Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by Admin (administrator) on DESKTOP-ISG7U4Q (HP HP EliteBook 840 G4) (03-01-2023 20:15:58)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2364 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems LLC.) [File not signed] C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225280 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\Admin\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-09-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKU\S-1-5-21-4173816120-628967410-704578254-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4173816120-628967410-704578254-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4173816120-628967410-704578254-1025\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4173816120-628967410-704578254-1025\...\Run: [com.squirrel.Teams.Teams] => C:\Users\w801122\AppData\Local\Microsoft\Teams\Update.exe [2492128 2022-09-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4173816120-628967410-704578254-1025\...\Run: [MicrosoftEdgeAutoLaunch_E5DAC3483DA38341257ABDA6D796DFE4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19667.125\Installer\chrmstp.exe [2023-01-03] (Avast Software s.r.o. -> AVAST Software)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01721F21-CD2A-4955-AC67-20F38E0609F3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {0B8561F5-DC1A-4688-90D9-8A87F2795A79} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {0E3A6A03-7262-4578-A6CA-C90CF873185D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {134C5BAF-FD90-4E53-A419-13DB5FA05202} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {18896D51-62B6-4182-8E30-B574C1BB34B5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {272A6728-F686-45DE-BBDE-C15A96ED3545} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
Task: {321FFA97-FABA-4575-B394-FB2A0C71D3B9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4173816120-628967410-704578254-1025 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DA497A3-063F-4716-A441-7F5FE84C05F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (No File)
Task: {47743D06-2E6D-466B-A0C2-6127B427BA09} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4A329299-C4AB-40AC-8A09-CC928D6FC42B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A928FE4-4621-4358-8E8F-D708B76C2836} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-03] (Avast Software s.r.o. -> AVAST Software)
Task: {50E14F55-596A-4AFC-A2A7-DB515D04A9B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [277880 2019-11-22] (HP Inc. -> HP Inc.)
Task: {78402F91-A6C7-4E4C-B62E-18DE4120E271} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {79C533B7-68DF-410B-8091-5B7A2E86BB26} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {8835959D-DF35-4E56-A14B-388000CACB14} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-14] (Avast Software s.r.o. -> AVAST Software)
Task: {96E84E5C-47BD-4E28-936C-49C6F4C6AF0D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C256E76-63F0-45F1-827D-154C873ACB4C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {A15C3455-E5E4-480C-88A4-D32B4121D1B8} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4173816120-628967410-704578254-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A30573F9-57AE-49FE-B0E5-D1E6C4428E22} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A32F3882-7C3B-497D-959E-3A51D9A38D06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {BB3ED135-16FF-4E3C-AB23-779D92760932} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-14] (Avast Software s.r.o. -> AVAST Software)
Task: {C1E7E0E4-307C-4DA8-8DE9-462DF5D36901} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [62840 2019-11-28] (HP Inc. -> HP Inc.)
Task: {DF158394-CFCC-4C8B-A3A5-7E2DFA905293} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2DB4916-F36D-4D20-B64A-37C3902B14D3} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [967200 2018-01-31] (HP Inc. -> HP)
Task: {E3C376AC-EAF6-4A92-89C7-2A6699756E62} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {E500C95B-106E-4C52-8390-68ED6B8FAA47} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-03] (Avast Software s.r.o. -> AVAST Software)
Task: {EE8B301B-0F76-4B33-B33D-5BBE094BECED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {F0ED4A78-523A-4C46-B827-BE2D57288B1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (No File)
Task: {F57656F4-275A-490E-AC1B-90E39D4BBAFA} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2018-10-30] (Synaptics Incorporated) [File not signed]
Task: {F64E84BA-4789-4741-8128-E501222F895D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{65f5deb4-816c-4b22-97f2-29d6bc58e28a}: [DhcpNameServer] 208.67.222.222
Tcpip\..\Interfaces\{66202a54-4a20-402d-a320-e52d302da38a}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{7affe1a4-dcf5-471a-8cd1-e5fa255abb1e}: [NameServer] 8.8.8.8,8.8.8.5
Tcpip\..\Interfaces\{7affe1a4-dcf5-471a-8cd1-e5fa255abb1e}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{854e1e56-3193-4d53-9280-9380c37616bb}: [DhcpNameServer] 208.67.222.222

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-03]
Edge Notifications: Default -> hxxps://cs.cagdasbaletoplulugu.com; hxxps://en.softonic.com; hxxps://panel.marketagent.com; hxxps://teams.microsoft.com; hxxps://www.duolingo.com
Edge Extension: (DuckDuckGo) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-12-30]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-12-14]
Edge Extension: (SaveFrom.net helper) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hndfjogdceachkbgioglehonpejcdhem [2022-12-24]
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-12-30]
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2022-12-30]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)

Brave: 
=======
BRA Profile: C:\Users\Admin\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-07-23]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Admin\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2022-07-23]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Admin\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-07-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-03] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-03] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19667.125\elevation_service.exe [1794040 2022-12-14] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12540928 2022-12-18] (Microsoft Corporation -> Microsoft Corporation)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [96432 2020-09-08] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-06-25] (Conexant Systems LLC.) [File not signed]
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncHelper.exe [3478928 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [29544 2018-07-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe [1561032 2022-10-12] (HP Inc. -> HP Inc.)
