Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.07.2024
Ran by enten (administrator) on ENTENTEAKOVO (Gigabyte Technology Co., Ltd. B550 AORUS ELITE) (18-07-2024 14:13:07)
Running from S:\OneDrive\Desktop\FRST64.exe
Loaded Profiles: enten
Platform: Microsoft Windows 11 Home Version 23H2 22631.3880 (X64) Language: Čeština (Česko)
Default browser: Vivaldi
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.913.1\DropboxCrashHandler.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG  sp. z o.o -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG  sp. z o.o -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (Python Software Foundation -> Python Software Foundation) C:\Program Files (x86)\GOG Galaxy\python\python.exe <2>
(C:\Program Files (x86)\IOTLink\IOTLinkService.exe ->) (alexslx.com) [File not signed] C:\Program Files (x86)\IOTLink\IOTLinkAgent.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe ->) (Skutta Software GmbH -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe <5>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Corsair\Corsair iCUE5 Software\crashpad_handler.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [File not signed] C:\Users\enten\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.minecraft.sdPlugin\com.barraider.minecraft.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [File not signed] C:\Users\enten\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.spotify.sdPlugin\com.barraider.spotify.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [File not signed] C:\Users\enten\AppData\Roaming\Elgato\StreamDeck\Plugins\com.rgpaul.vlc.sdPlugin\vlc-remote.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [File not signed] C:\Users\enten\AppData\Roaming\Elgato\StreamDeck\Plugins\tv.twitch.studio.sdPlugin\twitchstudiostreamdeck.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\StreamDeck\crashpad_handler.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Users\enten\AppData\Roaming\Elgato\StreamDeck\Plugins\com.corsair.icue.sdPlugin\icue_streamdeck_plugin.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Users\enten\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.discord.sdPlugin\ESDDiscord.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (The Qt Company Oy -> The Qt Company Ltd.) C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe <8>
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Program Files\Vivaldi\Application\vivaldi.exe <24>
(C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServer.exe
(C:\Program Files\Google\NearbyShare\nearby_share.exe ->) (Google LLC -> ) C:\Program Files\Google\NearbyShare\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.CropAndLock.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.PowerOCR.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\WinUI3Apps\PowerToys.AdvancedPaste.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> ) C:\Program Files\Tablet\Wacom\Wacom_UpdateUtil.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Windows\SysWOW64\wallpaperservice32.exe ->) (Skutta Software GmbH -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <9>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (GOG  sp. z o.o -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\enten\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\enten\AppData\Roaming\Telegram Desktop\Telegram.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(GOG  sp. z o.o -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24061.40.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(S:\Aurora-v0.8.1+65\Aurora.exe ->) () [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusionAuroraListener.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (alexslx.com) [File not signed] C:\Program Files (x86)\IOTLink\IOTLinkService.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe <2>
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CExecSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\NisSrv.exe
(services.exe ->) (MongoDB, Inc) [File not signed] C:\Program Files\MongoDB\Server\6.0\bin\mongod.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Skutta Software GmbH -> ) C:\Windows\SysWOW64\wallpaperservice32.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(services.exe ->) (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
(sihost.exe ->) (036D46C1-CAF8-42C6-8E06-BF297485C8B6 -> DSD Software) C:\Program Files\WindowsApps\44640DSDSoftware.34423942C95F5_1.0.2.0_x64__7av2ac29s1gp4\WSLTux\WSLTux.exe
(sihost.exe ->) (Google LLC -> Google) C:\Program Files\Google\NearbyShare\nearby_share.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.242.290.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (Aurora) [File not signed] S:\Aurora-v0.8.1+65\Aurora.exe
