:42 - 000000000 ____D C:\Users\poper\AppData\Roaming\Frontier Developments
2021-07-05 15:42 - 2021-07-05 15:42 - 000000000 ____D C:\Users\poper\AppData\Local\Frontier Developments
2021-07-05 15:40 - 2021-07-15 11:26 - 000000000 ____D C:\Users\poper\AppData\Local\Frontier_Developments
2021-06-30 21:42 - 2021-06-30 21:42 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2021-06-30 21:42 - 2021-06-30 21:42 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2021-06-30 21:42 - 2021-06-30 21:42 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2021-06-30 21:42 - 2021-06-30 21:42 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2021-06-30 21:42 - 2021-06-30 21:42 - 000000000 ____D C:\Program Files (x86)\OpenAL
2021-06-25 16:46 - 2021-06-25 16:46 - 000000000 ____D C:\Users\poper\AppData\LocalLow\Inferna Limited

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-25 12:45 - 2021-03-11 19:06 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-25 12:44 - 2021-03-11 19:07 - 000000000 ____D C:\Users\poper\AppData\Local\D3DSCache
2021-07-25 12:44 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-25 12:38 - 2021-04-03 19:24 - 000000000 ____D C:\Program Files (x86)\Steam
2021-07-25 12:25 - 2019-06-26 20:45 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-25 11:37 - 2021-03-11 20:42 - 000000000 ____D C:\Users\poper\Documents\My Games
2021-07-25 11:37 - 2021-03-11 19:23 - 000000000 ____D C:\Users\poper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-07-25 10:56 - 2021-05-14 10:27 - 000000000 _____ C:\BnetLog.txt
2021-07-25 10:56 - 2021-04-03 19:27 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2021-07-25 10:23 - 2021-04-12 14:09 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2021-07-25 10:23 - 2019-06-26 20:32 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-25 10:18 - 2021-04-15 17:32 - 000000000 ____D C:\Users\poper\AppData\Roaming\vlc
2021-07-25 10:14 - 2021-04-11 20:30 - 000000000 ____D C:\ProgramData\Epic
2021-07-24 22:30 - 2021-03-19 20:04 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-24 22:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-24 12:14 - 2021-03-12 03:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-23 08:12 - 2021-04-03 19:10 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-22 22:42 - 2021-04-30 15:18 - 000004248 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1619788710
2021-07-22 22:42 - 2021-04-30 15:18 - 000001438 _____ C:\Users\poper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera GX.lnk
2021-07-20 11:18 - 2021-05-02 19:19 - 000000000 ____D C:\Users\poper\AppData\Roaming\EasyAntiCheat
2021-07-17 22:17 - 2021-03-12 03:42 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-17 22:17 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-17 22:09 - 2021-03-12 03:32 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-17 22:09 - 2021-03-12 03:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-17 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-07-17 09:27 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-17 08:32 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-17 08:31 - 2021-03-11 21:13 - 000000000 ___HD C:\$WinREAgent
2021-07-16 23:40 - 2021-03-12 03:32 - 000258168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-16 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-16 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-16 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-16 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 23:08 - 2021-03-13 21:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-16 23:06 - 2021-03-13 21:30 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-15 19:00 - 2021-03-29 18:47 - 000000000 ____D C:\Users\poper\AppData\Local\CrashDumps
