Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Alex

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 163
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Alex

#1 Příspěvek od korkis »

Zdravicko,
z niceho nic se mi objevil novy uzivatel Alex pri prihlasovani do windowsu tak si rikam jestli tu nemam nejakou havet, Zde je log FRST a Additional...
diky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.02.2024
Ran by kkory (administrator) on ERAZER (MEDION ERAZER P6705 MD61366) (13-02-2024 23:12:31)
Running from C:\Users\kkory\Desktop\FRST64 (1).exe
Loaded Profiles: kkory
Platform: Microsoft Windows 11 Home Version 22H2 22621.3007 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Hotkey\HkeyTray.exe ->) (CLEVO CO. -> CLEVO CO.) C:\Program Files (x86)\Hotkey\ComboKeyTray.exe
(C:\Program Files (x86)\Hotspot Shield\12.7.0\bin\cmw_srv.exe ->) (Pango LLC -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\12.7.0\bin\hsscp.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.106\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.140.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.112\msedgewebview2.exe <6>
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\kkory\AppData\Roaming\Dashlane\Dashlane.exe
(explorer.exe ->) (Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\kkory\AppData\Roaming\Dashlane\DashlanePlugin.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE <2>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <44>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (CLEVO CO.) [File not signed] C:\Program Files (x86)\Hotkey\HotkeyService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Insyde Software Corp.) C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (Pango LLC -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\12.7.0\bin\cmw_srv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) () [File not signed] C:\Program Files (x86)\Hotkey\HkeyTray.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2403.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteamsupdate.exe <2>
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.140.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\kkory\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe [3380320 2021-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196264 2023-12-18] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11552648 2024-02-06] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.112\Installer\setup.exe [6911016 2024-02-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [CCleanerBrowserAutoLaunch_D2D76A179AA5841703A5894B40D9ACEC] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [Dashlane] => C:\Users\kkory\AppData\Roaming\Dashlane\Dashlane.exe [321208 2021-12-31] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [DashlanePlugin] => C:\Users\kkory\AppData\Roaming\Dashlane\DashlanePlugin.exe [342200 2021-12-31] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [MicrosoftEdgeAutoLaunch_884EAE3E5A5FE139B4997A97185AD15E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788856 2024-02-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\kkory\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [66108320 2024-02-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\kkory\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\RunOnce: [Uninstall 24.015.0121.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kkory\AppData\Local\Microsoft\OneDrive\24.015.0121.0003" [0 2024-02-07] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-3105727912-594040118-960013747-1008\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP495 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA9.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP495 series: C:\Windows\system32\CNMLMA9.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP495 series XPS: C:\Windows\system32\CNMXLMA9.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\121.0.23861.160\Installer\chrmstp.exe [2024-02-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.184\Installer\chrmstp.exe [2024-02-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\kkory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IQTray.lnk [2020-03-05]
ShortcutTarget: IQTray.lnk -> C:\Program Files (x86)\IQ Option\IQTray.exe (No File)
Startup: C:\Users\kkory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startKProxyAgentService.bat [2020-06-26] () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-03-10]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {AB45E498-84BE-48B3-A04B-59E56FF89AD6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {8F61C1B3-A185-4245-A624-49407C347E5B} - System32\Tasks\App Explorer => C:\Users\kkory\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7554216 2020-05-18] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {58967889-2773-4A9E-BC38-CE9C75C3BA4B} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {EAE08967-48BE-47AC-B7D3-5E0EB275FFFC} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {4967456D-37AD-428F-9688-1D41D561624A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DCE9CCBE-D77C-48B5-A575-10EB94F046D0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "736aa1e6-fd4d-4fcc-bfb5-af17c0f99001" --version "6.20.10897" --silent
Task: {FD95B1B4-32B9-4E5D-9239-8ADCAFB742B1} - System32\Tasks\CCleanerSkipUAC - kkory => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2D6D483E-3408-498B-859E-5D99752445F1} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {3205A799-A4CB-4AF7-84BF-688364853953} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {52FE885A-FBE9-4C5C-84F9-CCAE623F4C15} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5319424 2024-01-10] (Microsoft Windows -> Microsoft Corporation)
Task: {3DD3EA61-19D0-4DA0-9B81-AB2C7384A835} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AC43218A-3135-446F-B8A2-62C02C73B002} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B38762E1-A892-4BE7-943E-23E7C2C2E6A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-02] (Google Inc -> Google LLC)
Task: {8E623E54-2269-48BA-879C-249DBB016CCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-02] (Google Inc -> Google LLC)
Task: {7098CE39-47C5-4E66-9C76-9E62627C6272} - System32\Tasks\HkeyTrayLaunch => C:\Program Files (x86)\Hotkey\Hkeytray.exe [1111040 2018-05-12] () [File not signed]
Task: {E7A5F66C-4AAF-4C13-B2BC-B0F7A2B8E99C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371568 2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A85461F7-44C4-4741-B7E1-5207B7B1C77B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371568 2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {90CE97A3-DE00-48CD-9A3C-FDBBB54752D4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306352 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD840565-8727-4CF3-98C5-947969370F86} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306352 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {214C3634-0FF2-4351-A917-2C5B3A609947} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC52690D-DD30-45D6-BFF8-DBC89AB2688F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [555752 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe (No File)
Task: {62EA3FA1-DAE1-413F-9022-3A57EF2AB111} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {B1485780-CDF1-425F-8441-16845AA81464} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {C99458BC-D25B-492F-9BCE-81CC5AE6D6B2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {2D5D284C-4AD2-47B4-A37F-9C31A9C5BE61} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {5A612F5B-288F-4E46-8BC8-5BFA8B3ADD18} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {124592E7-41D7-4487-B9C3-E3FE0CDFF27A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8A096E42-A566-40D7-90EC-C8FF1075379F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E0F574B-8DDB-4215-BB7B-6799780D962E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB9374FB-BD8F-42E0-A1F4-F1EDE56D865F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {010A9D2A-4903-4CD0-955C-86D8E9366A4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2843AB3-FD54-459E-AD69-065C5884C183} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C139BC4F-8150-4447-9833-79B9DC82B1EA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3105727912-594040118-960013747-1007] => 196.17.115.110:32462
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{25a12aac-557c-4bc9-bcf9-a25cd5688c2a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8290d2fc-eea1-43c1-8d98-3626713cf5ef}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8290d2fc-eea1-43c1-8d98-3626713cf5ef}: [DhcpDomain] home
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}: [DhcpDomain] home
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}\244584572653A4538364: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}\244584572653A4538364: [DhcpDomain] home
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}\B4F627B69637: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}\B4F627B69637: [DhcpDomain] home
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\kkory\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-13]
Edge Extension: (Google Docs Offline) - C:\Users\kkory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-22]
Edge Extension: (Edge relevant text changes) - C:\Users\kkory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\kkory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-02-06]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: 3a4n9brn.default
FF ProfilePath: C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\89tqj0ay.default-release-1 [2024-02-13]
FF NetworkProxy: Mozilla\Firefox\Profiles\89tqj0ay.default-release-1 -> backup.ftp", ""
FF ProfilePath: C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\3a4n9brn.default [2020-11-01]
FF ProfilePath: C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\9aemdc9u.default-release [2024-02-13]
FF NetworkProxy: Mozilla\Firefox\Profiles\9aemdc9u.default-release -> backup.ftp", "196.17.179.182"
FF Extension: (Simple Translate) - C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\9aemdc9u.default-release\Extensions\simple-translate@sienori.xpi [2023-03-05]
FF Extension: (MetaMask) - C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\9aemdc9u.default-release\Extensions\webextension@metamask.io.xpi [2023-07-15]
FF Extension: (Video DownloadHelper) - C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\9aemdc9u.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-07-15]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-04-18] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-04-18] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3105727912-594040118-960013747-1008: @zoom.us/ZoomVideoPlugin -> C:\Users\volko\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-15] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-02-03]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default [2024-02-13]
CHR Notifications: Default -> hxxps://adsforcomputercity.com; hxxps://blogs.systweak.com; hxxps://meet.google.com; hxxps://ocsnext.ebay.co.uk; hxxps://ocsnext.ebay.com; hxxps://ocsnext.ebay.ie; hxxps://ororo.tv
CHR HomePage: Default -> hxxp://search.ominent.com/ws/?source=9f1d0980&tbp=homepage&toolbarid=base&u=de90796f00000000000024fd52a98d92
CHR StartupUrls: Default -> "hxxp://search.ominent.com/ws/?source=9f1d0980&tbp=homepage&toolbarid=base&u=de90796f00000000000024fd52a98d92","hxxps://www.google.com/","hxxps://encrypted.google.com"
CHR Extension: (Free Download Manager) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2021-10-25]
CHR Extension: (Station Wallet) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiifbnbfobpmeekipheeijimdpnlpgpp [2024-02-03]
CHR Extension: (Chrome Currency Converter) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk [2021-11-19]
CHR Extension: (Jungle Scout) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckjlihkmgolmgkchbpiponapgjenaoa [2024-02-09]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-02-03]
CHR Extension: (Easync Product ID Grab Tool for Drop Shipping) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cailnmbnfboealffnempgplnfcjoibgb [2023-07-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-02-08]
CHR Extension: (Pushbullet) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-03-29]
CHR Extension: (Add to Amazon Wish List) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2019-12-02]
CHR Extension: (Trust Wallet) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\egjidjbpglichdcondbcbdnbeeppgdph [2024-02-13]
CHR Extension: (Video Downloader Professional) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2023-04-27]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2019-12-02]
CHR Extension: (Dashlane — Password Manager) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2024-02-08]
CHR Extension: (BNB Chain Wallet) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2024-02-03]
CHR Extension: (Google Docs Offline) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-03]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-03]
CHR Extension: (Ninja Download Manager) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gklhnpfkcfpkjcihhjbgmhgkcajamlmd [2019-12-02]
CHR Extension: (Smart LG TV Remote Controller) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\icokofncdmhjjncknidajbngmbfphpia [2023-01-18]
CHR Extension: (AutoPagerize) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiofjhpmpihnifddepnpngfjhkfenbp [2020-11-14]
CHR Extension: (Earth) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\jieopfhnlbjmbpckpdhfdedccdmngdac [2019-12-02]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2024-02-07]
CHR Extension: (Google Hangouts) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2022-04-15]
CHR Extension: (Helium 10) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2024-02-06]
CHR Extension: (MetaMask) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-02-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Video Cutter) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2019-12-02]
CHR Extension: (AIO Search) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhijjefkkokfaiffkcemldacdabpeei [2020-12-07]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-13]
CHR Profile: C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-03]
CHR Extension: (Google Docs Offline) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-19]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-06-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-19]
CHR Profile: C:\Users\kkory\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-14]
