Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-06-2022 01
Ran by Marian (administrator) on DESKTOP-2SGA964 (HP 870-287nc) (07-06-2022 17:46:09)
Running from C:\Users\Marian\Desktop
Loaded Profiles: Marian
Platform: Microsoft Windows 10 Home Version 21H2 19044.1741 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (TechPowerUp LLC -> uWebb Software) D:\Games\Throttlestop\ThrottleStop.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <19>
(services.exe ->) (Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HPPhoenixCtrl\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdcig.inf_amd64_38bb86a8494f3fc8\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (HP Inc. -> ) C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH\HPJumpStartLaunch.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [707624 2018-08-08] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPMSGSVC] => C:\Program Files (x86)\HP\HPPhoenixCtrl\HPMSGSVC.exe [502032 2016-06-16] (Hewlett-Packard Company -> HP Development Company, L.P.)
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-s (the data entry has 102 more characters). (No File)
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {1d48d100-8dd2-11ec-9914-10050142c29b} - "O:\autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {321a68de-8a36-11ec-9914-10050142c29b} - "N:\autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {37e24095-883b-11ec-9912-10050142c29b} - "M:\autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {37e240f6-883b-11ec-9912-10050142c29b} - "M:\autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {37e2411b-883b-11ec-9912-10050142c29b} - "M:\setup.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {37e24171-883b-11ec-9912-10050142c29b} - "N:\startupcheck.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7a2a3d6b-5742-11ec-98fe-10050142c29b} - "L:\setup.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7aad9f61-8056-11ec-990f-10050142c29b} - "L:\Autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7aad9fa8-8056-11ec-990f-10050142c29b} - "L:\Autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7aad9fd5-8056-11ec-990f-10050142c29b} - "L:\Autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7aada10d-8056-11ec-990f-10050142c29b} - "L:\autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7aada13c-8056-11ec-990f-10050142c29b} - "L:\autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7aada140-8056-11ec-990f-10050142c29b} - "L:\autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7aada1b4-8056-11ec-990f-10050142c29b} - "L:\Autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7aada1ea-8056-11ec-990f-10050142c29b} - "L:\Autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {7aada324-8056-11ec-990f-10050142c29b} - "L:\Setup.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {8d922680-5687-11eb-9839-10050142c29b} - "L:\Setup.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {91a502da-7ba1-11ec-990e-10050142c29b} - "L:\setup.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {91a50344-7ba1-11ec-990e-10050142c29b} - "L:\setup.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {c55a001b-844a-11ec-9912-10050142c29b} - "M:\Autorun.exe" 
HKU\S-1-5-21-963594185-2070104337-283957109-1001\...\MountPoints2: {e2c47069-e4a8-11eb-98bb-10050142c29b} - "M:\fh2_setup.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-05-31] (Google LLC -> Google LLC)
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Processor Identification Utility.lnk [2022-06-06]
ShortcutTarget: Intel® Processor Identification Utility.lnk -> C:\Program Files (x86)\Intel Corporation\Intel Processor Identification Utility\ProcID.exe (Intel Corporation -> Intel Corporation)
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2021-08-26]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-963594185-2070104337-283957109-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {010E103F-0C6E-41EF-AC4D-CA54BA14D60D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115584 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {079831B1-1D53-4210-ABB2-6F034685DFCB} - System32\Tasks\Throttlestop => D:\Games\Throttlestop\ThrottleStop.exe [3923456 2021-08-17] (TechPowerUp LLC -> uWebb Software)
Task: {0E833782-107E-47DA-950A-31DE249B3DFA} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {10F6C94F-2679-4918-AA40-1C112D371ED9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2804C9F7-9D0D-4DB7-8250-31F50B9958C0} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {357F2BC4-BC7D-49A0-8F92-35F7ED0D9EDB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Marian\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (No File)
Task: {444D333F-6D44-4CE7-9C6D-D60666A6BB50} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {46B5E2F3-653A-4D11-B159-D0B37A72B07B} - System32\Tasks\PTUI => C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Client\XtuUiLauncher.exe (No File)
Task: {47AEC9A5-747E-492A-85D8-E4C11531E1AB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {483A93AD-1D55-4862-AEDC-159ACB48317A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {55B2D6E5-0D5E-4814-BCBB-25B77CB91506} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Marian\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File)
Task: {590CCCA8-D473-4D26-AF5C-5F899BC9493B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)
Task: {59ADCA4E-8AB9-46C8-BD31-4E7CED609709} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {673B0575-3ADA-404B-834D-3F077AB96E47} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {7B49A34B-5066-4808-997D-9B9BC9656439} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {80170EC8-B16E-4208-A49D-7B8B799FBAC6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235944 2017-08-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {91AFFFBA-B76E-4298-9775-DD98768349C2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115584 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {94D2D6D3-7FF0-4B84-BDA6-4A2FCCA9D791} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {99C31FFC-862E-4FDE-8FAD-5728A72C4443} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {A0AD35C8-B53A-480D-B0A7-EDC809346A84} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4F9B4C1-CEF3-47E4-A728-A95FDB009FD3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {AD0FFF20-E049-41C0-A55E-CCE1C3B6C2E0} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-07-28] (HP Inc. -> )
Task: {AD3B118D-99D8-4119-B123-B932BBB8234F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE045B7B-3482-485A-95B7-5F42548F5182} - System32\Tasks\elevator_385ab32a2b2ea0517322c6951e332146 => D:\Games\RBRPro\RBRProManager.exe (No File)
Task: {C009F540-C7D8-4991-814F-37BAC6EEB1D9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [688048 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6D3EAA6-5E06-48D6-BE93-6D517D201A90} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {C7FE46F5-8C15-426E-B158-41C593BCE468} - System32\Tasks\elevator_87aa3f876905711d6249ca9d21c30043 => D:\Games\SimHub\SimHubWPF.exe (No File)
Task: {CBBC75FB-729B-443C-B025-D60405E36C66} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {DB6DC5EF-E66B-4ACD-8E9A-31A553DA3044} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0B44CFF-65DF-4667-8672-F57A627B697A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {E2AC368A-CE9C-41C3-A037-6B240D59CFE1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E5D768D9-0289-490A-B4CA-7CBF1B9C4BF3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8D900B8-6ADD-42AB-8A96-8695C8BC1F7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-19] (Google LLC -> Google LLC)
Task: {EDD39811-1B2B-4B7E-BEA5-944659F247F4} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {FC3A0669-AE58-44B4-8EBF-1BF9700F230F} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.242.44.85 80.242.44.39 8.8.8.8
Tcpip\..\Interfaces\{db3bfbef-48c8-4665-bf02-8ad739c0730a}: [DhcpNameServer] 80.242.44.85 80.242.44.39 8.8.8.8

Edge: 
=======
DownloadDir: C:\Users\Marian\Downloads
Edge Notifications: HKU\S-1-5-21-963594185-2070104337-283957109-1001 -> hxxps://forums.codemasters.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Marian\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-04]
Edge HomePage: Default -> hxxp://www.google.com/
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Marian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-06-04]
Edge Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Marian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-04-27]
Edge Profile: C:\Users\Marian\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-25]

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> D:\Games\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-963594185-2070104337-283957109-1001: ubisoft.com/uplaypc -> D:\Games\H.A.W.X. 2\orbit\npuplaypc.dll [No File]

Chrome: 
=======
CHR Profile: C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default [2022-06-07]
CHR Notifications: Default -> hxxps://forums.flightsimulator.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-06-01]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-15]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-17]
CHR Extension: (Chrome Audio Capture) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfokdmfpdnokpmpbjhjbcabgligoelgp [2022-06-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8912272 2021-11-29] (BattlEye Innovations e.K. -> )
R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2021-07-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-22] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; D:\Games\GOG Galaxy\GalaxyClientService.exe [1959776 2022-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-08-01] (GOG Sp. z o.o. -> GOG.com)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
S4 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [733200 2021-04-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [731152 2021-04-19] (HP Inc. -> HP Inc.)
