Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2024
Ran by ellie (administrator) on EBONHAWK (ASUS System Product Name) (20-01-2024 13:49:12)
Running from D:\Downloads\FRST64.exe
Loaded Profiles: ellie
Platform: Microsoft Windows 11 Pro Version 22H2 22621.3007 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\85.0.26.0\crashpad_handler.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\Program Files\LGHUB\lghub_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> ) C:\Program Files\Malwarebytes\Anti-Malware\MBAMCrashHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Parsec\pservice.exe ->) (Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\parsecd.exe
(C:\Program Files\Voicemod V3\Voicemod.exe ->) () [File not signed] C:\Program Files\Voicemod V3\kit\crashpad_handler.exe <3>
(C:\Program Files\Voicemod V3\Voicemod.exe ->) (The Qt Company Oy -> The Qt Company Ltd.) C:\Program Files\Voicemod V3\QtWebEngineProcess.exe
(C:\Program Files\Voicemod V3\Voicemod.exe ->) (Voicemod Sociedad Limitada -> ) C:\Program Files\Voicemod V3\kit\VoicemodAudioAgent.exe
(C:\Program Files\Voicemod V3\Voicemod.exe ->) (Voicemod Sociedad Limitada -> ) C:\Program Files\Voicemod V3\kit\VoicemodCDSAgent.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23335.242.2641.4129_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe <6>
(C:\Users\ellie\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\ellie\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(D:\Hry\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] D:\Hry\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Discord Inc. -> Discord Inc.) C:\Users\ellie\AppData\Local\Discord\app-1.0.9030\Discord.exe <6>
(explorer.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\Adguard.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <38>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Krisp Technologies, Inc -> Krisp Technologies, Inc.) C:\Users\ellie\AppData\Local\Programs\Krisp\app-2.30.5\krisp.exe <5>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) D:\Hry\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Voicemod Sociedad Limitada -> Voicemod SL.) C:\Program Files\Voicemod V3\Voicemod.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [File not signed] C:\Users\Public\AppData\Roaming\Flixmate\flixmate.service.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\AdguardSvc.exe
(services.exe ->) (Ascensio System SIA -> Ascensio System SIA) C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_0570478011758f12\Intel_PIE_Service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e8d71250669d562e\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\ellie\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(services.exe ->) (Zinlab Technologies -> ) C:\Users\Public\AppData\Roaming\Flixmate\update\Flixmate.UpdateService.exe
(sihost.exe ->) (366A5DE5-2EC7-43FD-B559-05986578C4CC -> ShareX Team) C:\Program Files\WindowsApps\19568ShareX.ShareX_15.0.0.0_x64__egrzcvs15399j\ShareX.exe
(sihost.exe ->) (CACCD12F-7BFA-4346-AD14-30B4E275348F -> Hewlett-Packard Development Company, L.P.) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.24.0.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <7>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1000.52.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1000.52.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.25992.9000.0_x64__8wekyb3d8bbwe\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.400.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\1.0.2311.17002-0\SecurityHealthHost.exe
(svchost.exe ->) (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(svchost.exe ->) (Rémi Mercier) [File not signed] D:\Aplikace\FanControl\FanControl.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
Failed to access process -> vmmemCmZygote

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e8d71250669d562e\RtkAudUService64.exe [1350240 2021-09-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [870136 2021-10-28] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM\...\Run: [Adguard] => C:\Program Files\AdGuard\Adguard.exe [7147224 2023-12-23] (Adguard Software Limited -> Adguard Software Limited)
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\Installer\setup.exe [4650552 2024-01-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-12-06] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [465792 2023-10-25] (Parsec Cloud, Inc. -> Parsec)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3223136 2023-10-04] (Skutta, Kristjan -> )
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [RiotClient] => D:\Hry\Riot Games\Riot Client\RiotClientServices.exe [70918144 2023-12-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [MicrosoftEdgeAutoLaunch_828E3782E90244EA48DA8C287EA0E542] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37188048 2024-01-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [VoicemodV3] => C:\Program Files\Voicemod V3\Voicemod.exe [12659592 2024-01-08] (Voicemod Sociedad Limitada -> Voicemod SL.)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [krisp] => C:\Users\ellie\AppData\Local\Programs\Krisp\app-2.30.5\krisp.exe [166000528 2023-12-19] (Krisp Technologies, Inc -> Krisp Technologies, Inc.)
HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\...\Run: [Discord] => C:\Users\ellie\AppData\Local\Discord\Update.exe [1525024 2024-01-09] (Discord Inc. -> GitHub)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {74F64942-4B99-42DF-96C2-9212CA876E4F} - System32\Tasks\ArkServerManager\AutoBackup_4ad645d133a7c15835508c23774ff7f4 => D:\Hry\ArkServerManager\ARK Server Manager.exe  -ab (No File)
Task: {C4228792-0149-41BB-A56C-90F99AFD1EC2} - System32\Tasks\ArkServerManager\AutoUpdate_4ad645d133a7c15835508c23774ff7f4 => D:\Hry\ArkServerManager\ARK Server Manager.exe  -au (No File)
Task: {5CCE0500-AB7B-44D6-8708-710AC5855F10} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {2FE1386A-6E37-448C-BDE7-E2F4FC5F30E1} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1946472 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {440ECBC4-F6D4-47F8-8534-FEB1E7D8AB34} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d821054fd07738 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-02-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {82CC7D62-E08C-4884-99D4-53073A9B118D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-02-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {AE2455DB-1305-420F-B33C-E986DAFBDD74} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-09-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {D3372111-73BE-4E0C-89EA-AAEAA38EBAFD} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2023-07-05] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {76F9BCD7-D55A-4DAD-A895-39847DEF0110} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {473F99DD-1905-41BA-9E6C-B25969225C65} - System32\Tasks\FanControl => D:\Aplikace\FanControl\\FanControl.exe [3331584 2024-01-19] (Rémi Mercier) [File not signed]
Task: {77C49AF8-2048-43DF-8B87-281691728EC2} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{23CA0DB1-6CCA-46F8-B399-1A395D455EB5} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {885C89D0-B5A6-4F66-86CB-60125190967F} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB133D11-5242-4AB7-A180-45356D85CBA4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0E475E5E-A017-42CF-82F1-4C1EADA37869} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {25998726-4A91-4865-A1DA-C2F02BD32AE6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {028F4518-01C9-4939-9C02-518A7759E012} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF052E85-78FB-46D2-A519-C278D4BB917D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BA0A5568-AF2F-43B6-AFEA-0CFE89856CC7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55044CF8-C909-4F3E-B260-632F0E6BEA83} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {871649C9-61CF-4F6F-830A-836BBAAACB97} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55AB5651-92BA-47D9-926C-D3F826C3557F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7FEC1B7-0D25-4C65-A1E9-09750A8B0DF1} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4086126-A42C-480B-9EC3-12DE33F1D54A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1348261303-1677985150-2850584612-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0dbdfbaf-97fb-4507-8dae-3ced1ab8fb00}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0dbdfbaf-97fb-4507-8dae-3ced1ab8fb00}: [DhcpDomain] local.lan
Tcpip\..\Interfaces\{2e6d7e89-9488-4baf-9f06-a56025b230e3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2e6d7e89-9488-4baf-9f06-a56025b230e3}: [DhcpDomain] local.lan
Tcpip\..\Interfaces\{88865e61-b279-44e5-859c-028fb2694c95}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{88865e61-b279-44e5-859c-028fb2694c95}: [DhcpDomain] local.lan
Tcpip\..\Interfaces\{ce9944e5-e091-417a-9088-ae9faac7a74f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ce9944e5-e091-417a-9088-ae9faac7a74f}: [DhcpDomain] local.lan
Tcpip\..\Interfaces\{d5adf228-44a2-40e7-a749-f8af7e165302}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d5adf228-44a2-40e7-a749-f8af7e165302}: [DhcpDomain] local.lan

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ellie\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-20]
Edge Extension: (Dokumenty Google offline) - C:\Users\ellie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (Edge relevant text changes) - C:\Users\ellie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-25]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default [2024-01-20]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (BetterTTV) - C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-01-17]
CHR Extension: (Vertical Twitch) - C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default\Extensions\caldgcgjbhdhmiaomefkhknhhgodhbin [2023-11-05]
CHR Extension: (Foxified) - C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldmemdnllncchfahbcnjijheaolemfk [2024-01-15]
CHR Extension: (Augmented Steam) - C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhpnfgdlenaccegplpojghhmaamnnfp [2023-09-14]
CHR Extension: (FrankerFaceZ) - C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2022-02-13]
CHR Extension: (7TV Nightly) - C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fphegifdehlodcepfkgofelcenelpedj [2023-12-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-10]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ellie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-13]
CHR HKU\S-1-5-21-1348261303-1677985150-2850584612-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files\AdGuard\AdguardSvc.exe [797400 2023-12-23] (Adguard Software Limited -> Adguard Software Limited)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [401880 2023-10-24] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe [903016 2023-10-24] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-02-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [501608 2023-08-18] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-05-26] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-02-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1132000 2024-01-20] (ASUSTeK COMPUTER INC. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-11-02] (BattlEye Innovations e.K. -> )
R2 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [222104 2020-07-16] (DTS, Inc. -> )
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11385960 2023-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
R2 Flixmate.UpdateService; C:\Users\public\AppData\Roaming\Flixmate\update\Flixmate.UpdateService.exe [24352 2022-08-31] (Zinlab Technologies -> )
R2 FlixmateService; C:\Users\public\AppData\Roaming\Flixmate\flixmate.service.exe [136704 2022-08-31] () [File not signed]
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
S2 GoogleUpdaterInternalService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10677504 2023-07-26] (Logitech Inc -> Logitech, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-20] (Malwarebytes Inc. -> Malwarebytes)
R2 NativePushService; C:\Users\ellie\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
R2 ONLYOFFICE Update Service; C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe [300752 2023-11-04] (Ascensio System SIA -> Ascensio System SIA)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [418696 2023-10-25] (Parsec Cloud, Inc. -> Parsec)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1932248 2023-11-28] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [89272 2023-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Limited)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [59440 2023-08-17] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [69024 2019-05-29] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [34520 2023-12-29] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [32296 2023-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 e2f68; C:\WINDOWS\System32\drivers\e2f68.sys [507904 2022-05-06] (Microsoft Windows -> Intel Corporation)
R3 e2fnexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2fn.inf_amd64_fcb868ac03f43b71\e2fn.sys [1427528 2023-07-03] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218592 2023-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [45248 2023-06-04] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2021-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [341752 2021-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2023-10-24] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54752 2023-01-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 IreulBus; C:\WINDOWS\System32\drivers\IreulBus.sys [52984 2021-05-15] (Rainway, Inc. -> Rainway, Inc.)
R3 KrispAudioS; C:\WINDOWS\System32\drivers\KrispAudio.sys [60384 2022-12-14] (Krisp Technologies, Inc -> Krisp Technologies, Inc)
R3 KrispVUSB; C:\WINDOWS\system32\DRIVERS\KrispVUSB.sys [54728 2022-12-14] (Krisp Technologies, Inc -> Krisp Technologies, Inc)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-23] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233704 2024-01-20] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-01-20] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 parsecvusba; C:\WINDOWS\System32\drivers\parsecvusba.sys [256560 2022-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Parsec)
R3 R0FanControl; D:\Aplikace\FanControl\FanControl.sys [14544 2024-01-20] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 SBAudioRT; C:\WINDOWS\System32\DriverStore\FileRepository\sbaudiort.inf_amd64_1396dccbfc09fb4d\SBAudioRT.sys [99080 2022-11-19] (Screaming Bee Inc -> Windows (R) Win 7 DDK provider)
S0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [303000 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-06-29] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174752 2022-01-17] (Oracle Corporation -> Oracle Corporation)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2023-11-16] (Microsoft Windows -> )
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2023-08-10] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2021-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 cpuz157; \??\C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [X]
S3 wdm_usb; \SystemRoot\System32\drivers\usb2ser.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-20 13:49 - 2024-01-20 13:49 - 000000000 ____D C:\FRST
2024-01-20 13:42 - 2024-01-20 13:42 - 000233704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-01-20 13:42 - 2024-01-20 13:42 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-01-20 13:42 - 2024-01-20 13:42 - 000000000 ____D C:\Users\ellie\AppData\Local\mbam
2024-01-20 13:41 - 2024-01-20 13:42 - 000000000 ____D C:\Users\ellie\AppData\Local\Malwarebytes
2024-01-20 13:41 - 2024-01-20 13:41 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-20 13:41 - 2024-01-20 13:41 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-01-20 13:41 - 2024-01-20 13:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-20 13:41 - 2024-01-20 13:41 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-20 12:19 - 2024-01-20 12:19 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2024-01-20 12:19 - 2024-01-20 12:19 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2024-01-19 02:44 - 2024-01-19 02:44 - 000000000 ___SD C:\WINDOWS\system32\containers
2024-01-19 02:44 - 2024-01-19 02:44 - 000000000 ____D C:\WINDOWS\system32\HvsiSettingsProviders
2024-01-18 23:29 - 2024-01-18 23:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-01-18 22:46 - 2024-01-20 13:22 - 000000000 ____D C:\Users\ellie\AppData\Local\Discord
2024-01-18 22:46 - 2024-01-20 12:22 - 000000000 ____D C:\Users\ellie\AppData\Roaming\discord
2024-01-15 21:13 - 2024-01-20 01:14 - 000000000 ____D C:\Users\Public\AppData\Flixmate
2024-01-15 21:13 - 2024-01-16 15:27 - 000000000 ____D C:\Users\Public\AppData\Roaming\Flixmate
2024-01-15 21:13 - 2024-01-16 15:26 - 000000000 ____D C:\Users\Public\Temp
2024-01-12 22:27 - 2024-01-12 22:27 - 000001510 _____ C:\Users\ellie\Desktop\Wondershare Filmora 13.lnk
2024-01-12 22:27 - 2024-01-12 22:27 - 000000000 ____D C:\Users\ellie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wondershare
2024-01-12 22:13 - 2024-01-12 22:13 - 000000000 ____D C:\Users\ellie\AppData\Local\Meltytech
2024-01-12 22:02 - 2024-01-12 22:02 - 000000000 ____D C:\Users\ellie\AppData\Local\stalefiles
2024-01-12 22:01 - 2024-01-12 22:08 - 000005121 _____ C:\Users\ellie\AppData\Local\kdenliverc
2024-01-12 22:01 - 2024-01-12 22:01 - 000008337 _____ C:\Users\ellie\AppData\Local\kdenlive-layoutsrc
2024-01-12 22:01 - 2024-01-12 22:01 - 000005300 _____ C:\Users\ellie\AppData\Local\user-places.xbel
2024-01-12 22:01 - 2024-01-12 22:01 - 000004426 _____ C:\Users\ellie\AppData\Local\user-places.xbel.bak
2024-01-12 22:01 - 2024-01-12 22:01 - 000000000 ____D C:\Users\ellie\AppData\Roaming\kdenlive
2024-01-12 22:01 - 2024-01-12 22:01 - 000000000 ____D C:\Users\ellie\AppData\Local\mime
2024-01-12 22:01 - 2024-01-12 22:01 - 000000000 ____D C:\Users\ellie\AppData\Local\kdenlive
2024-01-12 22:01 - 2024-01-12 22:01 - 000000000 _____ C:\Users\ellie\AppData\Local\user-places.xbel.tbcache
2024-01-11 23:19 - 2024-01-11 23:19 - 000016720 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-11 23:15 - 2024-01-11 23:17 - 000000000 ___HD C:\$WinREAgent
2024-01-06 05:02 - 2024-01-06 05:32 - 000000000 ____D C:\Users\ellie\AppData\Roaming\RtSubscribe
2024-01-06 04:20 - 2024-01-19 01:26 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2024-01-06 04:20 - 2024-01-12 22:27 - 000000000 ____D C:\Users\ellie\AppData\Local\Wondershare
2024-01-06 04:20 - 2024-01-06 04:22 - 000000000 ____D C:\ProgramData\Wondershare
2024-01-06 04:20 - 2024-01-06 04:21 - 000000000 ____D C:\Users\ellie\AppData\Roaming\Wondershare
2024-01-06 04:18 - 2024-01-18 21:20 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-12-30 21:41 - 2023-12-30 21:41 - 000000000 ____D C:\Users\ellie\AppData\Local\My Games
2023-12-30 21:39 - 2024-01-17 21:30 - 000000000 ____D C:\Users\ellie\AppData\Local\Ubisoft Game Launcher
2023-12-30 21:39 - 2023-12-30 21:39 - 000001333 _____ C:\Users\ellie\Desktop\Ubisoft Connect.lnk
2023-12-30 21:39 - 2023-12-30 21:39 - 000000370 _____ C:\Users\ellie\Desktop\Avatar Frontiers of Pandora.url
2023-12-30 21:39 - 2023-12-30 21:39 - 000000000 ____D C:\Users\ellie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2023-12-30 21:39 - 2023-12-30 21:39 - 000000000 ____D C:\ProgramData\Ubisoft
2023-12-30 21:39 - 2023-12-30 21:39 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2023-12-28 14:41 - 2024-01-20 12:12 - 000000000 ____D C:\Program Files\AdGuard
2023-12-28 14:41 - 2023-12-28 14:41 - 000001944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard.lnk
2023-12-28 14:41 - 2023-12-28 14:41 - 000000902 _____ C:\Users\Public\Desktop\AdGuard.lnk
2023-12-28 14:41 - 2023-12-28 14:41 - 000000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2023-12-23 18:41 - 2024-01-20 12:16 - 000000000 ____D C:\Users\ellie\AppData\Local\Krisp
2023-12-23 18:41 - 2023-12-23 18:41 - 000001256 _____ C:\Users\ellie\Desktop\Krisp.lnk
2023-12-23 18:41 - 2023-12-23 18:41 - 000000000 ____D C:\Users\ellie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Krisp Technologies, Inc
2023-12-23 11:21 - 2023-12-23 11:21 - 000000000 ____D C:\Users\ellie\AppData\Local\WinSparkle

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-20 13:48 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-20 13:48 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-01-20 13:45 - 2022-02-13 19:34 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-20 13:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-20 13:41 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-20 13:41 - 2022-02-13 19:06 - 000000000 ____D C:\Users\ellie\AppData\Local\D3DSCache
2024-01-20 13:16 - 2022-02-13 19:05 - 000000000 ___SD C:\Users\ellie\AppData\Roaming\Microsoft\Credentials
2024-01-20 13:13 - 2022-02-13 19:18 - 000000000 ____D C:\ProgramData\Adguard
2024-01-20 12:25 - 2022-02-13 16:19 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-20 12:19 - 2023-04-25 19:07 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-20 12:19 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-01-20 12:15 - 2023-12-06 00:53 - 000000000 ____D C:\Users\ellie\AppData\Local\VoicemodV3
2024-01-20 12:15 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-20 12:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-20 12:15 - 2022-02-13 19:19 - 000000000 ____D C:\Users\ellie\AppData\Roaming\LGHUB
2024-01-20 12:15 - 2022-02-13 19:19 - 000000000 ____D C:\Users\ellie\AppData\Local\LGHUB
2024-01-20 12:14 - 2023-10-24 20:04 - 000000000 ____D C:\Users\ellie\AppData\Roaming\asus_framework
2024-01-20 12:12 - 2023-04-25 19:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-20 12:12 - 2023-04-25 19:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-20 12:12 - 2022-02-13 16:18 - 001180016 _____ () C:\WINDOWS\system32\wpbbin.exe
2024-01-20 12:12 - 2022-02-13 16:18 - 001132000 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2024-01-20 12:12 - 2022-02-13 16:18 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-20 05:48 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-01-20 05:47 - 2023-11-03 16:20 - 000000000 ____D C:\Users\ellie\Documents\ShareX
2024-01-20 00:34 - 2023-02-05 18:03 - 000000000 ____D C:\Users\ellie\AppData\Roaming\slobs-client
2024-01-19 16:05 - 2022-02-13 20:08 - 000000000 ____D C:\ProgramData\Riot Games
2024-01-19 14:47 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-19 13:26 - 2022-02-13 19:14 - 000000000 ____D C:\Program Files\ASUS
2024-01-19 11:24 - 2023-06-04 15:17 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-18 23:45 - 2022-05-07 06:20 - 006436208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmfirmware.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000509288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsynthstor.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmSynthNic.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000361832 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpupvdev.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000243048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2024-01-18 23:45 - 2022-05-07 06:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdp4vs.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000132456 _____ C:\WINDOWS\system32\secfw_AuthenticAMD.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000124264 _____ (Microsoft Corporation) C:\WINDOWS\system32\CmAgent.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000124240 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwpevents.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000120160 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwpctrl.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pvhdparser.sys
2024-01-18 23:45 - 2022-05-07 06:20 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CCGLaunchPad.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000075104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\passthruparser.sys
2024-01-18 23:45 - 2022-05-07 06:20 - 000066912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NvAgent.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000058704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hnswfpdriver.sys
2024-01-18 23:45 - 2022-05-07 06:20 - 000054608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtilityVmSysprep.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000046888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbresources.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000042344 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcomputeeventlog.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmComputeProxy.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000025960 _____ (Microsoft Corporation) C:\WINDOWS\system32\f989b52d-f928-44a3-9bf1-bf0c1da6a0d6_HyperV-DeviceVirtualization.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000025960 _____ (Microsoft Corporation) C:\WINDOWS\system32\07409496-a423-4a3e-b620-2cfb01a9318d_HyperV-ComputeNetwork.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\f1db7d81-95be-4911-935a-8ab71629112a_HyperV-IsolatedVM.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\d4d78066-e6db-44b7-b5cd-2eb82dce620c_HyperV-ComputeLegacy.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\c4d66f00-b6f0-4439-ac9b-c5ea13fe54d7_HyperV-ComputeCore.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\c28c7a4e-a619-4463-82b7-0fc9cc7187f5_HyperV-ComputeStorage.dll
2024-01-18 23:45 - 2022-05-07 06:20 - 000006658 _____ C:\WINDOWS\system32\VmFirmwareHcl Third-Party Notices.txt
2024-01-18 23:45 - 2022-05-07 06:20 - 000006658 _____ C:\WINDOWS\system32\VmFirmware Third-Party Notices.txt
2024-01-18 23:35 - 2022-02-13 19:14 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-18 23:35 - 2022-02-13 19:14 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-01-18 23:29 - 2022-02-13 19:14 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-18 23:26 - 2023-01-17 00:17 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-01-18 23:26 - 2022-02-13 16:19 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-18 22:46 - 2022-02-13 19:32 - 000002237 _____ C:\Users\ellie\Desktop\Discord.lnk
2024-01-18 22:46 - 2022-02-13 19:32 - 000000000 ____D C:\Users\ellie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-01-18 22:46 - 2022-02-13 19:32 - 000000000 ____D C:\Users\ellie\AppData\Local\SquirrelTemp
2024-01-18 15:09 - 2023-11-03 16:20 - 000000000 ____D C:\Users\ellie\Documents\Zvukové záznamy
2024-01-17 23:48 - 2022-03-16 20:58 - 000000000 ____D C:\Users\ellie\AppData\Local\CrashDumps
2024-01-17 18:43 - 2022-02-17 13:28 - 000000000 ____D C:\Program Files\ONLYOFFICE
2024-01-12 22:01 - 2023-04-25 19:01 - 000000000 ____D C:\Users\ellie
2024-01-12 22:01 - 2022-09-12 11:59 - 000000000 ____D C:\Users\ellie\AppData\Local\cache
2024-01-12 12:23 - 2022-02-13 21:09 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-12 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-01-12 00:01 - 2023-09-29 02:18 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-01-12 00:01 - 2023-04-25 19:00 - 000303992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-12 00:01 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-01-12 00:01 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-12 00:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-12 00:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-12 00:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-11 23:22 - 2022-02-15 19:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-11 23:21 - 2022-02-15 19:14 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-11 23:19 - 2023-04-25 19:04 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-01-10 21:26 - 2023-12-06 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voicemod V3
2024-01-10 21:26 - 2023-12-06 00:53 - 000000000 ____D C:\Program Files\Voicemod V3
2024-01-09 12:05 - 2023-09-06 15:34 - 000263672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2024-01-09 12:05 - 2022-10-08 05:19 - 000095736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-01-09 12:05 - 2022-10-08 05:19 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-01-09 12:05 - 2022-02-13 19:35 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-01-09 12:05 - 2022-02-13 19:35 - 000644600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-01-09 12:05 - 2022-02-13 19:35 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-01-09 12:05 - 2022-02-13 19:35 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-01-09 12:05 - 2022-02-13 19:35 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-01-04 09:20 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-01-04 00:33 - 2023-08-11 10:07 - 000000000 ____D C:\WINDOWS\Minidump
2024-01-04 00:33 - 2022-02-13 16:18 - 003308287 ____N C:\WINDOWS\Minidump\010424-6140-01.dmp
2024-01-02 13:14 - 2022-04-19 17:48 - 000000000 ____D C:\Users\ellie\AppData\Roaming\Pentablet V3
2023-12-30 21:41 - 2023-11-03 16:20 - 000000000 ____D C:\Users\ellie\Documents\My Games
2023-12-29 18:16 - 2022-10-15 18:23 - 000034520 _____ (Creative Technology Innovation Co., LTd.) C:\WINDOWS\system32\Drivers\CtiAIo64.sys
2023-12-29 18:16 - 2022-02-13 19:11 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-23 18:42 - 2023-12-20 16:20 - 000002780 _____ C:\WINDOWS\system32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:41 - 2023-04-15 15:55 - 000000000 ____D C:\Users\ellie\AppData\Local\Package Cache

==================== Files in the root of some directories ========

2023-11-21 19:20 - 2023-11-21 19:20 - 000000254 _____ () C:\ProgramData\fontcacheev1.dat
2024-01-12 22:01 - 2024-01-12 22:01 - 000008337 _____ () C:\Users\ellie\AppData\Local\kdenlive-layoutsrc
2024-01-12 22:01 - 2024-01-12 22:08 - 000005121 _____ () C:\Users\ellie\AppData\Local\kdenliverc
2022-03-08 23:20 - 2023-11-30 01:26 - 000004902 _____ () C:\Users\ellie\AppData\Local\krita-sysinfo.log
2022-03-08 23:20 - 2023-11-30 01:26 - 000042649 _____ () C:\Users\ellie\AppData\Local\krita.log
2023-09-23 19:42 - 2023-11-30 01:26 - 000118451 _____ () C:\Users\ellie\AppData\Local\kritacrash.log
2023-03-18 21:33 - 2023-03-18 21:33 - 000000039 _____ () C:\Users\ellie\AppData\Local\kritadisplayrc
2022-03-08 23:20 - 2023-09-23 19:42 - 000018947 _____ () C:\Users\ellie\AppData\Local\kritarc
2024-01-12 22:01 - 2024-01-12 22:01 - 000005300 _____ () C:\Users\ellie\AppData\Local\user-places.xbel
2024-01-12 22:01 - 2024-01-12 22:01 - 000004426 _____ () C:\Users\ellie\AppData\Local\user-places.xbel.bak
2024-01-12 22:01 - 2024-01-12 22:01 - 000000000 _____ () C:\Users\ellie\AppData\Local\user-places.xbel.tbcache

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\SysWOW64\mfc110esn.dll [2013-06-09] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\WINDOWS\SysWOW64\mfc110ita.dll [2013-06-09] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================