CHR HKU\S-1-5-21-3105727912-594040118-960013747-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\121.0.23861.160\elevation_service.exe [1832232 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14045768 2024-01-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Dashlane Vpn Service; C:\Program Files (x86)\Dashlane\VPN\Service\VpnService.exe [325120 2020-02-26] (Dashlane USA, Inc. -> AnchorFree Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-02-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [271272 2018-04-04] (Dolby Laboratories, Inc. -> )
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2539384 2023-12-18] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2023-12-18] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2023-12-18] (ESET, spol. s r.o. -> ESET)
R2 HKClipSvc; C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe [414664 2018-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Insyde Software Corp.)
R2 hshld_12.7.0; C:\Program Files (x86)\Hotspot Shield\12.7.0\bin\cmw_srv.exe [259088 2024-01-23] (Pango LLC -> Pango Inc.)
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [34304 2017-12-25] (CLEVO CO.) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-06-15] (AnchorFree Inc -> The OpenVPN Project)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-01-29] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-01-29] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-12-09] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-12-09] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [122664 2023-12-09] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-12-09] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55528 2023-12-09] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-12-09] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-12-09] (ESET, spol. s r.o. -> ESET)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HKKbdFltr; C:\WINDOWS\system32\DRIVERS\HKKbdFltr.sys [43960 2018-03-30] (Insyde Software Corp. -> Insyde Software Corp.)
R3 HKMouFltr; C:\WINDOWS\system32\DRIVERS\HKMouFltr.sys [42936 2018-04-03] (Insyde Software Corp. -> Insyde Software Corp.)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2020-04-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 hsstap; C:\WINDOWS\System32\drivers\hsstap.sys [39424 2020-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Pango)
R1 pango_netfilter2; C:\WINDOWS\System32\drivers\pango_netfilter2.sys [89088 2024-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Pango Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-13 23:12 - 2024-02-13 23:13 - 000043735 _____ C:\Users\kkory\Desktop\FRST.txt
2024-02-13 23:09 - 2024-02-13 23:09 - 002389504 _____ (Farbar) C:\Users\kkory\Desktop\FRST64 (1).exe
2024-02-09 22:52 - 2024-02-09 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-02-03 19:55 - 2024-02-03 19:55 - 000787200 _____ C:\WINDOWS\system32\perfh019.dat
2024-02-03 19:55 - 2024-02-03 19:55 - 000731458 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-03 19:55 - 2024-02-03 19:55 - 000161804 _____ C:\WINDOWS\system32\perfc019.dat
2024-02-03 19:55 - 2024-02-03 19:55 - 000155518 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-03 12:36 - 2024-02-03 12:36 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-31 20:25 - 2024-01-31 20:25 - 000001246 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2024-01-31 20:25 - 2024-01-31 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2024-01-31 20:25 - 2024-01-31 20:25 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-13 23:12 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-13 23:12 - 2019-12-11 05:29 - 000000000 ____D C:\FRST
2024-02-13 23:07 - 2022-07-10 01:06 - 000000000 ____D C:\Users\kkory\Desktop\UBER
2024-02-13 23:06 - 2022-05-07 05:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-13 23:06 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-13 23:06 - 2022-02-10 04:48 - 000000000 ____D C:\Users\kkory\AppData\Local\CrashDumps
2024-02-13 23:06 - 2019-12-02 17:12 - 000000000 ____D C:\ProgramData\Packages
2024-02-13 23:06 - 2019-12-02 15:21 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-13 23:06 - 2019-12-02 15:21 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-13 23:06 - 2019-12-02 15:21 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-13 23:06 - 2019-12-02 12:50 - 000000000 ____D C:\Users\kkory\AppData\Local\Packages
2024-02-13 23:05 - 2023-01-29 18:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-13 23:05 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-13 17:43 - 2020-06-15 18:32 - 000002391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2024-02-13 17:43 - 2020-06-15 18:32 - 000002356 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2024-02-13 17:43 - 2020-06-15 18:32 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2024-02-13 16:26 - 2019-12-02 12:37 - 000000000 ____D C:\Users\kkory\AppData\Local\Host App Service
2024-02-13 15:03 - 2023-01-29 18:51 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-13 15:02 - 2022-10-11 13:41 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-13 15:02 - 2022-10-11 13:41 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-13 12:45 - 2018-05-15 12:17 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-13 12:41 - 2021-09-14 10:22 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-13 12:41 - 2021-09-14 10:22 - 000002012 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-02-13 12:41 - 2021-09-14 10:22 - 000002012 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-02-13 12:41 - 2021-09-14 10:22 - 000002000 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-02-13 12:41 - 2020-10-31 12:06 - 000002048 _____ C:\Users\kkory\Desktop\Google Drive.lnk
2024-02-11 19:51 - 2020-04-28 17:29 - 000000000 ____D C:\Users\kkory\AppData\Local\D3DSCache
2024-02-10 20:49 - 2020-07-03 23:30 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-10 20:49 - 2020-07-03 23:30 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-02-09 22:53 - 2020-02-26 20:00 - 000000000 ____D C:\Users\kkory\AppData\Roaming\Dropbox
2024-02-09 22:53 - 2020-02-26 19:59 - 000000000 ____D C:\Users\kkory\AppData\Local\Dropbox
2024-02-09 22:52 - 2020-02-26 19:59 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-02-07 22:09 - 2023-01-29 18:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3105727912-594040118-960013747-1007
2024-02-07 22:09 - 2023-01-29 18:51 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3105727912-594040118-960013747-1007
2024-02-07 22:09 - 2020-11-05 02:47 - 000002383 _____ C:\Users\kkory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-07 22:09 - 2020-03-13 12:35 - 000000000 ___HD C:\OneDriveTemp
2024-02-07 22:09 - 2019-12-02 12:57 - 000000000 ___RD C:\Users\kkory\OneDrive
2024-02-06 12:00 - 2023-12-04 17:19 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-02-05 15:16 - 2023-01-29 18:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-02-04 16:16 - 2020-03-06 23:26 - 000000000 ____D C:\Users\kkory\AppData\Roaming\vlc
2024-02-03 19:55 - 2023-01-29 18:55 - 002649632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-03 19:55 - 2022-05-07 05:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-03 19:49 - 2019-12-02 15:34 - 000000000 ____D C:\Program Files\CCleaner
2024-02-03 19:48 - 2023-01-29 18:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-03 19:48 - 2023-01-29 18:46 - 000000000 ____D C:\Users\kkory
2024-02-03 19:48 - 2022-09-20 17:59 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-02-03 19:48 - 2022-05-07 05:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-02-03 19:48 - 2020-11-05 05:33 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-03 19:48 - 2020-02-26 19:59 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2024-02-03 19:48 - 2020-02-26 19:59 - 000000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2024-02-03 19:48 - 2019-12-02 12:50 - 000000000 __SHD C:\Users\kkory\IntelGraphicsProfiles
2024-02-03 12:35 - 2019-12-03 00:24 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-03 12:21 - 2023-01-29 18:51 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-03 12:21 - 2023-01-29 18:51 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-31 20:25 - 2022-02-10 04:26 - 000000000 ____D C:\ProgramData\Hotspot Shield
2024-01-31 20:25 - 2018-05-15 12:08 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-25 16:52 - 2023-01-29 18:51 - 000003980 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2024-01-25 16:52 - 2023-01-29 18:51 - 000003748 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2024-01-23 02:51 - 2023-12-04 17:19 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\SETE528.tmp
2024-01-21 00:04 - 2021-03-01 03:44 - 000000000 ____D C:\Users\kkory\AppData\Roaming\Binance
2024-01-20 23:26 - 2023-01-29 18:51 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.02.2024
Ran by kkory (13-02-2024 23:13:39)
Running from C:\Users\kkory\Desktop
Microsoft Windows 11 Home Version 22H2 22621.3007 (X64) (2023-01-29 18:52:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3105727912-594040118-960013747-500 - Administrator - Disabled)
Alex (S-1-5-21-3105727912-594040118-960013747-1011 - Limited - Enabled)
DefaultAccount (S-1-5-21-3105727912-594040118-960013747-503 - Limited - Disabled)
Guest (S-1-5-21-3105727912-594040118-960013747-501 - Limited - Disabled)
kkory (S-1-5-21-3105727912-594040118-960013747-1007 - Administrator - Enabled) => C:\Users\kkory
volko (S-1-5-21-3105727912-594040118-960013747-1008 - Limited - Enabled) => C:\Users\volko
WDAGUtilityAccount (S-1-5-21-3105727912-594040118-960013747-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.008.20533 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Binance 1.49.0 (HKLM\...\Binance) (Version: 1.49.0 - BinanceTech)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 121.0.23861.160 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
ControlCenter2.0 v1.0.23 (HKLM-x32\...\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}) (Version: 1.0.23 - Control Center)
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.7013 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.7013 - CyberLink Corp.)
Dashlane (HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Dashlane) (Version: 6.2148.0.52031 - Dashlane, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 192.4.4605 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.863.1 - Dropbox, Inc.) Hidden
ESET Security (HKLM\...\{6D46484B-0BE2-4060-9CD3-FA87ED960ED9}) (Version: 17.0.16.0 - ESET, spol. s r.o.)
Free Auto Clicker 4.1.6 (HKLM-x32\...\Free Auto Clicker_is1) (Version: - FreeAutoClicker Co., Ltd.)
GCI (remove only) (HKLM-x32\...\GCI) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.184 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 86.0.9.0 - Google LLC)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Hotspot Shield 12.7.0 (HKLM-x32\...\{509162bc-4dca-4b01-b3c0-5174c321a211}) (Version: 12.7.0.12189 - Pango Inc.)
Hotspot Shield 12.7.0 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-49251197B2C0}) (Version: 12.7.0.12189 - Pango Inc.) Hidden
Hotspot Shield 12.7.0 (HKLM-x32\...\HotspotShield) (Version: 12.7.0 - Pango Inc.) Hidden
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
Intel(R) Chipset Device Software (HKLM\...\{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.364 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1808.12.0.1102 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B4F59074-915E-4DFE-BFD6-1B415B37AE2F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{ED204DD8-2982-4B22-B077-0F70024D5FEB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{4B1DEC5C-ED0A-4DD1-ADB2-FD1117FF94D7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5017 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{64A94A93-B0C4-4B16-8CDC-FDB06E8CC306}) (Version: 16.0.2.1086 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000050-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.50.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E6F800A9-64D3-4E93-8E8E-AB53E21D4840}) (Version: 20.50.0.1450 - Intel Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM\...\{24DAC3F9-B4BF-437E-BB30-8BCBAAB2DFA6}) (Version: 1.9.100.41172 - Intel Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM-x32\...\ARP_for_prd_SGX_1.9.100.41172) (Version: 1.9.100.41172 - Intel Corporation)
Life App Explorer (HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Host App Service) (Version: 0.273.3.921 - SweetLabs) <==== ATTENTION
Life App Explorer (HKU\S-1-5-21-3105727912-594040118-960013747-1008\...\Host App Service) (Version: 0.273.2.684 - SweetLabs) <==== ATTENTION
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17231.20194 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3105727912-594040118-960013747-1008\...\OneDriveSetup.exe) (Version: 21.050.0310.0001 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{9F513024-FFAD-4466-8CF0-5348389196B8}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{C521A8D8-511F-43DF-B789-7DD0B3F7363B}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-GB) (HKLM\...\Mozilla Firefox 113.0.2 (x64 en-GB)) (Version: 113.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
NVIDIA 3D Vision Driver 389.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 389.27 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 389.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 389.27 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenOffice 4.1.13 (HKLM-x32\...\{10DD5C14-3B1E-44D9-9CE6-82DCE24EAD17}) (Version: 4.113.9810 - Apache Software Foundation)
Parrot Software Update Tool (HKLM-x32\...\Parrot Flash Update Wizard) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.21304 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8433 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SupportAPP (HKLM\...\{0000A0AB-3A12-1EF4-A21C-9ADE1843AB04}) (Version: 1.1 - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Trezor Suite 23.11.5 (HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 23.11.5 - SatoshiLabs)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WebDiscover Browser 4.27.2 (HKLM\...\{fd13f4a2-b0d8-4cad-9ccf-d4128eaf25ff}_is1) (Version: 4.27.2 - WebDiscover Media) <==== ATTENTION
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora X(Build 10.0.0.94) (HKLM\...\Wondershare Filmora X_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoom (HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-3105727912-594040118-960013747-1008\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-02-13] ()
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_3.25.1177.0_x64__22t9g3sebte08 [2023-08-02] (AMZN Mobile LLC.) [Startup Task]
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt [2024-02-12] (INTEL CORP) [Startup Task]
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-05-07] (Canon Inc.)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1000.389.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation)
Dolby Audio Premium -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudioPremium_2.1001.237.0_x64__rz1tebttyb220 [2018-05-15] (Dolby Laboratories)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-02-09] (Dropbox Inc.)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-02-12] (Sparse Package)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-12-02] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21003.0_x64__8wekyb3d8bbwe [2023-12-06] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.7.1181.0_x86__8wekyb3d8bbwe [2024-02-06] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.4.10270.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_4.4.7101.0_x64__8wekyb3d8bbwe [2023-07-27] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2023-10-16] (Microsoft Studios) [MS Ad]
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-11] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-07] (Microsoft Corporation)
Plus500 -> C:\Program Files\WindowsApps\Plus500.Plus500_5.0.1.0_neutral__pssm8hpqmkeyc [2024-01-11] (Plus500)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.259.0_x64__dt26b99r8h8gj [2023-10-16] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-06] (Microsoft Studios) [MS Ad]
TradingView -> C:\Program Files\WindowsApps\TradingView.Desktop_2.7.1.5365_x64__n534cwy3pjxzj [2023-12-14] (TradingView, Inc.) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2023-10-16] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2403.10.0_x64__cv1g1gvanyjgm [2024-02-03] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => D:\dropbox\Dropbox [2020-03-09 19:02]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-12-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-12-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-12-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\kkory\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\kkory\Desktop\Karel - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\kkory\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\da40509940297948\Binance Wallet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhbohimaelbohpjbbldcngcnapndodjp
ShortcutWithArgument: C:\Users\kkory\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2020-12-03 03:31 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-12-03 03:31 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 000114176 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\_ctypes.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000172544 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\_elementtree.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 002255872 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\_hashlib.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000032256 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\_multiprocessing.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000046080 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\_psutil_windows.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000047616 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\_socket.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 002825216 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\_ssl.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000026112 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\_yappi.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000080896 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\bz2.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000015872 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\common.time34.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000007680 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\hashobjs_ext.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000301568 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\PIL._imaging.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000168448 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\pyexpat.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 001084416 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\pysqlite2._sqlite.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000548864 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\pythoncom27.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 000137728 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\pywintypes27.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 000010752 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\select.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000020992 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\thumbnails_ext.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000689664 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\unicodedata.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000119808 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\usb_ext.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000128512 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32api.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000438784 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32com.shell.shell.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000011776 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32crypt.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000023040 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32event.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000149504 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32file.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000223232 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32gui.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000048128 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32inet.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000029696 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32pdh.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000027648 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32pipe.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000044032 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32process.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000020480 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32profile.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000136192 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32security.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000026624 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\win32ts.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000034304 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\windows.conditional.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000037888 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\windows.connectivity.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000071680 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\windows.device_monitor.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000103936 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\windows.volumes.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000019968 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\windows.winwrap.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 001325056 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wx._controls_.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 001489408 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wx._core_.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 001007104 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wx._gdi_.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000103424 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wx._html2.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 000916992 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wx._misc_.pyd
2024-02-03 19:49 - 2024-02-03 19:49 - 001039872 ____N () [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wx._windows_.pyd
2019-12-05 19:25 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2023-11-20 14:56 - 2023-11-20 14:56 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2023-01-29 18:45 - 2018-04-18 00:25 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2023-01-29 18:45 - 2018-04-18 00:25 - 000874880 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2023-01-29 18:45 - 2018-04-18 00:25 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 003043328 ____N (Python Software Foundation) [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\python27.dll
2018-05-15 12:40 - 2016-10-11 13:52 - 002061824 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\Hotkey\audio10ec.dll
2018-05-15 12:40 - 2007-12-03 11:33 - 000204800 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\Hotkey\DataAddress.dll
2018-05-15 12:40 - 2016-10-11 20:01 - 002037248 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\Hotkey\powerlife.dll
2020-12-03 03:31 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 000202240 ____N (wxWidgets development team) [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wxbase30u_net_vc90_x64.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 002831872 ____N (wxWidgets development team) [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wxbase30u_vc90_x64.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 001654784 ____N (wxWidgets development team) [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wxmsw30u_adv_vc90_x64.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 006542336 ____N (wxWidgets development team) [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wxmsw30u_core_vc90_x64.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 000773632 ____N (wxWidgets development team) [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wxmsw30u_html_vc90_x64.dll
2024-02-03 19:49 - 2024-02-03 19:49 - 000137216 ____N (wxWidgets development team) [File not signed] C:\Users\kkory\AppData\Local\Temp\_MEI162882\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3105727912-594040118-960013747-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3105727912-594040118-960013747-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3105727912-594040118-960013747-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3105727912-594040118-960013747-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 23:38 - 2018-04-11 23:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3105727912-594040118-960013747-1007\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\OEM\wallpaper.jpg
HKU\S-1-5-21-3105727912-594040118-960013747-1008\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{69C6944F-BB6A-4693-92B8-DEC956A828BD}] => (Allow) C:\Users\kkory\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{33F7D764-3F91-4136-8275-2531680FE485}] => (Allow) C:\Users\kkory\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FF521DBB-2741-42AB-84DB-2416F7163EE9}] => (Allow) C:\Users\kkory\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EE230E68-54A8-4707-B748-368E946CEC1C}] => (Block) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{5BB1A6D3-96E4-40B8-B185-3A6AE4BE765D}] => (Block) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{21FE19C2-03AF-4908-BE0B-53385383DE89}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{CEF5335B-7D79-421C-B435-D1767F40DDD3}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{2EE74B42-9357-4378-B0C1-6D071CC872F4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8B855546-1355-4A88-A84C-5DED2C7D29B6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A7D2AB1A-5A3A-46E2-A8BE-D6931715F38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C2C67445-0E2D-4594-BC55-F68CB0D949D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26161BEE-861A-4333-8211-690ECCE5BE80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{346F28D5-A10C-43F6-BB45-E4F0F6DB2813}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97901FFE-E76A-4233-B731-7B2624E7F617}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F85C894C-6656-47A8-9C0C-7DCFBBD1F2B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E2E7E1CF-DD4F-46FB-B1D1-A605B6B402F3}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{10580E1F-3460-4685-A8E1-B54A9B04EC90}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{947016BF-5B07-469B-BBEB-60805C9317DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3A8C932E-4093-42AF-AA83-70D963C8DB15}] => (Allow) C:\Users\kkory\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2AE92FDD-8522-409A-BC71-7A27D9C49123}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{68C7545A-BA86-4B04-AD92-9B787A90BEE5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{513E3EFE-01C0-4B51-B3AC-A2741C99F1D5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C493CEF-99B3-4722-ABC5-08125203A1AB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.106\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BBA8F528-4362-4958-A648-578D8D0C8BCC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5F9D8A2F-3E62-4F66-9214-72F48CE38456}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{56C1C6C4-B910-4820-B768-82289FAAAA8A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A0FB323-FBB2-45D8-BDD7-449702414454}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A119DC41-6CCC-419F-8C21-3A0FEF9A68D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{28621434-F002-4392-9A54-50CE26E7C034}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2DD626E2-2F9C-402F-BF51-F9730DDE25EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{758F2900-C5A2-42F1-B385-664445E03093}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [{9804F49E-5A04-4C94-ABC0-17A59CCEB214}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-02-2024 21:33:56 Windows Update
12-02-2024 21:33:56 Windows Update
12-02-2024 21:34:09 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/13/2024 11:06:09 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Faulting module name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Exception code: 0xc0000409
Fault offset: 0x00020713
Faulting process ID: 0x0x69c8
Faulting application start time: 0x0x1da5ed13a4a3bdd
Faulting application path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Faulting module path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Report ID: 982783f9-80e6-4750-8310-4b6852a9a0b9
Faulting package full name:
Faulting package-relative application ID:

Error: (02/13/2024 10:11:48 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Faulting module name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Exception code: 0xc0000409
Fault offset: 0x00020713
Faulting process ID: 0x0x4630
Faulting application start time: 0x0x1da5ec9a0fed5b6
Faulting application path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Faulting module path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Report ID: 004915fa-8be8-4f10-8c07-b30ccce34da6
Faulting package full name:
Faulting package-relative application ID:

Error: (02/13/2024 10:11:47 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: igfxext.exe, version: 6.15.10.5017, time stamp: 0x5aba5f2c
Faulting module name: igfxext.exe, version: 6.15.10.5017, time stamp: 0x5aba5f2c
Exception code: 0xc0000005
Fault offset: 0x000000000000e9b4
Faulting process ID: 0x0x12d0
Faulting application start time: 0x0x1da5ec9a19b06d4
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxext.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxext.exe
Report ID: 6b04ecdd-fa05-49cb-8897-c623f2604727
Faulting package full name:
Faulting package-relative application ID:

Error: (02/12/2024 11:09:38 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Faulting module name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Exception code: 0xc0000409
Fault offset: 0x00020713
Faulting process ID: 0x0x3bcc
Faulting application start time: 0x0x1da5e0889ddd7d7
Faulting application path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Faulting module path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Report ID: d22a28f7-ee97-4d00-8554-6ea87adc25cc
Faulting package full name:
Faulting package-relative application ID:

Error: (02/12/2024 11:09:37 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Faulting module name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Exception code: 0xc0000409
Fault offset: 0x00020713
Faulting process ID: 0x0xba8
Faulting application start time: 0x0x1da5e08898e6726
Faulting application path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Faulting module path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Report ID: 49550b69-a858-4e83-bd73-f0f3a668ee76
Faulting package full name:
Faulting package-relative application ID:

Error: (02/12/2024 11:09:36 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: igfxext.exe, version: 6.15.10.5017, time stamp: 0x5aba5f2c
Faulting module name: igfxext.exe, version: 6.15.10.5017, time stamp: 0x5aba5f2c
Exception code: 0xc0000005
Fault offset: 0x000000000000e9b4
Faulting process ID: 0x0x35bc
Faulting application start time: 0x0x1da5e0889f91f27
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxext.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxext.exe
Report ID: 9cd81a67-6e23-4988-b82b-c041befe53af
Faulting package full name:
Faulting package-relative application ID:

Error: (02/12/2024 10:26:32 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Faulting module name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Exception code: 0xc0000409
Fault offset: 0x00020713
Faulting process ID: 0x0x2898
Faulting application start time: 0x0x1da5e02862e5407
Faulting application path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Faulting module path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Report ID: 3c59af42-c92b-4dc7-a367-6b3736dfdf82
Faulting package full name:
Faulting package-relative application ID:

Error: (02/12/2024 10:26:32 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: igfxext.exe, version: 6.15.10.5017, time stamp: 0x5aba5f2c
Faulting module name: igfxext.exe, version: 6.15.10.5017, time stamp: 0x5aba5f2c
Exception code: 0xc0000005
Fault offset: 0x000000000000e9b4
Faulting process ID: 0x0x2c80
Faulting application start time: 0x0x1da5e0286415a5d
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxext.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxext.exe
Report ID: ae19243b-ac10-47cd-9bb4-109532e62fda
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (02/13/2024 01:56:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (02/13/2024 01:55:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MV0B5HZVK9Z-Microsoft.GamingApp.

Error: (02/12/2024 09:34:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MV0B5HZVK9Z-Microsoft.GamingApp.

Error: (02/12/2024 09:34:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (02/12/2024 07:53:09 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (02/11/2024 08:09:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MV0B5HZVK9Z-Microsoft.GamingApp.

Error: (02/11/2024 08:08:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (02/11/2024 04:16:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MV0B5HZVK9Z-Microsoft.GamingApp.


CodeIntegrity:
===============
Date: 2024-02-13 23:15:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2024-02-13 23:05:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.07.06RGM3_00029 07/19/2018
Motherboard: MEDION N857EX1M
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 91%
Total physical RAM: 8039.17 MB
Available physical RAM: 652.7 MB
Total Virtual: 20576.82 MB
Available Virtual: 3335.17 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:235.65 GB) (Free:61.05 GB) (Model: HFS256GD9TNG-62A0A) NTFS
Drive d: (Korkis) (Fixed) (Total:608.54 GB) (Free:489.27 GB) (Model: ST1000LM048-2E7172) NTFS
Drive e: (Recover) (Fixed) (Total:30 GB) (Free:8.36 GB) (Model: ST1000LM048-2E7172) NTFS
Drive v: (Ekaterina) (Fixed) (Total:292.97 GB) (Free:83.61 GB) (Model: ST1000LM048-2E7172) NTFS

\\?\Volume{3d8c99c1-4fe5-4d69-82ba-1ff1b76f4b23}\ () (Fixed) (Total:0.73 GB) (Free:0.08 GB) NTFS
\\?\Volume{19296e25-2ee8-4718-8f47-e034656efa50}\ () (Fixed) (Total:0.98 GB) (Free:0.45 GB) NTFS
\\?\Volume{45b6ca81-8f35-417c-a8a9-c2d392409a18}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DA9D6057)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: DA9D6048)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Alex

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 163
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: Alex

#3 Příspěvek od korkis »

Omlouvam se ale asi jsem slepej a vidim akorat moznost dat do karanteny
Přílohy
2024-02-14 12_42_04-Malwarebytes AdwCleaner 8.4.1.jpg
2024-02-14 12_42_04-Malwarebytes AdwCleaner 8.4.1.jpg (62.63 KiB) Zobrazeno 8003 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Alex

#4 Příspěvek od Rudy »

OK. Dejte do karantény, tam jsou všechny šmejdy neškodné. Karanténa bude odstraněna se smazáním utility
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 163
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: Alex

#5 Příspěvek od korkis »

ok mam v karantene. tot vse?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Alex

#6 Příspěvek od Rudy »

Ne. Teď dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 163
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: Alex

#7 Příspěvek od korkis »

here we go...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.02.2024
Ran by kkory (administrator) on ERAZER (MEDION ERAZER P6705 MD61366) (14-02-2024 21:13:45)
Running from C:\Users\kkory\Desktop\FRST64 (1).exe
Loaded Profiles: kkory & volko
Platform: Microsoft Windows 11 Home Version 22H2 22621.3155 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe
(C:\Program Files (x86)\Hotspot Shield\12.7.0\bin\cmw_srv.exe ->) (Pango LLC -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\12.7.0\bin\hsscp.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.140.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.112\msedgewebview2.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe
(services.exe ->) (CLEVO CO.) [File not signed] C:\Program Files (x86)\Hotkey\HotkeyService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (Pango LLC -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\12.7.0\bin\cmw_srv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2403.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.140.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe [3380320 2021-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196264 2023-12-18] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11552648 2024-02-06] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [CCleanerBrowserAutoLaunch_D2D76A179AA5841703A5894B40D9ACEC] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [Dashlane] => C:\Users\kkory\AppData\Roaming\Dashlane\Dashlane.exe [321208 2021-12-31] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [DashlanePlugin] => C:\Users\kkory\AppData\Roaming\Dashlane\DashlanePlugin.exe [342200 2021-12-31] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Run: [MicrosoftEdgeAutoLaunch_884EAE3E5A5FE139B4997A97185AD15E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788856 2024-02-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3105727912-594040118-960013747-1008\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP495 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA9.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP495 series: C:\Windows\system32\CNMLMA9.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP495 series XPS: C:\Windows\system32\CNMXLMA9.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\121.0.23861.160\Installer\chrmstp.exe [2024-02-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.184\Installer\chrmstp.exe [2024-02-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {AB45E498-84BE-48B3-A04B-59E56FF89AD6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {58967889-2773-4A9E-BC38-CE9C75C3BA4B} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {EAE08967-48BE-47AC-B7D3-5E0EB275FFFC} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {4967456D-37AD-428F-9688-1D41D561624A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DCE9CCBE-D77C-48B5-A575-10EB94F046D0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "736aa1e6-fd4d-4fcc-bfb5-af17c0f99001" --version "6.20.10897" --silent
Task: {FD95B1B4-32B9-4E5D-9239-8ADCAFB742B1} - System32\Tasks\CCleanerSkipUAC - kkory => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2D6D483E-3408-498B-859E-5D99752445F1} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {3205A799-A4CB-4AF7-84BF-688364853953} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {52FE885A-FBE9-4C5C-84F9-CCAE623F4C15} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5356504 2024-02-14] (Microsoft Windows -> Microsoft Corporation)
Task: {3DD3EA61-19D0-4DA0-9B81-AB2C7384A835} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AC43218A-3135-446F-B8A2-62C02C73B002} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B38762E1-A892-4BE7-943E-23E7C2C2E6A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-02] (Google Inc -> Google LLC)
Task: {8E623E54-2269-48BA-879C-249DBB016CCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-02] (Google Inc -> Google LLC)
Task: {7098CE39-47C5-4E66-9C76-9E62627C6272} - System32\Tasks\HkeyTrayLaunch => C:\Program Files (x86)\Hotkey\Hkeytray.exe [1111040 2018-05-12] () [File not signed]
Task: {E7A5F66C-4AAF-4C13-B2BC-B0F7A2B8E99C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371568 2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A85461F7-44C4-4741-B7E1-5207B7B1C77B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371568 2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {90CE97A3-DE00-48CD-9A3C-FDBBB54752D4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306352 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD840565-8727-4CF3-98C5-947969370F86} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306352 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {214C3634-0FF2-4351-A917-2C5B3A609947} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC52690D-DD30-45D6-BFF8-DBC89AB2688F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [555752 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe (No File)
Task: {62EA3FA1-DAE1-413F-9022-3A57EF2AB111} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {B1485780-CDF1-425F-8441-16845AA81464} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {C99458BC-D25B-492F-9BCE-81CC5AE6D6B2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {2D5D284C-4AD2-47B4-A37F-9C31A9C5BE61} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {5A612F5B-288F-4E46-8BC8-5BFA8B3ADD18} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {124592E7-41D7-4487-B9C3-E3FE0CDFF27A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8A096E42-A566-40D7-90EC-C8FF1075379F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E0F574B-8DDB-4215-BB7B-6799780D962E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB9374FB-BD8F-42E0-A1F4-F1EDE56D865F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {010A9D2A-4903-4CD0-955C-86D8E9366A4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2843AB3-FD54-459E-AD69-065C5884C183} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C139BC4F-8150-4447-9833-79B9DC82B1EA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3105727912-594040118-960013747-1007] => 196.17.115.110:32462
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{25a12aac-557c-4bc9-bcf9-a25cd5688c2a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8290d2fc-eea1-43c1-8d98-3626713cf5ef}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8290d2fc-eea1-43c1-8d98-3626713cf5ef}: [DhcpDomain] home
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}: [DhcpDomain] home
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}\244584572653A4538364: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}\244584572653A4538364: [DhcpDomain] home
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}\B4F627B69637: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{b93ba750-e308-490c-b28d-fc464d9f95b4}\B4F627B69637: [DhcpDomain] home
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\kkory\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-14]
Edge Extension: (Google Docs Offline) - C:\Users\kkory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-22]
Edge Extension: (Edge relevant text changes) - C:\Users\kkory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\kkory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-02-06]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: 3a4n9brn.default
FF ProfilePath: C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\89tqj0ay.default-release-1 [2024-02-14]
FF NetworkProxy: Mozilla\Firefox\Profiles\89tqj0ay.default-release-1 -> backup.ftp", ""
FF ProfilePath: C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\3a4n9brn.default [2020-11-01]
FF ProfilePath: C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\9aemdc9u.default-release [2024-02-14]
FF NetworkProxy: Mozilla\Firefox\Profiles\9aemdc9u.default-release -> backup.ftp", "196.17.179.182"
FF Extension: (Simple Translate) - C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\9aemdc9u.default-release\Extensions\simple-translate@sienori.xpi [2023-03-05]
FF Extension: (MetaMask) - C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\9aemdc9u.default-release\Extensions\webextension@metamask.io.xpi [2023-07-15]
FF Extension: (Video DownloadHelper) - C:\Users\kkory\AppData\Roaming\Mozilla\Firefox\Profiles\9aemdc9u.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-07-15]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-04-18] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-04-18] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3105727912-594040118-960013747-1008: @zoom.us/ZoomVideoPlugin -> C:\Users\volko\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-15] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-02-14]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default [2024-02-14]
CHR Notifications: Default -> hxxps://adsforcomputercity.com; hxxps://blogs.systweak.com; hxxps://meet.google.com; hxxps://ocsnext.ebay.co.uk; hxxps://ocsnext.ebay.com; hxxps://ocsnext.ebay.ie; hxxps://ororo.tv
CHR HomePage: Default -> hxxp://search.ominent.com/ws/?source=9f1d0980&tbp=homepage&toolbarid=base&u=de90796f00000000000024fd52a98d92
CHR StartupUrls: Default -> "hxxp://search.ominent.com/ws/?source=9f1d0980&tbp=homepage&toolbarid=base&u=de90796f00000000000024fd52a98d92","hxxps://www.google.com/","hxxps://encrypted.google.com"
CHR Extension: (Free Download Manager) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2021-10-25]
CHR Extension: (Station Wallet) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiifbnbfobpmeekipheeijimdpnlpgpp [2024-02-03]
CHR Extension: (Chrome Currency Converter) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk [2021-11-19]
CHR Extension: (Jungle Scout) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckjlihkmgolmgkchbpiponapgjenaoa [2024-02-14]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-02-03]
CHR Extension: (Easync Product ID Grab Tool for Drop Shipping) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cailnmbnfboealffnempgplnfcjoibgb [2023-07-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-02-14]
CHR Extension: (Pushbullet) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-03-29]
CHR Extension: (Add to Amazon Wish List) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2019-12-02]
CHR Extension: (Trust Wallet) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\egjidjbpglichdcondbcbdnbeeppgdph [2024-02-14]
CHR Extension: (Video Downloader Professional) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2023-04-27]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2019-12-02]
CHR Extension: (Dashlane — Password Manager) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2024-02-14]
CHR Extension: (BNB Chain Wallet) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2024-02-03]
CHR Extension: (Google Docs Offline) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-03]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-03]
CHR Extension: (Ninja Download Manager) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gklhnpfkcfpkjcihhjbgmhgkcajamlmd [2019-12-02]
CHR Extension: (Smart LG TV Remote Controller) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\icokofncdmhjjncknidajbngmbfphpia [2023-01-18]
CHR Extension: (AutoPagerize) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiofjhpmpihnifddepnpngfjhkfenbp [2020-11-14]
CHR Extension: (Earth) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\jieopfhnlbjmbpckpdhfdedccdmngdac [2019-12-02]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2024-02-14]
CHR Extension: (Google Hangouts) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2022-04-15]
CHR Extension: (Helium 10) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2024-02-14]
CHR Extension: (MetaMask) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-02-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Video Cutter) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2019-12-02]
CHR Extension: (AIO Search) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhijjefkkokfaiffkcemldacdabpeei [2020-12-07]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-14]
CHR Profile: C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-14]
CHR Extension: (Google Docs Offline) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-19]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-06-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kkory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-19]
CHR Profile: C:\Users\kkory\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-14]
CHR HKU\S-1-5-21-3105727912-594040118-960013747-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\121.0.23861.160\elevation_service.exe [1832232 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14045768 2024-01-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Dashlane Vpn Service; C:\Program Files (x86)\Dashlane\VPN\Service\VpnService.exe [325120 2020-02-26] (Dashlane USA, Inc. -> AnchorFree Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-02-06] (Dropbox, Inc -> Dropbox, Inc.)
S2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [271272 2018-04-04] (Dolby Laboratories, Inc. -> )
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2539384 2023-12-18] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2023-12-18] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2023-12-18] (ESET, spol. s r.o. -> ESET)
S2 HKClipSvc; C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe [414664 2018-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Insyde Software Corp.)
R2 hshld_12.7.0; C:\Program Files (x86)\Hotspot Shield\12.7.0\bin\cmw_srv.exe [259088 2024-01-23] (Pango LLC -> Pango Inc.)
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [34304 2017-12-25] (CLEVO CO.) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-06-15] (AnchorFree Inc -> The OpenVPN Project)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-01-29] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-01-29] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-12-09] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-12-09] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [122664 2023-12-09] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-12-09] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55528 2023-12-09] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-12-09] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-12-09] (ESET, spol. s r.o. -> ESET)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HKKbdFltr; C:\WINDOWS\system32\DRIVERS\HKKbdFltr.sys [43960 2018-03-30] (Insyde Software Corp. -> Insyde Software Corp.)
R3 HKMouFltr; C:\WINDOWS\system32\DRIVERS\HKMouFltr.sys [42936 2018-04-03] (Insyde Software Corp. -> Insyde Software Corp.)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2020-04-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 hsstap; C:\WINDOWS\System32\drivers\hsstap.sys [39424 2020-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Pango)
R1 pango_netfilter2; C:\WINDOWS\System32\drivers\pango_netfilter2.sys [89088 2024-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Pango Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-14 12:36 - 2024-02-14 12:36 - 008797968 _____ (Malwarebytes) C:\Users\kkory\Desktop\adwcleaner.exe
2024-02-14 12:36 - 2024-02-14 12:36 - 000787200 _____ C:\WINDOWS\system32\perfh019.dat
2024-02-14 12:36 - 2024-02-14 12:36 - 000731458 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-14 12:36 - 2024-02-14 12:36 - 000161804 _____ C:\WINDOWS\system32\perfc019.dat
2024-02-14 12:36 - 2024-02-14 12:36 - 000155518 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-14 02:16 - 2024-02-14 02:16 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-14 02:15 - 2024-02-14 02:15 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-14 02:10 - 2024-02-14 02:13 - 000000000 ___HD C:\$WinREAgent
2024-02-13 23:12 - 2024-02-14 21:13 - 000036751 _____ C:\Users\kkory\Desktop\FRST.txt
2024-02-13 23:09 - 2024-02-13 23:09 - 002389504 _____ (Farbar) C:\Users\kkory\Desktop\FRST64 (1).exe
2024-02-09 22:52 - 2024-02-09 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-02-03 12:36 - 2024-02-03 12:36 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-31 20:25 - 2024-01-31 20:25 - 000001246 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2024-01-31 20:25 - 2024-01-31 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2024-01-31 20:25 - 2024-01-31 20:25 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-14 21:13 - 2019-12-11 05:29 - 000000000 ____D C:\FRST
2024-02-14 20:58 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-14 20:58 - 2019-12-02 15:21 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-14 20:50 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-14 20:07 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-14 20:00 - 2022-05-07 05:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-14 20:00 - 2019-12-02 17:12 - 000000000 ____D C:\ProgramData\Packages
2024-02-14 20:00 - 2019-12-02 12:50 - 000000000 ____D C:\Users\kkory\AppData\Local\Packages
2024-02-14 14:17 - 2022-05-07 05:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-14 14:04 - 2021-06-05 12:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-02-14 14:04 - 2019-12-11 15:27 - 000000000 ____D C:\AdwCleaner
2024-02-14 14:04 - 2018-05-15 12:17 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-14 12:36 - 2023-01-29 18:55 - 002649632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-14 12:36 - 2022-05-07 05:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-14 12:34 - 2023-01-29 18:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-14 12:34 - 2020-04-28 17:29 - 000000000 ____D C:\Users\kkory\AppData\Local\D3DSCache
2024-02-14 07:05 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-02-14 07:05 - 2022-05-07 05:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-14 05:34 - 2020-02-26 20:00 - 000000000 ____D C:\Users\kkory\AppData\Roaming\Dropbox
2024-02-14 05:34 - 2020-02-26 19:59 - 000000000 ____D C:\Users\kkory\AppData\Local\Dropbox
2024-02-14 05:33 - 2020-03-13 12:35 - 000000000 ___HD C:\OneDriveTemp
2024-02-14 05:33 - 2019-12-02 15:34 - 000000000 ____D C:\Program Files\CCleaner
2024-02-14 05:33 - 2019-12-02 12:57 - 000000000 ___RD C:\Users\kkory\OneDrive
2024-02-14 05:33 - 2019-12-02 12:50 - 000000000 __SHD C:\Users\kkory\IntelGraphicsProfiles
2024-02-14 05:32 - 2023-01-29 18:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-14 05:32 - 2023-01-29 18:43 - 000529816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-14 05:32 - 2020-11-05 05:33 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-14 05:31 - 2023-10-14 04:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\UUS
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-02-14 05:31 - 2022-05-07 05:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 05:31 - 2022-05-07 05:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-02-14 02:16 - 2023-01-29 18:44 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-14 02:03 - 2019-12-02 17:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 01:58 - 2019-12-02 17:19 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-14 01:57 - 2022-02-10 04:48 - 000000000 ____D C:\Users\kkory\AppData\Local\CrashDumps
2024-02-13 23:07 - 2022-07-10 01:06 - 000000000 ____D C:\Users\kkory\Desktop\UBER
2024-02-13 23:06 - 2019-12-02 15:21 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-13 23:06 - 2019-12-02 15:21 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-13 17:43 - 2020-06-15 18:32 - 000002391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2024-02-13 17:43 - 2020-06-15 18:32 - 000002356 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2024-02-13 17:43 - 2020-06-15 18:32 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2024-02-13 15:03 - 2023-01-29 18:51 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-13 15:02 - 2022-10-11 13:41 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-13 15:02 - 2022-10-11 13:41 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-13 12:41 - 2021-09-14 10:22 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-13 12:41 - 2021-09-14 10:22 - 000002012 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-02-13 12:41 - 2021-09-14 10:22 - 000002012 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-02-13 12:41 - 2021-09-14 10:22 - 000002000 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-02-13 12:41 - 2020-10-31 12:06 - 000002048 _____ C:\Users\kkory\Desktop\Google Drive.lnk
2024-02-10 20:49 - 2020-07-03 23:30 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-10 20:49 - 2020-07-03 23:30 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-02-09 22:52 - 2020-02-26 19:59 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-02-07 22:09 - 2023-01-29 18:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3105727912-594040118-960013747-1007
2024-02-07 22:09 - 2023-01-29 18:51 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3105727912-594040118-960013747-1007
2024-02-07 22:09 - 2020-11-05 02:47 - 000002383 _____ C:\Users\kkory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-06 12:00 - 2023-12-04 17:19 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-02-05 15:16 - 2023-01-29 18:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-02-04 16:16 - 2020-03-06 23:26 - 000000000 ____D C:\Users\kkory\AppData\Roaming\vlc
2024-02-03 19:48 - 2023-01-29 18:46 - 000000000 ____D C:\Users\kkory
2024-02-03 19:48 - 2022-09-20 17:59 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-02-03 19:48 - 2020-02-26 19:59 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2024-02-03 19:48 - 2020-02-26 19:59 - 000000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2024-02-03 12:35 - 2019-12-03 00:24 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-03 12:21 - 2023-01-29 18:51 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-03 12:21 - 2023-01-29 18:51 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-31 20:25 - 2022-02-10 04:26 - 000000000 ____D C:\ProgramData\Hotspot Shield
2024-01-31 20:25 - 2018-05-15 12:08 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-25 16:52 - 2023-01-29 18:51 - 000003980 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2024-01-25 16:52 - 2023-01-29 18:51 - 000003748 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2024-01-21 00:04 - 2021-03-01 03:44 - 000000000 ____D C:\Users\kkory\AppData\Roaming\Binance
2024-01-20 23:26 - 2023-01-29 18:51 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.02.2024
Ran by kkory (14-02-2024 21:14:31)
Running from C:\Users\kkory\Desktop
Microsoft Windows 11 Home Version 22H2 22621.3155 (X64) (2023-01-29 18:52:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3105727912-594040118-960013747-500 - Administrator - Disabled)
Alex (S-1-5-21-3105727912-594040118-960013747-1011 - Limited - Enabled)
DefaultAccount (S-1-5-21-3105727912-594040118-960013747-503 - Limited - Disabled)
Guest (S-1-5-21-3105727912-594040118-960013747-501 - Limited - Disabled)
kkory (S-1-5-21-3105727912-594040118-960013747-1007 - Administrator - Enabled) => C:\Users\kkory
volko (S-1-5-21-3105727912-594040118-960013747-1008 - Limited - Enabled) => C:\Users\volko
WDAGUtilityAccount (S-1-5-21-3105727912-594040118-960013747-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.008.20533 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Binance 1.49.0 (HKLM\...\Binance) (Version: 1.49.0 - BinanceTech)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 121.0.23861.160 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
ControlCenter2.0 v1.0.23 (HKLM-x32\...\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}) (Version: 1.0.23 - Control Center)
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.7013 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.7013 - CyberLink Corp.)
Dashlane (HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\Dashlane) (Version: 6.2148.0.52031 - Dashlane, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 192.4.4605 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.863.1 - Dropbox, Inc.) Hidden
ESET Security (HKLM\...\{6D46484B-0BE2-4060-9CD3-FA87ED960ED9}) (Version: 17.0.16.0 - ESET, spol. s r.o.)
Free Auto Clicker 4.1.6 (HKLM-x32\...\Free Auto Clicker_is1) (Version: - FreeAutoClicker Co., Ltd.)
GCI (remove only) (HKLM-x32\...\GCI) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.184 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 86.0.9.0 - Google LLC)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Hotspot Shield 12.7.0 (HKLM-x32\...\{509162bc-4dca-4b01-b3c0-5174c321a211}) (Version: 12.7.0.12189 - Pango Inc.)
Hotspot Shield 12.7.0 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-49251197B2C0}) (Version: 12.7.0.12189 - Pango Inc.) Hidden
Hotspot Shield 12.7.0 (HKLM-x32\...\HotspotShield) (Version: 12.7.0 - Pango Inc.) Hidden
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
Intel(R) Chipset Device Software (HKLM\...\{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.364 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1808.12.0.1102 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B4F59074-915E-4DFE-BFD6-1B415B37AE2F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{ED204DD8-2982-4B22-B077-0F70024D5FEB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{4B1DEC5C-ED0A-4DD1-ADB2-FD1117FF94D7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5017 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{64A94A93-B0C4-4B16-8CDC-FDB06E8CC306}) (Version: 16.0.2.1086 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000050-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.50.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E6F800A9-64D3-4E93-8E8E-AB53E21D4840}) (Version: 20.50.0.1450 - Intel Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM\...\{24DAC3F9-B4BF-437E-BB30-8BCBAAB2DFA6}) (Version: 1.9.100.41172 - Intel Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM-x32\...\ARP_for_prd_SGX_1.9.100.41172) (Version: 1.9.100.41172 - Intel Corporation)
Life App Explorer (HKU\S-1-5-21-3105727912-594040118-960013747-1008\...\Host App Service) (Version: 0.273.2.684 - SweetLabs) <==== ATTENTION
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17231.20194 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3105727912-594040118-960013747-1008\...\OneDriveSetup.exe) (Version: 21.050.0310.0001 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{9F513024-FFAD-4466-8CF0-5348389196B8}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{C521A8D8-511F-43DF-B789-7DD0B3F7363B}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-GB) (HKLM\...\Mozilla Firefox 113.0.2 (x64 en-GB)) (Version: 113.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
NVIDIA 3D Vision Driver 389.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 389.27 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 389.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 389.27 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenOffice 4.1.13 (HKLM-x32\...\{10DD5C14-3B1E-44D9-9CE6-82DCE24EAD17}) (Version: 4.113.9810 - Apache Software Foundation)
Parrot Software Update Tool (HKLM-x32\...\Parrot Flash Update Wizard) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.21304 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8433 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SupportAPP (HKLM\...\{0000A0AB-3A12-1EF4-A21C-9ADE1843AB04}) (Version: 1.1 - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Trezor Suite 23.11.5 (HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 23.11.5 - SatoshiLabs)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora X(Build 10.0.0.94) (HKLM\...\Wondershare Filmora X_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoom (HKU\S-1-5-21-3105727912-594040118-960013747-1007\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-3105727912-594040118-960013747-1008\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-02-13] ()
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_3.25.1177.0_x64__22t9g3sebte08 [2023-08-02] (AMZN Mobile LLC.) [Startup Task]
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt [2024-02-12] (INTEL CORP) [Startup Task]
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-05-07] (Canon Inc.)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1000.389.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation)
Dolby Audio Premium -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudioPremium_2.1001.237.0_x64__rz1tebttyb220 [2018-05-15] (Dolby Laboratories)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-02-09] (Dropbox Inc.)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-02-14] (Sparse Package)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-12-02] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21003.0_x64__8wekyb3d8bbwe [2023-12-06] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.7.1181.0_x86__8wekyb3d8bbwe [2024-02-06] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.4.10270.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_4.4.7101.0_x64__8wekyb3d8bbwe [2023-07-27] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2023-10-16] (Microsoft Studios) [MS Ad]
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-11] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-07] (Microsoft Corporation)
Plus500 -> C:\Program Files\WindowsApps\Plus500.Plus500_5.0.1.0_neutral__pssm8hpqmkeyc [2024-02-14] (Plus500)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.259.0_x64__dt26b99r8h8gj [2023-10-16] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-06] (Microsoft Studios) [MS Ad]
TradingView -> C:\Program Files\WindowsApps\TradingView.Desktop_2.7.1.5365_x64__n534cwy3pjxzj [2023-12-14] (TradingView, Inc.) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2023-10-16] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2403.10.0_x64__cv1g1gvanyjgm [2024-02-14] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-14] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3105727912-594040118-960013747-1007_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => D:\dropbox\Dropbox [2020-03-09 19:02]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-12-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-12-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-12-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\kkory\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\kkory\Desktop\Karel - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\kkory\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\da40509940297948\Binance Wallet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhbohimaelbohpjbbldcngcnapndodjp
ShortcutWithArgument: C:\Users\kkory\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-12-05 19:25 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2023-11-20 14:56 - 2023-11-20 14:56 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2023-01-29 18:45 - 2018-04-18 00:25 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2023-01-29 18:45 - 2018-04-18 00:25 - 000874880 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2023-01-29 18:45 - 2018-04-18 00:25 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3105727912-594040118-960013747-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3105727912-594040118-960013747-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3105727912-594040118-960013747-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3105727912-594040118-960013747-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 23:38 - 2018-04-11 23:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3105727912-594040118-960013747-1007\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\OEM\wallpaper.jpg
HKU\S-1-5-21-3105727912-594040118-960013747-1008\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{69C6944F-BB6A-4693-92B8-DEC956A828BD}] => (Allow) C:\Users\kkory\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{33F7D764-3F91-4136-8275-2531680FE485}] => (Allow) C:\Users\kkory\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FF521DBB-2741-42AB-84DB-2416F7163EE9}] => (Allow) C:\Users\kkory\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EE230E68-54A8-4707-B748-368E946CEC1C}] => (Block) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{5BB1A6D3-96E4-40B8-B185-3A6AE4BE765D}] => (Block) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{21FE19C2-03AF-4908-BE0B-53385383DE89}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{CEF5335B-7D79-421C-B435-D1767F40DDD3}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{2EE74B42-9357-4378-B0C1-6D071CC872F4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8B855546-1355-4A88-A84C-5DED2C7D29B6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A7D2AB1A-5A3A-46E2-A8BE-D6931715F38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C2C67445-0E2D-4594-BC55-F68CB0D949D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26161BEE-861A-4333-8211-690ECCE5BE80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{346F28D5-A10C-43F6-BB45-E4F0F6DB2813}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97901FFE-E76A-4233-B731-7B2624E7F617}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F85C894C-6656-47A8-9C0C-7DCFBBD1F2B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E2E7E1CF-DD4F-46FB-B1D1-A605B6B402F3}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{10580E1F-3460-4685-A8E1-B54A9B04EC90}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{947016BF-5B07-469B-BBEB-60805C9317DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3A8C932E-4093-42AF-AA83-70D963C8DB15}] => (Allow) C:\Users\kkory\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2AE92FDD-8522-409A-BC71-7A27D9C49123}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{68C7545A-BA86-4B04-AD92-9B787A90BEE5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{513E3EFE-01C0-4B51-B3AC-A2741C99F1D5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BBA8F528-4362-4958-A648-578D8D0C8BCC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5F9D8A2F-3E62-4F66-9214-72F48CE38456}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{56C1C6C4-B910-4820-B768-82289FAAAA8A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A0FB323-FBB2-45D8-BDD7-449702414454}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A119DC41-6CCC-419F-8C21-3A0FEF9A68D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{28621434-F002-4392-9A54-50CE26E7C034}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2DD626E2-2F9C-402F-BF51-F9730DDE25EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{758F2900-C5A2-42F1-B385-664445E03093}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [{9804F49E-5A04-4C94-ABC0-17A59CCEB214}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

14-02-2024 14:17:26 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/14/2024 07:56:10 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program WhatsApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (02/14/2024 05:33:51 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: The Windows Security Center Service was unable to load instances of AntiVirusProduct from datastore.

Error: (02/14/2024 05:33:51 AM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: The Windows Security Center Service was unable to load instances of FirewallProduct from datastore.

Error: (02/14/2024 05:33:41 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: ERAZER)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (02/14/2024 12:26:45 AM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Faulting module name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Exception code: 0xc0000409
Fault offset: 0x00020713
Faulting process ID: 0x0x5d50
Faulting application start time: 0x0x1da5edc79768d1d
Faulting application path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Faulting module path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Report ID: d23837a4-b079-4278-a67f-a1377a4d3872
Faulting package full name:
Faulting package-relative application ID:

Error: (02/14/2024 12:26:42 AM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: igfxext.exe, version: 6.15.10.5017, time stamp: 0x5aba5f2c
Faulting module name: igfxext.exe, version: 6.15.10.5017, time stamp: 0x5aba5f2c
Exception code: 0xc0000005
Fault offset: 0x000000000000e9b4
Faulting process ID: 0x0x3b04
Faulting application start time: 0x0x1da5edc7a06fbf4
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxext.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxext.exe
Report ID: 7bbca5c4-de45-4744-8ac3-9c8b1fea2651
Faulting package full name:
Faulting package-relative application ID:

Error: (02/13/2024 11:06:09 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Faulting module name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Exception code: 0xc0000409
Fault offset: 0x00020713
Faulting process ID: 0x0x69c8
Faulting application start time: 0x0x1da5ed13a4a3bdd
Faulting application path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Faulting module path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Report ID: 982783f9-80e6-4750-8310-4b6852a9a0b9
Faulting package full name:
Faulting package-relative application ID:

Error: (02/13/2024 10:11:48 PM) (Source: Application Error) (EventID: 1000) (User: ERAZER)
Description: Faulting application name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Faulting module name: AuxSwitch.exe, version: 1.0.0.1, time stamp: 0x580db540
Exception code: 0xc0000409
Fault offset: 0x00020713
Faulting process ID: 0x0x4630
Faulting application start time: 0x0x1da5ec9a0fed5b6
Faulting application path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Faulting module path: C:\Program Files (x86)\Hotkey\AuxSwitch.exe
Report ID: 004915fa-8be8-4f10-8c07-b30ccce34da6
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (02/14/2024 02:06:12 PM) (Source: DCOM) (EventID: 10010) (User: ERAZER)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (02/14/2024 02:04:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Hotspot Shield Service 12.7.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (02/14/2024 02:04:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Graphics Command Center Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/14/2024 02:04:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/14/2024 02:04:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/14/2024 02:04:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Realtek Audio Universal Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (02/14/2024 02:04:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SAMSUNG Mobile Connectivity Service V2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

Error: (02/14/2024 02:04:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===============
Date: 2024-02-14 20:57:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.07.06RGM3_00029 07/19/2018
Motherboard: MEDION N857EX1M
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 56%
Total physical RAM: 8039.17 MB
Available physical RAM: 3536.25 MB
Total Virtual: 17767.17 MB
Available Virtual: 11081.77 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:235.65 GB) (Free:67.56 GB) (Model: HFS256GD9TNG-62A0A) NTFS
Drive d: (Korkis) (Fixed) (Total:608.54 GB) (Free:489.25 GB) (Model: ST1000LM048-2E7172) NTFS
Drive e: (Recover) (Fixed) (Total:30 GB) (Free:8.36 GB) (Model: ST1000LM048-2E7172) NTFS
Drive v: (Ekaterina) (Fixed) (Total:292.97 GB) (Free:83.61 GB) (Model: ST1000LM048-2E7172) NTFS

\\?\Volume{3d8c99c1-4fe5-4d69-82ba-1ff1b76f4b23}\ () (Fixed) (Total:0.73 GB) (Free:0.08 GB) NTFS
\\?\Volume{19296e25-2ee8-4718-8f47-e034656efa50}\ () (Fixed) (Total:0.98 GB) (Free:0.45 GB) NTFS
\\?\Volume{45b6ca81-8f35-417c-a8a9-c2d392409a18}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DA9D6057)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: DA9D6048)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Alex

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {B38762E1-A892-4BE7-943E-23E7C2C2E6A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-02] (Google Inc -> Google LLC)
Task: {8E623E54-2269-48BA-879C-249DBB016CCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-02] (Google Inc -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe (No File)
Task: {62EA3FA1-DAE1-413F-9022-3A57EF2AB111} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {B1485780-CDF1-425F-8441-16845AA81464} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {C99458BC-D25B-492F-9BCE-81CC5AE6D6B2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 163
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: Alex

#9 Příspěvek od korkis »

tak tady je fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version: 11.02.2024
Ran by kkory (15-02-2024 22:07:08) Run:1
Running from C:\Users\kkory\Desktop
Loaded Profiles: kkory & volko
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {B38762E1-A892-4BE7-943E-23E7C2C2E6A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-02] (Google Inc -> Google LLC)
Task: {8E623E54-2269-48BA-879C-249DBB016CCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-02] (Google Inc -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe (No File)
Task: {62EA3FA1-DAE1-413F-9022-3A57EF2AB111} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {B1485780-CDF1-425F-8441-16845AA81464} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {C99458BC-D25B-492F-9BCE-81CC5AE6D6B2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B38762E1-A892-4BE7-943E-23E7C2C2E6A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B38762E1-A892-4BE7-943E-23E7C2C2E6A5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E623E54-2269-48BA-879C-249DBB016CCE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E623E54-2269-48BA-879C-249DBB016CCE}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62EA3FA1-DAE1-413F-9022-3A57EF2AB111}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62EA3FA1-DAE1-413F-9022-3A57EF2AB111}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1485780-CDF1-425F-8441-16845AA81464}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1485780-CDF1-425F-8441-16845AA81464}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C99458BC-D25B-492F-9BCE-81CC5AE6D6B2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C99458BC-D25B-492F-9BCE-81CC5AE6D6B2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\FormatFactoryShell => removed successfully
HKLM\Software\Classes\CLSID\{A3888923-CFD3-4A6B-89BF-08E6B95716E8} => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\FormatFactoryShell => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1835008 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38086784 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 27300 B
Windows/system/drivers => 19564394 B
Edge => 0 B
Chrome => 888137171 B
Firefox => 30472825 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 20 B
systemprofile32 => 20 B
LocalService => 122362 B
NetworkService => 122362 B
kkory => 142877611 B
volko => 143054494 B

RecycleBin => 129451139 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-02-2024 22:10:36)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 22:10:36 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Alex

#10 Příspěvek od Rudy »

Smazáno, V PC bylo jen to, co smazal ADW, ostatní byly jen zbytečnosti. Smazáno bylo AdWare.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 163
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: Alex

#11 Příspěvek od korkis »

parada,diky moc, takže mame hotovo?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Alex

#12 Příspěvek od Rudy »

Z mé strany je to vše, pokud není jiný problém. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 163
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: Alex

#13 Příspěvek od korkis »

super, vsechno vypada cajk :happy:
diky moc, jste zlatej :idea: muzeme zamcit

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Alex

#14 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno