Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2023
Ran by User (administrator) on PC (FUJITSU ESPRIMO P520) (22-05-2023 23:43:34)
Running from C:\Users\User\Downloads\Programs\FRST64.exe
Loaded Profiles: User
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1702 (X64) Language: Angličtina (USA) -> Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe <2>
(C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(C:\Windows\UUS\amd64\wuaucltcore.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\wuaucltcore.exe
(svchost.exe ->) (Tonec Inc.) [File not signed] C:\Program Files (x86)\Internet Download Manager\IDMan.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677488 2020-05-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [738936 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152216 2023-05-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.36.242\GoogleUpdateCore.exe [223000 2023-05-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\Run: [VideoDownloadCapture] => C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe /autoStart (No File)
HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\Run: [com.messenger] => "C:\Users\User\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\Run: [Opera Browser Assistant] => C:\Users\User\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3970456 2023-05-16] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\RunOnce: [Uninstall 23.086.0423.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\23.086.0423.0001" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23A25118-1073-4672-9AD5-5DD633D2C89C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {261B6653-3BE3-4827-AB6C-172AD1CFFB82} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {314794A5-957B-4CD8-BCC9-07A756AF7858} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {3180CDA8-AE48-4C7F-85F7-53187EB19C95} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-05-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {53DAB65F-065D-4B2A-BD75-1C33ED49D8D4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-273892888-3553834652-1734267146-1001Core{29A87413-BA01-461F-A0F9-A6D06A5F361B} => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {648CF2B3-9353-4F0E-BF95-3B625A26317F} - System32\Tasks\Opera scheduled assistant Autoupdate 1682381236 => C:\Users\User\AppData\Local\Programs\Opera\launcher.exe [2675616 2023-05-05] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\User\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {6993A0C9-419B-4ECF-9918-83458EF6C7DA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7BABCF2F-52C3-4E03-ACEB-3053BCF1537F} - System32\Tasks\Opera scheduled Autoupdate 1682381230 => C:\Users\User\AppData\Local\Programs\Opera\launcher.exe [2675616 2023-05-05] (Opera Norway AS -> Opera Software)
Task: {8CC2501B-B2B5-4B3D-8588-170E0C2E40B9} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5067224 2023-05-09] (Microsoft Windows -> Microsoft Corporation)
Task: {99CFA6A3-2D2B-4512-995B-380B23E917A0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CC7AFB6-C33D-41BE-9A0F-6F178528BE2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A42BC27E-D765-48F6-933A-FA3DDF40DDFC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-273892888-3553834652-1734267146-1001UA{868980A7-9C12-46FC-928F-640A08E6699A} => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {D46D2AEA-9DAB-422C-8D1A-AD1247C45FF6} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-273892888-3553834652-1734267146-1001 => C:\Users\User\AppData\Local\Programs\Messenger\MessengerHelper.exe [2161912 2023-04-24] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {DBCBAC70-F5AD-4A70-A044-D26DECB7B478} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe (No File)
Task: {F689EFBE-3532-4D9C-A189-E5A31333DF0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d2b64677-a1ce-494d-a8bb-2c38691a7e60}: [DhcpNameServer] 192.168.0.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-20]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]
Edge Extension: (IDM Integration Module) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2023-04-25]
Edge HKU\S-1-5-21-273892888-3553834652-1734267146-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2022-01-25]

FireFox:
========
FF DefaultProfile: igxww6l1.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\igxww6l1.default [2023-05-03]
FF Homepage: Mozilla\Firefox\Profiles\igxww6l1.default -> hxxps://www.google.com/
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8wjn6r84.default-release [2023-05-22]
FF Homepage: Mozilla\Firefox\Profiles\8wjn6r84.default-release -> google.sk
FF Notifications: Mozilla\Firefox\Profiles\8wjn6r84.default-release -> hxxps://www.startv.com.tr
FF Extension: (SaveFrom.net helper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8wjn6r84.default-release\Extensions\helper@savefrom.net.xpi [2023-05-10]
FF Extension: (IDM Integration Module) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8wjn6r84.default-release\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2023-04-25]
FF Extension: (Google Translator for Firefox) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8wjn6r84.default-release\Extensions\translator@zoli.bod.xpi [2023-04-25]
FF Extension: (uBlock Origin) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8wjn6r84.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-05-14]
FF Extension: (ImTranslator: Prekladač, Slovník, Služba prevodu textu na reč) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8wjn6r84.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2023-05-02]
FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8wjn6r84.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-05-10]
FF HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\User\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\User\AppData\Roaming\IDM\idmmzcc5 [2023-04-25] [Legacy] [not signed]
FF HKU\S-1-5-21-273892888-3553834652-1734267146-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2023-05-18]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-25]
CHR Extension: (IDM Integration Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2023-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-01-25]
CHR HKU\S-1-5-21-273892888-3553834652-1734267146-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-01-25]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-01-25]

Opera: 
=======
OPR Profile: C:\Users\User\AppData\Roaming\Opera Software\Opera Stable [2023-05-22]
OPR Notifications: Opera Stable -> hxxps://www.facebook.com
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Translator) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2023-04-26]
OPR Extension: (Rich Hints Agent) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-04-25]
OPR Extension: (Opera Wallet) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-20]
OPR Extension: (Speed Translate) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\jggobmlojchhlngdhmmdghgganciigof [2023-04-26]
OPR Extension: (Download with Internet Download Manager) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\kajaikkhnmegmfnlifeklklaienhdekb [2023-04-26]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-04-25]
OPR Extension: (Opera AI Prompts) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-05-16]
OPR Extension: (SaveFrom.net helper) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2023-04-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"MpKsle25b0861" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsle25b0861 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AB71E8FB-D92C-4105-B60D-90ABA40409FA}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)

S2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17493480 2023-05-20] (EnigmaSoft Limited -> EnigmaSoft Limited)
S2 Fuj02e3DriverUtilityService; C:\Windows\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_b472ee039d0bcad8\fuj02e3-utility.exe [177432 2019-05-09] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
S2 luminati_net_updater_win_formatfactory_pcfreetime_com; C:\Program Files (x86)\FormatFactory\net_updater64.exe [10988624 2023-05-22] (Bright Data Ltd -> BrightData Ltd. (certified))
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9246536 2023-05-11] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336144 2023-05-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [2516968 2023-05-20] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d.inf_amd64_f3c6513565231a23\e1d.sys [609456 2022-11-14] (Intel Corporation -> Intel Corporation)
R3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [84032 2023-05-22] (Microsoft Windows Hardware Compatibility Publisher -> EnigmaSoft Limited)
R3 fuj02e3; C:\Windows\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_b472ee039d0bcad8\fuj02e3.sys [59672 2019-05-09] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2023-05-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-05-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-22 23:43 - 2023-05-22 23:43 - 000000000 ____D C:\FRST
2023-05-22 23:38 - 2023-05-22 23:38 - 000001017 _____ C:\Users\User\Desktop\JRT.txt
2023-05-22 23:33 - 2023-05-22 23:34 - 000000000 ____D C:\AdwCleaner
2023-05-20 23:07 - 2023-05-20 23:07 - 094122583 _____ C:\Users\User\Downloads\Blízky vzťah Lipšica k Zsuzsovej je definitívny dôvod, prečo musí okamžite skonč.mp4
2023-05-20 21:31 - 2023-05-20 21:31 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA
2023-05-20 21:31 - 2023-05-20 21:31 - 000000000 ____D C:\Users\User\AppData\Local\cache
2023-05-20 21:13 - 2023-05-20 21:25 - 000000000 ____D C:\Program Files (x86)\Bandicut
2023-05-20 21:13 - 2023-05-20 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicut
2023-05-20 20:25 - 2023-05-20 20:25 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2023-05-20 20:25 - 2023-05-20 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2023-05-20 20:25 - 2023-05-20 20:25 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2023-05-20 20:25 - 2023-05-20 20:25 - 000000000 ____D C:\Program Files\EnigmaSoft
2023-05-20 20:15 - 2023-05-20 20:15 - 012991224 _____ (DVDVideoMedia, Inc. ) C:\Users\User\Downloads\free-video-cutter-joiner-2023.3-installer.exe
2023-05-20 20:15 - 2023-05-20 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoMedia
2023-05-20 20:15 - 2023-05-20 20:15 - 000000000 ____D C:\Program Files\DVDVideoMedia
2023-05-20 20:02 - 2023-05-21 02:44 - 000000000 ____D C:\Users\User\Documents\Bandicut
2023-05-20 20:02 - 2023-05-20 20:02 - 000000000 ____D C:\Users\User\AppData\Roaming\BANDISOFT
2023-05-20 20:02 - 2023-05-20 20:02 - 000000000 ____D C:\ProgramData\BANDISOFT
2023-05-17 20:17 - 2023-05-17 20:17 - 000000000 ____D C:\Users\User\AppData\LocalLow\Temp
2023-05-13 02:01 - 2023-05-13 02:01 - 000056476 _____ C:\Users\User\Downloads\Fv9MZHeWYAEb-GO.jpeg
2023-05-13 01:57 - 2023-05-13 01:57 - 000018767 _____ C:\Users\User\Downloads\Fv7AyOVXoAMXWd_.jpeg
2023-05-13 01:05 - 2023-05-13 01:05 - 000084712 _____ C:\Users\User\Downloads\Fv9ZBv2WAAAH0Jh.jpeg
2023-05-13 00:50 - 2023-05-13 00:50 - 000007336 _____ C:\Users\User\Downloads\Bez názvu.jpeg
2023-05-11 02:17 - 2023-05-11 02:17 - 000038850 _____ C:\Users\User\Downloads\8f6d3bf0480a3b4a999e7a7c30071097_900x.webp
2023-05-11 02:07 - 2023-05-11 02:09 - 000000000 ____D C:\Users\User\AppData\Roaming\XnView
2023-05-11 02:06 - 2023-05-11 02:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2023-05-11 02:06 - 2023-05-11 02:06 - 000000000 ____D C:\Program Files (x86)\XnView
2023-05-11 01:48 - 2023-05-11 01:48 - 003487022 _____ C:\Users\User\Downloads\Skicar Windows 7.swf
2023-05-11 00:23 - 2023-05-11 00:24 - 986404633 _____ C:\Users\User\Downloads\Stripterka.mp4
2023-05-11 00:21 - 2023-05-13 01:23 - 000000000 ____D C:\Users\User\dwhelper
2023-05-11 00:21 - 2023-05-11 00:21 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2023-05-10 23:54 - 2023-05-10 23:54 - 000650171 _____ C:\Users\User\Downloads\46385405_2304826089751690_1917299059069026304_n.mp4
2023-05-10 23:53 - 2023-05-10 23:53 - 004793089 _____ C:\Users\User\Downloads\345429109_787739742564979_7815179143713824101_n.mp4
2023-05-10 23:53 - 2023-05-10 23:53 - 002282793 _____ C:\Users\User\Downloads\339914984_753617093109826_2453672817865828587_n.mp4
2023-05-10 23:53 - 2023-05-10 23:53 - 000395119 _____ C:\Users\User\Downloads\65417936_328941768024519_3252365062932791296_n.mp4
2023-05-10 23:53 - 2023-05-10 23:53 - 000330635 _____ C:\Users\User\Downloads\65346866_417760428821616_1965444525765689344_n.mp4
2023-05-10 21:07 - 2023-05-10 21:07 - 009618591 _____ C:\Users\User\Downloads\🔴 Američanka o SLOVENSKU Pravá tvár „DEMOKRATOV“ odhalená.mp4
2023-05-09 21:04 - 2023-05-09 21:04 - 000000000 ___HD C:\$WinREAgent
2023-05-03 01:24 - 2023-05-11 00:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-05-03 01:24 - 2023-05-11 00:36 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes
2023-05-03 01:24 - 2023-05-03 01:24 - 000000000 ____D C:\Users\User\AppData\Local\mbam
2023-05-03 01:23 - 2023-05-11 00:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-05-03 01:23 - 2023-05-11 00:33 - 000000000 ____D C:\Program Files\Malwarebytes
2023-05-03 00:57 - 2023-05-03 00:57 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2023-05-03 00:56 - 2023-05-03 00:56 - 000000000 ____D C:\ProgramData\BrightData
2023-05-03 00:48 - 2023-05-03 00:48 - 000003628 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-05-03 00:46 - 2023-05-20 21:07 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2023-05-03 00:45 - 2023-05-03 01:29 - 000000000 ____D C:\ProgramData\Avast Software
2023-05-03 00:44 - 2023-05-03 00:51 - 000000000 ____D C:\Users\User\AppData\Local\Lavasoft
2023-05-03 00:42 - 2023-05-22 23:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-05-03 00:42 - 2023-05-03 00:51 - 000000000 ____D C:\Users\User\AppData\Roaming\Lavasoft
2023-05-03 00:42 - 2023-05-03 00:51 - 000000000 ____D C:\ProgramData\Lavasoft
2023-05-03 00:42 - 2023-05-03 00:45 - 000000000 ____D C:\Users\User\Downloads\FormatFactory2023_05_03
2023-05-03 00:42 - 2023-05-03 00:42 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2023-05-03 00:42 - 2023-05-03 00:42 - 000000000 ____D C:\Users\User\Documents\FormatFactory
2023-05-03 00:42 - 2023-05-03 00:42 - 000000000 ____D C:\Users\User\AppData\Local\FTMod
2023-05-03 00:41 - 2023-05-22 23:27 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2023-05-03 00:41 - 2023-05-03 00:57 - 000000000 ____D C:\Users\User\AppData\Local\luminati
2023-05-03 00:41 - 2023-05-03 00:46 - 000000000 ____D C:\Users\User\AppData\Local\Free_Time_Co.,_Ltd
2023-05-02 14:34 - 2023-05-02 14:34 - 000109086 _____ C:\Users\User\Downloads\Watch movie Death of a Cheerleader 2019 on lookmovie2 in 1080p high definition.vtt
2023-05-02 13:14 - 2023-05-02 13:14 - 000015408 _____ C:\Users\User\Downloads\Death.of.A.Cheerleader.1994.1080p.WEBRip.x265-RARBG-[rarbg.to].torrent
2023-05-02 13:13 - 2023-05-02 13:13 - 000017193 _____ C:\Users\User\Downloads\Death.of.A.Cheerleader.1994.1080p.AMZN.WEBRip.DDP2.0.x264-QOQ-[rarbg.to].torrent
2023-04-28 01:18 - 2023-05-20 21:52 - 000000000 ____D C:\Users\User\Documents\Easy Screen Capture
2023-04-28 01:18 - 2023-04-28 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Screen Capture 2
2023-04-28 01:18 - 2023-04-28 01:20 - 000000000 ____D C:\Program Files (x86)\Easy Screen Capture 2
2023-04-28 01:18 - 2023-04-28 01:18 - 000000000 ____D C:\Users\User\AppData\Roaming\Longfine Software
2023-04-25 22:37 - 2023-04-25 22:47 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2023-04-25 22:37 - 2023-04-25 22:38 - 000000000 ____D C:\ProgramData\Mozilla
2023-04-25 22:37 - 2023-04-25 22:37 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2023-04-25 22:37 - 2023-04-25 22:37 - 000000000 ____D C:\Users\User\AppData\Roaming\Thunderbird
2023-04-25 22:37 - 2023-04-25 22:37 - 000000000 ____D C:\Users\User\AppData\Local\Thunderbird
2023-04-25 22:37 - 2023-04-25 22:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-04-25 22:37 - 2023-04-25 22:37 - 000000000 _____ C:\ProgramData\UpdateLock-8216C80C92C4E828
2023-04-25 22:16 - 2023-04-25 22:16 - 000039005 _____ C:\Users\User\Downloads\Let MH17.odt
2023-04-25 21:51 - 2023-04-25 21:51 - 000022956 _____ C:\Users\User\Downloads\res_a70a161fde02ad47710f8748e95c9266.webp
2023-04-25 21:25 - 2023-04-25 21:25 - 000000017 _____ C:\Users\User\AppData\Local\resmon.resmoncfg
2023-04-25 20:30 - 2023-04-25 20:30 - 000000000 ____D C:\ProgramData\Apowersoft
2023-04-25 20:30 - 2017-01-03 13:48 - 000370424 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2023-04-25 20:30 - 2017-01-03 13:48 - 000282360 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\wpcap.dll
2023-04-25 20:30 - 2017-01-03 13:48 - 000107768 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2023-04-25 20:30 - 2017-01-03 13:48 - 000098040 _____ (Riverbed Technology, Inc.) C:\Windows\SysWOW64\Packet.dll
2023-04-25 20:30 - 2017-01-03 13:48 - 000053299 _____ C:\Windows\SysWOW64\pthreadVC.dll
2023-04-25 20:29 - 2023-04-25 20:29 - 000000000 ____D C:\Users\User\Downloads\Apowersoft Video Konvertor
2023-04-25 19:21 - 2023-04-25 19:21 - 000000000 ____D C:\Users\User\AppData\Roaming\NVIDIA
2023-04-25 19:21 - 2023-04-25 19:21 - 000000000 ____D C:\Users\User\AppData\Roaming\LEAPS
2023-04-25 19:07 - 2023-04-25 19:09 - 034798931 _____ C:\Users\User\Downloads\Apowersoft Video Konvertor.7z
2023-04-25 18:47 - 2023-04-30 14:56 - 000000000 ____D C:\Users\User\AppData\Roaming\Messenger
2023-04-25 18:47 - 2023-04-25 18:47 - 000000000 ____D C:\Windows\system32\Tasks\Meta
2023-04-25 18:46 - 2023-04-30 12:55 - 000000000 ____D C:\Users\User\AppData\Local\Messenger
2023-04-25 18:46 - 2023-04-25 18:46 - 000002328 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2023-04-25 18:46 - 2023-04-25 18:46 - 000000000 ____D C:\Users\User\AppData\LocalLow\Messenger
2023-04-25 18:46 - 2023-04-25 18:46 - 000000000 ____D C:\Users\User\AppData\Local\messenger-updater
2023-04-25 17:12 - 2023-04-25 22:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\UProof
2023-04-25 17:12 - 2023-04-25 17:12 - 000000000 ____D C:\Users\User\Documents\Vlastné šablóny balíka Office
2023-04-25 17:12 - 2023-04-25 17:12 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Proof
2023-04-25 17:12 - 2023-04-25 17:12 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Document Building Blocks
2023-04-25 17:11 - 2023-05-17 20:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Šablóny
2023-04-25 17:11 - 2023-04-25 17:16 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Office
2023-04-25 17:11 - 2023-04-25 17:11 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Word
2023-04-25 17:11 - 2023-04-25 17:11 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Bibliography
2023-04-25 17:11 - 2023-04-25 17:11 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\AddIns
2023-04-25 16:23 - 2023-04-25 16:23 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2023-04-25 16:23 - 2023-04-25 16:23 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2023-04-25 16:23 - 2023-04-25 16:23 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2023-04-25 16:23 - 2023-04-25 16:23 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2023-04-25 16:23 - 2023-04-25 16:23 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2023-04-25 16:23 - 2023-04-25 16:23 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2023-04-25 16:23 - 2023-04-25 16:23 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2023-04-25 16:23 - 2023-04-25 16:23 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2023-04-25 16:23 - 2023-04-25 16:23 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2023-04-25 16:23 - 2023-04-25 16:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2023-04-25 16:23 - 2023-04-25 16:23 - 000000000 ____D C:\Windows\PCHEALTH
2023-04-25 16:23 - 2023-04-25 16:23 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2023-04-25 16:23 - 2023-04-25 16:23 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-04-25 16:23 - 2023-04-25 16:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-04-25 16:23 - 2023-04-25 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2023-04-25 16:20 - 2023-04-25 16:23 - 000000000 ____D C:\Windows\SHELLNEW
2023-04-25 16:20 - 2023-04-25 16:20 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2023-04-25 16:20 - 2023-04-25 16:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2023-04-25 16:19 - 2023-04-25 16:23 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-25 16:19 - 2023-04-25 16:19 - 000000000 __RHD C:\MSOCache
2023-04-25 16:19 - 2023-04-25 16:19 - 000000000 ____D C:\Users\User\AppData\Local\Microsoft Help
2023-04-25 16:19 - 2023-04-25 16:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-04-25 15:20 - 2023-05-03 01:29 - 000000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2023-04-25 15:20 - 2023-04-25 15:20 - 000000992 _____ C:\Users\User\Desktop\µTorrent.lnk
2023-04-25 15:20 - 2023-04-25 15:20 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2023-04-25 15:18 - 2023-04-25 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDIdle Pro
2023-04-25 15:18 - 2023-04-25 15:18 - 000000000 ____D C:\Program Files (x86)\DVDIdle Pro
2023-04-25 15:15 - 2023-04-25 15:16 - 000000000 ____D C:\Program Files (x86)\Allok MP3 to AMR Converter
2023-04-25 15:15 - 2023-04-25 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allok MP3 to AMR Converter
2023-04-25 15:15 - 2006-09-26 13:57 - 000028672 _____ C:\Windows\SysWOW64\AVEQT.dll
2023-04-25 15:15 - 2004-12-20 16:19 - 000129024 _____ (Gabest) C:\Windows\SysWOW64\AVERM.dll
2023-04-25 15:09 - 2023-04-26 01:08 - 000000000 ____D C:\Users\User\Documents\TMPGEnc Video Mastering Works 5
2023-04-25 15:07 - 2023-04-25 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPGEnc
2023-04-25 14:59 - 2023-04-25 14:59 - 000000000 ____D C:\Users\User\AppData\Roaming\Pegasys Inc
2023-04-25 14:58 - 2023-04-25 15:07 - 000000000 ____D C:\Program Files (x86)\Pegasys Inc
2023-04-25 14:49 - 2023-05-22 23:28 - 000000000 ____D C:\Users\User\Downloads\Video
2023-04-25 14:49 - 2023-05-22 23:27 - 000000000 ____D C:\Users\User\AppData\Roaming\DMCache
2023-04-25 14:49 - 2023-05-20 21:23 - 000000000 ____D C:\Users\User\Downloads\Compressed
2023-04-25 14:49 - 2023-05-17 18:29 - 000000000 ____D C:\Users\User\AppData\Roaming\IDM
2023-04-25 14:49 - 2023-04-25 14:49 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2023-04-25 14:49 - 2023-04-25 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2023-04-25 14:49 - 2023-04-25 14:49 - 000000000 ____D C:\ProgramData\IDM
2023-04-25 14:48 - 2023-04-25 14:49 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2023-04-25 14:47 - 2023-04-25 14:47 - 000000000 ____D C:\Users\User\Downloads\Internet Download Manager (IDM) 6.40 Build 7 Final Multi+ SUPER CLEAN Crack
2023-04-25 14:46 - 2023-04-25 14:47 - 012924605 _____ C:\Users\User\Downloads\Internet Download Manager (IDM) 6.40 Build 7 Final Multi+ SUPER CLEAN Crack.rar
2023-04-25 14:42 - 2023-04-25 14:42 - 033919803 _____ C:\Users\User\Downloads\DVDlab PRO 251_2.rar
2023-04-25 14:36 - 2023-04-25 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
2023-04-25 14:36 - 2023-04-25 14:36 - 000000000 ____D C:\ProgramData\DVD Shrink
2023-04-25 14:36 - 2023-04-25 14:36 - 000000000 ____D C:\Program Files (x86)\DVD Shrink
2023-04-25 14:35 - 2023-04-25 14:35 - 001117491 _____ (DVD Shrink ) C:\Users\User\Downloads\dvdshrink32setup.exe
2023-04-25 14:17 - 2023-04-25 14:17 - 000000000 ____D C:\Users\User\AppData\Roaming\MPC-HC
2023-04-25 14:15 - 2023-04-25 14:15 - 025234086 _____ C:\Users\User\Downloads\MPC-HC.2.0.0.x64.zip
2023-04-25 05:08 - 2023-04-25 05:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\MMC
2023-04-25 04:59 - 2023-05-11 02:04 - 000000000 ____D C:\Users\User\AppData\Local\Apowersoft
2023-04-25 04:34 - 2023-05-11 02:04 - 000000000 ____D C:\Users\User\AppData\Roaming\Apowersoft
2023-04-25 04:34 - 2023-05-11 02:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2023-04-25 04:34 - 2023-05-11 02:04 - 000000000 ____D C:\Program Files (x86)\Apowersoft
2023-04-25 04:34 - 2023-04-25 04:59 - 000000000 ____D C:\Users\User\Documents\Apowersoft
2023-04-25 04:34 - 2023-04-25 04:34 - 000000000 ____D C:\Users\User\AppData\Local\CEF
2023-04-25 04:34 - 2017-08-03 09:15 - 000036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2023-04-25 04:17 - 2023-04-25 04:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
2023-04-25 04:17 - 2023-04-25 04:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Bigasoft Total Video Converter 5
2023-04-25 04:17 - 2023-04-25 04:17 - 000000000 ____D C:\Program Files (x86)\Bigasoft
2023-04-25 04:12 - 2023-04-25 04:12 - 000000000 ____D C:\Users\User\Downloads\Bigasoft
2023-04-25 04:11 - 2023-04-25 14:20 - 000000000 ____D C:\Users\User\Downloads\Apowersoft
2023-04-25 04:04 - 2023-05-20 21:11 - 000000000 ____D C:\ProgramData\TEMP
2023-04-25 04:04 - 2023-04-25 04:04 - 000000000 ____D C:\Users\User\AppData\Roaming\URSoft
2023-04-25 04:04 - 2023-04-25 04:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
2023-04-25 04:04 - 2023-04-25 04:04 - 000000000 ____D C:\Program Files (x86)\Your Uninstaller! 7
2023-04-25 04:03 - 2023-04-25 04:03 - 000000000 ____D C:\Users\User\Downloads\Your Uninstaller PRO v7.5.2014.03
2023-04-25 04:02 - 2023-04-25 04:02 - 006667483 _____ C:\Users\User\Downloads\Your Uninstaller PRO v7.5.2014.03.rar
2023-04-25 04:01 - 2023-04-25 04:01 - 003354792 _____ (Alexander Roshal) C:\Users\User\Downloads\winrar-x64-590sk.exe
2023-04-25 03:51 - 2023-04-25 03:51 - 000000000 ____D C:\Users\User\AppData\Roaming\WinRAR
2023-04-25 03:51 - 2023-04-25 03:51 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\HTML Help
2023-04-25 03:50 - 2023-04-25 05:13 - 000000000 ____D C:\Program Files\WinRAR
2023-04-25 03:50 - 2023-04-25 03:59 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-25 03:50 - 2023-04-25 03:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-04-25 03:50 - 2023-04-25 03:50 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA Corporation
2023-04-25 03:06 - 2023-04-25 03:06 - 000000000 ____D C:\Users\User\AppData\Roaming\VitySoft
2023-04-25 03:06 - 2023-04-25 03:06 - 000000000 ____D C:\Users\User\AppData\Roaming\Sun
2023-04-25 03:06 - 2023-04-25 03:06 - 000000000 ____D C:\Users\User\AppData\LocalLow\Sun
2023-04-25 03:06 - 2023-04-25 03:06 - 000000000 ____D C:\Users\User\.objectdb
2023-04-25 03:06 - 2023-04-25 03:06 - 000000000 ____D C:\ProgramData\Oracle
2023-04-25 03:06 - 2023-04-25 03:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-04-25 03:06 - 2023-04-25 03:06 - 000000000 ____D C:\Program Files\Java
2023-04-25 03:06 - 2023-03-17 04:35 - 000200352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2023-04-25 03:03 - 2023-05-20 21:41 - 000000000 ___RD C:\Users\User\Desktop\Ikony
2023-04-25 02:44 - 2023-05-20 15:59 - 000002505 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-25 02:43 - 2023-05-20 15:52 - 000004086 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-273892888-3553834652-1734267146-1001UA{868980A7-9C12-46FC-928F-640A08E6699A}
2023-04-25 02:43 - 2023-05-20 15:52 - 000003818 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-273892888-3553834652-1734267146-1001Core{29A87413-BA01-461F-A0F9-A6D06A5F361B}
2023-04-25 02:43 - 2023-04-25 02:44 - 000000000 ____D C:\Users\User\AppData\Local\Google
2023-04-25 02:07 - 2023-05-17 14:32 - 000004372 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1682381236
2023-04-25 02:07 - 2023-05-10 21:02 - 000004132 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1682381230
2023-04-25 02:07 - 2023-05-10 21:02 - 000001402 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2023-04-25 02:07 - 2023-04-25 02:07 - 000000000 ____D C:\Users\User\AppData\Local\Opera Software
2023-04-25 02:06 - 2023-04-25 02:06 - 000000000 ____D C:\Users\User\AppData\Roaming\Opera Software
2023-04-25 01:54 - 2023-04-25 01:54 - 000000000 ____D C:\Windows\system32\sk
2023-04-25 01:25 - 2023-05-22 21:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-25 01:25 - 2023-05-22 21:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-25 01:25 - 2023-05-14 12:10 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-25 01:25 - 2023-05-02 21:49 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-25 01:25 - 2023-04-25 22:37 - 000000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2023-04-25 01:25 - 2023-04-25 01:25 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Súkromné prehliadanie Firefoxu.lnk
2023-04-25 01:25 - 2023-04-25 01:25 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-04-25 01:25 - 2023-04-25 01:25 - 000000000 ____D C:\Users\User\AppData\Local\Mozilla
2023-04-25 00:46 - 2023-04-25 21:24 - 000000420 _____ C:\Users\User\Desktop\This PC - Shortcut.lnk
2023-04-25 00:20 - 2023-04-25 15:19 - 000000000 ____D C:\Users\User\AppData\Local\VirtualStore
2023-04-25 00:20 - 2023-04-25 00:20 - 000000279 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\This PC.lnk
2023-04-25 00:04 - 2023-04-25 00:04 - 000000000 ____D C:\Windows\system32\Drivers\mde
2023-04-24 23:50 - 2023-05-22 21:56 - 000002364 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-24 23:47 - 2023-04-24 23:47 - 000000000 ____D C:\Users\User\AppData\Local\PeerDistRepub
2023-04-24 23:44 - 2023-05-09 21:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-22 23:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2023-05-22 23:34 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-22 23:27 - 2023-03-25 07:41 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2023-05-22 21:56 - 2023-03-25 07:42 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-273892888-3553834652-1734267146-1001
2023-05-22 21:56 - 2023-03-25 07:42 - 000003350 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-273892888-3553834652-1734267146-1001
2023-05-22 21:54 - 2023-03-25 00:58 - 000804932 _____ C:\Windows\system32\PerfStringBackup.INI
2023-05-22 21:54 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2023-05-22 21:50 - 2023-03-25 08:49 - 000012288 ___SH C:\DumpStack.log.tmp
2023-05-22 21:50 - 2023-03-25 08:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-05-22 21:50 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-22 21:50 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2023-05-21 03:18 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-05-20 15:45 - 2023-03-25 08:49 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-16 19:36 - 2023-03-25 08:49 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-05-11 00:17 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-05-10 21:03 - 2023-03-25 08:49 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-10 21:03 - 2023-03-25 08:49 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-10 20:57 - 2023-03-25 08:49 - 000471920 _____ C:\Windows\system32\FNTCACHE.DAT
2023-05-10 20:56 - 2022-05-07 09:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\UNP
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\PrintDialog
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-05-10 20:56 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2023-05-09 21:09 - 2022-05-07 09:39 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-05-09 21:09 - 2022-05-07 09:39 - 000023775 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2023-05-09 21:09 - 2022-05-07 07:25 - 000076800 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2023-05-09 21:09 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\Windows\system32\opencl.dll
2023-05-09 21:09 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2023-05-09 21:07 - 2023-03-25 00:51 - 003211776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-05-09 21:04 - 2023-04-14 13:37 - 000000000 ____D C:\Windows\system32\MRT
2023-05-09 21:02 - 2023-04-14 13:37 - 159583304 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-05-06 19:49 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2023-05-03 01:23 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-05-03 01:07 - 2023-03-25 09:49 - 000000000 ____D C:\Windows\Panther
2023-05-02 22:54 - 2023-03-25 08:49 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-04-29 13:12 - 2023-03-25 07:41 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2023-04-29 13:12 - 2023-03-25 00:51 - 000000000 ____D C:\ProgramData\Packages
2023-04-25 18:47 - 2023-03-25 07:41 - 000000000 ___SD C:\Users\User\AppData\Roaming\Microsoft\Credentials
2023-04-25 16:23 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-04-25 16:20 - 2022-05-07 07:24 - 000000167 _____ C:\Windows\win.ini
2023-04-25 16:20 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-04-25 14:09 - 2023-03-25 07:42 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2023-04-25 04:21 - 2023-03-25 00:58 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-04-25 01:55 - 2022-05-07 09:30 - 000000000 ____D C:\Windows\SysWOW64\WCN
2023-04-25 01:55 - 2022-05-07 09:30 - 000000000 ____D C:\Windows\system32\WCN
2023-04-25 01:55 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-04-25 01:55 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-04-25 01:55 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-04-25 01:55 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sysprep
2023-04-25 01:54 - 2022-05-07 09:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-04-25 01:54 - 2022-05-07 09:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-04-25 01:54 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\F12
2023-04-25 01:54 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2023-04-25 01:54 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\IME
2023-04-25 01:54 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2023-04-25 01:54 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-04-25 01:54 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2023-04-25 00:38 - 2023-03-25 07:41 - 000000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform
2023-04-25 00:24 - 2023-03-25 07:40 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Spelling
2023-04-25 00:22 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\OCR
2023-04-25 00:14 - 2023-03-25 07:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-04-25 00:04 - 2022-05-07 09:39 - 000000000 ___SD C:\Windows\system32\AppV
2023-04-25 00:04 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-04-25 00:04 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemApps
2023-04-25 00:04 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\setup
2023-04-25 00:04 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-25 00:04 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2023-04-24 23:46 - 2022-05-07 07:25 - 000209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-04-24 23:46 - 2022-05-07 07:24 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll

==================== Files in the root of some directories ========

2023-04-25 21:25 - 2023-04-25 21:25 - 000000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================