R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [966176 2018-01-31] (HP Inc. -> HP)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
S4 LanWlanSwitchingService; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [611872 2018-01-31] (HP Inc. -> HP)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe [606664 2022-10-12] (HP Inc. -> HP Inc.)
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [393216 2022-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\OneDriveUpdaterService.exe [3845008 2022-12-14] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [90976 2018-07-19] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [749640 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AKCCID; C:\WINDOWS\System32\drivers\AKCCID.sys [123696 2021-02-07] (Alcorlink Corp. -> Generic)
R3 MpKsld3a013f8; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{43CF50AA-1550-42E7-97ED-88C6CDF063BD}\MpKslDrv.sys [214280 2023-01-03] (Microsoft Windows -> Microsoft Corporation)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [242632 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [252536 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1082080 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S1 npcap; \SystemRoot\system32\DRIVERS\npcap.sys [X]
U4 npcap_wifi; no ImagePath
S0 vsock; system32\DRIVERS\vsock.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-03 20:15 - 2023-01-03 20:16 - 000024680 _____ C:\Users\Admin\Desktop\FRST.txt
2023-01-03 20:12 - 2023-01-03 20:13 - 002376192 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2023-01-03 19:41 - 2023-01-03 19:41 - 000000000 ____D C:\Users\w801122\AppData\Local\AVAST Software
2023-01-03 16:00 - 2023-01-03 16:00 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2023-01-03 16:00 - 2023-01-03 16:00 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2023-01-03 16:00 - 2023-01-03 16:00 - 000002570 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-01-03 16:00 - 2023-01-03 16:00 - 000002535 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-01-03 16:00 - 2023-01-03 16:00 - 000000000 ____D C:\Users\Admin\AppData\Local\AVAST Software
2023-01-03 15:59 - 2023-01-03 15:59 - 006085576 _____ C:\Users\Admin\Downloads\avast_secure_browser_setup.exe
2023-01-03 15:59 - 2023-01-03 15:59 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2023-01-03 15:59 - 2023-01-03 15:59 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2023-01-03 15:59 - 2023-01-03 15:59 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2023-01-03 15:52 - 2023-01-03 15:56 - 469762048 _____ C:\Users\Admin\Downloads\kali-linux-2022.4-installer-netinst-amd64.iso
2023-01-03 15:51 - 2023-01-03 15:51 - 000000000 ____D C:\win32-loader
2023-01-02 17:07 - 2023-01-02 17:08 - 057008200 _____ C:\Users\w801122\Downloads\TotalAV_Setup.exe
2023-01-02 14:42 - 2023-01-02 15:04 - 3068428912 _____ C:\Users\Admin\Downloads\Rain.World(GamingBeasts.com).zip
2023-01-01 19:11 - 2023-01-01 19:11 - 000000000 ____D C:\Users\w801122\AppData\LocalLow\Midjiwan
2023-01-01 16:14 - 2023-01-01 16:54 - 000000000 ____D C:\KVRT2020_Data
2023-01-01 15:49 - 2023-01-01 15:55 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Wireshark
2023-01-01 15:32 - 2023-01-01 15:32 - 000000000 _____ C:\Users\Admin\Desktop\+sKakal.pEs+pRes.0Ves1.txt
2023-01-01 14:48 - 2023-01-01 14:48 - 000000000 ____D C:\CRL
2023-01-01 14:32 - 2023-01-01 14:32 - 000000000 ____D C:\Users\Admin\AppData\Local\WiFi Guard
2022-12-31 19:38 - 2022-12-31 19:38 - 000000000 ____D C:\Users\w801122\AppData\Local\WiFi Guard