(svchost.exe ->) (Mgth) [File not signed] C:\Program Files\LittleBigMouse\LittleBigMouse_Daemon.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2406.1001.20.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.16300.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(Winstep Software Technologies) [File not signed] [File is in use] C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1090784 2020-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [17137736 2024-04-11] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2024-06-27] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [Nearby Share] => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [2958112 2024-05-29] (Google LLC -> Google)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9248136 2024-07-11] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKLM-x32\...\Run: [Genshin Impact_launcher_pcseaepic_1_3] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml [20992 2012-03-19] () [File not signed]
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [Winstep SpeedLaunch] => C:\Program Files (x86)\Winstep\winstep.exe [814592 2018-11-20] (Winstep Software Technologies) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-07-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-07-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-07-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37550568 2024-06-22] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13993440 2024-02-04] (GOG  sp. z o.o -> GOG.com)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44970408 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10087784 2022-10-12] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [MicrosoftEdgeAutoLaunch_6128DF410274FA67B528F7F2948FD6A1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883560 2024-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [WinLaunch] => C:\Program Files\WinLaunch\WinLaunch.exe -hide (No File)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [NeXuS-Ultimate] => C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe [20394112 2022-07-08] (Winstep Software Technologies) [File not signed] [File is in use]
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [Volume Controller SD plugin] => C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe [108072 2023-09-18] (Corsair Memory, Inc. -> )
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [BingSvc] => C:\Users\enten\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6687664 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [AF_uuid_2139460] => 013c02c8-93bd-4d49-ad18-4dcbaafc0b40 (No File)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\Run: [AF_counter_2139460] => 8 (No File)
HKU\S-1-5-21-4157375001-4093909184-968087358-1001\...\MountPoints2: {f3931c87-13e0-11ec-a674-5cf37095b906} - "H:\setup.exe" 
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2024-02-04]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{43F137B0-8F4D-463B-AB83-ADEAD4F15096}] -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\127.0.2651.49\Installer\setup.exe [2024-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\126.0.6478.128\Installer\chrmstp.exe [2024-07-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9C142C0C-124C-4467-B117-EBCC62801D7B}] -> "C:\Program Files\Vivaldi\Application\6.8.3381.46\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --vivaldi-install-dir="C:\Program Files\Vivaldi"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\enten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Aurora.exe – zástupce.lnk [2021-01-09]
ShortcutTarget: Aurora.exe – zástupce.lnk -> S:\Aurora-v0.8.1+65\Aurora.exe (Aurora) [File not signed]
Startup: C:\Users\enten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2023-08-02]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\Users\enten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2021-11-19]
ShortcutTarget: Telegram.lnk -> C:\Users\enten\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OpenRGB.lnk [2021-01-13]
ShortcutTarget: OpenRGB.lnk -> S:\OpenRGB Windows 64-bit\OpenRGB.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {91367DB1-FAD7-41FF-9D81-B03EE68DB885} - System32\Tasks\AssistantComputerControl cleanup => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [450560 2024-01-25] (Microsoft Windows -> Microsoft Corporation) -> -WindowStyle Hidden -file "C:\Program Files (x86)\AssistantComputerControl\ExtraCleanupper.ps1" "V:\Dropbox\AssistantComputerControl\*" "*.txt"
Task: {CCFE09FA-DAEC-4CE0-9264-A3812ACE4167} - System32\Tasks\AssistantComputerControl startup => C:\Program Files (x86)\AssistantComputerControl\AssistantComputerControl.exe [3511632 2022-01-17] (AssistantComputerControl -> ) [File not signed]
Task: {E65E36DF-B22B-4AC3-B87F-B9670BCB1019} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe  (No File)
Task: {3C3F9506-4ABE-4F43-919E-3A007A0E3BE7} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {A05936D3-1856-4F8F-8764-C809B025E74E} - System32\Tasks\AuroraStartup => S:\Aurora-v0.8.1+65\Aurora.exe [8267264 2021-01-22] (Aurora) [File not signed] -> S:\Aurora-v0.8.1+65\-silent
Task: {AF377F9F-7EE1-45FE-B867-BF0E2EF52FED} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-07-16] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {73D68847-FA1D-4D2F-9AAC-1E2AFE932DED} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-07-16] (Gen Digital Inc. -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "bdd86834-3f23-466a-8a33-da19e11cd9cf" --version "6.26.11169" --silent
Task: {107F0798-2A70-4A91-A470-2BFA45146069} - System32\Tasks\CCleanerSkipUAC - enten => C:\Program Files\CCleaner\CCleaner.exe [38931368 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {0B630ABD-854E-4FCA-BEA5-D14574D178FE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5513520 2024-07-12] (Microsoft Windows -> Microsoft Corporation)
Task: {B1CED6A9-7F78-41BD-837A-58DD2090678E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D3552CB6-714B-4600-89B2-04147F2DB753} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1C8B9F08-62F2-43D9-8A93-4350E61DD470} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {226D4225-2250-466C-A5D6-56E3783BDBAF} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {EBDB0C90-3DAD-46DB-A6FA-C02179C18459} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [137224 2024-06-03] (Johannes Schindelin -> The Git Development Community) -> --hide --no-needs-console --command=cmd\git.exe update-git-for-windows --quiet --gui
Task: {261204AE-965C-4B24-85EE-1AD39670AC2A} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [372656 2024-07-02] (Google LLC -> Google LLC)
Task: {4EF6D895-ABD3-46B4-9C86-84FD4848143C} - System32\Tasks\Google\Quick Share Relaunch => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [2958112 2024-05-29] (Google LLC -> Google)
Task: {3E74533C-4558-40C3-8815-D71176C0C2C1} - System32\Tasks\Google\Quick Share Update Shortcuts => C:\Program Files\Google\NearbyShare\nearby_config.exe [3090720 2024-05-29] (Google LLC -> )
Task: {BBFC2C87-9771-4A60-94E3-085B451819ED} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.3{88A13DCA-F3CC-47EF-89F3-BFD221790F46} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.3\updater.exe [4623976 2024-06-15] (Google LLC -> Google LLC)
Task: {93868163-1A69-4CB5-AE74-09A9A44B6E0F} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [234880 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {096C4CC3-F7F5-4A24-BC94-7B733C4F8ACB} - System32\Tasks\LittleBigMouse_ENTENTEAKOVO_enten => C:\Program Files\LittleBigMouse\LittleBigMouse_Daemon.exe [276992 2019-07-04] (Mgth) [File not signed] -> C:\Program Files\LittleBigMouse\\--start
Task: {91B1C612-A980-4D83-A9A3-2DF88471632F} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-4157375001-4093909184-968087358-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2150.11.211.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2192632 2024-07-12] (6E08453F-9BA7-4311-999C-D22FBA2FB1B8 -> Meta Platforms, Inc.)
Task: {A812855D-A65E-4BEF-9C70-4B543AE71576} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512336 2024-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E19A6219-9E52-4A1D-87C4-44FA560D5813} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512336 2024-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {185A647A-F38D-40B0-91D5-641872C0599C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221848 2024-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E7DE030-350C-4DBB-8FE9-1FECA2485E22} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221848 2024-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {55DFDEC9-C443-40F2-8308-42707D5E002A} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2021-02-28] (Microsoft Corporation -> Microsoft)
Task: {CCEC0C93-3D58-48C4-AA2E-67370EF43F8E} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [90112 2024-07-12] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (No File)
Task: {1336A261-FDC9-4A5F-930F-A98E3368DFAF} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (No File)
Task: {5A7BB717-0698-4FB4-BDDB-082B1E369FB3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {7D3A06ED-4B94-4784-9553-B7176C7503A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0DF73F6E-5C75-42D1-AE21-C43395DE8F56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F1BF6CF-DD2F-4B11-851F-0C687CA25911} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {64410863-98D4-4117-84BA-B9891BBE644A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0763B759-7BD3-4C13-99FE-88BC0DA47AE9} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674208 2024-03-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {B44A53E3-946D-4CD8-9E67-273BD56AA2D3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2024-03-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {DE830DC7-3275-4CB7-89C3-BEE71FA677AE} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe  /s (No File)
Task: {7493EB10-4646-48DA-A7B2-257B52754EE1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {846F8E77-7F47-4BE1-AF00-6D1E9A3122C4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5F6B1796-06CD-4B63-9425-0FC61C6FD828} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {1E397438-CC20-4BC9-8B9C-0AF81EC22EA6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F137DCA3-8532-4FA6-84A0-6A3BF60475A0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {505D090C-321B-4307-A19B-023F1C657833} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D69A9C0C-3D60-46C1-8C74-3A354BE508D9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30447A5B-722D-4CD7-9A29-E8ADD3462059} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {114F81BF-188E-4AE4-A5A7-79C19FE66281} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {15E4E7C4-62D1-4E9F-9E03-97E9461884CB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {88F4DD2D-FED6-4643-8442-EEA1FDDAB149} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4157375001-4093909184-968087358-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6EEA927-12C9-4CC7-92A4-698684D151E6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-07-08] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {21838E27-0031-4430-87B7-4893E1483E08} - System32\Tasks\PowerToys\Autorun for enten => C:\Program Files\PowerToys\PowerToys.exe [1180704 2024-07-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {08A294B1-09D5-44FC-A69C-4E20C5EF2A7F} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe  /s (No File)
Task: {72BC41A4-91D7-4FE7-A157-51C2D423EA5D} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\Thermald.exe [392296 2023-01-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {1BF447A6-E806-4C2A-8107-14CCDEFE3F9C} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\Sensord.exe [257408 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {A38D091F-9F00-475D-86FF-4E0D942C8F1E} - System32\Tasks\VivaldiUpdateCheck-839d5a0d29b4282c => C:\Program Files\Vivaldi\Application\update_notifier.exe [3694216 2024-06-25] (Vivaldi Technologies AS -> Vivaldi Technologies AS) -> C:\Program Files\Vivaldi\Application\--from-scheduler

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4157375001-4093909184-968087358-1001] => http=127.0.0.1:8365;https=127.0.0.1:8365
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{94916385-463d-4a28-a7d8-1b19a09dec0a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{94916385-463d-4a28-a7d8-1b19a09dec0a}: [DhcpDomain] telekom.ip

Edge: 
=======
Edge Profile: C:\Users\enten\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-18]
Edge Extension: (Dokumenty Google offline) - C:\Users\enten\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Edge relevant text changes) - C:\Users\enten\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]
Edge Extension: (Microsoft Power Automate (Zastaralé)) - C:\Users\enten\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njjljiblognghfjfpcdpdbpbfcmhgafg [2023-04-19]
Edge HKU\S-1-5-21-4157375001-4093909184-968087358-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]
StartMenuInternet: Microsoft Edge Beta - C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe

FireFox:
========
FF DefaultProfile: ag1s4gbw.default
FF ProfilePath: C:\Users\enten\AppData\Roaming\Mozilla\Firefox\Profiles\ag1s4gbw.default [2023-07-29]
FF ProfilePath: C:\Users\enten\AppData\Roaming\Mozilla\Firefox\Profiles\r154nwzp.default-release [2024-03-29]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @gametree.co.kr/GTL -> C:\ProgramData\Gametree\GTL\npGTL.dll [2013-06-13] (NtreevSoft Co.,Ltd -> NtreevSoft)
FF Plugin-x32: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\enten\AppData\Local\Google\Chrome\User Data\Default [2024-07-07]
CHR StartupUrls: Default -> "hxxp://octopi.local:8123/lovelace/main","hxxp://octopi.local/?#control"
CHR Extension: (Dokumenty Google offline) - C:\Users\enten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-23]
CHR Extension: (Microsoft Power Automate (Zastaralé)) - C:\Users\enten\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgfobnenmnljakmhboildkafdkicala [2023-05-12]
CHR Extension: (Microsoft Bing Search Engine) - C:\Users\enten\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkecabaloghleaicfhefejdijblljpco [2024-06-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\enten\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-02-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\enten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-24]
CHR HKU\S-1-5-21-4157375001-4093909184-968087358-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKU\S-1-5-21-4157375001-4093909184-968087358-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkecabaloghleaicfhefejdijblljpco]