2021-07-15 18:59 - 2021-04-05 10:50 - 000000000 ____D C:\Users\poper\AppData\Roaming\uTorrent
2021-07-15 18:58 - 2021-04-15 12:03 - 000000000 ____D C:\Users\poper\Counter-Strike 1.6
2021-07-15 17:51 - 2021-03-12 03:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-15 08:38 - 2021-04-03 19:10 - 000003456 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-15 08:38 - 2021-04-03 19:10 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-11 19:36 - 2021-05-03 08:34 - 000000000 ____D C:\Users\poper\AppData\Local\RabanSoft
2021-07-11 19:18 - 2021-03-11 18:56 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1028854792-605204066-1811816243-1001
2021-07-11 19:18 - 2021-03-11 18:56 - 000000000 ___RD C:\Users\poper\OneDrive
2021-07-11 19:18 - 2021-03-11 18:51 - 000002371 _____ C:\Users\poper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-10 15:41 - 2021-06-22 13:08 - 000000000 ____D C:\Users\poper\Desktop\Nový priečinok
2021-07-10 09:46 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-10 09:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-10 09:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-10 09:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-10 09:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-10 09:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-10 09:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-10 09:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-05 14:31 - 2021-03-25 19:59 - 000000000 ____D C:\ProgramData\Origin
2021-07-02 08:02 - 2021-03-19 20:04 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-02 08:02 - 2021-03-19 20:04 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-26 22:56 - 2021-06-21 08:55 - 000000000 ____D C:\Users\poper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return of Reckoning

==================== Files in the root of some directories ========

2021-05-15 20:47 - 2021-05-15 20:47 - 000000000 _____ () C:\Users\poper\AppData\Local\D215E2.tmp
2021-05-29 12:49 - 2021-05-29 12:49 - 000000000 _____ () C:\Users\poper\AppData\Local\D21C6.tmp
2021-05-15 10:20 - 2021-05-15 10:20 - 000000000 _____ () C:\Users\poper\AppData\Local\D22128.tmp
2021-05-26 23:46 - 2021-05-26 23:46 - 000000000 _____ () C:\Users\poper\AppData\Local\D22388.tmp
2021-07-25 10:58 - 2021-07-25 10:58 - 000000000 _____ () C:\Users\poper\AppData\Local\D223FF.tmp
2021-05-21 23:13 - 2021-05-21 23:13 - 000000000 _____ () C:\Users\poper\AppData\Local\D2274B.tmp
2021-05-15 10:21 - 2021-05-15 10:21 - 000000000 _____ () C:\Users\poper\AppData\Local\D227E4.tmp
2021-05-15 10:33 - 2021-05-15 10:33 - 000000000 _____ () C:\Users\poper\AppData\Local\D22F32.tmp
2021-05-31 22:47 - 2021-05-31 22:47 - 000000000 _____ () C:\Users\poper\AppData\Local\D22F83.tmp
2021-05-15 20:47 - 2021-05-15 20:47 - 000000000 _____ () C:\Users\poper\AppData\Local\D23B4D.tmp
2021-05-15 21:25 - 2021-05-15 21:25 - 000000000 _____ () C:\Users\poper\AppData\Local\D23EBB.tmp
2021-05-15 10:15 - 2021-05-15 10:15 - 000000000 _____ () C:\Users\poper\AppData\Local\D24309.tmp
2021-05-14 10:30 - 2021-05-14 10:30 - 000000000 _____ () C:\Users\poper\AppData\Local\D2491F.tmp
2021-06-08 07:45 - 2021-06-08 07:45 - 000000000 _____ () C:\Users\poper\AppData\Local\D24CF3.tmp
2021-07-25 10:57 - 2021-07-25 10:57 - 000000000 _____ () C:\Users\poper\AppData\Local\D24D74.tmp
2021-05-19 22:10 - 2021-05-19 22:10 - 000000000 _____ () C:\Users\poper\AppData\Local\D25593.tmp
