Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
Ran by forex (administrator) on ACER (Acer Aspire A114-32) (14-02-2023 20:30:24)
Running from C:\Users\forex\Downloads
Loaded Profiles: forex
Platform: Microsoft Windows 11 Home Version 22H2 22621.1105 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe ->) (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Camtasia Studio 8\TscHelp.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3000.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe <6>
(C:\Users\forex\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\forex\AppData\Local\Programs\Opera\94.0.4606.65\opera_crashreporter.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_efb119a73d6b56f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_efb119a73d6b56f6\igfxEM.exe
(explorer.exe ->) (MetaQuotes Ltd. -> MetaQuotes Ltd.) C:\Program Files (x86)\RoboForex - MetaTrader 4\terminal.exe
(explorer.exe ->) (TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
(Forex Software Ltd -> Forex Software) C:\Program Files\Forex Strategy Builder Pro\Versions\FSB_Pro_Updater.exe
(Intel\DPTF\esif_uf.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Opera Norway AS -> Opera Software) C:\Users\forex\AppData\Local\Programs\Opera\opera.exe <15>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8ff8e67ced23ab98\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_efb119a73d6b56f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577b4722c749a41f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d6d2c55e82ae809f\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d6d2c55e82ae809f\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(sihost.exe ->) (Acer Incorporated) C:\Program Files\WindowsApps\acerincorporated.acerregistration_2.0.3040.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Tank Studios (Tank Studios Limited) -> Tank Studios Limited) C:\Program Files (x86)\Epic Pen\EpicPen.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\forex\AppData\Roaming\Telegram Desktop\Telegram.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [EpicPen] => C:\Program Files (x86)\Epic Pen\EpicPen.exe [539536 2022-11-04] (Tank Studios (Tank Studios Limited) -> Tank Studios Limited)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\Run: [Opera Browser Assistant] => C:\Users\forex\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\Run: [MicrosoftEdgeAutoLaunch_E9617685B78B3FE99DE9BCC403499DD5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 22.253.1204.0001\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\22.253.1204.0001\i386" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 22.253.1204.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\22.253.1204.0001" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 23.002.0102.0004\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\i386" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 23.002.0102.0004] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\23.002.0102.0004" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 23.011.0115.0006\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\23.011.0115.0006\i386" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 23.011.0115.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\23.011.0115.0006" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 23.011.0115.0009\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\23.011.0115.0009\i386" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 23.011.0115.0009] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\23.011.0115.0009" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 23.020.0125.0002\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\23.020.0125.0002\i386" (No File)
HKU\S-1-5-21-652149682-2768342470-3402098183-1001\...\RunOnce: [Uninstall 23.020.0125.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\forex\AppData\Local\Microsoft\OneDrive\23.020.0125.0002" (No File)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00D1A63A-99A2-477B-8388-C57BA338D96F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505736 2018-01-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {02E30703-4068-4ACF-B655-A5F8D1BE2B77} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {1A10A444-66DC-44CD-81BF-D07C7F3EB7D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {24941B7B-DD71-4638-8F09-34F7B4032268} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3766DB6E-F6F4-4FA5-AE01-204B70E6740A} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [963056 2019-07-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {A9E25D49-F14B-4405-90FF-A7857989384F} - System32\Tasks\Opera scheduled Autoupdate 1666457617 => C:\Users\forex\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
Task: {AB1B28D9-76B5-448A-89ED-70277DED9FC9} - System32\Tasks\Opera scheduled assistant Autoupdate 1666457623 => C:\Users\forex\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\forex\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {BDE4B10D-5621-4472-B4C9-60044179ED23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CDD8A3DA-7E9F-4CF0-8A2D-09F497D0129B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA4D9A05-3532-4AEB-91AF-736C6A866BEE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E5AD57C0-9BC8-41F6-A364-B5CEA243AE82} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {EAC280A5-D2F2-40C4-8617-4F0F77551E49} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC4A52C9-6799-475F-9FD1-49CD1CCF570D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\WINDOWS\system32\MusNotification.exe Display (No File)
Task: {FE35BF5A-FAA6-49DB-8B4B-4C6519CBFDB7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{005c8d9c-e33f-4aa5-99e6-43bb9eeed494}: [DhcpNameServer] 40.32.1.55
Tcpip\..\Interfaces\{da91c32e-8377-4b9d-aa60-8cb45b3dbffb}: [DhcpNameServer] 10.0.0.138

