Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2024
Ran by lordb (administrator) on BOOS-PC (ASUS System Product Name) (19-01-2024 22:29:52)
Running from D:\Downloads\FRST64.exe
Loaded Profiles: lordb
Platform: Microsoft Windows 11 Pro Version 23H2 22631.3007 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8550\Agent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <5>
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Rémi Mercier) [File not signed] D:\Aplikace\FanControl\FanControl.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.241.0.10\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\lordb\AppData\Local\Overwolf\ProcessCache\0.241.0.10\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\lordb\AppData\Local\Overwolf\ProcessCache\0.241.0.10\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe ->) (Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe <5>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\85.0.26.0\crashpad_handler.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Parsec\pservice.exe ->) (Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\parsecd.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.CropAndLock.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.PowerOCR.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe
(C:\Program Files\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe <13>
(cmd.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\Adguard.BrowserExtensionHost.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(cmd.exe ->) (Microsoft Corporation -> Microsoft) C:\Users\lordb\AppData\Local\Microsoft\Power Automate Desktop\WebExtensions\PAD.BrowserNativeMessageHost.exe
(D:\Games\Playnite\Playnite.DesktopApp.exe ->) (The CefSharp Authors) [File not signed] D:\Games\Playnite\CefSharp.BrowserSubprocess.exe <5>
(D:\Games\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] D:\Games\Riot Games\Riot Client\RiotClientCrashHandler.exe
(D:\Games\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe ->) (Skutta, Kristjan -> ) D:\Games\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe <5>
(DriverStore\FileRepository\u0398290.inf_amd64_7f51193690ed6a83\B397300\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0398290.inf_amd64_7f51193690ed6a83\B397300\atieclxx.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(explorer.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\Adguard.exe
(explorer.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe
(explorer.exe ->) (Armin Osaj -> AutoDarkMode) C:\Users\lordb\AppData\Local\Programs\AutoDarkMode\adm-app\AutoDarkModeSvc.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <4>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe <8>
(explorer.exe ->) (JetBrains s.r.o. -> JetBrains) C:\Users\lordb\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Ludicrous Speed LLC -> jah@raider.io) C:\Program Files\RaiderIO\RaiderIO.exe <5>
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\lordb\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (Rambox LLC -> Rambox LLC) C:\Users\lordb\AppData\Local\Programs\Rambox\Rambox.exe <19>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) D:\Games\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE
(explorer.exe ->) (Skutta, Kristjan -> ) D:\Games\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(explorer.exe ->) (Trend Micro Inc.) [File not signed] D:\Downloads\hijackthis.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <45>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) () [File not signed] C:\Users\Public\AppData\Roaming\Flixmate\flixmate.service.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\AdguardSvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0398290.inf_amd64_7f51193690ed6a83\B397300\atiesrxx.exe
(services.exe ->) (Ascensio System SIA -> Ascensio System SIA) C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.25\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.30\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc) C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_0b3c99dc64473f00\amd3dvcacheSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_be03f2dca68bf962\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SIA AVB Disc Soft -> Disc Soft Ltd) C:\Program Files\reWASD\reWASDService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(services.exe ->) (Zinlab Technologies -> ) C:\Users\Public\AppData\Roaming\Flixmate\update\Flixmate.UpdateService.exe
(SignPath Foundation -> Josef Nemec) D:\Games\Playnite\Playnite.DesktopApp.exe
(sihost.exe ->) (0723B664-F114-4FF2-A229-A6152E660057 -> ) C:\Program Files\WindowsApps\62269AlexShats.OneGameLauncher_1.3.4.0_x64__gghb1w55myjr2\Service\OneGameLauncherService.exe
(sihost.exe ->) (366A5DE5-2EC7-43FD-B559-05986578C4CC -> ShareX Team) C:\Program Files\WindowsApps\19568ShareX.ShareX_15.0.0.0_x64__egrzcvs15399j\ShareX.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <9>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.25992.9000.0_x64__8wekyb3d8bbwe\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.400.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\1.0.2311.17002-0\SecurityHealthHost.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
(Trend Micro Inc.) [File not signed] C:\Users\lordb\AppData\Local\Temp\MicrosoftEdgeDownloads\35d14cd3-6d00-4a92-ae5f-a61a8d38435d\hijackthis.exe
(Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\lordb\AppData\Local\Kingsoft\WPS Office\12.2.0.13412\office6\wpscenter.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\lordb\AppData\Local\Kingsoft\WPS Office\12.2.0.13431\office6\wps.exe
Failed to access process -> vmmemCmZygote

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_be03f2dca68bf962\RtkAudUService64.exe [3498464 2023-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [Adguard] => C:\Program Files\AdGuard\Adguard.exe [7147224 2023-12-23] (Adguard Software Limited -> Adguard Software Limited)
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4387688 2024-01-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37188048 2024-01-14] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [Rambox] => C:\Users\lordb\AppData\Local\Programs\Rambox\Rambox.exe [158129416 2023-12-05] (Rambox LLC -> Rambox LLC)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981640 2023-11-30] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [JetBrains Toolbox] => C:\Users\lordb\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe [938400 2023-12-18] (JetBrains s.r.o. -> JetBrains)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\lordb\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-10-27] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [Windows11DragAndDropToTaskbarFix] => D:\Aplikace\win 11 dragndrop fix\Windows11DragAndDropToTaskbarFix.exe [338920 2022-05-14] (EE2.eu - Dr. Mona Lisa -> Dr Mona Lisa) [File not signed]
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [45968128 2023-12-07] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [WallpaperEngine] => D:\Games\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3223136 2023-10-05] (Skutta, Kristjan -> )
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [WagoApp] => "C:\Users\lordb\AppData\Local\Programs\wago-app\WagoApp.exe" (No File)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [MicrosoftEdgeAutoLaunch_36F4F0802692EAD8A8951EA83B95F6FC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [BingSvc] => C:\Users\lordb\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6636944 2022-09-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2024-01-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [RaiderIO] => C:\Program Files\RaiderIO\RaiderIO.exe [148965488 2023-07-09] (Ludicrous Speed LLC -> jah@raider.io)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2023-12-17] () [File not signed]
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [RiotClient] => D:\Games\Riot Games\Riot Client\RiotClientServices.exe [70918144 2023-12-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [reWASD Engine] => C:\Program Files\reWASD\reWASDEngine.exe [26439416 2023-06-17] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [145336 2023-08-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [AutoDarkMode] => C:\Users\lordb\AppData\Local\Programs\AutoDarkMode\adm-app\AutoDarkModeSvc.exe [292992 2023-09-24] (Armin Osaj -> AutoDarkMode)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\MountPoints2: {12d4841c-b355-11ed-9a7f-841b7707628b} - "E:\Lenovo_Suite.exe" 
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\Windows\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
Startup: C:\Users\lordb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Playnite.lnk [2023-06-22]
ShortcutTarget: Playnite.lnk -> D:\Games\Playnite\Playnite.DesktopApp.exe (SignPath Foundation -> Josef Nemec)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C2A56409-3767-445F-BC18-F345C06131FD} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-10-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {FC9CB7C9-D502-43EF-B989-C2681E8D5848} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-10-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {043974E2-935B-4F45-A1F9-562A5D1FA74B} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A3C39B04-6034-4FEE-B77C-F393823564AE} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {384582CB-0B14-4559-8E9A-5168A2313A9A} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1898344 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {006FE842-DD59-4995-BC00-9C55859E388B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-06-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {381EA765-162B-4CF6-A0F8-35A491864087} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-06-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {5F51BA29-F9E9-4003-A4FA-795D17259E7B} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-07-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {2053039C-AB21-4692-B5B6-3E746765D778} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2023-07-05] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {B3083FF1-231F-4D18-A9AC-D27EF1BAD3CA} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {480301B9-3BA9-49A0-B0F2-2A8D078DF1EB} - System32\Tasks\Cloud => C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe [84584 2023-03-25] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
Task: {43A0A0BF-E7D3-45CD-828D-F0DC01F07732} - System32\Tasks\EPSON L3150 Series Update {9DD3F877-D426-4A4C-9F05-610B16BB2AFC} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {2E068DDF-0500-4E00-9344-DCE912BB1ED8} - System32\Tasks\FanControl => D:\Aplikace\FanControl\\FanControl.exe [3331584 2024-01-19] (Rémi Mercier) [File not signed]
Task: {4D821366-E8DF-432E-9625-3B12735987EC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{478EB379-02C9-4834-AA25-2D4617AE3105} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {138C9250-D614-46B7-B286-0C89C0840F8B} - System32\Tasks\HidHide_Updater => C:\Program Files\Nefarius Software Solutions\HidHide\HidHide_Updater.exe [1041856 2022-06-27] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {AF21A972-0DEF-4AFE-8ED6-262B9E418345} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4CF9D14-F203-4FA8-BDF6-9A5B92A867CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0AD7D2C9-3E44-4B97-989B-C8232B04C4BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD81D5F5-F62A-4BB7-9C9A-9345AA2F735E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {496C7424-DE8E-4BA7-9687-6033E3815FCF} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {66E2E3BC-DEF1-4EE9-8AB0-A9FBE8386A9C} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-10-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D544F2B9-790E-4E94-81D0-54D43D2CFFF1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {871E9DA9-FBA5-41BC-9F6B-9CC19A4A3831} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CEF0C4B5-AC22-4355-8B43-0FE878305798} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C61A430-A9D9-4FC9-8D2B-11F90C973025} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA1D14F7-1676-4DD5-9E78-4AF5721CA4D4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5AEE867-82D7-4E8A-A4FD-29CC9929CFBD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B602E04-B6A9-4F88-8D05-E9C5A73CC62D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F84C2AD-2161-4968-B92D-C5B79359C0FB} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7309810-621F-46CF-A635-99F8779CDD05} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9559865-FF76-496D-8246-D440023FD9DC} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
Task: {C20FE46D-7731-4B5F-A6E1-2848C63DDB34} - System32\Tasks\PowerToys\Autorun for lordb => C:\Program Files\PowerToys\PowerToys.exe [1234464 2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {27B1680A-9F37-4F8C-A034-203106BB7072} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [138741568 2023-11-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {2729BA61-2C8E-422B-9F4A-01526C5081CB} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60344 2023-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C5975475-DB45-4AE1-974C-81F3CCE8F422} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324024 2023-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {5A036876-DFD8-4A11-9145-E97E56E1F19C} - System32\Tasks\ViGEmBus_Updater => C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBus_Updater.exe [1117096 2022-09-27] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
Task: {0738F32C-8D3D-48F2-92EC-ADF48DDBE396} - System32\Tasks\WpsExternal_lordb_20240119130129 => C:\Users\lordb\AppData\Local\Kingsoft\WPS Office\12.2.0.13431\office6\wpscloudsvr.exe [965520 2024-01-19] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {FFF067EA-9098-4A9C-ACAD-7E516FBB116F} - System32\Tasks\WpsUpdateTask_lordb => C:\Users\lordb\AppData\Local\Kingsoft\WPS Office\12.2.0.13431\office6\wpsupdate.exe [1495952 2024-01-19] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {9DD3F877-D426-4A4C-9F05-610B16BB2AFC}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{9DD3F877-D426-4A4C-9F05-610B16BB2AFC} /F:UpdateWORKGROUP\BOOS-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2223442711-2485559967-1825819073-1001] => localhost:49037
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{19752a09-2abd-4cb6-841d-f0a42cff7b23}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{19752a09-2abd-4cb6-841d-f0a42cff7b23}: [DhcpDomain] local.lan
Tcpip\..\Interfaces\{24005b85-bcd6-4319-bcdf-ba4166d5b9bb}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{24005b85-bcd6-4319-bcdf-ba4166d5b9bb}: [DhcpDomain] local.lan
Tcpip\..\Interfaces\{64fbf46f-367c-476e-8928-ddcea0c1bb35}\D4F62696C6E69644F657075653: [DhcpNameServer] 192.168.188.12
Tcpip\..\Interfaces\{f04e8550-b28b-43d3-b748-149925dc1b09}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f04e8550-b28b-43d3-b748-149925dc1b09}: [DhcpDomain] local.lan

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-19]
Edge HomePage: Default -> hxxps://weboas.is/
Edge StartupUrls: Default -> "hxxp://search.babylon.com/?affID=112553&tt=010412_crm&babsrc=HP_ss&mntrId=0cb0dbf6000000000000f07bcb460cfb","hxxp://mysearch.avg.com/?cid={D316A1D0-9633-4ED3-967F-2B3F55B82CA2}&mid=6a077d20bcb5462ea1e5207c6ffef3dd-74ce12d16e2f7cb0016f07fd8cc74300493d9405&lang=en&ds=co011&pr=sa&d=2013-07-02%2016:12:24&v=15.3.0.11&pid=safeguard&sg=0&sap=hp"
Edge Session Restore: Default -> is enabled.
Edge Extension: (Bypass Google Redirect Notice) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cebdpiiapajkceonikbjoikdchpnbdid [2023-10-14]
Edge Extension: (Foxified) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cldmemdnllncchfahbcnjijheaolemfk [2024-01-15]
Edge Extension: (Custom JavaScript for Websites 2) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddbjnfjiigjmcpcpkmhogomapikjbjdk [2022-08-15]
Edge Extension: (Augmented Steam) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dnhpnfgdlenaccegplpojghhmaamnnfp [2023-09-14]
Edge Extension: (SteamChecker) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eopegaefgepfdedhecfbclehhffiebpk [2023-03-02]
Edge Extension: (FrankerFaceZ) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2022-08-15]
Edge Extension: (AdGuard asistent prohlížeče) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2023-12-14]
Edge Extension: (7TV Nightly) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fphegifdehlodcepfkgofelcenelpedj [2023-12-03]
Edge Extension: (Return YouTube Dislike) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-12-13]
Edge Extension: (Auto HD for YouTube) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ggnepcoiimddpmjaoejhdfppjbcnfaom [2023-11-04]
Edge Extension: (Dokumenty Google offline) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-18]
Edge Extension: (BetterTTV) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2024-01-19]
Edge Extension: (FormApps Extension) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2023-01-30]
Edge Extension: (Chrome Remote Desktop) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-03-02]
Edge Extension: (Edge relevant text changes) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
Edge Extension: (View image) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2024-01-03]
Edge Extension: (Microsoft Power Automate) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kagpabjoboikccfdghpdlaaopmgpgfdc [2024-01-11]
Edge Extension: (Microsoft Edge DevTools Enhancements) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfbdpdaobnofkbopebjglnaadopfikhh [2024-01-12]
Edge Extension: (BetterViewer) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llcpfkbjgkpmapiidpnohffjmmnhpmpb [2023-03-02]
Edge Extension: (SponsorBlock for YouTube - Skip Sponsorships) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbmgnelfcpoecdepckhlhegpcehmpmji [2023-11-28]
Edge Extension: (CrossPilot) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\migomhggnppjdijnfkiimcpjgnhmnale [2024-01-15]
Edge Extension: (Humble Pal) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngdpilmbmplccomcgkoggnodcmaomfnj [2023-03-02]
Edge Extension: (PoE Overlay: Dash) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngelcfmmbincdpnfjcgabnlfidieecpk [2023-08-14]
Edge Extension: (Redirector) - C:\Users\lordb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pajiegeliagebegjdhebejdlknciafen [2022-08-15]
Edge HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default [2024-01-08]
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://meet.google.com; hxxps://www.facebook.com; hxxps://www.pathofexile.com; hxxps://www.reddit.com
CHR HomePage: Default -> hxxps://weboas.is/
CHR Session Restore: Default -> is enabled.
CHR Extension: (BetterTTV) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-01-07]
CHR Extension: (7TV) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-06-26]
CHR Extension: (Bypass Google Redirect Notice) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebdpiiapajkceonikbjoikdchpnbdid [2023-11-25]
CHR Extension: (Custom JavaScript for Websites 2) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddbjnfjiigjmcpcpkmhogomapikjbjdk [2022-08-15]
CHR Extension: (Augmented Steam) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhpnfgdlenaccegplpojghhmaamnnfp [2023-09-17]
CHR Extension: (SteamChecker) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopegaefgepfdedhecfbclehhffiebpk [2022-08-15]
CHR Extension: (FrankerFaceZ) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2022-08-15]
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2024-01-07]
CHR Extension: (YouTube Auto HD + FPS) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcphghnknhkimeagdglkljinmpbagone [2023-12-11]
CHR Extension: (Authy) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2022-08-15]
CHR Extension: (Return YouTube Dislike) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-01-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-17]
CHR Extension: (Citrix Workspace) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\haiffjcadagjlijoggckpgfnoeiflnem [2024-01-07]
CHR Extension: (Auto Quality for YouTube™) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaddfgegjgjelgkanamleadckkpnjpjc [2022-08-15]
CHR Extension: (Chrome Remote Desktop) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-07]
CHR Extension: (View image) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2024-01-07]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2023-06-12]
CHR Extension: (Linkclump) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2023-01-24]
CHR Extension: (Microsoft Power Automate) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2023-12-11]
CHR Extension: (BetterViewer) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\llcpfkbjgkpmapiidpnohffjmmnhpmpb [2022-09-24]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-12]
CHR Extension: (SponsorBlock pro YouTube - Přeskoč sponzory) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjggcdmjocbbbhaepdhchncahnbgone [2023-12-11]
CHR Extension: (Humble Pal) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdpilmbmplccomcgkoggnodcmaomfnj [2022-08-15]
CHR Extension: (PoE Overlay: Dash) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngelcfmmbincdpnfjcgabnlfidieecpk [2023-09-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-15]
CHR Extension: (Redirector) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pajiegeliagebegjdhebejdlknciafen [2022-08-15]
CHR Extension: (Reggy) - C:\Users\lordb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnneajlgffpejnabhionnhdfhibijihe [2022-09-11]
CHR HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkecabaloghleaicfhefejdijblljpco]
CHR HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk]
CHR HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files\AdGuard\AdguardSvc.exe [797400 2023-12-23] (Adguard Software Limited -> Adguard Software Limited)
R2 amd3dvcacheSvc; C:\WINDOWS\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_0b3c99dc64473f00\amd3dvcacheSvc.exe [154552 2022-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc)
S2 AORUS LCD Panel Service; C:\Program Files\GIGABYTE\Control Center\Lib\GBT_VGA\Service\MonitorService-exec.exe [371304 2023-06-21] (GIGA-BYTE TECHNOLOGY CO., LTD. -> CloudBees, Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [401880 2023-10-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe [903016 2023-10-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.25\AsSysCtrlService.exe [1360016 2023-04-12] (ASUSTeK Computer Inc. -> ) [File not signed]
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-06-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [501608 2023-08-18] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.30\AsusFanControlService.exe [1737576 2023-08-01] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156008 2023-06-10] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [845256 2024-01-18] (ASUSTeK Computer Inc. -> )
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761664 2023-11-22] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [222104 2020-07-16] (DTS, Inc. -> )
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [235744 2023-05-26] (DTS, Inc. -> DTS Inc.)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12006504 2024-01-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2023-07-24] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 Flixmate.UpdateService; C:\Users\public\AppData\Roaming\Flixmate\update\Flixmate.UpdateService.exe [24352 2022-08-31] (Zinlab Technologies -> )
R2 FlixmateService; C:\Users\public\AppData\Roaming\Flixmate\flixmate.service.exe [136704 2022-08-31] () [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2346464 2023-06-21] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-06-21] (GOG  sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
S2 GoogleUpdaterInternalService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10759936 2023-12-07] (Logitech Inc -> Logitech, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-19] (Malwarebytes Inc. -> Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\Display.NvContainer\NVDisplay.Container.exe [1275424 2023-11-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ONLYOFFICE Update Service; C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe [300752 2023-11-04] (Ascensio System SIA -> Ascensio System SIA)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [418696 2023-10-25] (Parsec Cloud, Inc. -> Parsec)
R2 reWASDService; C:\Program Files\reWASD\reWASDService.exe [3010296 2023-06-17] (SIA AVB Disc Soft -> Disc Soft Ltd)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1796568 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [424768 2023-11-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsaService; D:\Downloads\WSA-MindTheGapps_2209.40000.26.0_x64_Release-Nightly\WsaService\WsaService.exe [269312 2022-10-21] () [File not signed]
S2 AsusROGLSLService; "C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe" -runservice [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [89272 2023-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Limited)
R3 amd3dvcache; C:\WINDOWS\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_0b3c99dc64473f00\amd3dvcache.sys [40536 2022-12-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [36736 2023-05-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [58952 2023-10-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R2 AMDRyzenMasterDriverV22; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [58952 2023-10-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0398290.inf_amd64_7f51193690ed6a83\B397300\amdkmdag.sys [106426368 2023-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [34112 2019-07-02] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [59440 2023-08-17] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43568 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [34520 2023-12-29] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 e2f68; C:\WINDOWS\System32\drivers\e2f68.sys [507904 2022-05-06] (Microsoft Windows -> Intel Corporation)
S3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_2d5cb0c750512550\e2f.sys [536168 2022-07-18] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218592 2023-10-27] (Microsoft Windows -> Microsoft Corporation)
S3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [45248 2023-05-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R0 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [352616 2023-06-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 HidHide; C:\WINDOWS\System32\drivers\HidHide.sys [66584 2022-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54752 2023-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-22] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-22] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233704 2024-01-19] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-01-19] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterx64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [361472 2023-05-27] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1617920 2023-05-27] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 R0FanControl; D:\Aplikace\FanControl\FanControl.sys [14544 2024-01-19] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_bda91607087ccd13\rt25cx21x64.sys [656288 2023-05-26] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R2 SignalRgbDriver; C:\WINDOWS\System32\Drivers\SignalRgbDriver.sys [30240 2023-06-09] (Whirlwind FX (Whirlwind Virtual Realities Inc.) -> )
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2023-10-27] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\drivers\WSDScan.sys [61440 2022-10-12] (Microsoft Corporation) [File not signed]
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-19 22:29 - 2024-01-19 22:30 - 000000000 ____D C:\FRST
2024-01-19 22:23 - 2024-01-19 22:30 - 000000000 ____D C:\Users\lordb\AppData\LocalLow\IGDump
2024-01-19 21:58 - 2024-01-19 21:59 - 000000000 ____D C:\Users\lordb\AppData\Local\Malwarebytes
2024-01-19 21:58 - 2024-01-19 21:58 - 000233704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-01-19 21:58 - 2024-01-19 21:58 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-01-19 21:58 - 2024-01-19 21:58 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-19 21:58 - 2024-01-19 21:58 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-01-19 21:58 - 2024-01-19 21:58 - 000000000 ____D C:\Users\lordb\AppData\Local\mbam
2024-01-19 21:58 - 2024-01-19 21:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-19 21:58 - 2024-01-19 21:58 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-19 21:57 - 2024-01-19 21:58 - 000007456 _____ C:\Users\lordb\Desktop\Rkill.txt
2024-01-19 21:57 - 2024-01-19 21:57 - 000000000 ____D C:\Users\lordb\Desktop\rkill
2024-01-19 15:46 - 2024-01-19 15:46 - 000000000 ____D C:\Users\lordb\AppData\Local\Lossless Scaling
2024-01-19 15:29 - 2024-01-19 15:29 - 000000376 _____ C:\Users\lordb\Desktop\Prince of Persia The Lost Crown.url
2024-01-19 13:01 - 2024-01-19 13:01 - 000004060 _____ C:\WINDOWS\system32\Tasks\WpsExternal_lordb_20240119130129
2024-01-19 09:28 - 2024-01-19 09:29 - 000000000 ___HD C:\$WinREAgent
2024-01-18 23:32 - 2024-01-18 23:32 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2024-01-18 23:32 - 2024-01-18 23:32 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2024-01-18 23:24 - 2024-01-18 23:24 - 000000000 ___SD C:\WINDOWS\system32\containers
2024-01-18 23:24 - 2024-01-18 23:24 - 000000000 ____D C:\WINDOWS\system32\HvsiSettingsProviders
2024-01-18 21:21 - 2024-01-18 21:21 - 000000000 ____D C:\Users\lordb\AppData\Local\BambuStudio
2024-01-15 21:11 - 2024-01-19 10:08 - 000000000 ____D C:\Users\Public\AppData\Flixmate
2024-01-15 21:11 - 2024-01-15 21:11 - 000000000 ____D C:\Users\Public\Temp
2024-01-15 21:11 - 2024-01-15 21:11 - 000000000 ____D C:\Users\Public\AppData\Roaming\Flixmate
2024-01-14 00:17 - 2024-01-14 00:17 - 000000000 ____D C:\Users\lordb\AppData\Local\AutoDarkMode
2024-01-14 00:16 - 2024-01-14 00:16 - 000001461 _____ C:\Users\lordb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Auto Dark Mode.lnk
2024-01-12 22:11 - 2024-01-12 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2024-01-11 11:00 - 2024-01-11 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2024-01-10 10:15 - 2024-01-10 10:15 - 000016720 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-08 17:10 - 2024-01-08 17:10 - 000000000 ____D C:\Users\lordb\AppData\LocalLow\Sabotage Studio
2024-01-06 02:07 - 2024-01-19 08:30 - 000002321 _____ C:\Users\lordb\Desktop\Porofessor.gg.lnk
2023-12-31 20:36 - 2023-12-31 20:36 - 000000000 ____D C:\Users\lordb\AppData\LocalLow\Thunderful Publishing AB
2023-12-30 21:59 - 2023-12-30 21:59 - 000000000 ____D C:\Users\lordb\AppData\Local\My Games
2023-12-30 21:45 - 2023-12-30 21:45 - 000000383 _____ C:\Users\lordb\Desktop\Avatar Frontiers of Pandora.url
2023-12-27 12:09 - 2024-01-18 23:25 - 000000000 ____D C:\Program Files\AdGuard
2023-12-27 12:09 - 2023-12-27 12:09 - 000001938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard.lnk
2023-12-27 12:09 - 2023-12-27 12:09 - 000000896 _____ C:\Users\Public\Desktop\AdGuard.lnk
2023-12-27 12:09 - 2023-12-27 12:09 - 000000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2023-12-26 19:21 - 2023-12-26 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OrcaSlicer

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-19 22:31 - 2022-08-15 17:15 - 000000000 ___SD C:\Users\lordb\AppData\Roaming\Microsoft\Credentials
2024-01-19 22:30 - 2022-08-15 17:58 - 000000000 ____D C:\ProgramData\Adguard
2024-01-19 22:28 - 2022-08-15 17:43 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-19 22:27 - 2022-08-15 17:36 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Notepad++
2024-01-19 22:23 - 2022-08-15 17:54 - 000000000 ____D C:\Users\lordb\AppData\Local\Battle.net
2024-01-19 22:21 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-19 22:14 - 2022-10-30 17:08 - 000000372 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-01-19 22:10 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-19 22:05 - 2022-08-15 17:18 - 000000000 ____D C:\Users\lordb\AppData\Local\VirtualStore
2024-01-19 22:05 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-19 22:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-19 22:00 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-01-19 21:58 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-19 21:51 - 2023-07-25 08:28 - 000000000 ____D C:\Users\lordb\AppData\Roaming\asus_framework
2024-01-19 21:19 - 2022-08-15 17:50 - 000000000 ____D C:\Users\lordb\AppData\Roaming\rambox
2024-01-19 20:25 - 2022-09-22 23:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-19 20:25 - 2022-08-16 10:12 - 000000000 ____D C:\Users\lordb\.sonarlint
2024-01-19 19:10 - 2022-08-15 17:09 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-19 19:10 - 2022-08-15 17:09 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-01-19 17:36 - 2022-08-15 17:15 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-19 16:15 - 2022-08-15 17:17 - 000000000 ____D C:\Users\lordb\AppData\Local\D3DSCache
2024-01-19 16:02 - 2022-08-15 17:17 - 000000000 ____D C:\Users\lordb\AppData\Local\Packages
2024-01-19 16:02 - 2022-08-15 17:15 - 000000000 ____D C:\ProgramData\Packages
2024-01-19 15:46 - 2022-08-27 19:35 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-01-19 15:25 - 2022-08-15 21:04 - 000000000 ____D C:\ProgramData\Riot Games
2024-01-19 13:01 - 2022-11-23 23:14 - 000003630 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_lordb
2024-01-19 13:01 - 2022-09-22 22:46 - 000000000 ____D C:\Users\lordb
2024-01-19 13:01 - 2022-08-15 18:27 - 000002544 _____ C:\Users\lordb\Desktop\WPS PDF.lnk
2024-01-19 11:15 - 2022-08-15 17:21 - 000000000 ____D C:\Program Files\ASUS
2024-01-19 09:29 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-19 09:01 - 2022-08-15 18:08 - 000000000 ____D C:\Users\lordb\.jdks
2024-01-19 08:59 - 2022-09-07 09:30 - 000000000 ____D C:\Users\lordb\AppData\Local\Ubisoft Game Launcher
2024-01-19 08:34 - 2022-08-15 18:20 - 000002233 _____ C:\Users\lordb\Desktop\Discord.lnk
2024-01-19 08:34 - 2022-08-15 18:20 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-01-19 08:34 - 2022-08-15 18:14 - 000000000 ____D C:\Users\lordb\AppData\Local\SquirrelTemp
2024-01-19 08:30 - 2023-11-08 19:32 - 000002321 _____ C:\Users\lordb\Desktop\Warcraft Logs Companion.lnk
2024-01-19 08:30 - 2023-11-06 09:31 - 000003102 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-01-19 08:30 - 2023-11-06 09:24 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-01-19 08:30 - 2022-12-14 15:55 - 000000000 ____D C:\Users\lordb\AppData\Roaming\RaiderIO
2024-01-19 08:29 - 2022-09-22 22:46 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Microsoft\Windows
2024-01-19 08:29 - 2022-08-24 21:28 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Samsung Magician
2024-01-19 08:29 - 2022-08-19 20:59 - 000002321 _____ C:\Users\lordb\Desktop\PoE Overlay.lnk
2024-01-19 08:29 - 2022-08-18 12:56 - 000002321 _____ C:\Users\lordb\Desktop\CurseForge.lnk
2024-01-19 08:29 - 2022-08-15 18:40 - 000000000 ____D C:\Users\lordb\AppData\Local\LGHUB
2024-01-19 08:29 - 2022-08-15 18:32 - 000000000 ____D C:\Users\lordb\AppData\Local\CrashDumps
2024-01-19 08:29 - 2022-08-15 18:22 - 000002321 _____ C:\Users\lordb\Desktop\AlecaFrame.lnk
2024-01-19 08:29 - 2022-08-15 18:16 - 000000000 ____D C:\Users\lordb\AppData\Local\Overwolf
2024-01-19 08:28 - 2023-12-01 17:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2024-01-19 00:10 - 2022-08-15 17:20 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-19 00:10 - 2022-08-15 17:20 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-01-18 23:40 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-01-18 23:33 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-01-18 23:32 - 2022-09-22 23:36 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-18 23:28 - 2022-08-15 18:17 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-01-18 23:25 - 2022-09-22 23:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-18 23:25 - 2022-09-22 23:30 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-18 23:25 - 2022-08-15 17:09 - 000901328 _____ () C:\WINDOWS\system32\wpbbin.exe
2024-01-18 23:25 - 2022-08-15 17:09 - 000845256 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2024-01-18 23:25 - 2022-08-15 17:09 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-18 23:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-01-18 23:24 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-01-18 23:23 - 2022-05-07 06:20 - 000124264 _____ (Microsoft Corporation) C:\WINDOWS\system32\CmAgent.dll
2024-01-18 23:23 - 2022-05-07 06:20 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CCGLaunchPad.dll
2024-01-18 23:23 - 2022-05-07 06:20 - 000054608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtilityVmSysprep.dll
2024-01-18 23:23 - 2022-05-07 06:20 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmComputeProxy.dll
2024-01-18 23:23 - 2022-05-07 06:20 - 000025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\c28c7a4e-a619-4463-82b7-0fc9cc7187f5_HyperV-ComputeStorage.dll
2024-01-18 21:23 - 2023-02-02 17:18 - 000000000 ____D C:\Users\lordb\AppData\Roaming\BambuStudio
2024-01-18 21:22 - 2022-10-11 04:40 - 000000000 ____D C:\Users\lordb\AppData\Roaming\PrusaSlicer
2024-01-18 09:34 - 2023-09-13 08:56 - 000263672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2024-01-18 09:34 - 2022-10-23 01:46 - 000095736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-01-18 09:34 - 2022-10-23 01:46 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-01-18 09:34 - 2022-08-15 18:53 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-01-18 09:34 - 2022-08-15 18:53 - 000644600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-01-18 09:34 - 2022-08-15 18:53 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-01-18 09:34 - 2022-08-15 18:53 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-01-18 09:34 - 2022-08-15 18:53 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-01-18 01:17 - 2023-02-02 17:18 - 000001783 _____ C:\Users\Public\Desktop\Bambu Studio.lnk
2024-01-17 10:23 - 2023-11-11 03:12 - 000000000 ____D C:\Users\lordb\AppData\Roaming\weakauras-companion
2024-01-17 02:59 - 2022-09-11 13:14 - 000000000 ____D C:\Users\lordb\AppData\Roaming\qBittorrent
2024-01-17 01:04 - 2023-05-27 16:29 - 000000000 ____D C:\ProgramData\EA Desktop
2024-01-14 00:16 - 2022-08-22 08:06 - 000000000 ____D C:\Users\lordb\AppData\Roaming\AutoDarkMode
2024-01-13 18:37 - 2022-09-22 22:42 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-01-12 22:11 - 2022-09-11 13:14 - 000000000 ____D C:\Program Files\qBittorrent
2024-01-12 10:18 - 2022-08-15 18:54 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-12 03:03 - 2022-09-01 05:55 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Postman
2024-01-11 11:00 - 2022-09-22 23:33 - 000003336 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2024-01-11 02:38 - 2022-09-22 23:30 - 000314400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-11 02:36 - 2023-09-27 01:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-01-11 02:36 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-01-11 02:36 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-11 02:36 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-11 02:36 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-11 02:36 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-10 13:06 - 2023-06-23 18:07 - 000000000 ____D C:\Users\lordb\AppData\Local\AMD_Common
2024-01-10 10:19 - 2022-08-15 18:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-10 10:16 - 2022-08-15 18:53 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-10 10:15 - 2022-09-22 23:32 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-01-10 10:13 - 2022-08-15 17:20 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-10 10:13 - 2022-08-15 17:20 - 000000000 ____D C:\Program Files\dotnet
2024-01-08 17:08 - 2022-08-15 18:53 - 000000000 ____D C:\XboxGames
2024-01-07 14:01 - 2022-08-15 17:44 - 000000000 ____D C:\Users\lordb\AppData\Local\Steam
2024-01-06 02:07 - 2022-08-15 18:22 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Overwolf
2024-01-06 02:07 - 2022-08-15 18:17 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-01-04 01:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-01-02 12:06 - 2022-08-15 17:54 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetBrains Toolbox
2024-01-02 12:03 - 2022-08-15 17:54 - 000000000 ____D C:\Users\lordb\AppData\Local\JetBrains
2024-01-02 11:36 - 2022-09-05 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONLYOFFICE
2023-12-31 20:12 - 2023-12-10 22:55 - 000000000 ____D C:\Users\lordb\AppData\LocalLow\Eremite Games
2023-12-31 18:00 - 2022-09-11 18:02 - 000000000 ____D C:\Users\lordb\AppData\Roaming\Vortex
2023-12-30 13:50 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-29 19:01 - 2023-06-10 00:25 - 000034520 _____ (Creative Technology Innovation Co., LTd.) C:\WINDOWS\system32\Drivers\CtiAIo64.sys
2023-12-27 12:09 - 2022-08-15 17:59 - 000000000 ____D C:\Program Files (x86)\Adguard
2023-12-27 04:06 - 2023-03-21 00:35 - 000000000 ____D C:\Users\lordb\AppData\Roaming\OrcaSlicer
2023-12-26 19:21 - 2023-08-25 13:36 - 000000000 ____D C:\Program Files\OrcaSlicer
2023-12-26 19:21 - 2023-08-22 17:53 - 000000882 _____ C:\Users\Public\Desktop\OrcaSlicer.lnk

==================== Files in the root of some directories ========

2023-03-14 16:06 - 2023-03-14 16:06 - 000000254 _____ () C:\ProgramData\fontcacheev1.dat
2023-03-05 19:59 - 2023-03-05 20:47 - 000001132 _____ () C:\Users\lordb\AppData\Roaming\CascView.ini
2023-02-04 03:05 - 2023-02-04 03:05 - 000002213 _____ () C:\Users\lordb\AppData\Roaming\ffd01bc9-6dc0-4a1b-8a66-c40cdb137b21.tmp
2023-03-05 20:02 - 2023-03-06 22:15 - 000001611 _____ () C:\Users\lordb\AppData\Roaming\MPQEditor.ini
2022-09-21 18:10 - 2022-09-25 12:51 - 000006822 _____ () C:\Users\lordb\AppData\Local\2476191251
2023-04-25 12:31 - 2023-04-25 12:31 - 000005998 _____ () C:\Users\lordb\AppData\Local\9154164905
2023-05-28 02:49 - 2023-05-28 02:49 - 000005990 _____ () C:\Users\lordb\AppData\Local\9618647855
2023-09-07 17:58 - 2023-09-07 17:58 - 000002869 _____ () C:\Users\lordb\AppData\Local\recently-used.xbel
2022-09-06 11:52 - 2022-10-30 14:44 - 000007618 _____ () C:\Users\lordb\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================