2021-05-15 10:35 - 2021-05-15 10:35 - 000000000 _____ () C:\Users\poper\AppData\Local\D268A7.tmp
2021-05-14 10:32 - 2021-05-14 10:32 - 000000000 _____ () C:\Users\poper\AppData\Local\D26EE3.tmp
2021-05-15 10:21 - 2021-05-15 10:21 - 000000000 _____ () C:\Users\poper\AppData\Local\D272BA.tmp
2021-07-25 11:06 - 2021-07-25 11:06 - 000000000 _____ () C:\Users\poper\AppData\Local\D27CAA.tmp
2021-07-25 11:07 - 2021-07-25 11:07 - 000000000 _____ () C:\Users\poper\AppData\Local\D280BD.tmp
2021-05-15 10:15 - 2021-05-15 10:15 - 000000000 _____ () C:\Users\poper\AppData\Local\D28248.tmp
2021-05-15 20:39 - 2021-05-15 20:39 - 000000000 _____ () C:\Users\poper\AppData\Local\D282A6.tmp
2021-06-07 11:16 - 2021-06-07 11:16 - 000000000 _____ () C:\Users\poper\AppData\Local\D287CE.tmp
2021-06-02 11:08 - 2021-06-02 11:08 - 000000000 _____ () C:\Users\poper\AppData\Local\D289EB.tmp
2021-05-15 10:26 - 2021-05-15 10:26 - 000000000 _____ () C:\Users\poper\AppData\Local\D28BEF.tmp
2021-06-02 20:25 - 2021-06-02 20:25 - 000000000 _____ () C:\Users\poper\AppData\Local\D292FA.tmp
2021-05-15 10:35 - 2021-05-15 10:35 - 000000000 _____ () C:\Users\poper\AppData\Local\D29352.tmp
2021-05-31 07:51 - 2021-05-31 07:51 - 000000000 _____ () C:\Users\poper\AppData\Local\D29684.tmp
2021-05-15 10:14 - 2021-05-15 10:14 - 000000000 _____ () C:\Users\poper\AppData\Local\D2A218.tmp
2021-06-12 09:12 - 2021-06-12 09:12 - 000000000 _____ () C:\Users\poper\AppData\Local\D2A390.tmp
2021-05-15 10:22 - 2021-05-15 10:22 - 000000000 _____ () C:\Users\poper\AppData\Local\D2A7EF.tmp
2021-05-15 10:36 - 2021-05-15 10:36 - 000000000 _____ () C:\Users\poper\AppData\Local\D2B0AF.tmp
2021-05-14 10:32 - 2021-05-14 10:32 - 000000000 _____ () C:\Users\poper\AppData\Local\D2B36F.tmp
2021-05-17 08:05 - 2021-05-17 08:05 - 000000000 _____ () C:\Users\poper\AppData\Local\D2BFA2.tmp
2021-06-10 23:36 - 2021-06-10 23:36 - 000000000 _____ () C:\Users\poper\AppData\Local\D2C6CB.tmp
2021-06-09 20:13 - 2021-06-09 20:13 - 000000000 _____ () C:\Users\poper\AppData\Local\D2CA76.tmp
2021-05-15 10:23 - 2021-05-15 10:23 - 000000000 _____ () C:\Users\poper\AppData\Local\D2CB37.tmp
2021-05-16 09:42 - 2021-05-16 09:42 - 000000000 _____ () C:\Users\poper\AppData\Local\D2CFCD.tmp
2021-05-15 10:16 - 2021-05-15 10:16 - 000000000 _____ () C:\Users\poper\AppData\Local\D2D17F.tmp
2021-05-22 22:59 - 2021-05-22 22:59 - 000000000 _____ () C:\Users\poper\AppData\Local\D2D7.tmp
2021-06-05 22:44 - 2021-06-05 22:44 - 000000000 _____ () C:\Users\poper\AppData\Local\D2DA74.tmp
2021-05-22 23:00 - 2021-05-22 23:00 - 000000000 _____ () C:\Users\poper\AppData\Local\D2DAAE.tmp
2021-05-15 10:23 - 2021-05-15 10:23 - 000000000 _____ () C:\Users\poper\AppData\Local\D2E373.tmp
2021-05-15 10:14 - 2021-05-15 10:14 - 000000000 _____ () C:\Users\poper\AppData\Local\D2E481.tmp
2021-05-15 10:33 - 2021-05-15 10:33 - 000000000 _____ () C:\Users\poper\AppData\Local\D2E567.tmp
2021-07-25 11:26 - 2021-07-25 11:26 - 000000000 _____ () C:\Users\poper\AppData\Local\D2EB2.tmp
2021-06-04 23:56 - 2021-06-04 23:56 - 000000000 _____ () C:\Users\poper\AppData\Local\D2EB66.tmp
2021-07-25 10:56 - 2021-07-25 10:56 - 000000000 _____ () C:\Users\poper\AppData\Local\D2F0AD.tmp
2021-05-15 20:40 - 2021-05-15 20:40 - 000000000 _____ () C:\Users\poper\AppData\Local\D2F45C.tmp
2021-05-15 10:39 - 2021-05-15 10:39 - 000000000 _____ () C:\Users\poper\AppData\Local\D2F720.tmp
2021-04-05 13:24 - 2021-04-05 13:24 - 000000003 _____ () C:\Users\poper\AppData\Local\updater.log
2021-04-05 13:24 - 2021-04-05 13:24 - 000000424 _____ () C:\Users\poper\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================