S4 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-07-28] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [731152 2021-04-19] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [732176 2021-04-19] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HPPhoenixCtrl\HPWMISVC.exe [554768 2016-06-16] (Hewlett-Packard Company -> HP Development Company, L.P.)
S4 IRMTService; C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [182896 2016-10-13] (Intel(R) RMT -> Intel Corporation)
S3 MBAMService; D:\Games\Anti-Malware\mbamservice.exe [4470736 2017-07-12] (Malwarebytes Corporation -> Malwarebytes)
S4 Origin Client Service; D:\Games\Origin\OriginClientService.exe [2562776 2022-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; D:\Games\Origin\OriginWebHelperService.exe [3481312 2022-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S4 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-12-11] (Even Balance, Inc. -> )
S3 Rockstar Service; D:\Games\Launcher\RockstarService.exe [2017072 2021-11-19] (Rockstar Games, Inc. -> Rockstar Games)
S4 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2018-01-10] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdcig.inf_amd64_38bb86a8494f3fc8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdcig.inf_amd64_38bb86a8494f3fc8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 fiddrv64; no ImagePath
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [34720 2016-10-13] (Intel Corporation -> Intel Corporation)
R3 MpKslc7be1335; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D86D9F85-F71E-4C6D-8471-F45185F83A29}\MpKslDrv.sys [137464 2022-06-07] (Microsoft Windows -> Microsoft Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [232792 2021-09-05] (Valve Corp. -> Valve Corporation)
R3 ThrottleStop; C:\Users\Marian\AppData\Local\Temp\ThrottleStop.sys [50216 2022-06-07] (TechPowerUp LLC -> ) <==== ATTENTION
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [611728 2021-01-30] (Bitdefender SRL -> Bitdefender)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 46e5390a7dd1eb89; \??\C:\Users\Marian\AppData\Local\Temp\62d6e9a1.sys [X] <==== ATTENTION
S3 46e53fdd695f6089; \??\C:\Users\Marian\AppData\Local\Temp\1aef1d64ad6.sys [X] <==== ATTENTION
S3 46ea47aa1b835f89; \??\C:\Users\Marian\AppData\Local\Temp\11f2860b7.sys [X] <==== ATTENTION
S3 bomebus; \SystemRoot\System32\drivers\bomebus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-07 17:46 - 2022-06-07 17:46 - 000025455 _____ C:\Users\Marian\Desktop\FRST.txt
2022-06-07 17:36 - 2022-06-07 17:46 - 000000000 ____D C:\FRST
2022-06-07 16:30 - 2022-06-07 16:30 - 002368000 _____ (Farbar) C:\Users\Marian\Desktop\FRST64.exe
2022-06-07 16:00 - 2022-06-07 16:00 - 000357136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_6de4c038a_klark.sys
2022-06-07 16:00 - 2022-06-07 16:00 - 000267824 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_6de4c038a_mark.sys
2022-06-07 15:59 - 2022-06-07 15:59 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\6de4c038.sys
2022-06-07 15:59 - 2022-06-07 15:59 - 000000000 ____D C:\KVRT2020_Data
2022-06-07 13:36 - 2022-06-07 13:36 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-06-07 13:36 - 2022-06-07 13:36 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-06-06 22:49 - 2022-06-06 22:49 - 000003862 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-06-06 22:49 - 2022-06-06 22:49 - 000003420 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-06-06 18:45 - 2022-06-06 18:45 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-06 18:45 - 2022-06-06 18:45 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-06 18:45 - 2022-06-06 18:45 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-06 18:44 - 2022-06-06 18:44 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-06 18:44 - 2022-06-06 18:44 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-06 18:40 - 2022-06-06 18:40 - 000000000 ___HD C:\$WinREAgent
2022-06-06 14:47 - 2022-06-06 14:47 - 000000000 ____D C:\Users\Marian\AppData\Local\D3DSCache
