Zpomalení počítače
Napsal: 20 říj 2024 10:14
Prosím o kontrolu, děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by user (administrator) on DESKTOP-TMT (MSI MS-7978) (20-10-2024 11:07:38)
Running from C:\Users\www\Desktop\FRST64.exe
Loaded Profiles: user & admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4894 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast\AvastUI.exe <4>
(C:\Apps\FlashFolder\FlashFolder64.exe ->) (zett42) [File not signed] C:\Apps\FlashFolder\FlashFolder.exe
(C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe ->) (mik61 (independent software developer) -> mik61) [File not signed] [File is in use] C:\Apps\Gameplay Time Tracker\Support64.exe
(C:\Apps\MSI Afterburner\MSIAfterburner.exe ->) (Alexey Nicolaychuk -> ) C:\Apps\RivaTuner Statistics Server\RTSS.exe
(C:\Apps\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Apps\RivaTuner Statistics Server\EncoderServer.exe
(C:\Apps\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Apps\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Apps\Total Commander\TOTALCMD64.EXE ->) (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.) C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe
(C:\Program Files (x86)\Backblaze\bzbui.exe ->) (BACKBLAZE, INC. -> ) C:\Program Files (x86)\Backblaze\bzbuitray.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.913.1\DropboxCrashHandler.exe
(C:\Program Files\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
(C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe ->) (Grammarly, Inc. -> ) C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.WebUI.exe
(C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.WebUI.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe <19>
(C:\Users\www\AppData\Local\SmartGenius\SmartGenius.exe ->) () [File not signed] C:\Users\www\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <9>
(explorer.exe ->) () [File not signed] C:\Apps\Ditto\Ditto.exe
(explorer.exe ->) (ASTONSOFT OU -> Astonsoft) C:\Apps\Essential PIM\EssentialPIM.exe <2>
(explorer.exe ->) (BACKBLAZE, INC. -> ) C:\Program Files (x86)\Backblaze\bzbui.exe
(explorer.exe ->) (Dynalist Inc -> Obsidian) C:\Apps\Obsidian\Obsidian.exe <4>
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\www\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Ferdium Contributors) [File not signed] C:\Program Files\Ferdium\Ferdium.exe <10>
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Apps\Total Commander\TOTALCMD64.EXE
(explorer.exe ->) (GNE) [File not signed] C:\Apps\Dual Monitor Tools\DMT.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <35>
(explorer.exe ->) (Grammarly, Inc. -> Grammarly) C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe
(explorer.exe ->) (KARPOLAN) [File not signed] C:\Apps\Keyboard Leds\KeyboardLeds.exe
(explorer.exe ->) (Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.192.0923.0006\Microsoft.SharePoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(explorer.exe ->) (mik61 (independent software developer) -> mik61) [File not signed] C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe
(explorer.exe ->) (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(explorer.exe ->) (pCloud AG -> pCloud AG) C:\Apps\pCloud Drive\pCloud.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\www\AppData\Local\Programs\signal-desktop\Signal.exe <4>
(explorer.exe ->) (SOFTPERFECT PTY. LTD. -> SoftPerfect) C:\Apps\Networx\networx.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Apps\CCleaner\CCleaner64.exe
(KYE SYSTEMS CORP. -> ) C:\Users\www\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartFore.exe
(KYE SYSTEMS CORP. -> KYE System Corp.) C:\Users\www\AppData\Local\SmartGenius\SmartGenius.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24257.205.3165.2029_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) C:\Apps\CrystalDiskInfo\DiskInfo64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast\AvastSvc.exe
(services.exe ->) (BACKBLAZE, INC. -> ) C:\Program Files (x86)\Backblaze\bzserv.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Apps\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (KeepSolid Inc. -> KeepSolid Inc.) C:\Apps\VPN Unlimited\vpn-unlimited-daemon.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dcf94619172aceb0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Apps\OO Defrag\oodag.exe
(services.exe ->) (voidtools -> voidtools) C:\Apps\Everything\Everything.exe <2>
(services.exe ->) (zett42) [File not signed] C:\Apps\FlashFolder\FlashFolder64.exe <2>
(svchost.exe ->) (Alexandr Irza) [File not signed] C:\Apps\Volume2\Volume2.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Kazuyuki Nakayama) [File not signed] C:\Apps\HotSwap\HotSwap!.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\backup\0D40ED3A-5133-44A1-8DAC-8C2A9211A451\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\backup\723A6357-6A70-41DD-B0E7-468AF9B13DBC\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Apps\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (VS REVO GROUP OOD -> VS Revo Group Ltd.) C:\Apps\Revo Uninstaller Free\RevoUninHelper.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4>
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast\AvLaunch.exe [427304 2024-09-03] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [NetWorx] => C:\Apps\Networx\networx.exe [7627080 2016-09-24] (SOFTPERFECT PTY. LTD. -> SoftPerfect)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Apps\OO Defrag\oodtray.exe [5482928 2022-10-14] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [SmartGenius] => C:\Users\www\AppData\Local\SmartGenius\SGStartup.exe [525824 2022-07-12] () [File not signed]
HKLM\...\Run: [RunSmartHIDFile] => C:\Users\www\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHIDStart.exe [524288 2020-09-15] () [File not signed]
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [265216 2023-08-16] (Open-Shell) [File not signed]
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [Everything] => C:\Apps\Everything\Everything.exe [2265104 2024-08-01] (voidtools -> voidtools)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Apps\KeePass Password Safe 2\KeePass.exe [3297664 2024-10-08] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9235336 2024-10-18] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Apps\Adobe\Acrobat 2017\Acrobat\Acrotray.exe [2192592 2022-07-29] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81380584 2024-03-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752216 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919336 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [KeyboardLeds.exe] => C:\Apps\Keyboard Leds\KeyboardLeds.exe [912896 2012-09-06] (KARPOLAN) [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Ditto] => C:\Apps\Ditto\Ditto.exe [5185024 2021-09-10] () [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [f.lux] => C:\Users\www\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-02-22] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [GameplayTimeTracker] => C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe [932472 2018-09-17] (mik61 (independent software developer) -> mik61) [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\www\AppData\Local\Microsoft\Teams\Update.exe [2591080 2023-12-08] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [EssentialPIM Pro Portable] => C:\Apps\Essential PIM\EssentialPIM.exe [12786592 2024-08-29] (ASTONSOFT OU -> Astonsoft)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [1884208 2024-04-05] (BACKBLAZE, INC. -> )
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [GNE_DualMonitorTools] => C:\Apps\Dual Monitor Tools\DMT.exe [888832 2021-10-13] (GNE) [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [CCleaner Smart Cleaning] => C:\Apps\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Apps\Adobe\Acrobat 2017\Acrobat\AdobeCollabSync.exe [889032 2022-07-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [pCloud] => C:\Apps\pCloud Drive\pCloud.exe [3463408 2022-11-08] (pCloud AG -> pCloud AG)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\www\AppData\Local\Programs\signal-desktop\Signal.exe [186624880 2024-10-16] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Ferdium] => C:\Program Files\Ferdium\Ferdium.exe [186366464 2024-09-22] (Ferdium Contributors) [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\24.192.0923.0006\Microsoft.SharePoint.exe [1025568 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Grammarly] => C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [238680 2024-10-17] (Grammarly, Inc. -> Grammarly)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Policies\Explorer: [HideSCAVolume] 1
HKU\S-1-5-21-2069861480-1445196129-2239134032-1003\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919336 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\admin\AppData\Local\Microsoft\Teams\Update.exe [2492128 2022-06-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\SYSTEM32\AdobePDF.dll [65192 2022-07-29] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.101\Installer\chrmstp.exe [2024-10-10] (Google LLC -> Google LLC)
Startup: C:\Users\www\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSwap!.lnk [2022-11-08]
ShortcutTarget: HotSwap!.lnk -> C:\Apps\HotSwap\HotSwap!.EXE (Kazuyuki Nakayama) [File not signed]
Startup: C:\Users\www\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2024-05-28]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2023-03-20]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{C6CD258F-5FAF-4C35-86BD-A74E4374C146}\app_icon.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F3789037-2726-42A2-AAA7-B245F504ED42} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {3E5D4DAF-F60E-483E-8F91-B6B30EE92B56} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0E2CF8DD-E7E7-44DD-8F91-D1973096323A} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4454832 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D53ECC7D-A7D3-41E7-BC4F-736FD864F987} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast\AvEmUpdate.exe [5205800 2024-10-15] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {7A5265A0-C53C-4AF4-83D8-951CDC226628} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-08] (Avast Software s.r.o. -> Avast Software)
Task: {1FCDD9BA-B2C1-45FA-9FC9-5FC1611B79DA} - System32\Tasks\CCleaner Update => C:\Apps\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {C90FF0D5-021C-40A6-ADEB-10D16EAB2CCA} - System32\Tasks\CCleanerCrashReporting => C:\Apps\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Apps\CCleaner\LOG" --programpath "C:\Apps\CCleaner" --guid "c308d7e7-2998-4055-8e17-d843455a776f" --version "6.29.11342" --silent
Task: {71004A66-F9E6-4FE9-A5F1-C7CC3A0D7B46} - System32\Tasks\CCleanerSkipUAC - user => C:\Apps\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {CE7FD45C-3A4C-4CDA-825D-1226FFFA2915} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {809FFE11-15B7-488E-85D8-ACCC54A78BDB} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {32B469DD-ABA6-4C16-86DA-AC66256F4562} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0D3A933E-F0AD-4430-8FD9-0BAC1C10D919} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {92B791C1-42D8-4BAA-8FF1-F6589E150C66} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {27297004-9AEB-4C5E-B6B6-E6D59D150288} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0146F51C-C6F8-43DF-9510-2D98D3B51ADA} - System32\Tasks\CrystalDiskInfo => C:\Apps\CrystalDiskInfo\DiskInfo64.exe [2849312 2024-01-13] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {3A1B28A1-D62A-4378-9F48-AF35DEBC7F1C} - System32\Tasks\DesktopOverlayHost => C:\Apps\RivaTuner Statistics Server\DesktopOverlayHost.exe [69952 2023-03-30] (Alexey Nicolaychuk -> )
Task: {B21C3B7D-9D58-45D3-AA34-13372EDC5560} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-06-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7051CB0A-EE42-4B28-80C2-AE2807FEFE44} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-06-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E64D0AC4-DBE5-482C-BF4F-1450AE7109A9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{FC79E3CC-C844-4E3E-AD74-71ADA33BCB7A} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {99C763E1-414C-4083-807B-711465672D4E} - System32\Tasks\HotSwap! Applet => C:\Apps\HotSwap\HotSwap!.EXE [219648 2019-01-07] (Kazuyuki Nakayama) [File not signed]
Task: {E18ED173-33A3-45B0-8D03-52A59BED35F5} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
Task: {80A02F25-6816-44DB-B0F0-DE4CBC883C6C} - System32\Tasks\MAISOFT\QA_F8653609-5D6D-4C00-9383-C04E1E8E409D => C:\Users\www\AppData\Local\QA\Helper.vbs [3065 2023-07-21] () [File not signed]
Task: {DCC8C8F2-9157-4C95-8F5F-5DD0A8D58E42} - System32\Tasks\MAISOFT\QA-DE_F8653609-5D6D-4C00-9383-C04E1E8E409D => C:\Users\www\AppData\Local\QA\Helper.vbs [3065 2023-07-21] () [File not signed]
Task: {82923213-4A51-4BFF-B866-E6466FD1EE97} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2069861480-1445196129-2239134032-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2531504 2023-06-16] (Mega Limited -> )
Task: {1B15B030-9122-46E2-9B10-A97A7FEAEA92} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1D038AE-EB9E-467C-AEBD-9F93F6F40CF2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A42A02CF-670A-4DF9-8063-3568FDA5FBD4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CAF97D3-6410-4BC3-8E35-DBFEEE2224C6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {525F2F13-7732-4F65-B964-D8591778FAF5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD2F1F46-685A-46B3-8853-02DCD13485F4} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4465608 2024-09-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A2E1C0C-A70B-40E5-98CA-1A46D9833D3E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\OS Edition Upgrade event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {064D1179-ABCA-49D7-8DD4-F4055C2186DE} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Passport for Work alert created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {D0A5F900-FF14-48A4-AA24-671CED9D79FE} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Provisioning initiated session => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {0E9EDA07-F352-4EC3-A941-904CC860CF82} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\PushLaunch => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {03C3AA0D-9490-417D-8420-E10539F599DA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\PushRenewal => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {9BE66C6B-4FA8-4961-A4B4-255C8246117C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Retry Schedule created for incomplete session => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {34C8A8F5-0E8E-42C0-9208-72BC26230BEA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule #1 created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {1907D8C1-7A99-4839-9B9C-20A2BE52F605} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule #2 created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {8AB015F6-EEA3-4377-AEFA-3BE0A503887E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule #3 created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {C0B2ABC5-7C63-464F-AE5E-0B216BAED24A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule created by enrollment client for renewal of certificate warning => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {BE031E2E-1D8F-4703-9861-CB8A38E80556} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule to run OMADMClient by client => C:\Windows\system32\omadmclient.exe [478208 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {3B2DCCC9-B908-4E11-902D-B2CBDB9912A2} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule to run OMADMClient by server => C:\Windows\system32\omadmclient.exe [478208 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {7B3F8530-F82A-4457-97EE-B174B6169C26} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Win10 S Mode event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {670937AB-91A0-403A-8C25-CC0E0B7BC214} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Wsc Startup event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {EDBC99BF-B8B0-4FFB-8B87-7A514D922825} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\Schedule created by enrollment client to reattest client certificate => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {3963D1E3-47AF-4136-9602-44974B6DD06B} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {73AF874F-3CEA-4911-A678-4AEFA9E922B5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2024-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {742BAE9B-8AF0-477C-8762-F02FA43FE6F3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2069861480-1445196129-2239134032-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2024-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {EB06F5B9-A331-4409-8517-EE724C9F201A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-10-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {60EA9D65-1F76-4255-9DC1-80A932B89E1E} - System32\Tasks\MSIAfterburner => C:\Apps\MSI Afterburner\MSIAfterburner.exe [804312 2023-04-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F9768B2F-0BEF-41B4-A7EE-3C01623F1314} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D4CF4E8A-0DED-4EE9-A567-197EEFB6168C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {652A89CF-E740-40BE-9F56-6739BE31CCA6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {B2A433F2-C38C-473A-9A86-12BDDBDCF798} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AD5AAF6E-7BB4-4D81-AC6F-EFC4EA34F7A7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68FE2F86-F1C2-416F-836C-CF9796381453} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {959B48F4-A4D9-486F-88E7-8AFCA1A0C798} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B9974027-CE73-46C6-82A7-31815A856FE4} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {39522024-10B8-4CA0-A60A-6E6FE4107F5B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8A2AA4FA-16FC-42A3-8F8B-C77D2326850D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {10CB0804-782C-44D7-A633-F75ADE99A4B1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2069861480-1445196129-2239134032-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {698C4E3C-6493-4DAD-93C9-EACC7800E33A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2069861480-1445196129-2239134032-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D5D2073-9E96-4ACC-924B-A61DF5789E6A} - System32\Tasks\ViGEmBus_Updater => C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBus_Updater.exe [1117096 2022-09-27] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.) -> C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\\/silent
Task: {7E947D07-1094-4E8B-BE9B-A136F50BB27A} - System32\Tasks\Volume² Autorun => C:\Apps\Volume2\Volume2.exe [4529152 2023-09-16] (Alexandr Irza) [File not signed]
Task: {150997E3-1118-4CE0-BF29-DF46DBF600B9} - System32\Tasks\VS Revo Group\RevoHelperFreeStartup => C:\Apps\Revo Uninstaller Free\RevoUninHelper.exe [4013240 2024-09-24] (VS REVO GROUP OOD -> VS Revo Group Ltd.)
Task: {EBC61FAD-AB97-428E-8723-3D8CFF233BF8} - System32\Tasks\WD Device Agent Task user => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [724712 2024-03-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {B3B1B33D-D437-491B-B46B-1EFBFEA035A2} - System32\Tasks\WD Discovery Service Task user => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [79592 2024-03-29] (Western Digital Technologies, Inc. -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Apps\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29a808b4-5abc-4d2d-accc-d2633e81b992}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29a808b4-5abc-4d2d-accc-d2633e81b992}: [DhcpDomain] ASUS
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-14]
Edge Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Edge relevant text changes) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-14]
Edge Profile: C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-10-14]
Edge Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2024-10-08]
Edge Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29]
Edge Extension: (Edge relevant text changes) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Zotero Connector) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\nmhdhpibnnopknkmonacoephklnflpho [2024-10-08]
FireFox:
========
FF DefaultProfile: vlvltzkd.default
FF DefaultProfile: 38vojeko.default
FF ProfilePath: C:\Users\www\AppData\Roaming\Zotero\Zotero\Profiles\vlvltzkd.default [2024-10-17]
FF Extension: (Better BibTex for Zotero) - C:\Users\www\AppData\Roaming\Zotero\Zotero\Profiles\vlvltzkd.default\Extensions\better-bibtex@iris-advies.com.xpi [2024-10-17] [Legacy] [not signed]
FF ProfilePath: C:\Users\www\AppData\Roaming\Mozilla\Firefox\Profiles\38vojeko.default [2023-11-19]
FF ProfilePath: C:\Users\www\AppData\Roaming\Mozilla\Firefox\Profiles\utb3vtcv.default-release [2024-10-20]
FF Extension: (Greasemonkey) - C:\Users\www\AppData\Roaming\Mozilla\Firefox\Profiles\utb3vtcv.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2024-09-27]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Apps\Adobe\Acrobat 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Apps\Adobe\Acrobat 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-07-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Apps\Adobe\Acrobat 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: Adobe Acrobat -> C:\Apps\Adobe\Acrobat 2017\Acrobat\Air\nppdf32.dll [2022-07-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-2069861480-1445196129-2239134032-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-2069861480-1445196129-2239134032-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-2069861480-1445196129-2239134032-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Default [2024-10-20]
CHR Notifications: Default -> hxxps://cuni-cz.zoom.us; hxxps://drive.google.com; hxxps://meet.google.com
CHR Extension: (Překladač Google) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-05]
CHR Extension: (Seedr) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfimpkhacgimamjbiegeoponlepcbob [2024-10-16]
CHR Extension: (Bookmark Favicon Changer) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmfnomgphggonodopogfbmkneepfgnh [2024-06-20]
CHR Extension: (Seznam Doplněk – Email) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2024-10-18]
CHR Extension: (WOT – zabezpečení webových stránek a ochrana pro bezpečné procházení) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2024-10-15]
CHR Extension: (You.com: AI Search Assistant) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\chamcglaoafmjphcfppikphgianmmbjf [2024-07-19]
CHR Extension: (SciSpace: Do hours of research in minutes) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipccbpjpemcnijhjcdjmkjhmhniiick [2023-12-06]
CHR Extension: (uBlock Origin) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-09-27]
CHR Extension: (change-language) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2024-10-18]
CHR Extension: (Zotero Connector) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2024-10-08]
CHR Extension: (Urban VPN Proxy) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-08-31]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2022-06-05]
CHR Extension: (EndNote Click) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjgncogppolhfdpijihbpfmeohpaadpc [2024-10-03]
CHR Extension: (Lazy Scholar) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpbdcofpbclblalghaepibbagkkgpkak [2024-09-16]
CHR Extension: (HTTPS Everywhere) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-06-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-10]
CHR Extension: (Texti) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdfpikgminknioaacfllhjjjhifoemhk [2023-12-22]
CHR Extension: (Power Thesaurus) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjkanigjoiglnlopahbbjdbfhkndjk [2024-07-31]
CHR Extension: (Boční lišta záložek) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2024-08-10]
CHR Extension: (AI Drive - Side Panel) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjikipommaidbcdealcjojhjegdjfegg [2024-08-18]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2024-10-18]
CHR Extension: (Substital: Add subtitles to videos and movies) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkkbiiikppgjdiebcabomlbidfodipjg [2024-01-23]
CHR Extension: (Remind Me) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbcagagehgegabogmbnbjblmhodjohoo [2023-01-08]
CHR Extension: (Tlačítko Google Scholar) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2024-05-17]
CHR Extension: (Decentraleyes) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2024-03-27]
CHR Extension: (Change Case) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpakoahdokkkonadfppfgmednkknpgbm [2024-09-27]
CHR Extension: (Citace PRO) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2024-06-24]
CHR Extension: (Save to Pocket) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-03]
CHR Extension: (Context Menu Search) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2024-09-14]
CHR Extension: (Charset) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\oenllhgkiiljibhfagbfogdbchhdchml [2022-06-05]
CHR Extension: (Povolit kliknutí pravým tlačítkem pro Google Chrome ™) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgdcdohlhjfdhbnfkikfeakhpojhpgm [2023-02-15]
CHR Extension: (Seznam.cz) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-08-08]
CHR Extension: (Wiseone - Your AI Search & Reading Copilot) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\paodpkkacimmkacaecjmhdncjgjepcai [2024-10-18]
CHR Extension: (Privacy Badger) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2024-07-19]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-10-14]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-10-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-06-26]
CHR Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-08]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-10-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-21]
CHR Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-06]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-10-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-24]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 8 [2024-10-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-09-02]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\System Profile [2024-10-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4578736 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast\aswidsagent.exe [7248680 2024-09-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [771880 2024-09-03] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast\aswToolsSvc.exe [1217832 2024-09-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast\wsc_proxy.exe [56912 2022-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [847920 2024-04-05] (BACKBLAZE, INC. -> )
R3 CCleanerPerformanceOptimizerService; C:\Apps\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861072 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-06-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-06-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46824 2024-10-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\211.3.5889\DropboxElevationService.exe [1659280 2024-10-18] (Dropbox, Inc -> Dropbox, Inc.)
R2 Everything; C:\Apps\Everything\Everything.exe [2265104 2024-08-01] (voidtools -> voidtools)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.192.0923.0006\FileSyncHelper.exe [3524648 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
R2 FlashFolder; C:\Apps\FlashFolder\FlashFolder64.exe [596992 2012-07-21] (zett42) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [347408 2022-10-03] (Underwriters Laboratories Inc. -> Futuremark)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dcf94619172aceb0\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.192.0923.0006\OneDriveUpdaterService.exe [3868688 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
R2 OODefragAgent; C:\Apps\OO Defrag\oodag.exe [4357040 2022-08-18] (O&O Software GmbH -> O&O Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530488 2024-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 VPNUnlimitedService; C:\Apps\VPN Unlimited\vpn-unlimited-daemon.exe [54136 2023-10-22] (KeepSolid Inc. -> KeepSolid Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [20536 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [233016 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [381496 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [294960 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [84536 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [27744 2024-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [28752 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [273976 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [550456 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [97848 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [69176 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [951352 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [1202232 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203832 2024-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [307256 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 cbfs20; C:\Windows\System32\drivers\cbfs20.sys [449080 2022-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 gKbdfltr; C:\Windows\System32\drivers\gKbdfltr.sys [29576 2020-09-15] (KYE SYSTEMS CORP. -> )
R3 HWiNFO_203; C:\Users\www\AppData\Local\Temp\HWiNFO_x64_203.sys [58024 2024-10-12] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ATTENTION
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 ioFakDrv; C:\Windows\System32\drivers\ioFakDrv.sys [35928 2020-09-15] (KYE Systems Corp -> KYE System Corp.)
R3 ioFakMap; C:\Windows\System32\drivers\ioFakMap.sys [24664 2020-09-15] (KYE Systems Corp -> KYE System Corp.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> )
R3 RevoProcessDetector; C:\Windows\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 RTCore64; C:\Apps\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [44080 2016-09-27] (Shaul Eizikovich -> Nefarius Software Solutions)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2023-07-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 vjoy; C:\Windows\System32\drivers\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [25704 2022-10-03] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 WinRing0x64; C:\Windows\System32\Drivers\WinRing0x64.sys [14544 2023-01-07] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [38704 2022-06-03] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-07-21] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 HWiNFO_171; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_171.SYS [X] <==== ATTENTION
S3 HWiNFO_172; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION
S3 HWiNFO_173; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_173.SYS [X] <==== ATTENTION
S3 HWiNFO_177; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_177.SYS [X] <==== ATTENTION
S3 HWiNFO_178; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_178.SYS [X] <==== ATTENTION
S3 HWiNFO_180; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_180.SYS [X] <==== ATTENTION
S3 HWiNFO_187; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_187.SYS [X] <==== ATTENTION
S3 HWiNFO_191; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_191.SYS [X] <==== ATTENTION
S3 HWiNFO_202; \??\C:\Users\www\AppData\Local\Temp\HWiNFO_x64_202.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-20 11:07 - 2024-10-20 11:08 - 000063527 _____ C:\Users\www\Desktop\FRST.txt
2024-10-20 11:05 - 2024-10-20 11:05 - 002397696 _____ (Farbar) C:\Users\www\Desktop\FRST64.exe
2024-10-19 20:55 - 2024-10-20 09:34 - 000002378 _____ C:\Windows\system32\Tasks\DesktopOverlayHost
2024-10-19 17:39 - 2024-10-19 17:39 - 000000839 _____ C:\Users\www\Desktop\PDF Highlight Extractor.lnk
2024-10-19 10:30 - 2024-10-19 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-10-18 03:47 - 2024-10-18 03:47 - 000046824 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2024-10-15 16:39 - 2024-10-15 20:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-10-15 16:21 - 2024-10-15 16:21 - 000002146 _____ C:\Users\www\Desktop\Arc.lnk
2024-10-15 16:20 - 2024-10-15 16:20 - 000000000 ____D C:\Users\www\AppData\Local\Sentry
2024-10-15 15:24 - 2024-10-15 15:24 - 000315688 _____ (Gen Digital Inc.) C:\Windows\system32\aswBoot.exe
2024-10-14 23:16 - 2024-10-20 10:28 - 000000000 ____D C:\Users\www\AppData\Roaming\obsidian
2024-10-14 23:16 - 2024-10-14 23:16 - 000001711 _____ C:\Users\www\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Obsidian.lnk
2024-10-14 23:16 - 2024-10-14 23:16 - 000001681 _____ C:\Users\www\Desktop\Obsidian.lnk
2024-10-14 23:16 - 2024-10-14 23:16 - 000000000 ____D C:\Users\www\AppData\Local\obsidian-updater
2024-10-13 10:45 - 2024-10-13 10:45 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-10-12 10:50 - 2024-10-12 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO 64
2024-10-10 17:25 - 2024-10-10 17:30 - 000002210 _____ C:\Users\www\Desktop\SM 2024.txt
2024-10-10 16:55 - 2024-10-10 16:55 - 000000000 ____D C:\Users\www\Documents\Zoom
2024-10-10 14:44 - 2024-10-10 14:44 - 000001558 _____ C:\Users\www\Desktop\XnView.lnk
2024-10-10 14:44 - 2024-10-10 14:44 - 000000806 _____ C:\Users\Public\Desktop\XMedia Recode 64bit.lnk
2024-10-10 14:44 - 2024-10-10 14:44 - 000000000 ____D C:\Windows\system32\Tasks\VS Revo Group
2024-10-10 14:44 - 2024-10-10 14:44 - 000000000 ____D C:\Users\www\AppData\Local\VS Revo Group
2024-10-10 14:44 - 2024-10-10 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2024-10-10 14:44 - 2024-10-10 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2024-10-10 14:43 - 2024-10-10 14:43 - 000001115 _____ C:\Users\Public\Desktop\PDF-XChange Editor.lnk
2024-10-10 14:43 - 2024-10-10 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software
2024-10-10 14:43 - 2024-10-10 14:43 - 000000000 ____D C:\ProgramData\FileOpen
2024-10-10 14:42 - 2024-10-10 14:42 - 000000000 ____D C:\Program Files\Tracker Software
2024-10-10 14:42 - 2024-10-10 14:42 - 000000000 ____D C:\Program Files\Common Files\Tracker Software
2024-10-09 15:33 - 2024-10-09 15:33 - 000000718 _____ C:\Users\www\Desktop\Docear.lnk
2024-10-09 15:15 - 2024-10-09 15:15 - 000000000 ___HD C:\$WinREAgent
2024-10-08 17:24 - 2024-10-08 17:24 - 000000000 ____D C:\Users\www\AppData\Local\com.grammarly.web-client
2024-09-27 12:14 - 2024-09-27 12:14 - 000000000 ____D C:\Users\www\AppData\Local\AWSToolkit
2024-09-27 12:11 - 2024-09-27 12:11 - 000002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATLAS.ti 24.lnk
2024-09-27 12:11 - 2024-09-27 12:11 - 000002019 _____ C:\Users\Public\Desktop\ATLAS.ti 24.lnk
2024-09-27 12:11 - 2024-09-27 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATLAS.ti
2024-09-27 12:11 - 2024-09-27 12:11 - 000000000 ____D C:\Program Files\Scientific Software
2024-09-24 20:33 - 2024-09-24 20:33 - 000020140 _____ C:\Users\www\Downloads\il_1080xN.4402660626_sgez.avif
2024-09-24 18:06 - 2024-10-13 20:51 - 000000000 ____D C:\Users\www\.docear
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-20 11:08 - 2024-03-26 20:28 - 000000000 ____D C:\FRST
2024-10-20 11:01 - 2022-06-05 00:04 - 000000000 ____D C:\Users\www\AppData\Roaming\Ditto
2024-10-20 10:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-20 09:37 - 2022-06-21 08:36 - 000000000 ____D C:\Users\www\AppData\Roaming\KeePass
2024-10-20 09:34 - 2023-12-10 12:30 - 000002418 _____ C:\Windows\system32\Tasks\WD Discovery Service Task user
2024-10-20 09:34 - 2023-12-10 12:30 - 000002354 _____ C:\Windows\system32\Tasks\WD Device Agent Task user
2024-10-20 09:34 - 2023-08-31 11:10 - 000002464 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2024-10-20 09:34 - 2023-08-09 19:49 - 000002936 _____ C:\Windows\system32\Tasks\ViGEmBus_Updater
2024-10-20 09:34 - 2023-07-28 17:21 - 000002508 _____ C:\Windows\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2024-10-20 09:34 - 2023-03-30 21:00 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2022-10-17 18:01 - 000002596 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2024-10-20 09:34 - 2022-10-17 17:58 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-20 09:34 - 2022-09-21 13:02 - 000002900 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-10-20 09:34 - 2022-09-21 13:02 - 000000612 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-10-20 09:34 - 2022-08-31 17:45 - 000002234 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - user
2024-10-20 09:34 - 2022-08-31 13:39 - 000002970 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-10-20 09:34 - 2022-06-24 20:02 - 000002404 _____ C:\Windows\system32\Tasks\MSIAfterburner
2024-10-20 09:34 - 2022-06-22 16:43 - 000003070 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2069861480-1445196129-2239134032-1003
2024-10-20 09:34 - 2022-06-20 19:45 - 000002136 _____ C:\Windows\system32\Tasks\HotSwap! Applet
2024-10-20 09:34 - 2022-06-19 18:48 - 000002580 _____ C:\Windows\system32\Tasks\CrystalDiskInfo
2024-10-20 09:34 - 2022-06-19 15:11 - 000002716 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-20 09:34 - 2022-06-05 00:15 - 000002660 _____ C:\Windows\system32\Tasks\Volume² Autorun
2024-10-20 09:34 - 2022-06-03 23:25 - 000003448 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2024-10-20 09:34 - 2022-06-03 23:25 - 000003224 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2024-10-20 09:34 - 2022-06-03 23:25 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2024-10-20 09:34 - 2022-06-03 23:25 - 000000930 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2024-10-20 09:34 - 2022-05-15 10:29 - 000003220 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2024-10-20 09:34 - 2022-04-20 15:52 - 000003070 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2069861480-1445196129-2239134032-1001
2024-10-20 09:34 - 2022-04-20 15:32 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-20 09:34 - 2022-04-20 15:32 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-20 09:32 - 2023-07-21 19:45 - 000000000 ____D C:\Users\www\AppData\Roaming\SmartGenius
2024-10-20 09:32 - 2022-12-14 18:40 - 000000000 ____D C:\Users\www\AppData\Roaming\Ferdium
2024-10-20 09:32 - 2022-06-03 23:26 - 000000000 ____D C:\Users\www\AppData\Roaming\Dropbox
2024-10-20 09:32 - 2022-06-03 23:25 - 000000000 ____D C:\Users\www\AppData\Local\Dropbox
2024-10-20 09:31 - 2023-12-10 12:29 - 000000000 ____D C:\Users\www\AppData\Roaming\WD Discovery
2024-10-20 09:31 - 2023-12-10 12:29 - 000000000 ____D C:\Users\www\.wdc
2024-10-20 09:31 - 2023-04-14 09:42 - 000000000 ____D C:\Users\www\AppData\Roaming\Signal
2024-10-20 09:31 - 2022-06-19 17:39 - 000000000 ____D C:\ProgramData\firebird
2024-10-20 09:31 - 2022-06-19 16:32 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\Teams
2024-10-20 09:31 - 2022-06-03 23:11 - 000000000 ____D C:\ProgramData\NVIDIA
2024-10-19 23:51 - 2022-06-03 23:05 - 000000000 ____D C:\Users\www\AppData\Local\OpenShell
2024-10-19 20:52 - 2022-06-03 22:39 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-10-19 17:32 - 2022-04-20 15:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-19 17:27 - 2022-06-20 17:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-10-19 17:27 - 2022-06-19 15:11 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-19 16:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-19 13:52 - 2022-10-17 18:01 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-10-19 10:42 - 2022-06-19 15:05 - 000000000 ____D C:\Program Files\Microsoft Office
2024-10-19 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-10-19 10:30 - 2022-06-03 23:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-10-19 10:30 - 2022-04-20 15:32 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-19 10:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-17 22:25 - 2022-06-03 22:39 - 000000000 ____D C:\Program Files\Avast
2024-10-17 21:20 - 2023-10-13 14:12 - 000001421 _____ C:\Users\www\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2024-10-17 21:20 - 2022-06-23 16:44 - 000000000 ____D C:\Users\www\AppData\Local\Grammarly
2024-10-16 21:40 - 2022-06-03 23:42 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\Word
2024-10-16 16:37 - 2022-07-12 21:46 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\PowerPoint
2024-10-16 09:22 - 2022-04-20 15:50 - 000000000 ____D C:\Users\www\AppData\Local\Packages
2024-10-16 09:11 - 2022-06-21 15:52 - 000000000 ____D C:\Windows\SystemTemp
2024-10-15 20:21 - 2022-06-19 15:15 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\Excel
2024-10-15 20:15 - 2023-11-19 22:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-10-15 16:42 - 2022-04-20 15:50 - 000000000 ____D C:\Users\www\AppData\Local\D3DSCache
2024-10-15 16:21 - 2022-04-20 15:47 - 000000000 ____D C:\ProgramData\Packages
2024-10-15 15:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-10-15 15:24 - 2023-08-30 10:28 - 000550456 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswNetHub.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 001202232 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSP.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000951352 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSnx.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000381496 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsdriver.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000307256 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswVmm.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000294960 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsh.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000273976 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswMonFlt.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000233016 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArPot.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000097848 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRdr2.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000084536 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbuniv.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000069176 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRvrt.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000028752 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswKbd.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000020536 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArDisk.sys
2024-10-15 15:24 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-10-14 23:04 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-10-14 11:13 - 2023-03-29 23:52 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-14 11:13 - 2022-06-03 23:51 - 000000000 ____D C:\TEMPORARY
2024-10-14 11:12 - 2022-06-28 12:38 - 000000000 ____D C:\Users\www\AppData\Local\CrashDumps
2024-10-12 12:01 - 2022-06-23 16:29 - 000000000 ____D C:\Users\www\AppData\Roaming\NAPS2
2024-10-11 16:16 - 2022-12-18 21:53 - 000000000 ____D C:\_
2024-10-11 10:28 - 2024-02-04 22:59 - 000000000 ____D C:\Users\www\AppData\Roaming\Kodi
2024-10-11 08:06 - 2022-06-21 15:39 - 000000000 ____D C:\Users\www\AppData\Local\Tracker Software
2024-10-10 17:33 - 2023-09-21 14:12 - 000000000 ____D C:\Users\www\AppData\Roaming\Zoom
2024-10-10 14:44 - 2022-06-21 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2024-10-10 14:44 - 2022-06-05 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2024-10-10 14:43 - 2022-06-03 23:13 - 000000000 ____D C:\ProgramData\Package Cache
2024-10-10 14:41 - 2024-02-13 11:03 - 000000844 _____ C:\Users\Public\Desktop\KeePass 2.lnk
2024-10-10 14:41 - 2023-12-17 02:01 - 000000000 ____D C:\Users\www\AppData\Roaming\Notepad++
2024-10-10 14:41 - 2023-11-19 22:35 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2024-10-10 14:41 - 2023-11-19 22:35 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-10-10 14:41 - 2023-11-03 20:11 - 000000770 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2024-10-10 14:41 - 2022-06-21 08:35 - 000000856 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2024-10-10 14:41 - 2022-06-03 22:40 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-10 14:40 - 2024-06-04 11:15 - 000001107 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2024-10-10 14:40 - 2024-02-01 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2024-10-10 14:40 - 2024-02-01 20:04 - 000000000 ____D C:\Program Files\Calibre2
2024-10-10 14:38 - 2023-11-15 10:34 - 000000746 _____ C:\Users\Public\Desktop\Audacity.lnk
2024-10-10 14:38 - 2022-11-24 10:14 - 000000758 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2024-10-09 15:18 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-10-09 11:50 - 2024-08-21 17:37 - 000000000 ____D C:\Program Files\Zotero
2024-10-09 10:16 - 2024-06-23 22:21 - 000000452 _____ C:\Users\www\Desktop\Nový textový dokument.txt
2024-10-06 19:41 - 2024-05-08 17:54 - 000000000 ____D C:\Users\www\Documents\My Games
2024-10-06 19:41 - 2022-06-20 18:12 - 000004064 _____ C:\Windows\system32\Drivers\etc\hosts.rollback
2024-10-06 19:40 - 2022-06-20 17:41 - 000000000 ____D C:\Windows\SysWOW64\directx
2024-10-06 15:56 - 2023-07-19 21:59 - 000000000 ____D C:\Users\www\AppData\Local\SH3RE
2024-10-06 15:56 - 2023-05-30 21:43 - 000000000 ____D C:\Users\www\AppData\Roaming\Victor Vran
2024-10-06 15:56 - 2023-03-06 20:42 - 000000000 ____D C:\Users\www\AppData\Roaming\Insomniac Games
2024-10-02 20:59 - 2022-06-03 23:42 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\Office
2024-10-02 13:39 - 2023-11-19 22:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-27 22:27 - 2022-04-20 15:38 - 001693660 _____ C:\Windows\system32\PerfStringBackup.INI
2024-09-27 22:27 - 2019-12-07 16:43 - 000716894 _____ C:\Windows\system32\perfh005.dat
2024-09-27 22:27 - 2019-12-07 16:43 - 000145072 _____ C:\Windows\system32\perfc005.dat
2024-09-27 22:22 - 2023-08-30 10:28 - 000549968 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw9f0a2f950c0b332d.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 001200696 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswfe4ae9b3b758c6d6.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000950328 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw6a4621d7079a4868.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000381520 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw46d8dc61fb4fb8d5.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000306744 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswf1b2dfe6cb5420b8.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000293968 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw3cd77dc56cf29582.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000274000 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw12da60c4ccca535d.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000229944 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw27d4752c316ac8f6.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000097848 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw609e299f2ae95415.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000084424 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswa108e92d447435be.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000069176 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw9aa5b9696679742c.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000028752 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswe5c7b22659667c82.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000020528 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw8f5d2d5f315e0361.tmp
2024-09-27 22:20 - 2022-06-03 22:37 - 000000000 ____D C:\ProgramData\Avast Software
2024-09-27 22:20 - 2022-04-20 15:32 - 000468608 _____ C:\Windows\system32\FNTCACHE.DAT
2024-09-27 22:20 - 2022-04-20 15:32 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-27 22:20 - 2022-04-20 15:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-27 22:20 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-09-27 12:11 - 2023-06-10 21:19 - 000000000 ____D C:\ProgramData\Scientific Software
2024-09-24 18:06 - 2022-04-20 15:49 - 000000000 ____D C:\Users\www
2024-09-23 16:06 - 2023-06-05 15:21 - 000000000 ____D C:\Program Files\Ferdium
==================== Files in the root of some directories ========
2022-06-19 14:58 - 2022-06-19 14:58 - 000000000 _____ () C:\Users\www\AppData\Local\oobelibMkey.log
2022-08-30 08:51 - 2022-08-30 08:51 - 000007597 _____ () C:\Users\www\AppData\Local\Resmon.ResmonCfg
2022-09-07 17:19 - 2024-05-01 13:06 - 000006541 _____ () C:\Users\www\AppData\Local\subtitlecomposerrc
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by user (administrator) on DESKTOP-TMT (MSI MS-7978) (20-10-2024 11:07:38)
Running from C:\Users\www\Desktop\FRST64.exe
Loaded Profiles: user & admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4894 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast\AvastUI.exe <4>
(C:\Apps\FlashFolder\FlashFolder64.exe ->) (zett42) [File not signed] C:\Apps\FlashFolder\FlashFolder.exe
(C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe ->) (mik61 (independent software developer) -> mik61) [File not signed] [File is in use] C:\Apps\Gameplay Time Tracker\Support64.exe
(C:\Apps\MSI Afterburner\MSIAfterburner.exe ->) (Alexey Nicolaychuk -> ) C:\Apps\RivaTuner Statistics Server\RTSS.exe
(C:\Apps\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Apps\RivaTuner Statistics Server\EncoderServer.exe
(C:\Apps\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Apps\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Apps\Total Commander\TOTALCMD64.EXE ->) (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.) C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe
(C:\Program Files (x86)\Backblaze\bzbui.exe ->) (BACKBLAZE, INC. -> ) C:\Program Files (x86)\Backblaze\bzbuitray.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.913.1\DropboxCrashHandler.exe
(C:\Program Files\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
(C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe ->) (Grammarly, Inc. -> ) C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.WebUI.exe
(C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.WebUI.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe <19>
(C:\Users\www\AppData\Local\SmartGenius\SmartGenius.exe ->) () [File not signed] C:\Users\www\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <9>
(explorer.exe ->) () [File not signed] C:\Apps\Ditto\Ditto.exe
(explorer.exe ->) (ASTONSOFT OU -> Astonsoft) C:\Apps\Essential PIM\EssentialPIM.exe <2>
(explorer.exe ->) (BACKBLAZE, INC. -> ) C:\Program Files (x86)\Backblaze\bzbui.exe
(explorer.exe ->) (Dynalist Inc -> Obsidian) C:\Apps\Obsidian\Obsidian.exe <4>
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\www\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Ferdium Contributors) [File not signed] C:\Program Files\Ferdium\Ferdium.exe <10>
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Apps\Total Commander\TOTALCMD64.EXE
(explorer.exe ->) (GNE) [File not signed] C:\Apps\Dual Monitor Tools\DMT.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <35>
(explorer.exe ->) (Grammarly, Inc. -> Grammarly) C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe
(explorer.exe ->) (KARPOLAN) [File not signed] C:\Apps\Keyboard Leds\KeyboardLeds.exe
(explorer.exe ->) (Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.192.0923.0006\Microsoft.SharePoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(explorer.exe ->) (mik61 (independent software developer) -> mik61) [File not signed] C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe
(explorer.exe ->) (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(explorer.exe ->) (pCloud AG -> pCloud AG) C:\Apps\pCloud Drive\pCloud.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\www\AppData\Local\Programs\signal-desktop\Signal.exe <4>
(explorer.exe ->) (SOFTPERFECT PTY. LTD. -> SoftPerfect) C:\Apps\Networx\networx.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Apps\CCleaner\CCleaner64.exe
(KYE SYSTEMS CORP. -> ) C:\Users\www\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartFore.exe
(KYE SYSTEMS CORP. -> KYE System Corp.) C:\Users\www\AppData\Local\SmartGenius\SmartGenius.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24257.205.3165.2029_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) C:\Apps\CrystalDiskInfo\DiskInfo64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast\AvastSvc.exe
(services.exe ->) (BACKBLAZE, INC. -> ) C:\Program Files (x86)\Backblaze\bzserv.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Apps\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (KeepSolid Inc. -> KeepSolid Inc.) C:\Apps\VPN Unlimited\vpn-unlimited-daemon.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dcf94619172aceb0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Apps\OO Defrag\oodag.exe
(services.exe ->) (voidtools -> voidtools) C:\Apps\Everything\Everything.exe <2>
(services.exe ->) (zett42) [File not signed] C:\Apps\FlashFolder\FlashFolder64.exe <2>
(svchost.exe ->) (Alexandr Irza) [File not signed] C:\Apps\Volume2\Volume2.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Kazuyuki Nakayama) [File not signed] C:\Apps\HotSwap\HotSwap!.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\backup\0D40ED3A-5133-44A1-8DAC-8C2A9211A451\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\backup\723A6357-6A70-41DD-B0E7-468AF9B13DBC\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Apps\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (VS REVO GROUP OOD -> VS Revo Group Ltd.) C:\Apps\Revo Uninstaller Free\RevoUninHelper.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4>
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast\AvLaunch.exe [427304 2024-09-03] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [NetWorx] => C:\Apps\Networx\networx.exe [7627080 2016-09-24] (SOFTPERFECT PTY. LTD. -> SoftPerfect)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Apps\OO Defrag\oodtray.exe [5482928 2022-10-14] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [SmartGenius] => C:\Users\www\AppData\Local\SmartGenius\SGStartup.exe [525824 2022-07-12] () [File not signed]
HKLM\...\Run: [RunSmartHIDFile] => C:\Users\www\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHIDStart.exe [524288 2020-09-15] () [File not signed]
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [265216 2023-08-16] (Open-Shell) [File not signed]
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [Everything] => C:\Apps\Everything\Everything.exe [2265104 2024-08-01] (voidtools -> voidtools)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Apps\KeePass Password Safe 2\KeePass.exe [3297664 2024-10-08] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9235336 2024-10-18] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Apps\Adobe\Acrobat 2017\Acrobat\Acrotray.exe [2192592 2022-07-29] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81380584 2024-03-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752216 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919336 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [KeyboardLeds.exe] => C:\Apps\Keyboard Leds\KeyboardLeds.exe [912896 2012-09-06] (KARPOLAN) [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Ditto] => C:\Apps\Ditto\Ditto.exe [5185024 2021-09-10] () [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [f.lux] => C:\Users\www\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-02-22] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [GameplayTimeTracker] => C:\Apps\Gameplay Time Tracker\GameplayTimeTracker.exe [932472 2018-09-17] (mik61 (independent software developer) -> mik61) [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\www\AppData\Local\Microsoft\Teams\Update.exe [2591080 2023-12-08] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [EssentialPIM Pro Portable] => C:\Apps\Essential PIM\EssentialPIM.exe [12786592 2024-08-29] (ASTONSOFT OU -> Astonsoft)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [1884208 2024-04-05] (BACKBLAZE, INC. -> )
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [GNE_DualMonitorTools] => C:\Apps\Dual Monitor Tools\DMT.exe [888832 2021-10-13] (GNE) [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [CCleaner Smart Cleaning] => C:\Apps\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Apps\Adobe\Acrobat 2017\Acrobat\AdobeCollabSync.exe [889032 2022-07-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [pCloud] => C:\Apps\pCloud Drive\pCloud.exe [3463408 2022-11-08] (pCloud AG -> pCloud AG)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\www\AppData\Local\Programs\signal-desktop\Signal.exe [186624880 2024-10-16] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Ferdium] => C:\Program Files\Ferdium\Ferdium.exe [186366464 2024-09-22] (Ferdium Contributors) [File not signed]
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\24.192.0923.0006\Microsoft.SharePoint.exe [1025568 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Run: [Grammarly] => C:\Users\www\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [238680 2024-10-17] (Grammarly, Inc. -> Grammarly)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1001\...\Policies\Explorer: [HideSCAVolume] 1
HKU\S-1-5-21-2069861480-1445196129-2239134032-1003\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919336 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2069861480-1445196129-2239134032-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\admin\AppData\Local\Microsoft\Teams\Update.exe [2492128 2022-06-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\SYSTEM32\AdobePDF.dll [65192 2022-07-29] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.101\Installer\chrmstp.exe [2024-10-10] (Google LLC -> Google LLC)
Startup: C:\Users\www\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSwap!.lnk [2022-11-08]
ShortcutTarget: HotSwap!.lnk -> C:\Apps\HotSwap\HotSwap!.EXE (Kazuyuki Nakayama) [File not signed]
Startup: C:\Users\www\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2024-05-28]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2023-03-20]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{C6CD258F-5FAF-4C35-86BD-A74E4374C146}\app_icon.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F3789037-2726-42A2-AAA7-B245F504ED42} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {3E5D4DAF-F60E-483E-8F91-B6B30EE92B56} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0E2CF8DD-E7E7-44DD-8F91-D1973096323A} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4454832 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D53ECC7D-A7D3-41E7-BC4F-736FD864F987} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast\AvEmUpdate.exe [5205800 2024-10-15] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {7A5265A0-C53C-4AF4-83D8-951CDC226628} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-08] (Avast Software s.r.o. -> Avast Software)
Task: {1FCDD9BA-B2C1-45FA-9FC9-5FC1611B79DA} - System32\Tasks\CCleaner Update => C:\Apps\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {C90FF0D5-021C-40A6-ADEB-10D16EAB2CCA} - System32\Tasks\CCleanerCrashReporting => C:\Apps\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Apps\CCleaner\LOG" --programpath "C:\Apps\CCleaner" --guid "c308d7e7-2998-4055-8e17-d843455a776f" --version "6.29.11342" --silent
Task: {71004A66-F9E6-4FE9-A5F1-C7CC3A0D7B46} - System32\Tasks\CCleanerSkipUAC - user => C:\Apps\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {CE7FD45C-3A4C-4CDA-825D-1226FFFA2915} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {809FFE11-15B7-488E-85D8-ACCC54A78BDB} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {32B469DD-ABA6-4C16-86DA-AC66256F4562} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0D3A933E-F0AD-4430-8FD9-0BAC1C10D919} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {92B791C1-42D8-4BAA-8FF1-F6589E150C66} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {27297004-9AEB-4C5E-B6B6-E6D59D150288} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0146F51C-C6F8-43DF-9510-2D98D3B51ADA} - System32\Tasks\CrystalDiskInfo => C:\Apps\CrystalDiskInfo\DiskInfo64.exe [2849312 2024-01-13] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {3A1B28A1-D62A-4378-9F48-AF35DEBC7F1C} - System32\Tasks\DesktopOverlayHost => C:\Apps\RivaTuner Statistics Server\DesktopOverlayHost.exe [69952 2023-03-30] (Alexey Nicolaychuk -> )
Task: {B21C3B7D-9D58-45D3-AA34-13372EDC5560} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-06-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7051CB0A-EE42-4B28-80C2-AE2807FEFE44} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-06-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E64D0AC4-DBE5-482C-BF4F-1450AE7109A9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{FC79E3CC-C844-4E3E-AD74-71ADA33BCB7A} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {99C763E1-414C-4083-807B-711465672D4E} - System32\Tasks\HotSwap! Applet => C:\Apps\HotSwap\HotSwap!.EXE [219648 2019-01-07] (Kazuyuki Nakayama) [File not signed]
Task: {E18ED173-33A3-45B0-8D03-52A59BED35F5} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
Task: {80A02F25-6816-44DB-B0F0-DE4CBC883C6C} - System32\Tasks\MAISOFT\QA_F8653609-5D6D-4C00-9383-C04E1E8E409D => C:\Users\www\AppData\Local\QA\Helper.vbs [3065 2023-07-21] () [File not signed]
Task: {DCC8C8F2-9157-4C95-8F5F-5DD0A8D58E42} - System32\Tasks\MAISOFT\QA-DE_F8653609-5D6D-4C00-9383-C04E1E8E409D => C:\Users\www\AppData\Local\QA\Helper.vbs [3065 2023-07-21] () [File not signed]
Task: {82923213-4A51-4BFF-B866-E6466FD1EE97} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2069861480-1445196129-2239134032-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2531504 2023-06-16] (Mega Limited -> )
Task: {1B15B030-9122-46E2-9B10-A97A7FEAEA92} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1D038AE-EB9E-467C-AEBD-9F93F6F40CF2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A42A02CF-670A-4DF9-8063-3568FDA5FBD4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CAF97D3-6410-4BC3-8E35-DBFEEE2224C6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {525F2F13-7732-4F65-B964-D8591778FAF5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD2F1F46-685A-46B3-8853-02DCD13485F4} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4465608 2024-09-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A2E1C0C-A70B-40E5-98CA-1A46D9833D3E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\OS Edition Upgrade event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {064D1179-ABCA-49D7-8DD4-F4055C2186DE} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Passport for Work alert created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {D0A5F900-FF14-48A4-AA24-671CED9D79FE} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Provisioning initiated session => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {0E9EDA07-F352-4EC3-A941-904CC860CF82} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\PushLaunch => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {03C3AA0D-9490-417D-8420-E10539F599DA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\PushRenewal => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {9BE66C6B-4FA8-4961-A4B4-255C8246117C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Retry Schedule created for incomplete session => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {34C8A8F5-0E8E-42C0-9208-72BC26230BEA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule #1 created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {1907D8C1-7A99-4839-9B9C-20A2BE52F605} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule #2 created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {8AB015F6-EEA3-4377-AEFA-3BE0A503887E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule #3 created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {C0B2ABC5-7C63-464F-AE5E-0B216BAED24A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule created by enrollment client for renewal of certificate warning => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {BE031E2E-1D8F-4703-9861-CB8A38E80556} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule to run OMADMClient by client => C:\Windows\system32\omadmclient.exe [478208 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {3B2DCCC9-B908-4E11-902D-B2CBDB9912A2} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Schedule to run OMADMClient by server => C:\Windows\system32\omadmclient.exe [478208 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {7B3F8530-F82A-4457-97EE-B174B6169C26} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Win10 S Mode event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {670937AB-91A0-403A-8C25-CC0E0B7BC214} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\39C60DBD-3E3D-4A46-A30F-9D3740F959C4\Wsc Startup event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {EDBC99BF-B8B0-4FFB-8B87-7A514D922825} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\Schedule created by enrollment client to reattest client certificate => C:\Windows\system32\deviceenroller.exe [503808 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {3963D1E3-47AF-4136-9602-44974B6DD06B} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {73AF874F-3CEA-4911-A678-4AEFA9E922B5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2024-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {742BAE9B-8AF0-477C-8762-F02FA43FE6F3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2069861480-1445196129-2239134032-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2024-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {EB06F5B9-A331-4409-8517-EE724C9F201A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-10-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {60EA9D65-1F76-4255-9DC1-80A932B89E1E} - System32\Tasks\MSIAfterburner => C:\Apps\MSI Afterburner\MSIAfterburner.exe [804312 2023-04-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F9768B2F-0BEF-41B4-A7EE-3C01623F1314} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D4CF4E8A-0DED-4EE9-A567-197EEFB6168C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {652A89CF-E740-40BE-9F56-6739BE31CCA6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {B2A433F2-C38C-473A-9A86-12BDDBDCF798} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AD5AAF6E-7BB4-4D81-AC6F-EFC4EA34F7A7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68FE2F86-F1C2-416F-836C-CF9796381453} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {959B48F4-A4D9-486F-88E7-8AFCA1A0C798} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B9974027-CE73-46C6-82A7-31815A856FE4} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {39522024-10B8-4CA0-A60A-6E6FE4107F5B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8A2AA4FA-16FC-42A3-8F8B-C77D2326850D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {10CB0804-782C-44D7-A633-F75ADE99A4B1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2069861480-1445196129-2239134032-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {698C4E3C-6493-4DAD-93C9-EACC7800E33A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2069861480-1445196129-2239134032-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D5D2073-9E96-4ACC-924B-A61DF5789E6A} - System32\Tasks\ViGEmBus_Updater => C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBus_Updater.exe [1117096 2022-09-27] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.) -> C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\\/silent
Task: {7E947D07-1094-4E8B-BE9B-A136F50BB27A} - System32\Tasks\Volume² Autorun => C:\Apps\Volume2\Volume2.exe [4529152 2023-09-16] (Alexandr Irza) [File not signed]
Task: {150997E3-1118-4CE0-BF29-DF46DBF600B9} - System32\Tasks\VS Revo Group\RevoHelperFreeStartup => C:\Apps\Revo Uninstaller Free\RevoUninHelper.exe [4013240 2024-09-24] (VS REVO GROUP OOD -> VS Revo Group Ltd.)
Task: {EBC61FAD-AB97-428E-8723-3D8CFF233BF8} - System32\Tasks\WD Device Agent Task user => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [724712 2024-03-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {B3B1B33D-D437-491B-B46B-1EFBFEA035A2} - System32\Tasks\WD Discovery Service Task user => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [79592 2024-03-29] (Western Digital Technologies, Inc. -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Apps\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29a808b4-5abc-4d2d-accc-d2633e81b992}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29a808b4-5abc-4d2d-accc-d2633e81b992}: [DhcpDomain] ASUS
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-14]
Edge Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Edge relevant text changes) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-14]
Edge Profile: C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-10-14]
Edge Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2024-10-08]
Edge Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29]
Edge Extension: (Edge relevant text changes) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Zotero Connector) - C:\Users\www\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\nmhdhpibnnopknkmonacoephklnflpho [2024-10-08]
FireFox:
========
FF DefaultProfile: vlvltzkd.default
FF DefaultProfile: 38vojeko.default
FF ProfilePath: C:\Users\www\AppData\Roaming\Zotero\Zotero\Profiles\vlvltzkd.default [2024-10-17]
FF Extension: (Better BibTex for Zotero) - C:\Users\www\AppData\Roaming\Zotero\Zotero\Profiles\vlvltzkd.default\Extensions\better-bibtex@iris-advies.com.xpi [2024-10-17] [Legacy] [not signed]
FF ProfilePath: C:\Users\www\AppData\Roaming\Mozilla\Firefox\Profiles\38vojeko.default [2023-11-19]
FF ProfilePath: C:\Users\www\AppData\Roaming\Mozilla\Firefox\Profiles\utb3vtcv.default-release [2024-10-20]
FF Extension: (Greasemonkey) - C:\Users\www\AppData\Roaming\Mozilla\Firefox\Profiles\utb3vtcv.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2024-09-27]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Apps\Adobe\Acrobat 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Apps\Adobe\Acrobat 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-07-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Apps\Adobe\Acrobat 2017\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: Adobe Acrobat -> C:\Apps\Adobe\Acrobat 2017\Acrobat\Air\nppdf32.dll [2022-07-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-2069861480-1445196129-2239134032-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-2069861480-1445196129-2239134032-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-2069861480-1445196129-2239134032-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-10-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Default [2024-10-20]
CHR Notifications: Default -> hxxps://cuni-cz.zoom.us; hxxps://drive.google.com; hxxps://meet.google.com
CHR Extension: (Překladač Google) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-05]
CHR Extension: (Seedr) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfimpkhacgimamjbiegeoponlepcbob [2024-10-16]
CHR Extension: (Bookmark Favicon Changer) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmfnomgphggonodopogfbmkneepfgnh [2024-06-20]
CHR Extension: (Seznam Doplněk – Email) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2024-10-18]
CHR Extension: (WOT – zabezpečení webových stránek a ochrana pro bezpečné procházení) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2024-10-15]
CHR Extension: (You.com: AI Search Assistant) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\chamcglaoafmjphcfppikphgianmmbjf [2024-07-19]
CHR Extension: (SciSpace: Do hours of research in minutes) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipccbpjpemcnijhjcdjmkjhmhniiick [2023-12-06]
CHR Extension: (uBlock Origin) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-09-27]
CHR Extension: (change-language) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2024-10-18]
CHR Extension: (Zotero Connector) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2024-10-08]
CHR Extension: (Urban VPN Proxy) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-08-31]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2022-06-05]
CHR Extension: (EndNote Click) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjgncogppolhfdpijihbpfmeohpaadpc [2024-10-03]
CHR Extension: (Lazy Scholar) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpbdcofpbclblalghaepibbagkkgpkak [2024-09-16]
CHR Extension: (HTTPS Everywhere) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-06-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-10]
CHR Extension: (Texti) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdfpikgminknioaacfllhjjjhifoemhk [2023-12-22]
CHR Extension: (Power Thesaurus) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjkanigjoiglnlopahbbjdbfhkndjk [2024-07-31]
CHR Extension: (Boční lišta záložek) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2024-08-10]
CHR Extension: (AI Drive - Side Panel) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjikipommaidbcdealcjojhjegdjfegg [2024-08-18]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2024-10-18]
CHR Extension: (Substital: Add subtitles to videos and movies) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkkbiiikppgjdiebcabomlbidfodipjg [2024-01-23]
CHR Extension: (Remind Me) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbcagagehgegabogmbnbjblmhodjohoo [2023-01-08]
CHR Extension: (Tlačítko Google Scholar) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2024-05-17]
CHR Extension: (Decentraleyes) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2024-03-27]
CHR Extension: (Change Case) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpakoahdokkkonadfppfgmednkknpgbm [2024-09-27]
CHR Extension: (Citace PRO) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2024-06-24]
CHR Extension: (Save to Pocket) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-03]
CHR Extension: (Context Menu Search) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2024-09-14]
CHR Extension: (Charset) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\oenllhgkiiljibhfagbfogdbchhdchml [2022-06-05]
CHR Extension: (Povolit kliknutí pravým tlačítkem pro Google Chrome ™) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgdcdohlhjfdhbnfkikfeakhpojhpgm [2023-02-15]
CHR Extension: (Seznam.cz) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-08-08]
CHR Extension: (Wiseone - Your AI Search & Reading Copilot) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\paodpkkacimmkacaecjmhdncjgjepcai [2024-10-18]
CHR Extension: (Privacy Badger) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2024-07-19]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-10-14]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-10-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-06-26]
CHR Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-08]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-10-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-21]
CHR Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-06]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-10-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-24]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 8 [2024-10-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\www\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-09-02]
CHR Profile: C:\Users\www\AppData\Local\Google\Chrome\User Data\System Profile [2024-10-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4578736 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast\aswidsagent.exe [7248680 2024-09-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [771880 2024-09-03] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast\aswToolsSvc.exe [1217832 2024-09-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast\wsc_proxy.exe [56912 2022-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [847920 2024-04-05] (BACKBLAZE, INC. -> )
R3 CCleanerPerformanceOptimizerService; C:\Apps\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861072 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-06-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-06-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46824 2024-10-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\211.3.5889\DropboxElevationService.exe [1659280 2024-10-18] (Dropbox, Inc -> Dropbox, Inc.)
R2 Everything; C:\Apps\Everything\Everything.exe [2265104 2024-08-01] (voidtools -> voidtools)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.192.0923.0006\FileSyncHelper.exe [3524648 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
R2 FlashFolder; C:\Apps\FlashFolder\FlashFolder64.exe [596992 2012-07-21] (zett42) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [347408 2022-10-03] (Underwriters Laboratories Inc. -> Futuremark)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dcf94619172aceb0\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.192.0923.0006\OneDriveUpdaterService.exe [3868688 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
R2 OODefragAgent; C:\Apps\OO Defrag\oodag.exe [4357040 2022-08-18] (O&O Software GmbH -> O&O Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530488 2024-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 VPNUnlimitedService; C:\Apps\VPN Unlimited\vpn-unlimited-daemon.exe [54136 2023-10-22] (KeepSolid Inc. -> KeepSolid Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [20536 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [233016 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [381496 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [294960 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [84536 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [27744 2024-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [28752 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [273976 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [550456 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [97848 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [69176 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [951352 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [1202232 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203832 2024-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [307256 2024-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 cbfs20; C:\Windows\System32\drivers\cbfs20.sys [449080 2022-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 gKbdfltr; C:\Windows\System32\drivers\gKbdfltr.sys [29576 2020-09-15] (KYE SYSTEMS CORP. -> )
R3 HWiNFO_203; C:\Users\www\AppData\Local\Temp\HWiNFO_x64_203.sys [58024 2024-10-12] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ATTENTION
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 ioFakDrv; C:\Windows\System32\drivers\ioFakDrv.sys [35928 2020-09-15] (KYE Systems Corp -> KYE System Corp.)
R3 ioFakMap; C:\Windows\System32\drivers\ioFakMap.sys [24664 2020-09-15] (KYE Systems Corp -> KYE System Corp.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> )
R3 RevoProcessDetector; C:\Windows\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 RTCore64; C:\Apps\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [44080 2016-09-27] (Shaul Eizikovich -> Nefarius Software Solutions)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2023-07-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 vjoy; C:\Windows\System32\drivers\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [25704 2022-10-03] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 WinRing0x64; C:\Windows\System32\Drivers\WinRing0x64.sys [14544 2023-01-07] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [38704 2022-06-03] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-07-21] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 HWiNFO_171; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_171.SYS [X] <==== ATTENTION
S3 HWiNFO_172; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION
S3 HWiNFO_173; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_173.SYS [X] <==== ATTENTION
S3 HWiNFO_177; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_177.SYS [X] <==== ATTENTION
S3 HWiNFO_178; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_178.SYS [X] <==== ATTENTION
S3 HWiNFO_180; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_180.SYS [X] <==== ATTENTION
S3 HWiNFO_187; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_187.SYS [X] <==== ATTENTION
S3 HWiNFO_191; \??\C:\Users\www\AppData\Local\Temp\HWiNFO64A_191.SYS [X] <==== ATTENTION
S3 HWiNFO_202; \??\C:\Users\www\AppData\Local\Temp\HWiNFO_x64_202.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-20 11:07 - 2024-10-20 11:08 - 000063527 _____ C:\Users\www\Desktop\FRST.txt
2024-10-20 11:05 - 2024-10-20 11:05 - 002397696 _____ (Farbar) C:\Users\www\Desktop\FRST64.exe
2024-10-19 20:55 - 2024-10-20 09:34 - 000002378 _____ C:\Windows\system32\Tasks\DesktopOverlayHost
2024-10-19 17:39 - 2024-10-19 17:39 - 000000839 _____ C:\Users\www\Desktop\PDF Highlight Extractor.lnk
2024-10-19 10:30 - 2024-10-19 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-10-18 03:47 - 2024-10-18 03:47 - 000046824 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2024-10-15 16:39 - 2024-10-15 20:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-10-15 16:21 - 2024-10-15 16:21 - 000002146 _____ C:\Users\www\Desktop\Arc.lnk
2024-10-15 16:20 - 2024-10-15 16:20 - 000000000 ____D C:\Users\www\AppData\Local\Sentry
2024-10-15 15:24 - 2024-10-15 15:24 - 000315688 _____ (Gen Digital Inc.) C:\Windows\system32\aswBoot.exe
2024-10-14 23:16 - 2024-10-20 10:28 - 000000000 ____D C:\Users\www\AppData\Roaming\obsidian
2024-10-14 23:16 - 2024-10-14 23:16 - 000001711 _____ C:\Users\www\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Obsidian.lnk
2024-10-14 23:16 - 2024-10-14 23:16 - 000001681 _____ C:\Users\www\Desktop\Obsidian.lnk
2024-10-14 23:16 - 2024-10-14 23:16 - 000000000 ____D C:\Users\www\AppData\Local\obsidian-updater
2024-10-13 10:45 - 2024-10-13 10:45 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-10-12 10:50 - 2024-10-12 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO 64
2024-10-10 17:25 - 2024-10-10 17:30 - 000002210 _____ C:\Users\www\Desktop\SM 2024.txt
2024-10-10 16:55 - 2024-10-10 16:55 - 000000000 ____D C:\Users\www\Documents\Zoom
2024-10-10 14:44 - 2024-10-10 14:44 - 000001558 _____ C:\Users\www\Desktop\XnView.lnk
2024-10-10 14:44 - 2024-10-10 14:44 - 000000806 _____ C:\Users\Public\Desktop\XMedia Recode 64bit.lnk
2024-10-10 14:44 - 2024-10-10 14:44 - 000000000 ____D C:\Windows\system32\Tasks\VS Revo Group
2024-10-10 14:44 - 2024-10-10 14:44 - 000000000 ____D C:\Users\www\AppData\Local\VS Revo Group
2024-10-10 14:44 - 2024-10-10 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2024-10-10 14:44 - 2024-10-10 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2024-10-10 14:43 - 2024-10-10 14:43 - 000001115 _____ C:\Users\Public\Desktop\PDF-XChange Editor.lnk
2024-10-10 14:43 - 2024-10-10 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software
2024-10-10 14:43 - 2024-10-10 14:43 - 000000000 ____D C:\ProgramData\FileOpen
2024-10-10 14:42 - 2024-10-10 14:42 - 000000000 ____D C:\Program Files\Tracker Software
2024-10-10 14:42 - 2024-10-10 14:42 - 000000000 ____D C:\Program Files\Common Files\Tracker Software
2024-10-09 15:33 - 2024-10-09 15:33 - 000000718 _____ C:\Users\www\Desktop\Docear.lnk
2024-10-09 15:15 - 2024-10-09 15:15 - 000000000 ___HD C:\$WinREAgent
2024-10-08 17:24 - 2024-10-08 17:24 - 000000000 ____D C:\Users\www\AppData\Local\com.grammarly.web-client
2024-09-27 12:14 - 2024-09-27 12:14 - 000000000 ____D C:\Users\www\AppData\Local\AWSToolkit
2024-09-27 12:11 - 2024-09-27 12:11 - 000002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATLAS.ti 24.lnk
2024-09-27 12:11 - 2024-09-27 12:11 - 000002019 _____ C:\Users\Public\Desktop\ATLAS.ti 24.lnk
2024-09-27 12:11 - 2024-09-27 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATLAS.ti
2024-09-27 12:11 - 2024-09-27 12:11 - 000000000 ____D C:\Program Files\Scientific Software
2024-09-24 20:33 - 2024-09-24 20:33 - 000020140 _____ C:\Users\www\Downloads\il_1080xN.4402660626_sgez.avif
2024-09-24 18:06 - 2024-10-13 20:51 - 000000000 ____D C:\Users\www\.docear
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-20 11:08 - 2024-03-26 20:28 - 000000000 ____D C:\FRST
2024-10-20 11:01 - 2022-06-05 00:04 - 000000000 ____D C:\Users\www\AppData\Roaming\Ditto
2024-10-20 10:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-20 09:37 - 2022-06-21 08:36 - 000000000 ____D C:\Users\www\AppData\Roaming\KeePass
2024-10-20 09:34 - 2023-12-10 12:30 - 000002418 _____ C:\Windows\system32\Tasks\WD Discovery Service Task user
2024-10-20 09:34 - 2023-12-10 12:30 - 000002354 _____ C:\Windows\system32\Tasks\WD Device Agent Task user
2024-10-20 09:34 - 2023-08-31 11:10 - 000002464 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2024-10-20 09:34 - 2023-08-09 19:49 - 000002936 _____ C:\Windows\system32\Tasks\ViGEmBus_Updater
2024-10-20 09:34 - 2023-07-28 17:21 - 000002508 _____ C:\Windows\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2024-10-20 09:34 - 2023-03-30 21:00 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2023-03-30 21:00 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-10-20 09:34 - 2022-10-17 18:01 - 000002596 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2024-10-20 09:34 - 2022-10-17 17:58 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-20 09:34 - 2022-09-21 13:02 - 000002900 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-10-20 09:34 - 2022-09-21 13:02 - 000000612 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-10-20 09:34 - 2022-08-31 17:45 - 000002234 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - user
2024-10-20 09:34 - 2022-08-31 13:39 - 000002970 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-10-20 09:34 - 2022-06-24 20:02 - 000002404 _____ C:\Windows\system32\Tasks\MSIAfterburner
2024-10-20 09:34 - 2022-06-22 16:43 - 000003070 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2069861480-1445196129-2239134032-1003
2024-10-20 09:34 - 2022-06-20 19:45 - 000002136 _____ C:\Windows\system32\Tasks\HotSwap! Applet
2024-10-20 09:34 - 2022-06-19 18:48 - 000002580 _____ C:\Windows\system32\Tasks\CrystalDiskInfo
2024-10-20 09:34 - 2022-06-19 15:11 - 000002716 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-20 09:34 - 2022-06-05 00:15 - 000002660 _____ C:\Windows\system32\Tasks\Volume² Autorun
2024-10-20 09:34 - 2022-06-03 23:25 - 000003448 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2024-10-20 09:34 - 2022-06-03 23:25 - 000003224 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2024-10-20 09:34 - 2022-06-03 23:25 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2024-10-20 09:34 - 2022-06-03 23:25 - 000000930 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2024-10-20 09:34 - 2022-05-15 10:29 - 000003220 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2024-10-20 09:34 - 2022-04-20 15:52 - 000003070 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2069861480-1445196129-2239134032-1001
2024-10-20 09:34 - 2022-04-20 15:32 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-20 09:34 - 2022-04-20 15:32 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-20 09:32 - 2023-07-21 19:45 - 000000000 ____D C:\Users\www\AppData\Roaming\SmartGenius
2024-10-20 09:32 - 2022-12-14 18:40 - 000000000 ____D C:\Users\www\AppData\Roaming\Ferdium
2024-10-20 09:32 - 2022-06-03 23:26 - 000000000 ____D C:\Users\www\AppData\Roaming\Dropbox
2024-10-20 09:32 - 2022-06-03 23:25 - 000000000 ____D C:\Users\www\AppData\Local\Dropbox
2024-10-20 09:31 - 2023-12-10 12:29 - 000000000 ____D C:\Users\www\AppData\Roaming\WD Discovery
2024-10-20 09:31 - 2023-12-10 12:29 - 000000000 ____D C:\Users\www\.wdc
2024-10-20 09:31 - 2023-04-14 09:42 - 000000000 ____D C:\Users\www\AppData\Roaming\Signal
2024-10-20 09:31 - 2022-06-19 17:39 - 000000000 ____D C:\ProgramData\firebird
2024-10-20 09:31 - 2022-06-19 16:32 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\Teams
2024-10-20 09:31 - 2022-06-03 23:11 - 000000000 ____D C:\ProgramData\NVIDIA
2024-10-19 23:51 - 2022-06-03 23:05 - 000000000 ____D C:\Users\www\AppData\Local\OpenShell
2024-10-19 20:52 - 2022-06-03 22:39 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-10-19 17:32 - 2022-04-20 15:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-19 17:27 - 2022-06-20 17:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-10-19 17:27 - 2022-06-19 15:11 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-19 16:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-19 13:52 - 2022-10-17 18:01 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-10-19 10:42 - 2022-06-19 15:05 - 000000000 ____D C:\Program Files\Microsoft Office
2024-10-19 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-10-19 10:30 - 2022-06-03 23:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-10-19 10:30 - 2022-04-20 15:32 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-19 10:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-17 22:25 - 2022-06-03 22:39 - 000000000 ____D C:\Program Files\Avast
2024-10-17 21:20 - 2023-10-13 14:12 - 000001421 _____ C:\Users\www\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2024-10-17 21:20 - 2022-06-23 16:44 - 000000000 ____D C:\Users\www\AppData\Local\Grammarly
2024-10-16 21:40 - 2022-06-03 23:42 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\Word
2024-10-16 16:37 - 2022-07-12 21:46 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\PowerPoint
2024-10-16 09:22 - 2022-04-20 15:50 - 000000000 ____D C:\Users\www\AppData\Local\Packages
2024-10-16 09:11 - 2022-06-21 15:52 - 000000000 ____D C:\Windows\SystemTemp
2024-10-15 20:21 - 2022-06-19 15:15 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\Excel
2024-10-15 20:15 - 2023-11-19 22:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-10-15 16:42 - 2022-04-20 15:50 - 000000000 ____D C:\Users\www\AppData\Local\D3DSCache
2024-10-15 16:21 - 2022-04-20 15:47 - 000000000 ____D C:\ProgramData\Packages
2024-10-15 15:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-10-15 15:24 - 2023-08-30 10:28 - 000550456 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswNetHub.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 001202232 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSP.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000951352 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSnx.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000381496 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsdriver.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000307256 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswVmm.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000294960 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsh.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000273976 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswMonFlt.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000233016 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArPot.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000097848 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRdr2.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000084536 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbuniv.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000069176 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRvrt.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000028752 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswKbd.sys
2024-10-15 15:24 - 2022-06-03 22:39 - 000020536 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArDisk.sys
2024-10-15 15:24 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-10-14 23:04 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-10-14 11:13 - 2023-03-29 23:52 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-14 11:13 - 2022-06-03 23:51 - 000000000 ____D C:\TEMPORARY
2024-10-14 11:12 - 2022-06-28 12:38 - 000000000 ____D C:\Users\www\AppData\Local\CrashDumps
2024-10-12 12:01 - 2022-06-23 16:29 - 000000000 ____D C:\Users\www\AppData\Roaming\NAPS2
2024-10-11 16:16 - 2022-12-18 21:53 - 000000000 ____D C:\_
2024-10-11 10:28 - 2024-02-04 22:59 - 000000000 ____D C:\Users\www\AppData\Roaming\Kodi
2024-10-11 08:06 - 2022-06-21 15:39 - 000000000 ____D C:\Users\www\AppData\Local\Tracker Software
2024-10-10 17:33 - 2023-09-21 14:12 - 000000000 ____D C:\Users\www\AppData\Roaming\Zoom
2024-10-10 14:44 - 2022-06-21 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2024-10-10 14:44 - 2022-06-05 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2024-10-10 14:43 - 2022-06-03 23:13 - 000000000 ____D C:\ProgramData\Package Cache
2024-10-10 14:41 - 2024-02-13 11:03 - 000000844 _____ C:\Users\Public\Desktop\KeePass 2.lnk
2024-10-10 14:41 - 2023-12-17 02:01 - 000000000 ____D C:\Users\www\AppData\Roaming\Notepad++
2024-10-10 14:41 - 2023-11-19 22:35 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2024-10-10 14:41 - 2023-11-19 22:35 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-10-10 14:41 - 2023-11-03 20:11 - 000000770 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2024-10-10 14:41 - 2022-06-21 08:35 - 000000856 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2024-10-10 14:41 - 2022-06-03 22:40 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-10 14:40 - 2024-06-04 11:15 - 000001107 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2024-10-10 14:40 - 2024-02-01 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2024-10-10 14:40 - 2024-02-01 20:04 - 000000000 ____D C:\Program Files\Calibre2
2024-10-10 14:38 - 2023-11-15 10:34 - 000000746 _____ C:\Users\Public\Desktop\Audacity.lnk
2024-10-10 14:38 - 2022-11-24 10:14 - 000000758 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2024-10-09 15:18 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-10-09 11:50 - 2024-08-21 17:37 - 000000000 ____D C:\Program Files\Zotero
2024-10-09 10:16 - 2024-06-23 22:21 - 000000452 _____ C:\Users\www\Desktop\Nový textový dokument.txt
2024-10-06 19:41 - 2024-05-08 17:54 - 000000000 ____D C:\Users\www\Documents\My Games
2024-10-06 19:41 - 2022-06-20 18:12 - 000004064 _____ C:\Windows\system32\Drivers\etc\hosts.rollback
2024-10-06 19:40 - 2022-06-20 17:41 - 000000000 ____D C:\Windows\SysWOW64\directx
2024-10-06 15:56 - 2023-07-19 21:59 - 000000000 ____D C:\Users\www\AppData\Local\SH3RE
2024-10-06 15:56 - 2023-05-30 21:43 - 000000000 ____D C:\Users\www\AppData\Roaming\Victor Vran
2024-10-06 15:56 - 2023-03-06 20:42 - 000000000 ____D C:\Users\www\AppData\Roaming\Insomniac Games
2024-10-02 20:59 - 2022-06-03 23:42 - 000000000 ____D C:\Users\www\AppData\Roaming\Microsoft\Office
2024-10-02 13:39 - 2023-11-19 22:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-27 22:27 - 2022-04-20 15:38 - 001693660 _____ C:\Windows\system32\PerfStringBackup.INI
2024-09-27 22:27 - 2019-12-07 16:43 - 000716894 _____ C:\Windows\system32\perfh005.dat
2024-09-27 22:27 - 2019-12-07 16:43 - 000145072 _____ C:\Windows\system32\perfc005.dat
2024-09-27 22:22 - 2023-08-30 10:28 - 000549968 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw9f0a2f950c0b332d.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 001200696 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswfe4ae9b3b758c6d6.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000950328 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw6a4621d7079a4868.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000381520 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw46d8dc61fb4fb8d5.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000306744 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswf1b2dfe6cb5420b8.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000293968 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw3cd77dc56cf29582.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000274000 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw12da60c4ccca535d.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000229944 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw27d4752c316ac8f6.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000097848 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw609e299f2ae95415.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000084424 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswa108e92d447435be.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000069176 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw9aa5b9696679742c.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000028752 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswe5c7b22659667c82.tmp
2024-09-27 22:22 - 2022-06-03 22:39 - 000020528 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\asw8f5d2d5f315e0361.tmp
2024-09-27 22:20 - 2022-06-03 22:37 - 000000000 ____D C:\ProgramData\Avast Software
2024-09-27 22:20 - 2022-04-20 15:32 - 000468608 _____ C:\Windows\system32\FNTCACHE.DAT
2024-09-27 22:20 - 2022-04-20 15:32 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-27 22:20 - 2022-04-20 15:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-27 22:20 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-09-27 12:11 - 2023-06-10 21:19 - 000000000 ____D C:\ProgramData\Scientific Software
2024-09-24 18:06 - 2022-04-20 15:49 - 000000000 ____D C:\Users\www
2024-09-23 16:06 - 2023-06-05 15:21 - 000000000 ____D C:\Program Files\Ferdium
==================== Files in the root of some directories ========
2022-06-19 14:58 - 2022-06-19 14:58 - 000000000 _____ () C:\Users\www\AppData\Local\oobelibMkey.log
2022-08-30 08:51 - 2022-08-30 08:51 - 000007597 _____ () C:\Users\www\AppData\Local\Resmon.ResmonCfg
2022-09-07 17:19 - 2024-05-01 13:06 - 000006541 _____ () C:\Users\www\AppData\Local\subtitlecomposerrc
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================