Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Chrome se otevira se Spyware strankami pri prihlaseni

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Adun
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 14 lis 2014 19:43

Chrome se otevira se Spyware strankami pri prihlaseni

#1 Příspěvek od Adun »

Dobry den,

po prihlaseni do pocitace problikne (asi) cmd.exe okno a pote se otevre Chrome s dvema strankami, ktere jsou pravdepodobne zavirovane.

McAffe a Malwarebytes scan nic nenasel.

Zde je log z FRST.EXE

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022
Ran by PC (administrator) on DESKTOP-2JUGDT3 (HP OMEN 30L Desktop GT13-0xxx) (24-05-2022 09:07:42)
Running from C:\Users\PC\Downloads
Loaded Profiles: PC
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1706 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\CoreUI\Launch.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\CoreUI\Launch.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ChromiumContainer\delegate.exe <3>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> ) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngineProcess.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(cmd.exe ->) (Microsoft Corporation -> Microsoft) C:\Users\PC\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\webextensions\PAD.BrowserNativeMessageHost.exe
(DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <44>
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (Docker Inc -> Docker Inc.) C:\Program Files\Docker\Docker\com.docker.service
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a6e24179070178de\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\5.1.104.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_22_2\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.65.8001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.65.8001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe <2>
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (UiPath, Inc. -> UiPath) C:\Users\PC\AppData\Local\Programs\UiPath\Studio\UiPath.RobotJS.UserHost.exe
(svchost.exe ->) (UiPath, Inc. -> UiPath) C:\Users\PC\AppData\Local\Programs\UiPath\Studio\UiPath.UpdateService.Agent.exe
(UiPath, Inc. -> UiPath) C:\Users\PC\AppData\Local\Programs\UiPath\Studio\UiPath.UpdateService.Worker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-02] (HP Inc.) [File not signed]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-06] (HP Inc. -> )
HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-02] (HP Inc.) [File not signed]
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-06] (HP Inc. -> )
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-02] (HP Inc.) [File not signed]
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Run: [Figma Agent] => C:\Users\PC\AppData\Local\FigmaAgent\figma_agent.exe [5663456 2021-07-11] (Figma, Inc. -> )
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\1.3.36.132\GoogleUpdateCore.exe [227512 2022-04-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [6933360 2022-03-15] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\PC\AppData\Local\slack\slack.exe [309056 2022-03-29] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\MountPoints2: {0157c1e6-4ad5-11ec-a54f-040e3c3c34bc} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\MountPoints2: {f7a0061e-be68-11ec-a565-040e3c3c34bc} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{401C381F-E0DE-4B85-8BD8-3F3F14FBDA57}] -> C:\Program Files\Google\Chrome Dev\Application\103.0.5060.13\Installer\chrmstp.exe [2022-05-19] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8237E44A-0054-442C-B6B6-EA0509993955}] -> C:\Program Files\Google\Chrome Beta\Application\102.0.5005.61\Installer\chrmstp.exe [2022-05-19] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-26] () [File not signed] <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01360169-B2C0-4101-B5E7-BCD1115BFB0C} - System32\Tasks\PowerToys\Autorun for PC => C:\Program Files\PowerToys\PowerToys.exe [1045424 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {063B3142-0FD4-4AA3-A419-CEEC6D0B15B5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D16C833-B716-4D36-9721-A1738A4C6FB4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {0F227FF9-F77C-4B46-88FB-399311167D6B} - System32\Tasks\McAfee Subscription job => C:\Program Files\McAfee\NexsJobs\McSubscriptionJob.exe (No File)
Task: {150B1B5E-C6BD-4DB9-9331-C0EA687B28F5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22894016 2022-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {154646B3-4301-4D69-8166-4B65945E1C75} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {160BBD60-ED4F-49BC-96A4-74E18891D360} - System32\Tasks\UiPath Upgrade Service Agent-S-1-5-21-1691793525-3632473787-1534939769-1001 => C:\Users\PC\AppData\Local\Programs\UiPath\Studio\UiPath.UpdateService.Agent.exe [444856 2022-05-02] (UiPath, Inc. -> UiPath)
Task: {1B548BC2-5085-4A7C-8B50-6BF1842C965A} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [137744 2022-05-09] (Johannes Schindelin -> The Git Development Community)
Task: {1C67E561-7993-46A6-9724-939BE2A6C9B1} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {1F10B162-511C-4C22-95EA-05C1E0398CE7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {206E579F-B025-49DE-A26D-56A820C0E1EE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144784 2022-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {21314452-BEFD-412F-A4CC-CB7990FCE55E} - System32\Tasks\UiPath RobotJS-S-1-5-21-1691793525-3632473787-1534939769-1001 => C:\Users\PC\AppData\Local\Programs\UiPath\Studio\UiPath.RobotJS.UserHost.exe [196536 2022-05-02] (UiPath, Inc. -> UiPath)
Task: {2EEBA6EE-6625-48EC-97C5-A8B96975B106} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1691793525-3632473787-1534939769-1001UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-10-16] (Google LLC -> Google LLC)
Task: {2F138131-7085-48B2-8E08-199ECDF7BC38} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {30B9E8E7-4BB7-447E-9596-E21FE701AE32} - System32\Tasks\UiPath Upgrade Service Worker-S-1-5-21-1691793525-3632473787-1534939769-1001 => C:\Users\PC\AppData\Local\Programs\UiPath\Studio\net461\UiPath.UpdateService.Launcher.exe [14776 2022-05-02] (UiPath, Inc. -> UiPath) -> "C:\Users\PC\AppData\Local\Programs\UiPath\Studio\UiPath.UpdateService.Worker.exe"
Task: {31D9E4FA-6D3B-4C51-9397-0B8B38E9751D} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [122000 2022-04-29] (HP Inc. -> HP Inc.)
Task: {33E1EE91-54FF-48C3-872E-047E9A516EEC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {42DFF2DC-C093-4635-91CE-41A5E3DE477B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22894016 2022-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {44613B95-FDD2-4A71-9DE6-6A2D9FE69A9E} - System32\Tasks\Mozilla\Firefox Developer Edition Background Update CA9422711AE1A81C => C:\Program Files\Firefox Developer Edition\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\CA9422711AE1A81C\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4E06BF84-83CE-4004-98D8-918D60581E1A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55B1FC5D-F8F4-4629-8D1E-4EB0A03932EC} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-07-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {5AFFDCE0-3E0F-41C8-B938-8F223C2B5395} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {5CD2EBBF-34F7-4BB5-8780-06648D7796FF} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-07-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {61BAE2C8-5592-4FCA-91DE-BF8621C8CAA4} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [269272 2021-07-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {6DA2FD73-8A81-4BC9-9BEB-A03D5E86C03C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1691793525-3632473787-1534939769-1001Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-10-16] (Google LLC -> Google LLC)
Task: {763B7F0D-863B-4717-AA6F-D352A5CB4AB7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7BE8FD3B-A7FC-4FE0-B54C-634816F3DE42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-22] (Google LLC -> Google LLC)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {8102303A-B1E4-4335-9363-15D85EC3E9E1} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [926064 2022-02-18] (McAfee, LLC -> McAfee, LLC)
Task: {8D464374-7373-4327-A4BC-F93B5A98F6BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [555640 2021-04-18] (HP Inc. -> HP Inc.)
Task: {967CDB77-598D-4A72-ADD6-185EDE4BD78A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144784 2022-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {986C9CEB-E628-4E6F-B914-B0B15B6446DF} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-06-23] (McAfee, Inc. -> McAfee, LLC.)
Task: {A0F14C31-AC6A-490E-BF9E-A0B14C0463A3} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-07-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A72B729D-CEFE-4C73-8354-60A382C3B08E} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [768288 2022-03-24] (McAfee, LLC -> McAfee, LLC)
Task: {B4A0BD05-B1B2-41CA-8C36-DF441A9D8317} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE8855FA-556D-4422-8BDE-E9B1F4D5576A} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [115464 2021-04-23] (ASUSTeK Computer Inc. -> ASUS)
Task: {C64E44A2-AE77-4E1F-80C6-DF75BB1B0D73} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4549112 2022-04-01] (McAfee, LLC -> McAfee, LLC)
Task: {C80BC58F-B210-4C4F-94E8-9473E3DCED49} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe [1262488 2021-07-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C9E97DFB-B49A-4506-8C6C-F028D10AE9D3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA108328-DA3E-4908-8D84-507414F6C808} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-05-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {CAC9B84F-008D-494F-A57E-AABE2573918C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CB86768E-054A-490E-9010-F8BD4EA1CAB6} - System32\Tasks\Adobe Creative Cloud => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2021-12-11] (Adobe Inc. -> Adobe Inc.)