2022-06-06 14:35 - 2022-06-07 15:33 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-06 14:35 - 2022-06-06 16:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-06-06 14:35 - 2022-06-06 14:35 - 000000000 ____D C:\Users\Marian\AppData\Local\NVIDIA
2022-06-06 14:34 - 2022-06-06 14:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-06-06 14:33 - 2022-05-20 02:51 - 000134832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-06-06 14:33 - 2022-05-20 02:51 - 000047792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-06-06 14:23 - 2022-05-21 05:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-06-06 14:23 - 2022-05-21 05:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-06-06 14:23 - 2022-05-21 05:26 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-06-06 14:23 - 2022-05-21 05:26 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-06-06 14:23 - 2022-05-21 05:26 - 001467080 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-06-06 14:23 - 2022-05-21 05:26 - 001432304 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-06-06 14:23 - 2022-05-21 05:26 - 001432304 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-06-06 14:23 - 2022-05-21 05:26 - 001209408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-06-06 14:23 - 2022-05-21 05:26 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-06-06 14:23 - 2022-05-21 05:26 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-06-06 14:23 - 2022-05-21 05:23 - 000587336 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-06-06 14:23 - 2022-05-21 05:23 - 000460496 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-06-06 14:23 - 2022-05-21 05:22 - 042326096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2022-06-06 14:23 - 2022-05-21 05:22 - 002120896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-06-06 14:23 - 2022-05-21 05:22 - 001603144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-06-06 14:23 - 2022-05-21 05:22 - 001530456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-06-06 14:23 - 2022-05-21 05:22 - 001177312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-06-06 14:23 - 2022-05-21 05:22 - 000730320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-06-06 14:23 - 2022-05-21 05:22 - 000724688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-06-06 14:23 - 2022-05-21 05:22 - 000712416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-06-06 14:23 - 2022-05-21 05:21 - 006964824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-06-06 14:23 - 2022-05-21 05:21 - 006226640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-06-06 14:23 - 2022-05-21 05:21 - 005100752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-06-06 14:23 - 2022-05-21 05:21 - 002932952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-06-06 14:23 - 2022-05-21 05:21 - 000582712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-06-06 14:23 - 2022-05-21 05:21 - 000457944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-06-06 14:23 - 2022-05-21 05:20 - 005730880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-06-06 14:23 - 2022-05-21 05:19 - 000851136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-06-06 14:23 - 2022-05-21 05:18 - 007618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-06-06 14:23 - 2022-05-21 05:18 - 006465200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-06-06 14:23 - 2022-05-20 02:51 - 000089337 _____ C:\WINDOWS\system32\nvinfo.pb
2022-06-05 22:11 - 2022-06-06 14:25 - 000015648 _____ C:\WINDOWS\ntbtlog.txt
2022-06-04 14:25 - 2022-06-04 14:25 - 000002713 _____ C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panel Edge od Microsoft Edgeu.lnk
2022-06-02 17:20 - 2022-06-02 18:33 - 000000000 ____D C:\Users\Marian\AppData\Roaming\Atom
2022-06-02 09:50 - 2022-06-02 09:50 - 000000000 ____D C:\Users\Marian\AppData\Local\rmmz-game
2022-05-30 22:06 - 2022-05-31 23:52 - 000001456 _____ C:\Users\Marian\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-05-30 18:11 - 2022-05-30 18:11 - 000000000 ____D C:\Users\Marian\AppData\LocalLow\TheArchitect
2022-05-29 10:41 - 2022-05-29 10:41 - 000000000 ____D C:\Users\Marian\AppData\Local\HarshDoorstop
2022-05-28 18:37 - 2022-05-28 18:38 - 073029704 _____ C:\Users\Marian\Desktop\morrico(2).wav
