Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-12-2024 01
Ran by Crit (administrator) on CATLOS-ITS4YOU (ASUS System Product Name) (28-12-2024 19:44:10)
Running from C:\Users\Crit\Downloads\FRST64.exe
Loaded Profiles: Crit
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2006 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\NZXT CAM Beta\NZXT CAM Beta.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM Beta\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\cam_helper.exe <2>
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(E:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] E:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <46>
(explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(explorer.exe ->) (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM Beta\NZXT CAM Beta.exe <5>
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) E:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(explorer.exe ->) (Skutta, Kristjan -> ) E:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.22\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (AVerMedia TECHNOLOGIES, INC. -> AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\132.0.6834.12\remoting_host.exe <2>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM Beta\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4c10eeff886a3252\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2411.1.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2410.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" (No File)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [SonicWALLNetExtender] => C:\Program Files (x86)\SonicWALL\SSL-VPN\NetExtender\NEGui.exe [3127440 2015-12-09] (Dell Software Inc. -> Dell)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [NcpBudgetGui] => C:\Program Files\LANCOM\Advanced VPN Client\NcpBudgetGui.exe [6755368 2021-01-19] (N C P e GmbH Network Communications Products engineering -> NCP engineering GmbH)
HKLM\...\Run: [NcpMonitor] => C:\Program Files\LANCOM\Advanced VPN Client\ncpmon.exe [16080936 2021-01-19] (N C P e GmbH Network Communications Products engineering -> NCP engineering GmbH)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4c10eeff886a3252\RtkAudUService64.exe [1591688 2022-09-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [185384 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4131496 2024-12-16] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1092304 2016-03-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [Steam] => E:\Steam\steam.exe [4377448 2023-10-31] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [WallpaperEngine] => E:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3050080 2023-04-18] (Skutta, Kristjan -> )
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [Discord] => C:\Users\Crit\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [MiPhoneManager] => C:\Users\Crit\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-03-11] (Xiaomi Technology Inc -> )
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [RaiderIO] => "C:\Program Files\RaiderIO\RaiderIO.exe" (No File)
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2020-11-29] () [File not signed]
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [Battle.net] => D:\Battle.net\Battle.net.exe [981640 2024-10-16] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [Overwolf] => E:\Overwolf\OverwolfLauncher.exe [1842944 2024-11-03] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45430176 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [NZXT.CAM.Beta] => C:\Program Files\NZXT CAM Beta\NZXT CAM Beta.exe [186418552 2024-12-17] (NZXT, Inc. -> NZXT, Inc.)
HKU\S-1-5-21-3156892032-2825552179-3562152326-1001\...\Run: [Opera Browser Assistant] => C:\Users\Crit\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-03-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON L386 Series 64MonitorBE: C:\Windows\system32\E_YLMBRPE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{B4841AC3-BB3F-4bbf-8F90-E25B45EF4CB4}] -> C:\Windows\system32\NcpCredentialProvider.dll [2021-01-19] (N C P e GmbH Network Communications Products engineering -> NCP engineering GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN Connect.lnk [2021-04-23]
ShortcutTarget: OpenVPN Connect.lnk -> C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0144fbfc-c5f5-42a9-9064-6d70eb7d722a} - no filepath. <==== ATTENTION
Task: {08be1002-9e88-4e38-b86b-4134ac9585ca} - no filepath. <==== ATTENTION
Task: {11169b1a-fc06-4e24-b93f-1ccc030dca9b} - no filepath. <==== ATTENTION
Task: {1bb0a8d4-7d36-4582-bf72-376ce27ab405} - no filepath. <==== ATTENTION
Task: {29ccbee6-26fd-46fb-8908-26c86dd8a13f} - no filepath. <==== ATTENTION
Task: {2da8e33b-2a66-4ee2-bb7d-779b947a6eeb} - no filepath. <==== ATTENTION
Task: {312aeae8-1261-4f69-8f73-995edcf5521f} - no filepath. <==== ATTENTION
Task: {387abf24-2472-41ea-9fe1-a664794a0a3a} - no filepath. <==== ATTENTION
Task: {3ccedb05-74a2-4762-9915-557183e1585e} - no filepath. <==== ATTENTION
Task: {434135a2-77c2-4b09-8f56-eeed1d3bb601} - no filepath. <==== ATTENTION
Task: {4705a641-fb87-41a7-b274-3cb3dd6a040f} - no filepath. <==== ATTENTION
Task: {491d7447-6dcf-40e3-bf57-2d008466a1ea} - no filepath. <==== ATTENTION
Task: {4f824aee-565d-46d2-b2b9-8c5681711c48} - no filepath. <==== ATTENTION
Task: {4f916763-e7fd-459b-be8c-84da0e14cb0c} - no filepath. <==== ATTENTION
Task: {5d32ec9a-8d6a-445e-ab04-06f8b8076151} - no filepath. <==== ATTENTION
Task: {6b0898a4-f481-45c3-904c-67ce7ef4dd72} - no filepath. <==== ATTENTION
Task: {728ee9db-df6c-4060-8720-91b6c42fb7cd} - no filepath. <==== ATTENTION
Task: {866006cb-1187-438c-b59d-1027d44cb621} - no filepath. <==== ATTENTION
Task: {902ccd6c-863e-44fd-b00f-318ac972f746} - no filepath. <==== ATTENTION
Task: {944378ef-d2c5-448e-91d1-79cbd9ab2480} - no filepath. <==== ATTENTION
Task: {9770bac4-764f-4bf7-9c76-edb773c44155} - no filepath. <==== ATTENTION
Task: {9c5840c8-4cc7-46f4-9f0e-67cff37631a3} - no filepath. <==== ATTENTION
Task: {9f9df568-d289-444a-ac42-866c92a29159} - no filepath. <==== ATTENTION
Task: {a14193f8-0273-44e7-aa81-9d7909c5014c} - no filepath. <==== ATTENTION
Task: {a1eb8803-fe0b-4495-8f1a-6d1e0cd2bc04} - no filepath. <==== ATTENTION
Task: {a4481487-a12f-4102-9107-0eda6d477f9e} - no filepath. <==== ATTENTION
Task: {afbee6c3-9a52-4925-ad8a-6079fa64c801} - no filepath. <==== ATTENTION
Task: {b54508d0-442b-42ba-bdb5-dc4ef868ac7c} - no filepath. <==== ATTENTION
Task: {b5cab1b9-c2ad-4339-87a1-ff8d1979e0df} - no filepath. <==== ATTENTION
Task: {b78b1fa6-504b-45e7-8838-98b97fc055ee} - no filepath. <==== ATTENTION
Task: {b80dc5ec-655f-4e5e-b873-b88f224e4810} - no filepath. <==== ATTENTION
Task: {b8e06a9f-b75c-4b70-ad94-dd9cbe1be5be} - no filepath. <==== ATTENTION
Task: {c216b9e5-ced2-4253-b5e6-c0061e52b5f4} - no filepath. <==== ATTENTION
Task: {cf31b53b-b183-4e2f-9b86-397e7061f2b2} - no filepath. <==== ATTENTION
Task: {d115813e-182a-4305-9d29-d7c4c989de88} - no filepath. <==== ATTENTION
Task: {daedaaf2-28d9-495f-a631-bfeb7453b7ec} - no filepath. <==== ATTENTION
Task: {e8b56088-ca78-447d-8be0-9594792d10b1} - no filepath. <==== ATTENTION
Task: {ea979aa1-6e22-409f-9c24-0226bcabca4e} - no filepath. <==== ATTENTION
Task: {ef320c4a-a796-4884-9ef1-bb46cc8e1af3} - no filepath. <==== ATTENTION
Task: {f76ccee6-0c84-4d66-bc83-f496fd65f459} - no filepath. <==== ATTENTION
Task: {fadd3674-a7d8-47d6-a49e-48132a4dd62e} - no filepath. <==== ATTENTION
Task: {6968D606-1BD9-4B3B-BCBD-0A9B3846FDD4} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [308584 2022-12-24] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {D56A6CE0-7ACB-4CB1-85FB-B3E3BB865074} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1857384 2022-12-24] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {6EF03D53-25A4-41E7-A892-9AF7B1A4B159} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d946c8a4acfd02 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2023-02-22] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {9E997B33-5B61-4553-B956-C0283AE221C5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2023-02-22] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {CBCDF9DE-AD19-4F35-A0C5-B3A8FAE237CC} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [46597976 2022-12-15] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {116F2EAB-0240-4F56-AAE5-064DE9C326C5} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2022-12-05] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {27933ADD-3271-48E0-9535-DE6687330813} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {48530735-5EF9-4294-8766-F22565B92054} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{8496677F-7E3B-4BAC-8D2E-538DB00A0D98} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {F65A6AAF-876D-47E7-AFBC-AE3AA2A224DA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CATLOS-ITS4YOU-Crit Catlos-ITS4You => C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0EDA1549-2B0E-4162-AE65-BFBE59783B7E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {652C24A1-A31C-4947-B0D4-47F20C46B3D1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563192 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D66FA55-A51E-4E80-AE84-2C7B9C4EC841} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563192 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {F80122DD-806C-490C-A627-95BAFC56422C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0ECEB71B-EE27-49F7-BC95-0A56638971DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {56CECD1B-8C01-47D4-A9CD-578F6463B5E8} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => %windir%\system32\EOSNotify.exe  (No File)
Task: {AF8E0E6B-1B3C-4891-B708-1990D29945EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0AF51962-14E7-4E8C-A4A3-8AB6D135F64A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4BFF8B6-65B8-4479-AC7F-BD403ABEF2D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B2BD8185-7AF8-4C7A-958C-2E944F56AFE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E963085-8DA1-4E4D-B0A9-ABABDC2F2594} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-12-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {43458AC0-8156-4746-A83D-0439BFBEB0E9} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-11-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {801A8065-2EFC-40CD-8FF7-577E81F1F6A3} - System32\Tasks\Opera scheduled Autoupdate 1616625572 => C:\Users\Crit\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5596568 2024-12-23] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-3156892032-2825552179-3562152326-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforNsp.dll [14524592 2020-01-07] (Sangfor Technologies Inc. -> Sangfor Technologies Inc.)
Winsock: Catalog5 09 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforNsp.dll [14524592 2020-01-07] (Sangfor Technologies Inc. -> Sangfor Technologies Inc.)
Winsock: Catalog9 01 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforTcp.dll [2580664 2020-01-07] (Sangfor Technologies Inc. -> Sangfor Technologies Inc.)
Winsock: Catalog9 02 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforTcp.dll [2580664 2020-01-07] (Sangfor Technologies Inc. -> Sangfor Technologies Inc.)
Winsock: Catalog9 03 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforTcp.dll [2580664 2020-01-07] (Sangfor Technologies Inc. -> Sangfor Technologies Inc.)
Winsock: Catalog9 04 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforTcp.dll [2580664 2020-01-07] (Sangfor Technologies Inc. -> Sangfor Technologies Inc.)
Winsock: Catalog9 05 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforTcp.dll [2580664 2020-01-07] (Sangfor Technologies Inc. -> Sangfor Technologies Inc.)
Winsock: Catalog9 20 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforTcp.dll [2580664 2020-01-07] (Sangfor Technologies Inc. -> Sangfor Technologies Inc.)
Winsock: Catalog5-x64 01 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforNspX64.dll [299088 2020-01-07] (Sangfor Technologies Inc. -> TODO: <Company name>)
Winsock: Catalog5-x64 09 C:\Program Files (x86)\Sangfor\SSL\ClientComponent\SangforNspX64.dll [299088 2020-01-07] (Sangfor Technologies Inc. -> TODO: <Company name>)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 92.245.2.245 92.245.2.162
Tcpip\..\Interfaces\{00bd6e6a-b14c-49c3-a52e-8bbddaf1ecda}: [DhcpNameServer] 92.245.2.245 92.245.2.162
Tcpip\..\Interfaces\{a8b115d4-d24e-49d7-86d2-ddef45395dc4}: [DhcpNameServer] 92.245.2.245 92.245.2.162

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Profile: C:\Users\Crit\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-28]
Edge Extension: (Dokumenty Google offline) - C:\Users\Crit\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-16]
Edge Extension: (Edge relevant text changes) - C:\Users\Crit\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: b8grgopm.default
FF ProfilePath: C:\Users\Crit\AppData\Roaming\Mozilla\Firefox\Profiles\b8grgopm.default [2024-12-20]
FF DownloadDir: C:\Users\Crit\Desktop
FF Homepage: Mozilla\Firefox\Profiles\b8grgopm.default -> hxxps://www.ebay.co.uk/mys/active
FF Extension: (English United States Dictionary) - C:\Users\Crit\AppData\Roaming\Mozilla\Firefox\Profiles\b8grgopm.default\Extensions\@unitedstatesenglishdictionary.xpi [2023-10-02]
FF Extension: (Language: English (US)) - C:\Users\Crit\AppData\Roaming\Mozilla\Firefox\Profiles\b8grgopm.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2024-12-17]
FF Extension: (mail.com MailCheck) - C:\Users\Crit\AppData\Roaming\Mozilla\Firefox\Profiles\b8grgopm.default\Extensions\toolbar@mail.com.xpi [2023-11-24]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Picasa3\npPicasa3.dll [2014-07-31] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default [2024-12-28]
CHR Notifications: Default -> hxxps://covid.neuromancer.sk; hxxps://dashboard.tawk.to; hxxps://forums.d2jsp.org; hxxps://mail.google.com; hxxps://teams.microsoft.com; hxxps://www.facebook.com; hxxps://www.zlavomat.sk
CHR Extension: (BetterTTV) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-12-23]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-12-21]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-12-11]
CHR Extension: (FrankerFaceZ) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2024-12-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-12-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-07]
CHR Extension: (Lorem Ipsum Checker) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\loinlganigcgmdbjdhcnffcncjjmjkdh [2024-03-12]
CHR Extension: (mail.com MailCheck) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpebgcnlaohcgdfhbffjajlnpifdkllg [2024-07-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Crit\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-29]
CHR Profile: C:\Users\Crit\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR DefaultProfile: Default
OPR Profile: C:\Users\Crit\AppData\Roaming\Opera Software\Opera Stable [2024-12-10]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Crit\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-06-03]
OPR Extension: (Opera Wallet) - C:\Users\Crit\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-06-03]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Crit\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
OPR Extension: (Opera AI Prompts) - C:\Users\Crit\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-06-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1612970385045.exe [2445824 2021-02-10] () [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.22\atkexComSvc.exe [894824 2023-01-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2018-11-29] (ASUSTeK Computer Inc. -> ) [File not signed]
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2023-02-22] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2023-02-22] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678760 2023-02-22] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1134480 2024-12-24] (ASUSTeK Computer Inc. -> )
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [1930848 2018-03-31] (AVerMedia TECHNOLOGIES, INC. -> AVerMedia TECHNOLOGIES, Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2573448 2024-10-16] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8914856 2021-07-11] (BattlEye Innovations e.K. -> )
R2 CAMService; C:\Program Files\NZXT CAM Beta\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\service.exe [573816 2024-12-17] (NZXT, Inc. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\132.0.6834.12\remoting_host.exe [73824 2024-11-19] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482688 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [614432 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [238632 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [84008 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 CorsairUniwillService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueUniwillService.exe [108072 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [215352 2020-08-14] (DTS, Inc. -> DTS Inc.)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-09-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152152 2020-03-25] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-08] (HP Inc. -> HP Inc.)
S3 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [462888 2023-01-20] (Corsair Memory, Inc. -> Corsair)
S4 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [498576 2021-02-04] (Logitech Inc -> Logitech)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8892256 2022-12-18] (Malwarebytes Inc. -> Malwarebytes)
S4 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1926840 2022-07-14] (A-Volute SAS -> Nahimic)
S4 ncpclcfg; C:\Program Files\LANCOM\Advanced VPN Client\ncpclcfg.exe [1176616 2021-01-19] (N C P e GmbH Network Communications Products engineering -> )
S4 ncprwsnt; C:\Program Files\LANCOM\Advanced VPN Client\ncprwsnt.exe [4674600 2021-01-19] (N C P e GmbH Network Communications Products engineering -> NCP Engineering GmbH)
S4 ncpsec; C:\Program Files\LANCOM\Advanced VPN Client\ncpsec.exe [1265192 2021-01-19] (N C P e GmbH Network Communications Products engineering -> NCP engineering GmbH)
S4 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4490376 2020-09-18] (Logitech Inc -> Logitech)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
S4 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [23552 2020-09-22] () [File not signed]
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2393344 2024-11-03] (Overwolf Ltd -> Overwolf LTD)
S4 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [2280448 2021-02-10] () [File not signed]
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S4 SangforSP; C:\Program Files (x86)\Sangfor\SSL\Promote\SangforPromoteService.exe [323656 2020-01-07] (Sangfor Technologies Inc. -> Sangfor Technologies Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SONICWALL_NetExtender; C:\Program Files (x86)\SonicWALL\SSL-VPN\NetExtender\NEService64.exe [744040 2015-12-09] (Dell Software Inc. -> Dell Inc.)
S4 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [331648 2022-02-03] (Twitch Interactive, Inc. -> )
S4 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7099632 2021-07-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [13066904 2024-12-16] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [7509704 2021-07-11] (PUBG CORPORATION -> PUBG Corporation)
S3 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1459384 2021-03-31] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [387752 2021-03-31] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-06-02] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-11-29] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [49256 2022-08-15] (ASUSTeK COMPUTER INC. -> )
S3 AVer330USB; C:\WINDOWS\system32\DRIVERS\AVer330USB.sys [1551616 2015-04-09] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 AVoluteSS3Vad; C:\WINDOWS\System32\drivers\AVoluteSS3Vad.sys [94712 2022-06-08] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2024-12-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43568 2023-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2024-12-13] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R3 cpuz159; C:\WINDOWS\temp\cpuz159\cpuz159_x64.sys [44680 2024-12-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [32320 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_f00467d5bba0b3ef\e2f.sys [526520 2022-05-01] (Intel Corporation -> Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl1d2515da; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E7812598-0037-4999-BF3A-71D95353632C}\MpKslDrv.sys [267552 2024-12-28] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [18496 2022-06-08] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 ncpfilt; C:\WINDOWS\system32\DRIVERS\ncplelhp.sys [117192 2021-01-18] (N C P e GmbH Network Communications Products engineering -> NCP Engineering GmbH)
R3 ncplelhp; C:\WINDOWS\System32\drivers\ncplelhp.sys [117192 2021-01-18] (N C P e GmbH Network Communications Products engineering -> NCP Engineering GmbH)
R3 NxDrv; C:\WINDOWS\System32\drivers\NxDrv.sys [26472 2015-12-09] (Dell Software Inc. -> SonicWALL Inc.)
R2 SangforDnsDrv_7,5,0,1; C:\Program Files (x86)\Sangfor\SSL\DnsDriver\SangforDnsDrv.sys [32848 2020-01-07] (Sangfor Technologies Co.,Ltd -> Sangfor Technologies Inc.)
R2 SangforTcpDrv_7,5,0,1; C:\Program Files (x86)\Sangfor\SSL\TcpDriver\SangforTcpDrv.sys [54864 2020-01-07] (Sangfor Technologies Co.,Ltd -> Sangfor Technologies Inc.)
S3 SangforVnic; C:\WINDOWS\System32\drivers\SangforVnic.sys [44008 2018-10-07] (Sangfor Technologies Co.,Ltd -> SANGFOR)
R3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [39920 2020-04-21] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2021-02-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [33335160 2024-12-16] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-06-14] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2729456 2021-07-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S2 AMDRyzenMasterDriverV20; \??\C:\Program Files\AMD\RyzenMasterSDK\bin\AMDRyzenMasterDriver.sys [X]
S1 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-28 19:44 - 2024-12-28 19:44 - 000047110 _____ C:\Users\Crit\Downloads\FRST.txt
2024-12-28 19:43 - 2024-12-28 19:44 - 000000000 ____D C:\FRST
2024-12-28 19:43 - 2024-12-28 19:43 - 002403840 _____ (Farbar) C:\Users\Crit\Downloads\FRST64.exe
2024-12-28 19:35 - 2024-12-28 19:35 - 000388608 _____ (Trend Micro Inc.) C:\Users\Crit\Downloads\HijackThis (1).exe
2024-12-23 22:53 - 2024-12-26 00:39 - 134222904 _____ C:\WINDOWS\392667600.dat
2024-12-23 22:41 - 2024-12-23 22:41 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-12-23 22:40 - 2024-12-23 22:40 - 000001583 _____ C:\Users\Public\Desktop\League of Legends.lnk
2024-12-17 12:40 - 2024-12-17 12:40 - 000931157 _____ C:\Users\Crit\Downloads\crm_template.zip
2024-12-17 12:24 - 2024-12-17 12:24 - 000362598 _____ C:\Users\Crit\Downloads\DALL·E 2024-12-17 12.06.56 - Create an image for a Facebook ad about a case study showcasing Liwa Control and Liwa Planner, two heating management applications. The image should d.webp
2024-12-13 11:02 - 2024-12-13 11:02 - 000000000 ____D C:\WINDOWS\LastGood
2024-12-13 11:00 - 2024-12-04 02:11 - 000125048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-12-13 09:21 - 2024-12-04 19:05 - 002060664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-12-13 09:21 - 2024-12-04 19:05 - 002060664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-12-13 09:21 - 2024-12-04 19:05 - 001600376 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-12-13 09:21 - 2024-12-04 19:05 - 001600376 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-12-13 09:21 - 2024-12-04 19:05 - 001452432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-12-13 09:21 - 2024-12-04 19:05 - 001452432 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-12-13 09:21 - 2024-12-04 19:05 - 001301880 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-12-13 09:21 - 2024-12-04 19:05 - 001301880 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-12-13 09:21 - 2024-12-04 19:05 - 000478384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-12-13 09:21 - 2024-12-04 19:05 - 000374432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-12-13 09:21 - 2024-12-04 19:02 - 001114792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-12-13 09:21 - 2024-12-04 19:02 - 000670352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-12-13 09:21 - 2024-12-04 19:02 - 000505504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-12-13 09:21 - 2024-12-04 19:01 - 025450120 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2024-12-13 09:21 - 2024-12-04 19:01 - 001554608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-12-13 09:21 - 2024-12-04 19:01 - 001208992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-12-13 09:21 - 2024-12-04 19:01 - 000863888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-12-13 09:21 - 2024-12-04 19:00 - 016811696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-12-13 09:21 - 2024-12-04 19:00 - 002185360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-12-13 09:21 - 2024-12-04 19:00 - 001634464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-12-13 09:21 - 2024-12-04 19:00 - 001042072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-12-13 09:21 - 2024-12-04 19:00 - 000801432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-12-13 09:21 - 2024-12-04 19:00 - 000462480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-12-13 09:21 - 2024-12-04 18:59 - 017736840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-12-13 09:21 - 2024-12-04 18:59 - 006953104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-12-13 09:21 - 2024-12-04 18:59 - 005909664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-12-13 09:21 - 2024-12-04 18:59 - 005435544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-12-13 09:21 - 2024-12-04 18:59 - 003807888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-12-13 09:21 - 2024-12-04 18:59 - 000853680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-12-13 09:21 - 2024-12-04 18:58 - 007158560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-12-13 09:21 - 2024-12-04 18:58 - 006236264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-12-13 09:21 - 2024-12-04 02:11 - 000132703 _____ C:\WINDOWS\system32\nvinfo.pb
2024-12-13 09:20 - 2024-12-13 09:20 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-12-13 09:20 - 2024-12-13 09:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-12-13 09:20 - 2024-11-26 08:37 - 003074088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-12-13 09:20 - 2024-11-26 08:37 - 002369064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-12-12 11:24 - 2024-12-12 11:24 - 000291377 _____ C:\Users\Crit\Desktop\csob_reklamacia.pdf
2024-12-12 11:16 - 2024-12-12 11:16 - 000279599 _____ C:\Users\Crit\Desktop\csob-karty-reklamace5.pdf
2024-12-12 09:40 - 2024-12-12 09:40 - 012450904 _____ (Tim Kosse) C:\Users\Crit\Downloads\FileZilla_3.68.1_win64-setup.exe
2024-12-10 14:05 - 2024-12-10 14:05 - 000594371 _____ C:\Users\Crit\Downloads\5407228743.pdf
2024-12-10 09:44 - 2024-12-10 09:44 - 000267970 _____ C:\Users\Crit\Downloads\oznámenie.pdf
2024-12-10 09:42 - 2024-12-10 09:42 - 000182801 _____ C:\Users\Crit\Downloads\OutputDocument_1733820080224.zip
2024-12-09 14:18 - 2024-12-09 14:18 - 077705216 _____ C:\Users\Crit\Downloads\Hextech Repair Tool.msi
2024-12-09 14:18 - 2024-12-09 14:18 - 000000765 _____ C:\Users\Public\Desktop\Hextech Repair Tool.lnk
2024-12-09 12:52 - 2024-12-09 13:08 - 000000000 ____D C:\Users\Crit\Desktop\control
2024-12-08 12:06 - 2024-12-08 12:06 - 001392912 _____ C:\Users\Crit\Desktop\tracy-2.7.3.zip
2024-12-04 17:53 - 2024-12-04 18:07 - 000000000 ____D C:\Users\Crit\Desktop\Amelinka videá
2024-12-04 11:49 - 2024-12-04 11:37 - 000103216 _____ C:\Users\Crit\Desktop\ITS4YouKanbanView_4_12.zip
2024-12-03 15:04 - 2024-12-03 15:04 - 000176032 _____ C:\Users\Crit\Downloads\50240789.pdf
2024-12-03 12:01 - 2024-12-03 13:36 - 000782668 _____ C:\Users\Crit\Documents\Čatloš_ikigai.pdf
2024-12-03 10:50 - 2024-12-03 10:50 - 000329284 _____ C:\Users\Crit\Downloads\DALL·E 2024-12-03 10.50.28 - A happy family of three viewed from behind in a garden near a modern house with a flat roof. The family includes a father (32 years old), a mother (32.webp
2024-12-03 10:40 - 2024-12-03 10:41 - 000000000 ____D C:\Users\Crit\Desktop\password config issue
2024-12-03 10:38 - 2024-12-03 10:38 - 011635448 _____ (Martin Prikryl ) C:\Users\Crit\Downloads\WinSCP-6.3.6-Setup.exe
2024-12-02 16:30 - 2024-12-02 16:30 - 000103807 _____ C:\Users\Crit\Downloads\invoice (9).pdf
2024-11-29 18:26 - 2024-12-28 19:04 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-11-29 18:19 - 2024-12-23 22:40 - 000000000 ____D C:\Users\Crit\AppData\Roaming\riot-client-ux
2024-11-29 09:47 - 2024-11-26 15:15 - 000171051 _____ C:\Users\Crit\Desktop\Cashflow4You_4_35.zip
2024-11-29 08:57 - 2024-11-28 15:26 - 000118524 _____ C:\Users\Crit\Desktop\ITS4YouEmails_0_34.zip
2024-11-29 08:56 - 2024-11-29 08:56 - 000086284 _____ C:\Users\Crit\Downloads\Štítok_pre_vrátenie_Lidl.pdf
2024-11-28 09:07 - 2024-11-28 09:07 - 000002398 _____ C:\Users\Crit\Desktop\ahpvpn.ddns.me.ovpn

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-28 19:04 - 2018-11-29 21:55 - 000000000 ____D C:\ProgramData\Riot Games
2024-12-28 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-28 14:00 - 2022-02-13 16:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-28 13:59 - 2018-11-29 22:03 - 000000000 ____D C:\Users\Crit\AppData\Local\Steam
2024-12-28 01:47 - 2024-07-25 16:32 - 000005272 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for CATLOS-ITS4YOU-Crit Catlos-ITS4You
2024-12-28 00:46 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-28 00:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-12-28 00:45 - 2024-08-02 08:54 - 000004252 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1616625572
2024-12-28 00:45 - 2021-03-24 23:39 - 000001387 _____ C:\Users\Crit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2024-12-28 00:42 - 2023-02-22 15:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-28 00:42 - 2020-01-27 20:20 - 000000000 ____D C:\Users\Public\Logi
2024-12-28 00:42 - 2018-11-29 22:46 - 000000000 ____D C:\Users\Crit\AppData\Local\CrashDumps
2024-12-24 19:57 - 2018-12-22 20:58 - 000000000 ____D C:\Users\Crit\AppData\Roaming\Microsoft\Word
2024-12-24 19:57 - 2018-12-22 20:58 - 000000000 ____D C:\Users\Crit\AppData\Roaming\Microsoft\Office
2024-12-24 12:20 - 2024-02-16 13:35 - 000000000 ____D C:\Users\Crit\AppData\Roaming\NZXT CAM Beta
2024-12-24 12:20 - 2023-02-22 15:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-24 12:20 - 2023-02-22 12:28 - 001134480 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2024-12-24 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-12-24 12:20 - 2018-11-29 18:43 - 000000000 ____D C:\ProgramData\NVIDIA
2024-12-24 12:19 - 2023-02-22 15:17 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-12-24 12:19 - 2023-02-22 12:28 - 001173024 _____ C:\WINDOWS\system32\wpbbin.exe
2024-12-24 12:19 - 2019-12-07 15:43 - 000716762 _____ C:\WINDOWS\system32\perfh005.dat
2024-12-24 12:19 - 2019-12-07 15:43 - 000144940 _____ C:\WINDOWS\system32\perfc005.dat
2024-12-24 12:19 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-12-24 12:19 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-12-23 23:09 - 2018-12-15 21:09 - 000000000 ____D C:\Users\Crit\AppData\Local\D3DSCache
2024-12-23 22:53 - 2024-02-16 13:35 - 000000000 ____D C:\Program Files\NZXT CAM Beta
2024-12-23 22:52 - 2022-09-08 04:11 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-23 22:52 - 2020-03-12 17:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2024-12-23 22:52 - 2019-04-22 11:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-12-23 22:52 - 2019-04-22 11:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-12-23 22:51 - 2023-02-22 15:09 - 000000000 ____D C:\Users\Crit
2024-12-23 22:40 - 2020-03-28 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-12-22 00:45 - 2024-07-28 18:45 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{7DED85DA-A61C-43E1-832D-839F521F0D4D}
2024-12-22 00:45 - 2024-07-28 18:45 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{B5FE21FF-E49C-410F-AC28-30F2DD1B4F17}
2024-12-20 11:23 - 2018-11-29 18:40 - 000000000 ____D C:\Users\Crit\AppData\Local\Packages
2024-12-20 10:47 - 2023-02-22 15:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-20 00:45 - 2018-12-16 01:03 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-18 15:30 - 2022-10-10 08:23 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-12-18 15:30 - 2021-10-26 08:34 - 000000000 _____ C:\ProgramData\UpdateLock-8216C80C92C4E828
2024-12-18 15:30 - 2021-07-18 01:00 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2024-12-18 15:30 - 2021-06-07 19:08 - 000000016 _____ C:\ProgramData\mntemp
2024-12-18 15:30 - 2020-03-26 20:55 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2024-12-18 15:30 - 2018-12-22 21:07 - 000001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2018.lnk
2024-12-18 15:30 - 2018-12-18 23:01 - 000001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infix PDF Editor.lnk
2024-12-17 23:23 - 2024-07-25 09:50 - 000012553 _____ C:\ProgramData\sguasgrp.vby
2024-12-17 23:23 - 2023-10-02 15:42 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2023.lnk
2024-12-17 23:23 - 2022-04-02 17:22 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2024-12-17 23:23 - 2020-05-18 10:46 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2024-12-17 23:23 - 2019-04-22 11:34 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-12-17 23:23 - 2019-01-21 21:36 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2024-12-17 23:23 - 2018-12-22 21:04 - 000001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-12-17 12:28 - 2018-11-29 18:49 - 000000000 ____D C:\Users\Crit\AppData\Local\NVIDIA
2024-12-16 08:51 - 2020-03-12 17:20 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-12-15 12:01 - 2020-05-18 10:46 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2024-12-15 12:01 - 2018-12-22 21:11 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2024-12-15 11:43 - 2020-07-22 22:08 - 000000000 ____D C:\Users\Crit\Desktop\Nika USB Kingston
2024-12-13 11:50 - 2020-03-12 17:21 - 000000128 _____ C:\Users\Crit\AppData\Roaming\winscp.rnd
2024-12-13 11:00 - 2018-11-29 18:49 - 000000000 ____D C:\Users\Crit\AppData\Local\NVIDIA Corporation
2024-12-13 11:00 - 2018-11-29 18:43 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-12-13 11:00 - 2018-11-29 18:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-12-13 09:30 - 2020-05-04 12:30 - 000000000 ____D C:\Users\Crit\AppData\Roaming\Microsoft\Teams
2024-12-13 09:24 - 2018-11-29 18:40 - 000000000 ___SD C:\Users\Crit\AppData\Roaming\Microsoft\Credentials
2024-12-13 09:20 - 2018-11-29 18:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-12-13 09:15 - 2020-11-08 11:37 - 000000000 ____D C:\Users\Crit\AppData\Local\Overwolf
2024-12-12 12:29 - 2020-04-17 14:38 - 000000000 ____D C:\Users\Crit\AppData\Roaming\FileZilla
2024-12-12 12:18 - 2024-11-20 15:58 - 003290802 _____ C:\Users\Crit\Desktop\responsive_onepage.ai
2024-12-12 10:35 - 2024-09-11 12:52 - 000000000 ____D C:\Users\Crit\Desktop\Digitalizuj firmu
2024-12-12 09:40 - 2020-04-17 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2024-12-12 09:40 - 2020-04-17 14:38 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2024-12-10 07:56 - 2024-11-18 11:45 - 000067378 _____ C:\Users\Crit\Desktop\ITS4YouPasswordConfig_4_4.zip
2024-12-09 12:05 - 2020-03-27 13:49 - 000000000 ____D C:\Users\Crit\Desktop\Stranky
2024-12-07 11:48 - 2019-10-07 17:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-12-06 19:40 - 2018-11-29 23:01 - 000000000 ____D C:\Users\Crit\AppData\Roaming\vlc
2024-12-05 23:45 - 2024-06-19 09:50 - 000000000 ____D C:\Users\Crit\AppData\Roaming\FortiClient
2024-12-05 23:45 - 2024-06-19 09:14 - 000000000 ____D C:\Users\Crit\AppData\Local\FortiClient
2024-12-04 20:26 - 2024-09-16 13:08 - 000000000 ____D C:\Users\Crit\Desktop\KRB
2024-12-03 10:45 - 2024-11-27 09:22 - 001279649 _____ C:\Users\Crit\Desktop\Ikigai-workbook-88434 (2).pdf
2024-12-03 10:38 - 2020-03-12 17:21 - 000001126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2024-12-03 10:38 - 2020-03-12 17:21 - 000000000 ____D C:\Program Files (x86)\WinSCP
2024-12-03 10:26 - 2021-04-12 21:07 - 000007605 _____ C:\Users\Crit\AppData\Local\Resmon.ResmonCfg

==================== Files in the root of some directories ========

2023-08-10 10:11 - 2023-08-10 10:11 - 000000015 _____ () C:\Users\Crit\AppData\Roaming\ECAgent.txt
2024-10-16 11:20 - 2024-10-16 11:20 - 000194924 _____ () C:\Users\Crit\AppData\Roaming\newpictureofardhrakissingansellips.vbS
2022-02-02 19:10 - 2022-02-02 19:10 - 000000016 _____ () C:\Users\Crit\AppData\Roaming\obs-virtualcam.txt
2021-05-05 15:33 - 2021-05-05 15:34 - 000000112 _____ () C:\Users\Crit\AppData\Roaming\Předvolby CS6 pro JP2K
2024-10-16 11:20 - 2024-10-16 11:20 - 000132797 _____ () C:\Users\Crit\AppData\Roaming\seebestthingsseenforgoodgirlformeu.hta
2022-02-01 19:49 - 2022-03-07 08:45 - 000042922 _____ () C:\Users\Crit\AppData\Roaming\VoiceMeeterBananaDefault.xml
2020-03-12 17:21 - 2024-12-13 11:50 - 000000128 _____ () C:\Users\Crit\AppData\Roaming\winscp.rnd
2024-02-07 15:40 - 2024-02-07 15:40 - 000000027 _____ () C:\Users\Crit\AppData\Local\.sdpl-system-config4
2019-04-15 22:37 - 2024-08-23 22:11 - 000001480 _____ () C:\Users\Crit\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2021-11-23 19:58 - 2021-11-23 21:07 - 000008192 _____ () C:\Users\Crit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-24 11:54 - 2023-02-22 14:40 - 000000205 _____ () C:\Users\Crit\AppData\Local\oobelibMkey.log
2020-03-18 14:40 - 2024-11-21 10:47 - 000000128 _____ () C:\Users\Crit\AppData\Local\PUTTY.RND
2021-04-12 21:07 - 2024-12-03 10:26 - 000007605 _____ () C:\Users\Crit\AppData\Local\Resmon.ResmonCfg
2020-06-30 13:08 - 2020-06-30 13:08 - 000000003 _____ () C:\Users\Crit\AppData\Local\updater.log
2020-06-30 13:08 - 2020-06-30 13:08 - 000000424 _____ () C:\Users\Crit\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================