Task: {CBF52A88-5A0D-44DC-9FD9-8679CBBBA027} - System32\Tasks\Mozilla\Firefox Developer Edition Default Browser Agent CA9422711AE1A81C => C:\Program Files\Firefox Developer Edition\default-browser-agent.exe do-task "CA9422711AE1A81C"
Task: {CD449922-18FD-4BEE-9ED4-87E0AEA68B97} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [45585520 2021-03-29] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {D49C6C37-0E5C-4823-AB6C-234DCE97F3AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2021-04-04] (HP Inc. -> HP Inc.)
Task: {D4CAA5AC-61D8-4151-AD8C-0DF860562647} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D5829C73-03F5-4200-85AB-431317C184ED} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2125696 2021-04-23] (ASUSTeK Computer Inc. -> ASUS)
Task: {D928CBF4-F08B-45B6-B57A-0EC71F4AADF0} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63960 2021-07-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DFA029F5-D43B-4383-8E34-6FC8ECA2D919} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4089168 2022-02-08] (McAfee, LLC -> McAfee, LLC)
Task: {E58B913C-C2EB-4D4D-916C-D007D9D56E04} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [926064 2022-02-18] (McAfee, LLC -> McAfee, LLC)
Task: {E94B86B6-FB2C-493B-A3F7-9F60A36462B2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF3C04FC-498F-41FD-9E48-BF78298843D4} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {FB9D8918-4F45-4838-9043-BC5342E976BD} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d75157c50c2b68 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-05-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {FDF19AF5-8B79-4F07-AA43-4F5A7BE64947} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-22] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{50cfc1e5-8fac-426e-b114-2251bbd1e680}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6514407c-254c-429b-a95f-0a878aba236f}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-31]
Edge HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [bhchaenngmlcobfechfkikaofjlmejop] - C:\Users\PC\AppData\Local\UiPath\UiPath.Common\22.4.38.42025\BrowserExtension\uipath_extension_for_edge_chromium_2022.4.5.crx [2022-04-20]
Edge HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: nbhfrh0j.default
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w7etxghj.default-release [2022-05-24]
FF Session Restore: Mozilla\Firefox\Profiles\w7etxghj.default-release -> is enabled.
FF Extension: (Malwarebytes Browser Guard) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w7etxghj.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-05-23]
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\nbhfrh0j.default [2022-01-31]
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\kzck7miw.dev-edition-default [2022-04-29]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2022-04-26] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-12-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2022-04-26] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-12-11] (Adobe Inc. -> Adobe Systems)
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2022-05-24]
CHR Notifications: Default -> hxxps://us04web.zoom.us
CHR Session Restore: Default -> is enabled.
CHR Extension: (Gener8 Ads) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\agplbamogoflhammoccnkehefjgkcncl [2021-11-27]
CHR Extension: (Hoverify) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbpokcagpggnekcmamgdieebhpkjmljm [2022-05-20]
CHR Extension: (Web Developer) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2021-06-23]
CHR Extension: (Font Finder) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhiichidigehdgphoambhjbekalahgha [2022-04-28]
CHR Extension: (ColorZilla) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2021-06-23]
CHR Extension: (DuckDuckGo) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-04-26]
CHR Extension: (Fake Filler) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo [2022-03-12]
CHR Extension: (New tab page by start.me) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfmnkhhioonhiehehedmnjibmampjiab [2022-04-10]
CHR Extension: (Checkbot: SEO, Web Speed & Security Tester 🚀) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagohlmlhagincbfilmkadjgmdnkjinl [2021-11-27]
CHR Extension: (Save Page WE) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhpefjklgkmgeafimnjhojgjamoafof [2022-04-21]
CHR Extension: (Moesif Origin & CORS Changer) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\digfbfaphojjndkpccljibejjbppifbc [2022-05-02]
CHR Extension: (High Contrast) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2021-06-23]
CHR Extension: (Dark Mode) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2021-12-11]
CHR Extension: (Dropbox for Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2021-08-31]
CHR Extension: (Session Buddy) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2021-11-27]
CHR Extension: (Copyfish 🐟 Free OCR Software) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenjdnjldapjajjofmldgmkjaienebbj [2021-10-09]
CHR Extension: (HTML to Figma) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjcmgblfpkhbjpkpopkgeomfkokpaim [2021-06-23]
CHR Extension: (GMass: Powerful mail merge for Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehomdgjhgmbidokdgicgmdiedadncbgf [2022-04-16]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2021-07-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-05-09]
CHR Extension: (PixelZoomer) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fogkjckfkdcnmnnfmbieljpkmmihhpao [2021-06-23]
CHR Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-21]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-16]
CHR Extension: (Microsoft Power Automate) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgfobnenmnljakmhboildkafdkicala [2022-04-15]
CHR Extension: (Save to Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2021-09-17]
CHR Extension: (Wappalyzer - Technology profiler) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2022-04-29]
CHR Extension: (Toby for Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hddnkoipeenegfoeaoibdmnaalmgkpip [2022-05-08]
CHR Extension: (Save Image by Right Click: PNG, JPG, or WebP) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhmnengcgekecnlielgcfcbjanjlnifg [2021-08-15]
CHR Extension: (Live editor for CSS, Less & Sass - Magic CSS) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhikkcafabcgolfjegfcgloomalapol [2021-06-23]
CHR Extension: (Download All Images) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifipmflagepipjokmbdecpmjbibjnakm [2021-07-29]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-24]
CHR Extension: (Responsively Helper) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhphiidjkooiaollfiknkokgodbaddcj [2021-06-23]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-05-20]
CHR Extension: (Video Autoplay Blocker by Robert Sulkowski) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhablkjeghmeinlfgecddpgcopnljpm [2021-06-23]
CHR Extension: (McAfee® Web Boost) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2022-02-26]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-07-05]
CHR Extension: (SnappySnippet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdmgnnmlhdfofojkdoajglgmhaicejkk [2021-06-23]
CHR Extension: (Custom New Tab URL) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmjbdbjnoablegbkcklggeknkfcjkjia [2021-06-23]
CHR Extension: (Pesticide for Chrome (without hover bar)) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\neonnmencpneifkhlmhmfhfiklgjmloi [2021-06-23]
CHR Extension: (Vue.js devtools) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdogjmejiglipccpnnnanhbledajbpd [2022-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-22]
CHR Extension: (Colour Contrast Checker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmjeclfkgjdomacpcflgdkgpphpmnfe [2021-06-23]
CHR Extension: (ActiveInbox: Organize Gmail™ tasks) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeehiifcaeengdofhogmkblhkmpephcj [2022-02-17]
CHR Extension: (ColorPick Eyedropper) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2021-10-16]
CHR Extension: (WordPress Admin Switcher) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjihalgddfomcjjpiafhppegjajpkac [2021-11-27]
CHR Extension: (Evernote Web Clipper) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2022-05-04]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-10]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\PC\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
StartMenuInternet: Google Chrome Beta - C:\Program Files\Google\Chrome Beta\Application\chrome.exe
StartMenuInternet: Google Chrome Dev - C:\Program Files\Google\Chrome Dev\Application\chrome.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2021-12-11] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [349928 2021-09-18] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2021-09-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-05-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-09-18] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-05-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [591176 2021-05-25] (ASUSTeK Computer Inc. -> )
R2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2021-07-10] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11762616 2022-05-23] (Microsoft Corporation -> Microsoft Corporation)