2022-05-27 20:03 - 2022-05-28 12:59 - 000000000 ____D C:\Users\Marian\AppData\Local\VNE2
2022-05-27 17:45 - 2022-05-27 17:45 - 000000000 ____D C:\Users\Marian\AppData\Local\VNGINE
2022-05-25 23:45 - 2022-05-25 23:45 - 000000000 ____D C:\Users\Marian\AppData\Roaming\Leadertech
2022-05-22 23:18 - 2022-05-22 23:18 - 000001562 _____ C:\Users\Marian\Desktop\Content Manager.exe – odkaz.lnk
2022-05-20 22:23 - 2022-06-07 15:47 - 000000000 ____D C:\Users\Marian\AppData\Local\AcTools Content Manager
2022-05-20 18:53 - 2022-05-20 18:53 - 000000208 _____ C:\Users\Marian\Desktop\Assetto Corsa.url
2022-05-12 20:22 - 2022-05-12 20:22 - 000000000 ____D C:\Users\Marian\AppData\Local\Project_6
2022-05-12 18:19 - 2022-05-12 18:19 - 000000000 ____D C:\Users\Marian\AppData\LocalLow\Eek
2022-05-11 09:16 - 2022-05-11 09:16 - 000000028 ____H C:\.GamingRoot
2022-05-11 09:16 - 2022-05-11 09:16 - 000000000 ____D C:\XboxGames
2022-05-11 07:03 - 2022-05-11 07:03 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-11 07:03 - 2022-05-11 07:03 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-07 17:28 - 2020-06-12 12:39 - 000000000 ____D C:\Users\Marian
2022-06-07 17:12 - 2017-06-20 09:59 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-07 16:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-07 16:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-06-07 15:40 - 2020-06-12 12:48 - 001829354 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-07 15:40 - 2019-12-07 16:41 - 000741560 _____ C:\WINDOWS\system32\perfh005.dat
2022-06-07 15:40 - 2019-12-07 16:41 - 000162304 _____ C:\WINDOWS\system32\perfc005.dat
2022-06-07 15:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-07 15:35 - 2017-02-13 05:34 - 000000000 ____D C:\Program Files (x86)\Intel
2022-06-07 15:35 - 2017-02-13 04:39 - 000000000 ____D C:\ProgramData\Package Cache
2022-06-07 15:33 - 2020-06-12 12:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-07 15:33 - 2020-06-12 12:38 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-07 15:33 - 2019-12-07 11:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-06-07 14:39 - 2020-06-12 12:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-07 14:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-07 13:36 - 2021-11-17 23:14 - 000136672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-06-07 13:36 - 2020-04-15 08:15 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-06-07 13:36 - 2020-01-31 08:25 - 002762208 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-06-07 13:36 - 2020-01-31 08:25 - 000402920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-06-07 13:36 - 2020-01-31 08:25 - 000230864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-06-07 13:36 - 2020-01-31 08:25 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-06-07 13:36 - 2020-01-31 08:25 - 000062928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-06-07 13:36 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-07 10:02 - 2017-07-09 00:53 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2022-06-06 23:29 - 2020-09-13 07:03 - 000000000 ____D C:\Users\Marian\Desktop\DS4Windows
2022-06-06 23:14 - 2020-06-12 12:45 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{219F2BD4-A9EE-4CF1-810F-99A948DBFE12}
2022-06-06 20:03 - 2020-06-12 12:38 - 000434624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-06 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-06 19:22 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-06 18:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-06 18:42 - 2017-06-23 20:50 - 000000000 ____D C:\Users\Marian\AppData\Local\ElevatedDiagnostics
2022-06-06 18:00 - 2021-12-04 00:27 - 000002515 _____ C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intel® Processor Identification Utility.lnk
2022-06-06 18:00 - 2021-01-28 00:21 - 000002485 _____ C:\Users\Marian\Desktop\Intel® Processor Identification Utility.lnk
2022-06-06 17:55 - 2020-11-11 10:07 - 000020486 _____ C:\Users\Marian\Desktop\čaj.txt
2022-06-06 14:35 - 2017-10-17 21:42 - 000000000 ____D C:\Users\Marian\AppData\Local\Packages
2022-06-06 14:33 - 2019-10-03 17:53 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-06-05 22:02 - 2019-06-23 22:16 - 000000000 ____D C:\Users\Marian\AppData\Local\PlaceholderTileLogoFolder
2022-06-05 17:17 - 2021-05-04 21:48 - 000000000 ____D C:\Users\Marian\AppData\Local\Arma 3 Launcher
2022-06-05 17:05 - 2021-05-04 21:51 - 000000000 ____D C:\Users\Marian\AppData\Local\Arma 3
2022-06-05 12:26 - 2017-06-19 16:20 - 000000589 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-06-04 19:32 - 2019-09-12 19:44 - 000000032 _____ C:\Users\Marian\AppData\Roaming\msregsvv.dll
2022-06-04 19:32 - 2019-09-12 19:44 - 000000032 _____ C:\ProgramData\autobk.inc
2022-06-04 17:00 - 2020-06-06 07:05 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-04 17:00 - 2020-06-06 07:05 - 000002289 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-02 21:37 - 2017-06-19 18:12 - 000000000 ____D C:\Users\Marian\AppData\Local\CrashDumps
2022-06-02 18:36 - 2020-07-25 16:50 - 000000132 _____ C:\Users\Marian\AppData\Roaming\Adobe PNG Format CC Prefs
2022-06-02 06:52 - 2018-06-20 17:58 - 000000000 ____D C:\ProgramData\Packages
2022-06-01 10:30 - 2021-03-03 20:20 - 000000000 ____D C:\Users\Marian\AppData\Roaming\vlc
2022-05-31 22:13 - 2020-09-19 09:37 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-31 22:13 - 2020-09-19 09:37 - 000002225 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-05-30 22:05 - 2018-01-04 15:54 - 000000000 ____D C:\Users\Marian\AppData\Roaming\Adobe
2022-05-30 16:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-05-28 22:04 - 2017-02-13 04:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-05-25 23:37 - 2018-12-10 19:03 - 000000000 ____D C:\Users\Marian\AppData\Local\Ubisoft Game Launcher
2022-05-25 22:53 - 2020-01-31 12:41 - 000000000 ____D C:\Users\Marian\AppData\Local\FlightSimulator
2022-05-25 04:29 - 2020-06-12 12:45 - 000243176 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInputRedist.dll
2022-05-25 02:52 - 2020-06-12 12:45 - 000140248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2022-05-17 18:33 - 2020-06-12 12:45 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2022-05-17 13:51 - 2017-02-13 05:34 - 000000000 ____D C:\Program Files\Intel
2022-05-17 13:50 - 2020-06-12 12:45 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2022-05-17 13:50 - 2020-06-12 12:45 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2022-05-11 23:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-11 23:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-11 23:01 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-11 06:58 - 2017-06-20 08:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-11 06:57 - 2021-10-09 18:02 - 000000000 ____D C:\Program Files\dotnet
2022-05-11 06:57 - 2017-06-20 08:34 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-10 06:54 - 2020-06-12 12:45 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-10 06:54 - 2020-06-12 12:45 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2020-07-25 16:50 - 2022-06-02 18:36 - 000000132 _____ () C:\Users\Marian\AppData\Roaming\Adobe PNG Format CC Prefs
2022-01-22 19:50 - 2022-01-22 19:50 - 000000025 _____ () C:\Users\Marian\AppData\Roaming\alsoft.ini
2020-06-23 15:38 - 2021-12-27 01:02 - 000000099 _____ () C:\Users\Marian\AppData\Roaming\LauncherSettings_live.cfg
2019-09-12 19:44 - 2022-06-04 19:32 - 000000032 _____ () C:\Users\Marian\AppData\Roaming\msregsvv.dll
2019-06-20 20:15 - 2021-12-20 00:57 - 000016601 _____ () C:\Users\Marian\AppData\Roaming\TheHunterSettings_live.bin
2019-06-20 20:29 - 2021-12-15 18:05 - 000000049 _____ () C:\Users\Marian\AppData\Roaming\TheHunterSettings_steam_live.cfg
2021-01-18 10:42 - 2021-01-18 11:07 - 000000096 _____ () C:\Users\Marian\AppData\Roaming\version2.xml
2020-09-28 11:57 - 2020-09-28 12:49 - 000000081 _____ () C:\Users\Marian\AppData\Local\.bidstack.fault
2022-05-30 22:06 - 2022-05-31 23:52 - 000001456 _____ () C:\Users\Marian\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-01-24 00:40 - 2022-01-24 00:40 - 000000000 ___SH () C:\Users\Marian\AppData\Local\LumaEmu
2017-06-21 18:05 - 2020-11-04 16:46 - 000007601 _____ () C:\Users\Marian\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================