2022-12-31 14:50 - 2022-12-31 17:58 - 000000000 ____D C:\Program Files (x86)\PassFab Wifi Key
2022-12-30 15:42 - 2023-01-03 20:16 - 000000000 ____D C:\FRST
2022-12-30 15:33 - 2022-12-30 15:33 - 000000000 ____D C:\Users\w801122\AppData\Roaming\adaware
2022-12-30 15:33 - 2022-12-30 15:33 - 000000000 ____D C:\Users\w801122\AppData\Local\AdAwareDesktop
2022-12-30 15:32 - 2022-12-30 15:32 - 000000000 ____D C:\Users\w801122\AppData\Local\Google
2022-12-30 15:24 - 2022-12-30 15:30 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-12-30 15:24 - 2022-12-30 15:30 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-12-30 12:40 - 2022-12-30 12:40 - 000000000 ____D C:\WINDOWS\Panther
2022-12-30 12:30 - 2022-12-30 12:30 - 000000000 ____D C:\WINDOWS\pss
2022-12-25 16:08 - 2022-12-25 16:08 - 000002412 _____ C:\Users\Admin\Desktop\GitHub Desktop.lnk
2022-12-25 16:08 - 2022-12-25 16:08 - 000000000 ____D C:\Users\Admin\AppData\Local\GitHubDesktop
2022-12-25 16:03 - 2022-12-25 16:03 - 000004251 _____ C:\Users\Admin\AppData\Local\recently-used.xbel
2022-12-25 15:54 - 2022-12-25 16:03 - 000000000 ____D C:\Users\Admin\AppData\Local\gtk-2.0
2022-12-23 22:24 - 2022-12-23 22:24 - 000000000 ____D C:\Users\w801122\AppData\Local\ElevatedDiagnostics
2022-12-23 22:22 - 2022-12-23 22:22 - 000000112 ___SH C:\bootTel.dat
2022-12-22 15:51 - 2022-12-22 15:52 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vscode-java-installer
2022-12-22 15:19 - 2022-12-22 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2022-12-22 15:08 - 2022-12-22 15:08 - 000000000 _____ C:\Users\Admin\java
2022-12-19 19:40 - 2022-12-19 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP100 series Manual
2022-12-18 16:29 - 2022-12-18 16:29 - 000000000 ____D C:\XboxGames
2022-12-18 16:27 - 2022-12-19 19:14 - 000000000 ____D C:\Users\w801122\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2022-12-18 16:16 - 2022-12-18 16:20 - 000000000 ____D C:\Users\w801122\AppData\Local\Microvirt
2022-12-18 16:13 - 2022-12-18 16:13 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2022-12-18 16:13 - 2022-12-18 16:13 - 000000000 ___SD C:\WINDOWS\system32\lxss
2022-12-18 15:58 - 2022-12-19 15:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2022-12-18 15:57 - 2022-12-18 15:58 - 000000000 ____D C:\Users\Admin\.android
2022-12-18 15:56 - 2022-12-19 15:44 - 000000000 ____D C:\Program Files\Microvirt
2022-12-18 15:56 - 2022-12-18 15:56 - 000000000 ____D C:\Users\Admin\AppData\Roaming\AVG
2022-12-18 15:52 - 2022-12-18 16:16 - 000000000 ____D C:\ProgramData\AVG
2022-12-18 15:51 - 2022-12-19 15:19 - 000000000 ____D C:\Users\Admin\AppData\Local\Microvirt
2022-12-17 15:56 - 2022-12-17 15:56 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2022-12-17 14:29 - 2022-12-17 14:30 - 000000000 ____D C:\Users\Admin\Desktop\ClionProjects
2022-12-17 14:21 - 2023-01-02 14:48 - 000000000 ____D C:\Users\Admin\AppData\Roaming\GitHub Desktop
2022-12-17 14:21 - 2022-12-25 16:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2022-12-17 14:21 - 2022-12-17 14:21 - 000000184 _____ C:\Users\Admin\.gitconfig
2022-12-16 16:22 - 2022-12-18 14:02 - 000000000 ____D C:\Users\Admin\Downloads\Projects--U-
2022-12-15 18:23 - 2022-12-15 18:23 - 000000000 ___HD C:\$WinREAgent
2022-12-15 18:06 - 2022-12-31 14:14 - 000000000 ____D C:\Users\w801122\AppData\Local\CrashDumps
2022-12-15 17:53 - 2022-12-15 18:15 - 000000000 ____D C:\Users\w801122\VirtualBox VMs
2022-12-15 17:45 - 2022-12-15 17:46 - 000000000 ____D C:\Users\w801122\AppData\Roaming\JetBrains