R2 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [17296 2022-03-15] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [210872 2021-03-21] (DTS, Inc. -> DTS Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-12-22] (Epic Games Inc. -> Epic Games, Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2363000 2021-09-24] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GoogleChromeBetaElevationService; C:\Program Files\Google\Chrome Beta\Application\102.0.5005.61\elevation_service.exe [1637264 2022-05-18] (Google LLC -> Google LLC)
S3 GoogleChromeDevElevationService; C:\Program Files\Google\Chrome Dev\Application\103.0.5060.13\elevation_service.exe [1645456 2022-05-19] (Google LLC -> Google LLC)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\AppHelperCap.exe [764448 2022-03-30] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\DiagsCap.exe [763480 2022-03-30] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\NetworkCap.exe [759336 2022-03-30] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe [698760 2022-02-14] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\SysInfoCap.exe [762904 2022-03-30] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a6e24179070178de\x64\TouchpointAnalyticsClientService.exe [497328 2022-03-30] (HP Inc. -> HP Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3210232 2021-03-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [301056 2022-03-10] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-23] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [975088 2022-04-21] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_22_2\McApExe.exe [812536 2022-04-26] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.1.104.0\\McCSPServiceHost.exe [3378048 2022-02-17] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1217800 2022-02-04] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1217800 2022-02-04] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1217800 2022-02-04] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1548296 2022-04-04] (McAfee, LLC -> McAfee, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557656 2021-10-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476184 2021-10-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4235968 2022-02-19] (McAfee, LLC -> McAfee, LLC)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [5941936 2021-10-21] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254856 2022-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41536 2021-07-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [56792 2021-07-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43160 2021-09-18] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-17] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-15] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [72224 2022-02-09] (McAfee, Inc. -> McAfee, LLC)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [103888 2022-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194512 2022-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [70088 2022-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-05-23] (Malwarebytes Inc. -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [469528 2022-02-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [344088 2022-02-09] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83400 2022-02-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [439320 2022-02-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [911904 2022-02-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [645656 2022-02-10] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [111136 2022-02-10] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [107040 2022-02-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [228888 2022-02-09] (McAfee, Inc. -> McAfee, LLC)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-04] (Realtek Semiconductor Corp. -> Realtek)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425184 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-23] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-24 09:07 - 2022-05-24 09:08 - 000055587 _____ C:\Users\PC\Downloads\FRST.txt
2022-05-24 09:06 - 2022-05-24 09:08 - 000000000 ____D C:\FRST
2022-05-24 09:05 - 2022-05-24 09:05 - 002367488 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2022-05-24 08:57 - 2022-05-24 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-05-23 22:31 - 2022-05-23 22:31 - 000070088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-05-23 22:30 - 2022-05-23 22:30 - 000194512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-05-23 22:30 - 2022-05-23 22:30 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-05-23 22:30 - 2022-05-23 22:30 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-05-23 22:30 - 2022-05-23 22:30 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-05-23 22:30 - 2022-05-23 22:30 - 000000000 ____D C:\Users\PC\AppData\Local\mbam
2022-05-23 22:29 - 2022-05-23 22:29 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-05-23 22:29 - 2022-05-23 22:29 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-05-23 22:29 - 2022-05-23 22:29 - 000103888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-05-23 22:29 - 2022-05-23 22:29 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-05-23 22:29 - 2022-05-23 22:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-05-23 22:29 - 2022-05-23 22:29 - 000000000 ____D C:\Program Files\Malwarebytes
2022-05-23 22:28 - 2022-05-23 22:28 - 002546400 _____ (Malwarebytes) C:\Users\PC\Downloads\MBSetup.exe
2022-05-22 09:02 - 2022-05-22 09:02 - 000000000 ____D C:\Program Files\Firefox Developer Edition
2022-05-21 17:10 - 2022-05-21 17:10 - 000001829 _____ C:\Users\Public\Desktop\MOHAA.lnk
2022-05-21 17:10 - 2022-05-21 17:10 - 000000000 ____D C:\ProgramData\Caphyon
2022-05-21 10:23 - 2022-05-21 11:11 - 891933973 _____ C:\Users\PC\Downloads\Sin.City.EXTENDED.UNRATED.2005.720p.BrRip.x264.YIFY+HI[fg].mp4
2022-05-21 09:42 - 2022-05-21 15:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-05-19 19:03 - 2022-05-19 22:20 - 000000000 ____D C:\ProgramData\McInstTemp0100711652983388
2022-05-17 17:01 - 2022-05-17 17:05 - 000000265 _____ C:\Users\PC\Desktop\Migraine.txt
2022-05-16 21:45 - 2022-05-16 21:46 - 204108073 _____ C:\Users\PC\Downloads\Building a Trello clone with vueJS, Nuxtjs and Vuetify.mp4
2022-05-16 21:44 - 2022-05-16 21:44 - 038968460 _____ C:\Users\PC\Downloads\Building a Kanban Board with Vuejs and Vue Draggable in 15 Minutes - Diligent Dev.mp4
2022-05-16 20:40 - 2022-05-16 22:38 - 2165304035 _____ C:\Users\PC\Downloads\Mars.Attacks.1996.1080p.BluRay.H264.AAC-RARBG.mp4
2022-05-15 21:00 - 2022-05-15 22:11 - 1291722608 _____ C:\Users\PC\Downloads\Medal of Honor Allied Assault v1.11 CZ.rar
2022-05-14 09:57 - 2022-05-14 09:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-14 09:57 - 2022-05-14 09:57 - 000188928 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-05-14 09:57 - 2022-05-14 09:57 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-14 09:57 - 2022-05-14 09:57 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-14 09:52 - 2022-05-14 09:52 - 000000000 ___HD C:\$WinREAgent
2022-05-12 20:48 - 2022-05-12 20:48 - 000000028 ____H C:\.GamingRoot
2022-05-12 20:48 - 2022-05-12 20:48 - 000000000 ____D C:\XboxGames
2022-05-11 11:00 - 2022-05-11 11:00 - 000000053 _____ C:\Users\PC\.git-for-windows-updater
2022-05-10 10:06 - 2022-05-10 10:06 - 000002584 _____ C:\WINDOWS\system32\Tasks\Git for Windows Updater
2022-05-10 10:06 - 2022-05-10 10:06 - 000001771 _____ C:\Users\Public\Desktop\Git Bash.lnk
2022-05-10 10:06 - 2022-05-10 10:06 - 000000300 _____ C:\Users\PC\.gitconfig
2022-05-10 10:06 - 2022-05-10 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2022-05-10 08:51 - 2022-05-10 08:51 - 000005083 _____ C:\Users\PC\Downloads\Legion_TD_9.1c_Changelog.txt
2022-05-08 20:27 - 2022-05-08 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2022-05-08 18:28 - 2022-05-22 11:27 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2022-05-08 18:28 - 2022-05-08 18:50 - 000000000 ____D C:\Users\PC\AppData\Roaming\Battle.net
2022-05-08 18:27 - 2022-05-08 18:27 - 000000940 _____ C:\Users\Public\Desktop\Battle.net.lnk
2022-05-08 18:27 - 2022-05-08 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2022-05-08 09:57 - 2022-05-08 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake II - Quad Damage [GOG.com]
2022-05-08 09:53 - 2022-05-08 09:53 - 000000000 ____D C:\Users\PC\Downloads\Quake_2_(1997)_EN_for_Windows_7-8-10_and_later
2022-05-08 09:49 - 2021-08-21 12:23 - 689920128 _____ (GOG.com ) C:\Users\PC\Downloads\setup_quake2_quad_damage_2.0.0.3.exe
2022-05-08 09:05 - 2022-05-08 09:06 - 008531456 _____ (Bethesda Softworks ) C:\Users\PC\Downloads\BethesdaNetLauncher_Setup.exe
2022-05-08 09:02 - 2022-05-08 09:48 - 837486117 _____ C:\Users\PC\Downloads\Quake_2_(1997)_EN_for_Windows_7-8-10_and_later.rar
2022-05-05 20:06 - 2022-05-05 20:06 - 000055152 _____ C:\Users\PC\Downloads\index.html
2022-05-04 21:01 - 2022-05-04 21:01 - 000004030 _____ C:\WINDOWS\system32\Tasks\UiPath Upgrade Service Worker-S-1-5-21-1691793525-3632473787-1534939769-1001
2022-05-04 21:01 - 2022-05-04 21:01 - 000003594 _____ C:\WINDOWS\system32\Tasks\UiPath Upgrade Service Agent-S-1-5-21-1691793525-3632473787-1534939769-1001
2022-05-04 21:01 - 2022-05-04 21:01 - 000003532 _____ C:\WINDOWS\system32\Tasks\UiPath RobotJS-S-1-5-21-1691793525-3632473787-1534939769-1001
2022-05-04 21:01 - 2022-05-04 21:01 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UiPath
2022-05-03 21:47 - 2022-05-24 08:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2022-05-03 21:47 - 2022-05-03 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2022-05-01 22:46 - 2022-05-24 08:54 - 000003754 _____ C:\WINDOWS\system32\Tasks\SystemOptimizer
2022-05-01 22:46 - 2022-05-23 22:01 - 000000000 ____D C:\Users\PC\AppData\Local\OGH
2022-05-01 19:15 - 2022-05-01 19:15 - 000001430 _____ C:\Users\PC\Desktop\stack overflow.txt