Edge: 
=======
Edge Profile: C:\Users\forex\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-14]

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)

Opera: 
=======
OPR Profile: C:\Users\forex\AppData\Roaming\Opera Software\Opera Stable [2023-02-14]
OPR Notifications: Opera Stable -> hxxps://cs.stripchat.com; hxxps://seznamkarodicu.cz; hxxps://www.instagram.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\forex\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-02]
OPR Extension: (Opera Wallet) - C:\Users\forex\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-13]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\forex\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-10-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137552 2022-12-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 ew_hwusbdev; C:\WINDOWS\System32\drivers\ew_hwusbdev.sys [117248 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [13952 2010-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 huawei_cdcacm; C:\WINDOWS\System32\drivers\ew_jucdcacm.sys [104448 2012-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [90112 2012-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\WINDOWS\System32\drivers\ew_juextctrl.sys [30720 2012-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 huawei_update; C:\WINDOWS\System32\drivers\ew_hwupgrade.sys [22016 2010-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\System32\drivers\ewusbmdm.sys [225920 2011-12-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-14] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-14 20:30 - 2023-02-14 20:31 - 000018908 _____ C:\Users\forex\Downloads\FRST.txt
2023-02-14 20:16 - 2023-02-14 20:30 - 000000000 ____D C:\FRST
2023-02-14 20:14 - 2023-02-14 20:14 - 002378240 _____ (Farbar) C:\Users\forex\Downloads\FRST64.exe
2023-02-07 22:02 - 2023-02-07 22:39 - 000000000 ____D C:\Users\forex\AppData\Roaming\obs-studio
2023-02-07 22:01 - 2023-02-07 22:01 - 000000000 ____D C:\ProgramData\obs-studio-hook
2023-02-07 22:01 - 2023-02-07 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-02-07 22:00 - 2023-02-07 22:01 - 000000000 ____D C:\Program Files\obs-studio
2023-01-24 03:30 - 2023-01-24 03:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-17 10:48 - 2023-02-03 16:24 - 000000000 ____D C:\SQX_136_win_final_20221223
2023-01-17 10:43 - 2023-01-17 10:43 - 000000000 ____D C:\Users\forex\AppData\Local\CEF

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-14 20:27 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-14 20:16 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-02-14 15:52 - 2022-11-04 12:00 - 000005120 _____ C:\Users\forex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-02-14 14:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-02-13 21:45 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-13 21:45 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-13 07:43 - 2022-10-22 19:33 - 000000000 ____D C:\AAA
2023-02-11 02:27 - 2022-10-23 01:58 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-652149682-2768342470-3402098183-1001
2023-02-11 02:27 - 2022-10-23 01:58 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-652149682-2768342470-3402098183-1001
2023-02-11 02:27 - 2022-10-22 17:50 - 000002381 _____ C:\Users\forex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-10 14:50 - 2022-10-23 02:24 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-09 09:56 - 2022-10-23 01:58 - 000004140 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1666457617
2023-02-09 09:56 - 2022-10-22 17:53 - 000001409 _____ C:\Users\forex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-02-08 02:42 - 2022-10-23 01:58 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{499DBA6A-623B-4F89-BF0A-84FA10C20043}
2023-02-08 02:42 - 2022-10-23 01:58 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{379AFE5A-497D-46C7-9435-29E66A30773A}
2023-02-07 22:04 - 2022-10-22 17:45 - 000000000 ____D C:\Users\forex\AppData\Local\D3DSCache
2023-02-07 16:38 - 2022-11-09 06:22 - 000000000 ____D C:\Users\forex\AppData\Local\CrashDumps
2023-02-06 10:47 - 2022-11-05 12:19 - 000000000 ____D C:\Users\forex\AppData\Roaming\EpicPen
2023-01-31 22:36 - 2022-10-23 08:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-01-21 08:39 - 2022-10-23 01:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-17 17:03 - 2023-01-14 11:19 - 000000000 ____D C:\Users\forex\AppData\Roaming\ProgReporter
2023-01-16 13:40 - 2022-10-22 18:13 - 000000000 ____D C:\Users\forex\AppData\Roaming\Telegram Desktop

==================== Files in the root of some directories ========

2022-11-04 12:00 - 2023-02-14 15:52 - 000005120 _____ () C:\Users\forex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================