2022-12-15 17:45 - 2022-12-15 17:45 - 000000000 ____D C:\Users\w801122\AppData\Local\JetBrains
2022-12-15 17:40 - 2022-12-24 15:39 - 000000000 ____D C:\Users\Admin\Downloads\VirtualBox+ISO
2022-12-15 17:36 - 2022-12-15 17:36 - 000000000 ____D C:\Users\w801122\AppData\Roaming\WinRAR
2022-12-15 17:34 - 2022-12-15 17:34 - 000000000 ____D C:\Users\w801122\AppData\Local\Rufus
2022-12-15 17:09 - 2022-12-15 18:18 - 000000000 ____D C:\Users\w801122\.VirtualBox
2022-12-12 10:04 - 2022-12-25 16:03 - 000000000 ____D C:\Users\Admin\AppData\Local\babl-0.1
2022-12-12 10:04 - 2022-12-12 10:04 - 000000000 ____D C:\Users\Admin\AppData\Roaming\GIMP
2022-12-12 10:04 - 2022-12-12 10:04 - 000000000 ____D C:\Users\Admin\AppData\Local\GIMP
2022-12-12 10:04 - 2022-12-12 10:04 - 000000000 ____D C:\Users\Admin\AppData\Local\gegl-0.4
2022-12-12 10:04 - 2022-12-12 10:04 - 000000000 ____D C:\Users\Admin\.cache

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-03 20:03 - 2022-09-29 11:01 - 000000000 __SHD C:\Users\w801122\IntelGraphicsProfiles
2023-01-03 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-03 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-03 18:46 - 2022-09-22 10:40 - 000000000 ____D C:\Users\Admin\.VirtualBox
2023-01-03 18:44 - 2022-05-07 15:38 - 001697210 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-03 18:44 - 2019-12-07 15:43 - 000718798 _____ C:\WINDOWS\system32\perfh005.dat
2023-01-03 18:44 - 2019-12-07 15:43 - 000149350 _____ C:\WINDOWS\system32\perfc005.dat
2023-01-03 18:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-03 18:39 - 2022-09-22 10:40 - 000000000 ____D C:\ProgramData\VirtualBox
2023-01-03 18:39 - 2020-02-12 14:36 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2023-01-03 18:38 - 2022-11-28 16:39 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2023-01-03 18:38 - 2022-07-17 09:17 - 000000000 ____D C:\ProgramData\Synaptics
2023-01-03 18:38 - 2022-05-07 15:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-03 18:38 - 2022-05-07 15:31 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-03 18:38 - 2020-02-12 14:36 - 000000000 ____D C:\Intel
2023-01-03 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-03 16:03 - 2022-09-30 16:28 - 000000000 ____D C:\ProgramData\Avast Software
2023-01-03 16:03 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-01-03 16:02 - 2022-08-01 10:28 - 000000412 __RSH C:\ProgramData\ntuser.pol
2023-01-03 15:51 - 2022-11-04 15:12 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Code
2023-01-03 15:45 - 2022-05-07 15:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-03 15:29 - 2022-10-19 14:22 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{3DB0A59D-8C3B-4E1F-9429-4A309D52485A}
2023-01-01 16:57 - 2022-09-29 11:01 - 000000000 ____D C:\Users\w801122
2023-01-01 16:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-01-01 16:25 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-01-01 15:47 - 2020-02-12 15:13 - 000000000 ____D C:\ProgramData\Package Cache
2023-01-01 15:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-01-01 14:26 - 2022-11-08 15:54 - 000000000 ____D C:\Users\Admin\AppData\Local\Rufus
2022-12-31 18:25 - 2022-09-22 10:43 - 000000000 ____D C:\Users\Admin\VirtualBox VMs
2022-12-31 14:54 - 2022-10-10 15:37 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2022-12-30 15:22 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-30 13:12 - 2022-05-05 16:18 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2022-12-30 12:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-30 12:53 - 2020-02-12 14:40 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2022-12-27 15:02 - 2022-09-06 15:22 - 000000000 ____D C:\Users\Admin\CLionProjects