2022-04-29 20:16 - 2022-04-29 20:16 - 044411972 _____ C:\Users\PC\Downloads\tportable-x64.3.7.3.zip
2022-04-27 21:07 - 2022-05-05 20:10 - 000000000 ____D C:\Users\PC\AppData\Roaming\GitHub Desktop
2022-04-27 21:07 - 2022-04-27 21:07 - 000002363 _____ C:\Users\PC\Desktop\GitHub Desktop.lnk
2022-04-27 21:07 - 2022-04-27 21:07 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2022-04-27 21:07 - 2022-04-27 21:07 - 000000000 ____D C:\Users\PC\AppData\Local\GitHubDesktop
2022-04-27 21:06 - 2022-04-27 21:07 - 126247312 _____ (GitHub, Inc.) C:\Users\PC\Downloads\GitHubDesktopSetup-x64.exe
2022-04-24 22:21 - 2022-04-24 22:21 - 000604411 _____ C:\Users\PC\Downloads\Games People Play The Psychology of Human Relationships (Eric Berne) (z-lib.org).pdf
2022-04-24 21:47 - 2022-04-24 21:47 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-24 14:17 - 2022-04-24 14:17 - 000001059 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2022-04-24 14:17 - 2022-04-24 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2022-04-24 14:17 - 2022-04-24 14:17 - 000000000 ____D C:\Program Files\obs-studio
2022-04-24 14:05 - 2022-04-24 14:08 - 117961440 _____ (OBS Project) C:\Users\PC\Downloads\OBS-Studio-27.2.4-Full-Installer-x64.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-05-24 09:05 - 2022-01-13 21:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-05-24 09:05 - 2021-06-27 16:54 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2022-05-24 09:04 - 2021-10-16 12:46 - 000002544 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2022-05-24 09:04 - 2021-06-22 22:45 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-24 09:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-24 08:57 - 2021-12-11 12:36 - 000000000 ___RD C:\Users\PC\Creative Cloud Files
2022-05-24 08:56 - 2021-02-16 20:19 - 000000000 ____D C:\ProgramData\NVIDIA
2022-05-24 08:54 - 2021-12-22 20:53 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2022-05-24 08:54 - 2021-08-02 20:42 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-05-24 08:54 - 2021-07-22 20:24 - 000003072 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-05-23 22:29 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-23 22:13 - 2021-06-23 23:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-05-23 22:08 - 2020-12-10 12:54 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-23 22:04 - 2021-10-09 11:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-05-23 22:04 - 2021-06-27 16:54 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2022-05-23 22:03 - 2021-09-02 20:59 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-05-23 22:03 - 2021-09-02 20:59 - 000001870 _____ C:\Users\PC\Desktop\Google Drive.lnk
2022-05-22 09:00 - 2021-05-08 11:10 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-22 09:00 - 2021-05-08 11:10 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-05-22 09:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-22 09:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-21 19:00 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-05-21 18:25 - 2021-05-25 09:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-21 17:07 - 2021-06-27 16:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2022-05-21 15:06 - 2021-10-16 12:48 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-05-21 10:14 - 2021-06-27 16:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-05-19 22:20 - 2022-01-21 21:17 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-05-19 22:20 - 2022-01-21 21:08 - 000000000 ____D C:\ProgramData\DockerDesktop
2022-05-19 22:20 - 2021-06-23 22:59 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-05-19 22:20 - 2021-05-25 09:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-19 22:20 - 2021-05-08 11:10 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-19 18:56 - 2021-12-12 23:13 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1691793525-3632473787-1534939769-1001
2022-05-19 18:56 - 2021-11-16 22:56 - 000002309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome Beta.lnk
2022-05-19 18:56 - 2021-11-16 22:56 - 000002268 _____ C:\Users\Public\Desktop\Google Chrome Beta.lnk
2022-05-19 18:56 - 2021-11-16 22:54 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome Dev.lnk
2022-05-19 18:56 - 2021-05-25 09:59 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1691793525-3632473787-1534939769-1001
2022-05-19 18:56 - 2021-05-25 09:21 - 000002381 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-17 10:31 - 2021-06-23 22:58 - 000000000 ____D C:\Program Files\Common Files\McAfee
2022-05-17 10:30 - 2021-06-23 23:00 - 000003316 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2022-05-17 10:29 - 2021-07-22 20:18 - 000000000 ____D C:\Users\PC\AppData\Local\AMD_Common
2022-05-17 10:24 - 2021-06-22 22:45 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-17 10:24 - 2021-06-22 22:45 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-05-15 10:27 - 2021-07-14 07:30 - 000750124 _____ C:\WINDOWS\system32\perfh005.dat
2022-05-15 10:27 - 2021-07-14 07:30 - 000164542 _____ C:\WINDOWS\system32\perfc005.dat
2022-05-15 10:27 - 2021-05-25 10:01 - 001807362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-15 10:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-14 18:21 - 2021-05-08 11:10 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-05-14 18:21 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-14 18:20 - 2021-05-25 09:55 - 000546720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-05-14 18:19 - 2022-01-21 21:17 - 000000000 ___SD C:\WINDOWS\system32\lxss
2022-05-14 18:19 - 2021-06-09 08:45 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-05-14 18:19 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-14 18:19 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-14 18:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-14 18:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-14 18:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-14 18:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-14 14:11 - 2021-08-02 20:49 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-05-14 09:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-14 09:52 - 2021-05-25 08:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-14 09:50 - 2021-05-25 08:44 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-05-12 20:48 - 2021-11-20 11:17 - 000132560 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-05-12 20:48 - 2021-05-25 09:59 - 002274768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-05-12 20:48 - 2021-05-25 09:59 - 000394704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-05-12 20:48 - 2021-05-25 09:59 - 000222672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-05-12 20:48 - 2021-05-25 09:59 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-05-12 20:48 - 2021-05-25 09:59 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-05-12 20:48 - 2021-05-25 09:59 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-05-11 20:45 - 2021-06-23 09:49 - 000000000 ____D C:\Users\PC\AppData\Roaming\foobar2000
2022-05-11 11:00 - 2021-05-25 09:21 - 000000000 ____D C:\Users\PC
2022-05-10 15:17 - 2021-05-08 11:22 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2022-05-10 10:06 - 2022-01-28 23:06 - 000000000 ____D C:\Program Files\Git
2022-05-10 08:18 - 2021-07-02 19:56 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d75143f9165a5c
2022-05-10 08:18 - 2021-05-25 09:59 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-09 20:10 - 2021-06-23 22:59 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2022-05-08 21:33 - 2021-06-23 23:14 - 000000000 ____D C:\Program Files (x86)\Steam
2022-05-08 20:31 - 2021-06-23 23:20 - 000000000 ____D C:\Users\PC\AppData\Local\Blizzard Entertainment
2022-05-08 20:27 - 2021-11-28 13:24 - 000000000 ____D C:\Program Files (x86)\Warcraft III
2022-05-07 10:48 - 2021-06-24 21:52 - 000000000 ____D C:\Users\PC\Documents\My Games
2022-05-05 20:00 - 2021-06-27 15:13 - 000000000 ____D C:\Users\PC\AppData\Roaming\Code
2022-05-05 18:43 - 2021-06-27 15:11 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-05-04 21:01 - 2022-01-31 21:40 - 000000000 ____D C:\Users\PC\AppData\Local\UiPath
2022-05-03 21:47 - 2022-03-31 10:37 - 000000000 ____D C:\Program Files\PowerToys
2022-05-03 21:47 - 2021-02-16 20:18 - 000000000 ____D C:\ProgramData\Package Cache
2022-05-03 21:47 - 2021-02-16 20:17 - 000000000 ____D C:\ProgramData\Packages
2022-05-03 21:46 - 2021-10-22 21:25 - 000000000 ____D C:\Program Files\dotnet
2022-05-02 22:05 - 2022-02-26 13:06 - 000000000 ____D C:\Users\PC\AppData\Roaming\Postman
2022-05-02 21:41 - 2022-02-26 13:06 - 000002179 _____ C:\Users\PC\Desktop\Postman.lnk
2022-05-02 21:41 - 2022-02-26 13:06 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Postman
2022-05-02 21:02 - 2022-02-26 13:06 - 000000000 ____D C:\Users\PC\AppData\Local\Postman
2022-05-01 22:46 - 2021-05-08 20:08 - 000000000 ____D C:\Program Files\HP
2022-05-01 22:45 - 2021-05-25 12:17 - 000000000 ____D C:\Users\PC\AppData\Local\HP_Inc
2022-04-30 12:21 - 2022-02-08 22:17 - 000000000 ____D C:\Users\PC\AppData\Roaming\JetBrains
2022-04-30 12:21 - 2022-02-08 22:17 - 000000000 ____D C:\Users\PC\AppData\Local\JetBrains
2022-04-30 09:17 - 2021-06-22 22:45 - 000000000 ____D C:\Users\PC\AppData\Local\Google
2022-04-27 21:09 - 2021-05-08 11:23 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2022-04-27 21:07 - 2021-07-11 22:38 - 000000000 ____D C:\Users\PC\AppData\Local\SquirrelTemp
2022-04-25 21:08 - 2022-01-21 21:28 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-04-24 21:47 - 2021-10-24 21:31 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-24 21:18 - 2022-03-21 18:25 - 000000000 ____D C:\Users\PC\Documents\WB Games
2022-04-24 13:59 - 2021-07-04 13:31 - 000000000 ____D C:\Users\PC\AppData\Roaming\slobs-client