Vivaldi: 
=======
VIV Profile: C:\Users\enten\AppData\Local\Vivaldi\User Data\Default [2024-07-18]
VIV DownloadDir: D:\Downloads
VIV Notifications: Default -> hxxps://www.reddit.com
VIV HomePage: Default -> hxxps://google.com
VIV DefaultSearchKeyword: Default -> g
VIV DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
VIV Extension: (Blokátor reklam AdGuard) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2024-06-01]
VIV Extension: (Thingiverse ++) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\dahlionodmjcndnmenoahbbildkledde [2021-12-04]
VIV Extension: (Tampermonkey) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-05-03]
VIV Extension: (I don't care about cookies) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-06-26]
VIV Extension: (Úpravy souborů Office) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2024-04-01]
VIV Extension: (Microsoft Power Automate (Zastaralé)) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\gjgfobnenmnljakmhboildkafdkicala [2023-04-20]
VIV Extension: (Video Downloader for reddit - Redditsave) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\hhienkkjhkcdeaolmcniloflgpjhdefi [2021-11-09]
VIV Extension: (Microsoft Bing Search Engine) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\hkecabaloghleaicfhefejdijblljpco [2024-05-28]
VIV Extension: (Coinbase Wallet extension) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\hnfanknocfeofbddgcijnmhnfnkdnaad [2024-07-15]
VIV Extension: (Chrome Remote Desktop) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-07]
VIV Extension: (SteamDB) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2024-07-10]
VIV Extension: (Facebook Screen Sharing) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\ncfpggehkhmjpdjpefomjchjafhmbnai [2020-12-08]
VIV Extension: (DownThemAll!) - C:\Users\enten\AppData\Local\Vivaldi\User Data\Default\Extensions\nljkibfhlpcnanjgbnlnbjecgicbjkge [2024-01-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-24] (Advanced Micro Devices, Inc.) [File not signed]
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2696560 2023-10-03] (HIGH MORALE DEVELOPMENTS LIMITED -> )
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2559624 2024-03-10] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-09-16] (BattlEye Innovations e.K. -> )
R2 cexecsvc; C:\WINDOWS\system32\cexecsvc.exe [275824 2023-07-28] (Microsoft Windows -> Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\125.0.6422.31\remoting_host.exe [74016 2024-05-06] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
R3 CorsairCpuIdService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe [240680 2024-06-27] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [155688 2024-06-27] (Corsair Memory, Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-07-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\204.3.5321\DropboxElevationService.exe [1659288 2024-07-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [16796776 2024-07-14] (Electronic Arts, Inc. -> Electronic Arts)
S2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [25224 2021-08-30] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2023-06-01] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [147824 2022-06-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-10-15] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncHelper.exe [3519392 2024-07-09] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-12-08] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2350048 2024-02-04] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-10-07] (GOG  sp. z o.o -> GOG.com)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [381480 2024-06-27] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 IOTLink; C:\Program Files (x86)\IOTLink\IOTLinkService.exe [117760 2020-10-08] (alexslx.com) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8901528 2024-07-16] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-10] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpDefenderCoreService.exe [1377416 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftEdgeBetaElevationService; C:\Program Files (x86)\Microsoft\Edge Beta\Application\127.0.2651.49\elevation_service.exe [1764304 2024-07-12] (Microsoft Corporation -> Microsoft Corporation)
R2 MongoDB; C:\Program Files\MongoDB\Server\6.0\bin\mongod.exe [56164864 2022-09-29] (MongoDB, Inc) [File not signed]
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [11379152 2021-08-19] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [127360 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.126.0623.0001\OneDriveUpdaterService.exe [3860400 2024-07-09] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-07-08] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1110104 2020-11-21] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [320088 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [5209072 2024-02-18] (Rockstar Games, Inc. -> Rockstar Games)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3580352 2024-06-07] (Skutta Software GmbH -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\NisSrv.exe [3236728 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MsMpEng.exe [133688 2024-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [777216 2019-10-29] (Winstep Software Technologies) [File not signed]
R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [878840 2024-07-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1660968 2023-10-19] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
S3 athur; C:\WINDOWS\System32\drivers\athuw8x.sys [2919936 2013-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2024-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2024-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2024-07-16] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [32296 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 EShareAudio; C:\WINDOWS\System32\drivers\EShareAudio.sys [52552 2023-02-06] (WDKTestCert EShare,133122473232758516 -> )
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218608 2024-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [52016 2024-03-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 HidHide; C:\WINDOWS\System32\drivers\HidHide.sys [60960 2021-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3686568 2024-06-07] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2021-01-04] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221264 2024-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 R0Aurora; C:\Program Files\Aurora\Aurora.sys [14544 2023-10-15] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_b75e67d8c02481f5\rtucx22x64.sys [1645400 2023-05-10] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S3 UniFairy; C:\WINDOWS\system32\UniFairy.sys [828144 2021-09-02] (Tencent Technology(Shenzhen) Company Limited -> )
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R3 VCamSDK; C:\WINDOWS\system32\DRIVERS\VCamSDK.sys [1092456 2022-09-09] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2023-10-27] (Microsoft Windows -> )
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-26] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [126152 2022-08-06] (WDKTestCert dant,132729491071615565 -> Wacom Co. Ltd.)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [31288 2022-08-06] (WDKTestCert dant,132918465424379523 -> Wacom Co. Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21968 2024-07-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-07-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-07-16] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; S:\Aurora-v0.8.1+65\LibreHardwareMonitorLib.sys [14544 2022-09-12] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S1 EneTechIo; \??\C:\Windows\system32\drivers\ene.sys [X]
S1 MSIO; \??\C:\WINDOWS\system32\drivers\MsIo64.sys [X]
S3 NEProtect; \??\C:\Program Files (x86)\Steam\steamapps\common\Once Human\NEProtect.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-07-18 14:12 - 2024-07-18 14:13 - 000000000 ____D C:\FRST
2024-07-16 11:32 - 2024-07-18 11:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2024-07-16 11:32 - 2024-07-16 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2024-07-16 11:32 - 2024-07-16 11:32 - 000000000 ____D C:\Program Files\PowerToys
2024-07-15 11:46 - 2024-07-15 11:46 - 000000000 ____D C:\Users\enten\AppData\LocalLow\OnlyBananasStudio
2024-07-14 12:35 - 2024-07-14 13:32 - 000000000 ____D C:\Users\enten\AppData\Local\anadius
2024-07-14 09:05 - 2024-07-14 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-07-12 19:00 - 2024-07-12 19:00 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2024-07-12 19:00 - 2024-07-12 19:00 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2024-07-11 22:02 - 2024-07-11 22:02 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-07-10 15:02 - 2024-07-10 15:02 - 000000000 ____D C:\Users\enten\AppData\Local\UniCompactView
2024-07-10 15:00 - 2024-07-10 15:00 - 000000000 ____D C:\Users\enten\AppData\Local\UniSDK_FirstOpen
2024-07-07 01:14 - 2024-07-07 01:14 - 000000000 ____D C:\Users\enten\AppData\LocalLow\ILGDev
2024-07-06 19:28 - 2024-07-06 19:28 - 000000000 ____D C:\Users\enten\AppData\LocalLow\MapleDose
2024-07-05 14:37 - 2024-07-05 14:37 - 000000000 ____D C:\Users\enten\AppData\LocalLow\nineyou
2024-06-29 15:41 - 2024-06-29 15:41 - 000001032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrusaSlicer 2.8.0.lnk
2024-06-29 04:10 - 2024-06-29 04:10 - 000025684 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-06-29 04:09 - 2024-06-29 04:09 - 000025684 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-06-27 13:34 - 2024-06-27 13:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2024-06-20 15:50 - 2024-06-20 15:50 - 000000000 ____D C:\Users\enten\AppData\Local\Idling_Gears
2024-06-20 13:19 - 2024-06-20 13:19 - 000000000 ____D C:\Users\enten\AppData\LocalLow\OhYeah
2024-06-18 14:33 - 2024-06-18 14:33 - 000000000 ____D C:\Users\enten\AppData\LocalLow\findemor
2024-06-18 14:23 - 2024-06-18 14:23 - 000000000 ____D C:\Users\enten\AppData\Local\Monstrosity

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-07-18 14:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-07-18 14:09 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-07-18 14:04 - 2020-12-08 09:31 - 000000000 ____D C:\Program Files (x86)\Steam
2024-07-18 14:02 - 2023-09-19 21:02 - 000000000 ____D C:\Users\enten\AppData\Local\Malwarebytes
2024-07-18 13:34 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-07-18 13:27 - 2020-12-08 00:28 - 000000528 _____ C:\Users\enten\.vivaldi_reporting_data
2024-07-18 13:24 - 2023-09-23 09:01 - 000000000 ____D C:\Users\enten\AppData\Roaming\WTablet
2024-07-18 12:25 - 2020-12-10 09:03 - 000000000 ____D C:\ProgramData\NVIDIA
2024-07-18 12:14 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-07-18 11:59 - 2020-12-09 09:34 - 000000000 ____D C:\Users\enten\AppData\Roaming\Dropbox
2024-07-18 11:59 - 2020-12-09 09:33 - 000000000 ____D C:\Users\enten\AppData\Local\Dropbox
2024-07-18 11:59 - 2020-12-08 00:09 - 000000000 ___SD C:\Users\enten\AppData\Roaming\Microsoft\Credentials
2024-07-18 11:58 - 2022-09-28 14:52 - 000003770 _____ C:\WINDOWS\system32\Tasks\AuroraStartup
2024-07-18 11:58 - 2022-01-23 17:34 - 000000000 ____D C:\Program Files\CCleaner
2024-07-18 11:58 - 2021-11-18 18:19 - 000000000 ____D C:\Users\enten\AppData\Roaming\Telegram Desktop
2024-07-18 11:58 - 2020-12-08 00:15 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-07-17 16:52 - 2022-09-28 14:16 - 000000000 ____D C:\Users\enten
2024-07-17 16:52 - 2020-12-08 11:43 - 000000000 ____D C:\Users\enten\AppData\Roaming\discord
2024-07-17 16:31 - 2020-12-08 00:11 - 000000000 ____D C:\Users\enten\AppData\Local\D3DSCache
2024-07-17 15:56 - 2020-12-08 11:43 - 000000000 ____D C:\Users\enten\AppData\Local\Discord
2024-07-17 13:39 - 2022-09-28 14:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-07-17 13:39 - 2022-09-28 14:52 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-07-17 13:39 - 2022-09-21 12:11 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-07-17 13:34 - 2024-06-08 16:04 - 000000000 ____D C:\Log
2024-07-16 11:44 - 2020-12-08 07:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-07-16 11:34 - 2023-09-29 07:59 - 000089336 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2024-07-16 11:33 - 2023-09-29 07:58 - 000906584 _____ C:\WINDOWS\system32\wpbbin.exe
2024-07-16 11:33 - 2023-09-29 07:58 - 000878840 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2024-07-16 11:33 - 2022-09-28 14:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-07-16 11:33 - 2022-09-28 14:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-07-16 11:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-07-16 11:33 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-07-16 11:33 - 2020-12-08 11:34 - 000012288 ___SH C:\DumpStack.log.tmp
2024-07-16 11:32 - 2020-12-15 15:34 - 000000000 ____D C:\Users\enten\AppData\Local\CrashDumps
2024-07-16 11:32 - 2020-12-08 00:20 - 000000000 ____D C:\ProgramData\Packages
2024-07-16 11:32 - 2020-12-08 00:18 - 000000000 ____D C:\ProgramData\Package Cache
2024-07-16 11:32 - 2020-12-08 00:11 - 000000000 ____D C:\Users\enten\AppData\Local\Packages
2024-07-15 13:12 - 2021-03-09 21:30 - 000000000 ____D C:\Users\enten\AppData\Roaming\Autodesk
2024-07-15 11:44 - 2021-11-06 17:48 - 000000000 ____D C:\Users\enten\AppData\Roaming\.minecraft
2024-07-14 13:10 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-07-14 12:16 - 2021-03-02 21:14 - 000000000 ____D C:\ProgramData\EA Desktop
2024-07-14 09:52 - 2020-12-08 11:54 - 000000000 ____D C:\Users\enten\AppData\Roaming\vlc
2024-07-14 09:09 - 2021-10-15 17:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-07-14 09:06 - 2020-12-09 09:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-07-14 09:04 - 2021-01-07 16:04 - 000002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge Beta.lnk
2024-07-14 09:04 - 2020-12-08 00:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-07-12 19:14 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-07-12 19:00 - 2022-09-28 14:53 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-07-12 19:00 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-07-12 18:58 - 2022-09-28 14:48 - 000487688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-07-12 18:58 - 2021-10-21 10:30 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-07-12 18:57 - 2023-09-27 04:15 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-07-12 18:57 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-07-12 18:57 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-07-12 18:57 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-07-12 18:57 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-07-12 18:57 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-07-12 18:57 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-07-12 18:57 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-07-12 15:08 - 2020-12-08 09:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-07-12 15:05 - 2020-12-08 09:09 - 194135240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-07-12 14:41 - 2022-09-28 14:52 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-12 14:41 - 2022-09-28 14:52 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-07-11 18:11 - 2020-12-27 14:26 - 000000000 ____D C:\Program Files\dotnet
2024-07-10 14:48 - 2020-12-08 09:35 - 000000000 ____D C:\Users\enten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-07-09 16:42 - 2023-04-13 20:45 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4157375001-4093909184-968087358-1001
2024-07-09 16:42 - 2022-09-28 14:52 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-07-09 16:42 - 2021-10-15 17:12 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-07-08 15:26 - 2021-09-04 14:33 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-07-07 15:59 - 2023-12-28 18:54 - 000000000 ____D C:\Users\enten\AppData\Local\EShare
2024-07-03 21:18 - 2024-02-17 13:16 - 000267768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-07-03 21:18 - 2022-10-28 09:21 - 000108024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-07-03 21:18 - 2022-10-28 09:21 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-07-03 21:18 - 2021-11-03 20:54 - 002799208 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-07-03 21:18 - 2021-11-03 20:54 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-07-03 21:17 - 2021-11-24 13:48 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-07-03 21:17 - 2021-11-03 20:54 - 000751096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-07-03 21:17 - 2021-11-03 20:54 - 000222824 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-07-02 18:21 - 2023-06-01 14:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Google
2024-07-02 18:20 - 2023-07-21 14:44 - 000000000 ____D C:\Program Files\Google
2024-06-30 09:40 - 2021-03-13 18:24 - 000000000 ____D C:\Users\enten\AppData\Local\Autodesk
2024-06-30 08:59 - 2021-10-27 17:23 - 000000000 ____D C:\Users\enten\AppData\Roaming\Microsoft\Excel
2024-06-29 15:41 - 2024-03-03 14:46 - 000001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa G-code Viewer.lnk
2024-06-29 15:41 - 2021-01-10 17:49 - 000000000 ____D C:\Users\enten\AppData\Roaming\PrusaSlicer
2024-06-29 05:44 - 2023-12-05 15:30 - 000000000 ____D C:\WINDOWS\InboxApps
2024-06-29 05:44 - 2022-09-28 14:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2024-06-29 05:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-06-29 05:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-06-29 05:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-06-29 05:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-06-29 05:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-06-29 05:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-06-29 05:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-06-29 05:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-06-29 04:10 - 2022-09-28 14:51 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-28 17:42 - 2020-12-08 00:11 - 000000000 ___RD C:\Users\enten\3D Objects
2024-06-27 13:35 - 2021-08-25 14:40 - 000000000 ____D C:\Users\enten\AppData\Roaming\Corsair
2024-06-26 16:39 - 2020-12-08 00:28 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2024-06-26 16:39 - 2020-12-08 00:28 - 000000000 ____D C:\Program Files\Vivaldi
2024-06-22 10:12 - 2023-03-03 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.5
2024-06-22 10:12 - 2023-03-03 18:18 - 000000000 ____D C:\Program Files\Cheat Engine 7.5
2024-06-22 10:11 - 2020-12-12 19:43 - 000000000 ____D C:\Program Files\Cheat Engine 7.2

==================== Files in the root of some directories ========

2023-04-28 22:27 - 2023-08-21 18:46 - 000010913 _____ () C:\Users\enten\AppData\Roaming\CairoAppConfig.xml
2023-04-28 22:24 - 2023-09-24 06:06 - 000000352 _____ () C:\Users\enten\AppData\Roaming\CairoStacksConfig.xml
2022-12-12 22:43 - 2022-12-12 22:43 - 000588450 _____ () C:\Users\enten\AppData\Roaming\chinchilla.mp4
2021-12-09 16:39 - 2024-05-09 16:24 - 000000128 _____ () C:\Users\enten\AppData\Roaming\winscp.rnd
2021-12-09 16:08 - 2024-05-09 16:36 - 000000128 _____ () C:\Users\enten\AppData\Local\PUTTY.RND
2024-03-09 23:31 - 2024-03-09 23:31 - 000006932 _____ () C:\Users\enten\AppData\Local\recently-used.xbel
2022-08-05 16:07 - 2023-05-06 12:18 - 000007625 _____ () C:\Users\enten\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================