2022-12-25 16:08 - 2022-05-25 16:54 - 000000000 ____D C:\Users\Admin\AppData\Local\SquirrelTemp
2022-12-24 15:49 - 2022-09-02 13:38 - 000000000 ____D C:\Users\Admin\Documents\Virtual Machines
2022-12-24 15:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-24 15:06 - 2022-12-01 17:16 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2022-12-23 14:32 - 2020-02-12 15:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\hpqLog
2022-12-22 16:50 - 2022-11-04 15:11 - 000001532 _____ C:\Users\Admin\Desktop\Visual Studio Code.lnk
2022-12-22 15:45 - 2022-11-04 15:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-12-22 15:45 - 2022-05-07 15:32 - 000000000 ____D C:\Users\Admin
2022-12-20 18:35 - 2020-02-12 14:35 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2022-12-19 17:03 - 2022-09-30 16:24 - 000000000 ____D C:\Program Files (x86)\PSPad editor
2022-12-19 15:20 - 2022-11-28 16:44 - 000000520 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-12-18 16:29 - 2022-06-27 19:51 - 000000028 ____H C:\.GamingRoot
2022-12-18 16:16 - 2022-10-11 14:17 - 000000000 ____D C:\Users\w801122\AppData\Local\D3DSCache
2022-12-18 15:58 - 2022-05-07 16:23 - 000015696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxss.sys
2022-12-18 15:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\schemas
2022-12-18 15:04 - 2022-11-06 15:24 - 000000000 ____D C:\Program Files\GIMP 2
2022-12-18 13:03 - 2022-09-22 10:19 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-18 13:02 - 2022-05-05 16:25 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-18 13:02 - 2022-05-05 16:25 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-12-17 14:30 - 2022-07-10 19:57 - 000000000 ____D C:\Users\Admin\Desktop\foto 2022
2022-12-17 14:16 - 2020-02-12 15:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-17 14:11 - 2020-02-12 15:06 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-16 16:07 - 2022-05-07 15:31 - 000444520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-15 18:32 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-15 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-15 18:29 - 2022-05-07 15:35 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-15 17:46 - 2022-10-11 14:15 - 000000000 ____D C:\Users\w801122\AppData\Local\PlaceholderTileLogoFolder
2022-12-14 21:14 - 2022-09-29 11:01 - 000000000 ____D C:\Users\w801122\AppData\Local\Packages
2022-12-14 20:19 - 2022-09-22 13:57 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-12-14 19:59 - 2022-10-01 14:36 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4173816120-628967410-704578254-1025
2022-12-14 19:59 - 2022-09-22 10:30 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-12-14 19:59 - 2022-09-22 10:30 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-14 19:59 - 2022-05-07 15:35 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4173816120-628967410-704578254-1001
2022-12-12 11:23 - 2022-09-06 13:42 - 000000000 ____D C:\cygwin64
2022-12-12 09:58 - 2022-09-22 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-12-12 09:51 - 2020-02-12 13:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-06 19:13 - 2020-02-12 14:30 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories ========

2022-12-25 16:03 - 2022-12-25 16:03 - 000004251 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2022-07-13 16:36 - 2022-07-13 16:36 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================