==================== Files in the root of some directories ========

2021-10-17 20:07 - 2022-01-30 18:45 - 000000128 _____ () C:\Users\PC\AppData\Roaming\winscp.rnd
2021-07-02 20:07 - 2021-07-02 20:07 - 000007594 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Prvni pulka addition.txt







Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2022
Ran by PC (24-05-2022 09:08:47)
Running from C:\Users\PC\Downloads
Microsoft Windows 10 Pro Version 21H1 19043.1706 (X64) (2021-05-25 08:59:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1691793525-3632473787-1534939769-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1691793525-3632473787-1534939769-503 - Limited - Disabled)
Guest (S-1-5-21-1691793525-3632473787-1534939769-501 - Limited - Disabled)
PC (S-1-5-21-1691793525-3632473787-1534939769-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-1691793525-3632473787-1534939769-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: McAfee Firewall (Enabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Affinity Designer (HKLM-x32\...\{5428414E-D37D-4645-96E1-3C980961D071}) (Version: 1.10.0.1127 - Serif (Europe) Ltd)
Affinity Photo (HKLM-x32\...\{6FC92F70-5D6C-4CC9-9226-8B023D89F048}) (Version: 1.10.0.1127 - Serif (Europe) Ltd)
ARMOURY CRATE Lite Service (HKLM-x32\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 4.2.10 - ASUS)
ASUS AURA Extension Card HAL (HKLM-x32\...\{1711cc08-cf9a-486c-9c75-1acb98ccfc17}) (Version: 1.1.0.6 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.6 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM-x32\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.05 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{2357cd84-6c2b-4174-87c7-4f9f9db8746b}) (Version: 0.0.3.1 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.3.1 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{80f60ecc-98e1-474b-aee2-0c470f02dbbc}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.79 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM-x32\...\{2eecc44a-87e0-466b-8ab7-5dc32e35e225}) (Version: 1.1.08 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.08 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.14 - ASUS)
AURA lighting effect add-on x64 (HKLM-x32\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.14 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.04.35 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{35381ead-8a19-4bff-a272-dcdfe38a5867}) (Version: 3.04.35 - ASUSTeK Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Branding64 (HKLM-x32\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
Composer - PHP Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
DataGrip 2021.3.4 (HKLM-x32\...\DataGrip 2021.3.4) (Version: 213.6777.22 - JetBrains s.r.o.)
DeskPins (HKLM-x32\...\DeskPins) (Version: 1.32 - Elias Fotinis)
Docker Desktop (HKLM-x32\...\Docker Desktop) (Version: 4.6.0 - Docker Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dune 2000: Gruntmods Edition (HKLM-x32\...\Dune 2000: Gruntmods Edition) (Version: 1.6.2.6 - Gruntmods Studios)
ENE RGB HAL (HKLM-x32\...\{b8828d84-ec63-417e-a33a-070eec4c01b4}) (Version: 1.1.31.3 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.31.3 - Ene Tech.) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM-x32\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Figma (HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Figma) (Version: 99.0.0 - Figma, Inc.)
Firefox Developer Edition (x64 en-GB) (HKLM-x32\...\Firefox Developer Edition 101.0 (x64 en-GB)) (Version: 101.0 - Mozilla)
foobar2000 v1.6.6 (HKLM-x32\...\foobar2000) (Version: 1.6.6 - Peter Pawlowski)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.1.0.52543 - Foxit Software Inc.)
Git (HKLM-x32\...\Git_is1) (Version: 2.36.1 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\GitHubDesktop) (Version: 3.0.0 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.67 - Google LLC)
Google Chrome Beta (HKLM-x32\...\Google Chrome Beta) (Version: 102.0.5005.61 - Google LLC)
Google Chrome Canary (HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Google Chrome SxS) (Version: 104.0.5081.0 - Google LLC)
Google Chrome Dev (HKLM-x32\...\Google Chrome Dev) (Version: 103.0.5060.13 - Google LLC)
Google Drive (HKLM-x32\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 58.0.3.0 - Google LLC)
Intel(R) Chipset Device Software (HKLM-x32\...\{9796DAAB-D3AD-4FA4-B8F3-6061DBBE1352}) (Version: 10.1.18295.8201 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{b666e502-9089-483b-9816-0774ccc9cb61}) (Version: 10.1.18295.8201 - Intel(R) Corporation)
Kingston AURA DRAM Component (HKLM-x32\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.6 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{e0aaca9b-330a-49be-ae69-dd2f943d5fc1}) (Version: 1.1.6 - KINGSTON COMPONENTS INC.) Hidden
Knights and Merchants - The Peasants Rebellion (HKLM-x32\...\1207658772_is1) (Version: 1.58 sr2 - GOG.com)
Laragon 5.0.0 (HKLM-x32\...\Laragon_is1) (Version: 5.0.0.210523 - leokhoa)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.9.198 (HKLM-x32\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 16.0 R46 - McAfee, LLC)
Medal of Honor: Allied Assault (HKLM-x32\...\Medal of Honor: Allied Assault 1.11) (Version: 1.11 - Electronic Arts)
Microsoft OneDrive (HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\OneDriveSetup.exe) (Version: 22.089.0426.0003 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.66.2 - Microsoft Corporation)
Mozilla Firefox (x64 en-GB) (HKLM-x32\...\Mozilla Firefox 100.0.2 (x64 en-GB)) (Version: 100.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 93.0 - Mozilla)
MySQL Shell 8.0.28 (HKLM-x32\...\{2112E2EB-B278-4C5A-AA73-D9AD0205BAAC}) (Version: 8.0.28 - Oracle and/or its affiliates)
Node.js (HKLM-x32\...\{30A96552-4734-48ED-AB35-9F4D0EAB382B}) (Version: 16.13.2 - Node.js Foundation)
Notion 2.0.18 (HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.18 - Notion Labs, Incorporated)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM-x32\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenShot Video Editor version 2.5.1 (HKLM-x32\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Origin (HKLM-x32\...\Origin) (Version: 10.5.106.49298 - Electronic Arts, Inc.)
Patriot Viper DRAM RGB (HKLM-x32\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.1 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{e38442c0-a433-48c2-84e2-51ac0b30c3ab}) (Version: 1.0.9.1 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM-x32\...\{8839fbd5-69f9-41c5-a1cf-cdfbec966d66}) (Version: 1.0.6.3 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM-x32\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.3 - Patriot Memory) Hidden
PHISON HAL (HKLM-x32\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.6.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{c8f7044c-7f48-404a-9a5d-9f038f28a789}) (Version: 1.0.6.0 - PHISON Electronics Corp.) Hidden
PhpStorm 2021.3.1 (HKLM-x32\...\PhpStorm 2021.3.1) (Version: 213.6461.83 - JetBrains s.r.o.)
Postman x86_64 9.16.0 (HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\Postman) (Version: 9.16.0 - Postman)
PowerToys (Preview) (HKLM-x32\...\{C5616D86-7D4E-460E-B673-B6BB68159B17}) (Version: 0.58.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{7f0d7424-d132-4aaf-baa9-5d7d436f0feb}) (Version: 0.58.0 - Microsoft Corporation)
Quake II - Quad Damage (HKLM-x32\...\1441704824_is1) (Version: 2.0.0.3 - GOG.com)
REDlauncher (HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.2.18.5 - ASUSTek COMPUTER INC.)
Slack (HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\slack) (Version: 4.25.0 - Slack Technologies Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UiPath Studio (HKLM-x32\...\{FE1CD4A3-6EBE-4C1F-93ED-710805FC1D44}) (Version: 22.4.1.0 - UiPath)
Universal Holtek RGB DRAM (HKLM-x32\...\{68fb2ff9-0618-4948-b68f-9f95e5687067}) (Version: 1.0.0.1 - PD)
Universal Holtek RGB DRAM (HKLM-x32\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.1 - PD) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WD_BLACK AN1500 (HKLM-x32\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.697 - McAfee, LLC)
WebStorm 2021.3.2 (HKLM-x32\...\WebStorm 2021.3.2) (Version: 213.6777.57 - JetBrains s.r.o.)
WinRAR 6.02 (64-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WinSCP 5.19.3 (HKLM-x32\...\winscp3_is1) (Version: 5.19.3 - Martin Prikryl)
XAMPP (HKLM-x32\...\xampp) (Version: 7.4.21-0 - Bitnami)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-12-11] (Adobe Systems Incorporated)
Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_45.1.62.3_x64__adky2gkssdxte [2021-12-11] (Adobe Systems Incorporated)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-01-20] (Advanced Micro Devices Inc.) [Startup Task]
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.8.0_x64__xbfy0k16fey96 [2022-04-25] (Dropbox Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.1.0_x64__v10z8vjag6ke6 [2022-03-10] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2021-08-23] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-29] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.16.80.0_x64__v10z8vjag6ke6 [2022-05-17] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6 [2022-01-21] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-03] (INTEL CORP)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-11-13] (McAfee LLC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-05-19] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.70.51382.0_x64__8wekyb3d8bbwe [2022-05-19] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-19] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-18] (NVIDIA Corp.)
OMEN Audio Control -> C:\Program Files\WindowsApps\AD2F1837.OMENAudioControl_1.26.249.0_x64__v10z8vjag6ke6 [2022-02-02] (HP Inc.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6 [2022-05-17] (HP Inc.) [Startup Task]
OMEN Light Studio -> C:\Program Files\WindowsApps\AD2F1837.OMENLightStudio_0.3.10.0_x64__v10z8vjag6ke6 [2022-04-08] (HP Inc.) [Startup Task]
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.3761.0_x64__8wekyb3d8bbwe [2022-05-19] (Microsoft Corporation) [Startup Task]
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.527.372.0_x86__55nm5eh3cm0pr [2022-05-21] (ROBLOX Corporation)
Ubuntu on Windows -> C:\Program Files\WindowsApps\CanonicalGroupLimited.UbuntuonWindows_2004.2022.1.0_x64__79rhkp1fndgsc [2022-03-12] (Canonical Group Limited)
Windows App Runtime DDLM 3.469.1654.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3.469.1654.0-x6_3.469.1654.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
Windows App Runtime DDLM 3.469.1654.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3.469.1654.0-x8_3.469.1654.0_x86__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
WindowsAppRuntime.1.0 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.0_3.469.1654.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
WindowsAppRuntime.1.0 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.0_3.469.1654.0_x86__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
WindowsAppRuntime.Main.1.0 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsAppRuntime.Main.1.0_3.469.1654.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corp.)
WindowsAppRuntime.Singleton -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.Singleton_3.469.1654.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.113\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1BA683D7399C} -> [Creative Cloud Files] => C:\Users\PC\Creative Cloud Files [2021-12-11 12:36]
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{36B27788-A8BB-4698-A756-DF9F11F64F84}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{45769bcc-e8fd-42d0-947e-02beef77a1f5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{8BC8AFC2-4E7C-4695-818E-8C1FFDCEA2AF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{afbd5a44-2520-4ae0-9224-6cfce8fe4400}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{BFEE99B4-B74D-4348-BCA5-E757029647FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{dd5cacda-7c2e-4997-a62a-04a597b58f76}\localserver32 -> "C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{ddee2b8a-6807-48a6-bb20-2338174ff779}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{ec52dea8-7c9f-4130-a77b-1737d0418507}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1691793525-3632473787-1534939769-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\PC\AppData\Local\Google\Chrome SxS\Application\104.0.5081.0\notification_helper.exe (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-04-26] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-23] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-23] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-04-26] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\PC\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

==================== Loaded Modules (Whitelisted) =============

2021-03-09 10:01 - 2021-03-09 10:01 - 000477696 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2021-03-09 10:01 - 2021-03-09 10:01 - 000471040 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2021-03-09 10:01 - 2021-03-09 10:01 - 000454656 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2021-05-25 12:20 - 2019-12-23 18:51 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-03-09 10:01 - 2021-03-09 10:01 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000438784 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\amdlinkremoteserver.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000258560 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2022-05-15 13:14 - 2022-05-15 13:14 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\36cc3dd10c9a2e8afc4cbaa04852e0a7\Interop.IWshRuntimeLibrary.ni.dll
2021-07-22 10:44 - 2021-07-22 10:44 - 001704960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2021-05-25 12:20 - 2020-12-31 17:26 - 002676224 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2022-05-15 13:14 - 2022-05-15 13:14 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\3a9950f15753557c0ca7e0cc4cefc912\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-02-16 20:25 - 2021-02-16 20:25 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2022-05-15 13:14 - 2022-05-15 13:14 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\3fbc5c0e9bf2e444ddc52ca72ade7e01\NAudio.ni.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\D3DCompiler_47.dll
2020-12-10 12:54 - 2020-12-10 12:54 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-12-10 12:54 - 2020-12-10 12:54 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-05-15 13:14 - 2022-05-15 13:14 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ba90db2751697d4e2a41cad9c56fdbaa\Newtonsoft.Json.ni.dll
2022-05-15 13:14 - 2022-05-15 13:14 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\18a499a1bacb9fc2921db2a256387e55\log4net.ni.dll
2021-05-25 12:20 - 2019-06-26 16:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2021-05-25 12:20 - 2019-06-26 16:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2021-06-23 23:16 - 2021-06-23 23:16 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-06-23 23:16 - 2021-06-23 23:16 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-06-23 23:16 - 2021-06-23 23:16 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-10-22 21:11 - 2021-06-23 23:16 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-10-22 21:11 - 2021-06-23 23:16 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-10-22 21:11 - 2021-06-23 23:16 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-10-22 21:11 - 2021-06-23 23:16 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-10-22 21:11 - 2021-06-23 23:16 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-10-22 21:11 - 2021-06-23 23:16 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Multimedia.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5MultimediaQuick.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2022-01-20 09:56 - 2022-01-20 09:56 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtMultimedia\declarative_multimedia.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2022-01-20 09:56 - 2022-01-20 09:57 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll










Mockrad dekuji za jakoukoliv radu ci pomoc
Přílohy
Addition.zip
(17.09 KiB) Staženo 54 x

Adun
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 14 lis 2014 19:43

Re: Chrome se otevira se Spyware strankami pri prihlaseni

#2 Příspěvek od Adun »

Druha pulka addition.txt


==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\PC\AppData\Local\Temp:com.affinity.designer.2 [240]
AlternateDataStreams: C:\Users\PC\AppData\Local\Temp:com.affinity.designer.3 [197]
AlternateDataStreams: C:\Users\PC\AppData\Local\Temp:com.affinity.photo.2 [240]
AlternateDataStreams: C:\Users\PC\AppData\Local\Temp:com.affinity.photo.3 [197]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\Software\Classes\.cmd: => <==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-04-21] (McAfee, LLC -> McAfee, LLC)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-12-10] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-04-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-12-10] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2022-04-26] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2022-04-26] (McAfee, LLC -> McAfee, LLC)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2022-01-21 21:18 - 000001415 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localtestwebsite.local #Local Site
127.0.0.1 www.localtestwebsite.local #Local Site
127.0.0.1 LaragonBlankTest.test #laragon magic!
127.0.0.1 LaragonTest.test #laragon magic!
192.168.1.17 host.docker.internal
192.168.1.17 gateway.docker.internal
127.0.0.1 kubernetes.docker.internal

2022-01-21 21:28 - 2022-04-25 21:08 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.26.240.1 DESKTOP-2JUGDT3.mshome.net # 2027 4 6 24 20 8 27 603

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\backgrounddefault.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
WiFi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\StartupApproved\Run: => "Figma Agent"
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\StartupApproved\Run: => "Docker Desktop"
HKU\S-1-5-21-1691793525-3632473787-1534939769-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6D62233D-3DC4-4BCB-8416-7F4D0BADB7C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2C968B5E-9CA9-4901-B967-C7744012B64D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B1D662FE-950F-4C5B-AB7F-DEE289374034}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD4F642F-3D94-464F-9A9B-E30656DA1596}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A982C148-3B9D-4D3B-9BD4-A4AC0A2100B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{779DE90A-C174-49DD-A2DC-99367FFDFC8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0ED389C7-99C0-4074-B47C-88E979D00A40}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_10.2.0.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{41347BD7-C230-4960-AF2E-840F699F3B9F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_10.2.0.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{B1BC921B-C2A2-4896-A3D1-DA3823C47E78}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_10.2.0.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{38EB5743-0851-44BB-9EFE-EA19F609B01E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_10.2.0.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{6E937048-40EF-4253-978E-FFE0B3A26446}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_10.2.0.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{65F0FC14-A395-4D7B-A054-DA8F4797FCA3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_10.2.0.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{1E36C2F7-A0A6-4D93-AA59-491B476E6D66}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_10.2.0.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{9AC4D1C4-CEDF-45AD-9E27-5DC19CA2A4B2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_10.2.0.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{FC088B47-D94A-432A-98E3-BCD1E2FD3B33}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{7398BEB6-33A3-425E-B134-FF61B988E49C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{E1282B9F-A147-43C1-9D49-41CB17DCD499}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{7A6FC8F6-55A6-4A88-AFAB-666598DB0304}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{370D6034-37E8-4EA7-94F3-F6E23DC6439F}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{EF9CBAA0-5C82-4EB1-A7B8-9D021CDDAC50}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{4CEBE3E6-E933-4456-8E1A-9C9A211951C5}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{0D9CFBDC-E32C-4067-A51C-139D8446A7BC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EBEE25BE-D4AA-4232-A562-1BDEE5417CD1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3033E71E-6E69-4299-983C-7EA943638BED}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F2B27541-FB99-4377-9A1B-3E63C154B5CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AB22E9DE-FFCD-4EDF-86FC-2979022884E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A46B65B-A575-4EEC-92A1-DAB5F4D2D4FB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A85E87C-1E87-4E59-86E3-EA7676185727}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F0CBBD7A-BB23-4B63-B241-86D887AEF17E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A2D1B35B-B0D9-4960-8C7E-8A392318077E}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{4A746AB5-01F9-4CD4-BD7A-84A6FF99D7EA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{610E010C-E3B2-4252-8DB4-CE0231E6C80E}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{C83CFA40-566A-44C1-B4F5-01CB7CD27A9A}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [{3E36949C-74D6-4237-9C96-15DA3814BE3C}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{847A2F36-2263-4C0A-85FB-8523FABDCC4A}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EF91582B-A427-46AA-A652-D2FB094D5CC2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\Watch_Dogs.exe => No File
FirewallRules: [{30F1DCFF-4054-46E8-9BDF-89D663E12608}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\Watch_Dogs.exe => No File
FirewallRules: [{4EFEF0EB-A64D-43B8-928A-ABCD04CF488E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs_Patch\bin\Watch_Dogs.exe => No File
FirewallRules: [{3E9B0486-C21C-49AE-9F98-8489814F275E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs_Patch\bin\Watch_Dogs.exe => No File
FirewallRules: [{E7C22443-CD5B-4A3D-929E-0299E1FB57F4}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{6841EBAC-A378-49BB-B588-0425F755A756}D:\opera\78.0.4093.231\opera.exe] => (Block) D:\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [UDP Query User{68FC15D7-010A-49E3-A8E3-EA186718A48C}D:\opera\78.0.4093.231\opera.exe] => (Block) D:\opera\78.0.4093.231\opera.exe => No File
FirewallRules: [TCP Query User{04A0331B-6B54-443D-91A1-A9B49D84FF0B}F:\games\starcraft\x86_64\starcraft.exe] => (Allow) F:\games\starcraft\x86_64\starcraft.exe => No File
FirewallRules: [UDP Query User{7246EE88-3755-4F64-9478-5D078D1B0C2C}F:\games\starcraft\x86_64\starcraft.exe] => (Allow) F:\games\starcraft\x86_64\starcraft.exe => No File
FirewallRules: [{FCBE6880-6A6A-40A0-989F-673794E9F09C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E190DBFF-CD37-4BC3-B515-4EBB0AE46767}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DA3A5CA7-DDD3-4CFE-9C4D-CA76DE80FA16}] => (Allow) F:\Games\Steam Games\steamapps\common\Alan Wake\AlanWake.exe => No File
FirewallRules: [{FF26E1EF-90F5-4434-9D57-687153BCC51B}] => (Allow) F:\Games\Steam Games\steamapps\common\Alan Wake\AlanWake.exe => No File
FirewallRules: [{D0F04FDF-787A-4CA0-B5C6-36E2F026FC95}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{D939468F-AF4E-4D69-8FBE-C1B9DCA241E3}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{095D841B-B57C-4AC8-9756-07575594E816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{88861A7D-DCFA-4CEF-A245-14E89A15E463}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{532E6A29-C271-4BFE-A93F-5DF2B6410272}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B44E3B01-CA0C-4F36-9022-33868E28C8D5}] => (Allow) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFFB4116-18A0-468C-A232-9B772B054CD5}] => (Allow) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{AC095969-8EF4-4ECC-9364-309BADC5CA7B}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{621F015D-0A51-4800-84CF-7A8A5AF9B0A3}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{D0451106-6AD9-4229-9A9E-22EAD8399A53}D:\opera\opera.exe] => (Allow) D:\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{81B261F7-90AE-4CEB-AA04-6E6C497D9CCE}D:\opera\opera.exe] => (Allow) D:\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D373DE95-32B8-47AC-A96C-F3DDFB65C1C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{D3FDB983-4F02-45D9-8EEA-2798453A4A04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{1FAE69F7-3DFA-444B-BA18-411B941DFD78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{8ECE0814-4389-43CF-BBC3-1DA38BB464C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{7BED3FB1-66FE-42C0-890E-98FA93CE6ACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{734A4BF8-422C-4ED4-A2F2-D74EA9554F1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{6C2B4807-3577-4636-8186-B5B22C2C89A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{787DABBE-1E00-4BB8-85FE-7DD6DF75B2A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{A38B7675-8E42-4158-B80A-74167218CEC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Syberia2.exe () [File not signed]
FirewallRules: [{95B551D5-9E5B-4E33-8E36-29D7B585F4B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia 2\Syberia2.exe () [File not signed]
FirewallRules: [{FEF03F64-3F6E-4070-B356-D670FD3E8ED3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{26AE3E3D-18B3-4B58-AC72-A5EFD2A73358}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Syberia\Game.exe (Microids Canada) [File not signed]
FirewallRules: [{3746EE01-11C0-4AA7-8CC3-2AFA0B0C8B9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyhill\Skyhill.exe () [File not signed]
FirewallRules: [{F0DC3458-A7DB-4B34-8297-6A1744D8B2CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyhill\Skyhill.exe () [File not signed]
FirewallRules: [{6BE1AC61-EB17-4642-B9B4-D409F481706C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{D0658394-9B79-4900-A7C5-B9159EFB84CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{4640FB51-C5BB-4483-81EE-1F0142FF1916}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C1E684CE-BBD6-4C68-88BE-1D480E62A73C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{117782FE-50A3-44D9-BA77-E2B10271C48A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{BAC408AB-FBF8-4734-875C-0A3B03439C6E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{073FCF17-3D7B-4D8E-A28E-47CCEE242753}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{DA494406-F566-4E7D-B130-4C16A0AF7EA2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5C09BBC4-BAB9-46A3-BE39-45E52BFD1606}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8E76861E-DFF7-4795-96EE-891093EC0ECA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{6612010E-DA2D-4D65-9814-E2DA88883EA5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{544D023A-43AE-4985-BA1E-3E492D09C1CC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{7E330055-79DA-48D6-8623-E1D27B24EA17}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{A6C080FB-3DDC-442C-9E04-6BD085A72EA0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{F6107D2D-EA72-4B26-B978-627F53060B9C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{83FA1F8C-25FE-4748-8C32-3736052F6CA2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{2DA7CA6D-D501-4E1D-BBEB-DEB77094DF99}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{605AEFD6-03A6-4E21-AF9F-6F321126132D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3AD6C725-30F4-4D11-BAE8-85358B87D71A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2204.8.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{04DA93A2-4878-46DE-9D34-7C350D820C3A}] => (Allow) C:\Program Files\Google\Chrome Dev\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C39E92A1-428C-4FFB-9AC0-3E332455A4C8}] => (Allow) C:\Program Files\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EF572025-1B5D-4F88-BB64-8D9DBB28B3EB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

21-05-2022 12:10:41 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/24/2022 08:54:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemOptimizer.exe, version: 1101.2204.3.0, time stamp: 0x935388d4
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1706, time stamp: 0x458acb5b
Exception code: 0xe0434352
Fault offset: 0x0000000000034fd9
Faulting process ID: 0x6cc
Faulting application start time: 0x01d86f4382527c40
Faulting application path: C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 56d537f6-a8b8-4644-8318-894b0255244c
Faulting package full name:
Faulting package-relative application ID:

Error: (05/24/2022 08:54:35 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SystemOptimizer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
at System.IO.Directory.DeleteHelper(System.String, System.String, Boolean, Boolean, WIN32_FIND_DATA ByRef)
at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
at HP.Omen.SystemOptimizer.Program.Cleanup()
at HP.Omen.SystemOptimizer.Program.Main(System.String[])

Error: (05/24/2022 08:52:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemOptimizer.exe, version: 1101.2204.3.0, time stamp: 0x935388d4
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1706, time stamp: 0x458acb5b
Exception code: 0xe0434352
Fault offset: 0x0000000000034fd9
Faulting process ID: 0x54a8
Faulting application start time: 0x01d86f434504c87c
Faulting application path: C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 7cb8ccf7-13db-4f87-b5cd-37ed76f9ec5d
Faulting package full name:
Faulting package-relative application ID:

Error: (05/24/2022 08:52:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SystemOptimizer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
at System.IO.Directory.DeleteHelper(System.String, System.String, Boolean, Boolean, WIN32_FIND_DATA ByRef)
at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
at HP.Omen.SystemOptimizer.Program.Cleanup()
at HP.Omen.SystemOptimizer.Program.Main(System.String[])

Error: (05/23/2022 10:01:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemOptimizer.exe, version: 1101.2204.3.0, time stamp: 0x935388d4
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1706, time stamp: 0x458acb5b
Exception code: 0xe0434352
Fault offset: 0x0000000000034fd9
Faulting process ID: 0x4ae4
Faulting application start time: 0x01d86ee84f5e153c
Faulting application path: C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 62930786-5f09-4e51-a12b-174acdd57a91
Faulting package full name:
Faulting package-relative application ID:

Error: (05/23/2022 10:01:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SystemOptimizer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
at System.IO.Directory.DeleteHelper(System.String, System.String, Boolean, Boolean, WIN32_FIND_DATA ByRef)
at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
at HP.Omen.SystemOptimizer.Program.Cleanup()
at HP.Omen.SystemOptimizer.Program.Main(System.String[])

Error: (05/21/2022 09:39:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemOptimizer.exe, version: 1101.2204.3.0, time stamp: 0x935388d4
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1706, time stamp: 0x458acb5b
Exception code: 0xe0434352
Fault offset: 0x0000000000034fd9
Faulting process ID: 0x1358
Faulting application start time: 0x01d86cee53a37e24
Faulting application path: C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 1efb9c01-1391-457e-930e-d6faf49015e1
Faulting package full name:
Faulting package-relative application ID:

Error: (05/21/2022 09:39:50 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SystemOptimizer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
at System.IO.Directory.DeleteHelper(System.String, System.String, Boolean, Boolean, WIN32_FIND_DATA ByRef)
at System.IO.Directory.Delete(System.String, System.String, Boolean, Boolean)
at HP.Omen.SystemOptimizer.Program.Cleanup()
at HP.Omen.SystemOptimizer.Program.Main(System.String[])


System errors:
=============
Error: (05/24/2022 09:04:45 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-2JUGDT3)
Description: Unable to start a DCOM Server: B9ECED6F.ArmouryCrate_4.0.8.0_x64__qmba6cd70vzyy!App.AppXaf9yj7b4mcffedjb0dpjdgqxqj4vq8k0.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXc206n2x0eevm6mcaqje6aze5tcyc9qt6.mca

Error: (05/24/2022 08:55:45 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-2JUGDT3)
Description: Unable to start a DCOM Server: B9ECED6F.ArmouryCrate_4.0.8.0_x64__qmba6cd70vzyy!App.AppXaf9yj7b4mcffedjb0dpjdgqxqj4vq8k0.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXc206n2x0eevm6mcaqje6aze5tcyc9qt6.mca

Error: (05/24/2022 08:52:47 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "216" attempting to start the service vds with arguments "Unavailable" in order to run the server:
{7D1933CB-86F6-4A98-8628-01BE94C9A575}

Error: (05/24/2022 08:52:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Virtual Disk service failed to start due to the following error:
This version of Virtual Disk is not compatible with the version of Windows you're running. Check your computer's system information and then contact the software publisher.

Error: (05/23/2022 10:33:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2JUGDT3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (05/23/2022 10:33:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2JUGDT3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (05/23/2022 10:33:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2JUGDT3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (05/23/2022 10:33:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2JUGDT3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


Windows Defender:
================Event[0]:

Date: 2021-06-23 21:42:16
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.339.1340.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18100.6
Error code: 0x80070643
Error description: Fatal error during installation.

Date: 2021-06-23 21:42:14
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.1317.0
Previous security intelligence Version: 1.339.1340.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-23 21:42:14
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.1317.0
Previous security intelligence Version: 1.339.1340.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-23 21:42:14
Description:
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

CodeIntegrity:
===============
Date: 2022-05-24 09:04:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: AMI F.20 08/27/2021
Motherboard: HP 8703
Processor: Intel(R) Core(TM) i7-10700K CPU @ 3.80GHz
Percentage of memory in use: 23%
Total physical RAM: 32632.28 MB
Available physical RAM: 25083.13 MB
Total Virtual: 37496.28 MB
Available Virtual: 26667.59 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:476.1 GB) (Free:65.16 GB) (Model: NVMe WDC WD BLACK SDBPNTY-512G-1106) NTFS
Drive d: (DATA) (Fixed) (Total:1863.02 GB) (Free:1670.5 GB) (Model: TOSHIBA DT01ACA200) NTFS
Drive e: (New Volume) (Fixed) (Total:119.24 GB) (Free:117.22 GB) (Model: NVMe SAMSUNG MZVPV128HDGM-000H1) NTFS
Drive f: (New Volume) (Fixed) (Total:931.5 GB) (Free:251.06 GB) (Model: WDC WD10EZEX-08WN4A0) NTFS

\\?\Volume{ef6f4d93-8bd8-4ea8-af2e-ee0ba37d57a9}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{7d371b1e-9cab-4ce1-8b42-9a0b2a39368d}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 28F1E6C7)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 476.9 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 02235760)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Chrome se otevira se Spyware strankami pri prihlaseni

#3 Příspěvek od JaRon »

ahoj,
najdi a ZMAZ subor C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat
restart a bude fajn :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Adun
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 14 lis 2014 19:43

Re: Chrome se otevira se Spyware strankami pri prihlaseni

#4 Příspěvek od Adun »

Vypada to spravene. Dekuji.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Chrome se otevira se Spyware strankami pri prihlaseni

#5 Příspěvek od JaRon »

za malo :)
mozes pripadne este vycistit PC s CCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno