Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.05.2024 01 Ran by Michal (administrator) on LAPTOP-2OPVSQVI (Acer Nitro AN515-57) (26-05-2024 10:57:40) Running from E:\Moje dokumenty\programy anty vir\FRST64.exe Loaded Profiles: Michal Platform: Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.) D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe (C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe <6> (C:\Users\Michal\AppData\Local\LINE\bin\current\LINE.exe ->) (LINE Corporation -> LINE Corporation) C:\Users\Michal\AppData\Local\LINE\Data\plugin\LineCall\1.0.0.714\LineCall.exe (C:\Users\Michal\AppData\Local\LINE\bin\current\LINE.exe ->) (LINE Corporation -> LINE Corporation) C:\Users\Michal\AppData\Local\LINE\Data\plugin\LineMediaPlayer\1.2.0.518\LineMediaPlayer.exe <2> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7> (explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <42> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE (LINE Corporation -> LY Corporation) C:\Users\Michal\AppData\Local\LINE\bin\current\LINE.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (GoTrustID Inc -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe (services.exe ->) (GOTrustID Inc.) [File not signed] C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIServiceN.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e31d62740aef2af9\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\AS\IAS\IntelAudioService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe (services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe <2> (services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_e34030d00c20947b\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe <3> (services.exe ->) (TBT_DCH_DRV_PROD -> ) C:\Windows\TbtP2pShortcutService.exe (sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2404.1001.25.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe (sihost.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6> (svchost.exe ->) (83564403-0B26-46B8-9D84-040F43691D31 -> Realtek Semiconductor) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.41.294.0_x64__dt26b99r8h8gj\RtkUWP.exe (svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe (svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe (svchost.exe ->) (Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (EAF76292-FADE-4EAB-A62C-FE5E78661D58 -> ) C:\Program Files\WindowsApps\AcerIncorporated.AcerPurifiedVoiceConsoleR_2.0.4.0_x64__48frkmn4z8aw4\AcerPurifiedVoiceApp.exe (svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxextN.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2404.1001.25.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.2.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHT\ChtIME.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.3522_none_e93c247a42e7cbb6\TiWorker.exe (svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\Michal\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe [1673008 2023-05-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944 2022-02-08] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11551632 2024-05-14] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKU\S-1-5-21-2729801542-2757189542-1995047959-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-2729801542-2757189542-1995047959-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482168 2022-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-2729801542-2757189542-1995047959-1001\...\Run: [MicrosoftEdgeAutoLaunch_3D9802976EF00A6AE9398D528BE31C4A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4136896 2024-05-17] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon G3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCW.DLL [30208 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\...\Print\Monitors\Canon BJ Language Monitor G3000 series: C:\Windows\system32\CNMLMCW.DLL [406528 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.78\Installer\chrmstp.exe [2024-05-24] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ECountAssistant.lnk [2024-04-11] ShortcutTarget: ECountAssistant.lnk -> C:\Users\Michal\AppData\Roaming\ECountAssistant\ECountAssistant.exe (ECOUNT Co., Ltd. -> ECOUNT Inc.) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {214CC0E3-3C48-4FFA-B515-898249F45F6E} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto Task: {A106A16A-C9D2-4763-8D83-AC4A59C4C715} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> ) Task: {2F3FEB49-3546-43C9-85EF-216AD50D50B4} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> ) Task: {8ECF15ED-8743-4960-A546-34A2C6F6C001} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> ) Task: {22CF36D0-DFE4-417F-B2EC-B8DC96411377} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {DFB7D848-0FB5-4913-BE1B-1DBF62B4401A} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {86863ABE-63A9-4786-8FD4-793A2D854359} - System32\Tasks\App Explorer => C:\Users\Michal\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-30] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION Task: {E4312322-2C7C-453D-A040-41890F098CC4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {6B0C01FC-2422-4A73-B69A-16CE458A06F8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {628A4BC7-8B94-4646-AC1C-148D8194131C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-11] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "bccfe463-35cb-44c5-965d-9ac627ddac8c" --version "6.23.11010" --silent Task: {9DF42750-9B35-4965-B071-3720F1831E5A} - System32\Tasks\CCleanerSkipUAC - Michal => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {0D07A89D-C534-4BD6-9D2F-45DF7C5B4F3B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.) Task: {70BB6558-A194-4065-BB3C-CCF64FCE1E51} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.) Task: {2E5FF3CE-6351-40B7-BF84-0A45A1E96DA0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{A0BBB855-7A68-4009-ABB5-A603203ACDC3} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) Task: {F7A8169C-F536-466F-BCFC-3D2D5EDA90B9} - System32\Tasks\GoTrust ID Driver => C:\Program Files\GoTrust ID Plugin\Resource\GO-Trust_ID_Driver.exe [68192 2020-09-08] (GoTrustID Inc -> ) Task: {FCA48501-49D2-4326-8129-14AA6DA44EFA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {960854FD-5AFD-42D5-A3B9-A1EA998BC39E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {7B27C436-DC25-494F-9839-63933DA95C91} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File) Task: {643C5F1F-970F-4502-AEED-6328D742F3EE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File) Task: {B8FFC80E-7795-481C-A7EC-E5CBDA96008A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File) Task: {FBD18413-4082-4638-BA3E-1CC0CC02EBCA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File) Task: {15614527-6C8D-4A07-B405-8E22C17EA2BB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {C4F9C532-2CBD-4CF1-8BCE-4848BA0FAD02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D5B049B1-14E9-4959-AB6D-2523E5075738} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {804823C2-83B4-4911-A0F2-D7D57EEAED74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {64760A6E-0AD6-4C1D-BDFC-10D91D37450A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {858BE0C2-74A6-4DDD-82CF-43EBBCA1F4E9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-01] (Mozilla Corporation -> Mozilla Foundation) Task: {646D5E1E-FB74-4F0B-860C-F64FF53CE573} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [610832 2021-03-26] (Acer Incorporated -> Acer Incorporated) Task: {48FD8A2B-C0A0-4715-9B1D-0C88968D1AE0} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.) Task: {30F54C88-E281-4A20-877E-616E710828EE} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.) Task: {CEFDCD4A-F0B9-4E28-A623-651542B7BA79} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.) Task: {2A7D0CD1-8CCB-47C7-ABE2-759E9CF3F747} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.24.2.6\WSCStub.exe [646520 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {C422E34E-1C78-49A8-9D68-5D5F7947FD4D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {4CEF962C-9439-40F6-8C54-FC6CA807C6A9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {D9FC4DA3-BAB9-411A-B349-C92F7C763E99} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {148D2FB6-E583-4DB6-B4DF-2297514FCBB7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {BD93A789-2742-464D-98A3-928F62610307} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D10E8329-80C7-45DA-8693-C5B1D54CC8E6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AFC6258E-99E0-4F3C-9855-01BE2A2457D8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FE4FEE31-57E8-45A5-A379-59CC6BA65113} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C03E4B81-0C42-402F-A72B-C6D8090B6DDA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A7B35F6F-3D03-41EB-AA59-C7158E71DC6A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {813E79E4-9F31-449D-B71A-BAA843D94C55} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> ) Task: {A12DACD4-5054-4D12-919F-9FC810D0B029} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> ) Task: {AC5C862D-376D-49FF-A884-709313DFCB46} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {9DD66F61-E704-4991-880F-9216A32B4FE6} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {15559985-C09F-4E1D-AD23-EEF8A842270D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Ultra\Upgrade.exe [2353000 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {749318CB-C1FC-4309-BF4A-E53FE66548C1} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {1F104D2F-D419-4D4C-9452-6E5B64D1B821} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2020-09-18] (Acer Incorporated -> Microsoft) Task: {93A717E2-7084-4F9A-9A70-B68062A0A3C4} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-11-19] (Acer Incorporated -> Acer Incorporated) Task: {5576E357-7D0F-40BB-8BD1-04524BA96E58} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-11-19] (Acer Incorporated -> Acer Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0: <==== ATTENTION (Restriction - Zones) Tcpip\Parameters: [DhcpNameServer] 192.168.85.92 Tcpip\..\Interfaces\{6eb18286-80c6-49f1-a070-274fd3bb35c5}: [DhcpNameServer] 192.168.85.92 Tcpip\..\Interfaces\{6eb18286-80c6-49f1-a070-274fd3bb35c5}\1476F62716: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6eb18286-80c6-49f1-a070-274fd3bb35c5}\6457E624F68723D264642393: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6eb18286-80c6-49f1-a070-274fd3bb35c5}\76275656E6F52364: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-26] Edge Extension: (Google Docs Offline) - C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27] Edge Extension: (Edge relevant text changes) - C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26] FireFox: ======== FF DefaultProfile: 5tm5fxks.default FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\5tm5fxks.default [2021-10-29] FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\zt5aysep.default-release [2024-05-23] FF Extension: (Amazon Assistant for Firefox) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\zt5aysep.default-release\Extensions\abb-acer@amazon.com.xpi [2021-10-29] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (English (US) Language Pack) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\zt5aysep.default-release\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2021-10-29] FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com.xpi [2019-05-14] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (English (US) Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org.xpi [2020-09-15] FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-07-30] [Legacy] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2021-11-01] [Legacy] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2024-05-26] CHR Notifications: Default -> hxxps://loginia.ecount.com; hxxps://meet.google.com; hxxps://www.1shot.tw; hxxps://www.messenger.com; hxxps://www.netflix.com CHR StartupUrls: Default -> "","hxxp://mysearch.avg.com?cid={38C9EF54-1B51-4F39-86C3-C9C0F7B8D7F5}&mid=b9a76e73b8be47d282abd16b059d98ef-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-01-27 19:13:00&v=17.3.1.91&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={38C9EF54-1B51-4F39-86C3-C9C0F7B8D7F5}&mid=b9a76e73b8be47d282abd16b059d98ef-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-07 08:17:37&v=17.3.1.204&pid=safeguard&sg=&sap=hp","|hxxp://mysearch.avg.com?cid={38C9EF54-1B51-4F39-86C3-C9C0F7B8D7F5}&mid=b9a76e73b8be47d282abd16b059d98ef-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-01-27 19:13:00&v=18.0.5.292&pid=safeguard&sg=&sap=hp|hxxp://mysearch.avg.com?cid={38C9EF54-1B51-4F39-86C3-C9C0F7B8D7F5}&mid=b9a76e73b8be47d282abd16b059d98ef-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-07 08:17:37&v=17.3.1.204&pid=safeguard&sg=&sap=hp","hxxp://www.sweet-page.com/?type=hp&ts=1422909478&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX51A84RA1Y2RA1Y2","hxxp://isearch.omiga-plus.com/?type=hp&ts=1418923397&from=cor&uid=HitachiXHTS547550A9E384_J2160051CVE2RDCVE2RDX","hxxp://do-search.com/?type=hp&ts=1432806674&z=daca7c61f0cadaeef45970eg7zdc1o2bee8qaq4mdo&from=cor&uid=HitachiXHTS547550A9E384_J2160051CVE2RDCVE2RDX" CHR Extension: (Torrent Scanner) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-09] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-05-21] CHR Extension: (Google Docs Offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26] CHR Extension: (AdBlock — block ads across the web) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-05-23] CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2024-05-23] CHR Extension: (Numerics Calculator & Converter) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2024-01-28] CHR Extension: (Shazam: Find song names from your browser) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-05-08] CHR Extension: (Chrome Web Store Payments) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29] CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-02-01] CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-05-24] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-05-20] CHR Extension: (Google Docs Offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29] CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-04-22] CHR Extension: (Safe Torrent Scanner) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-10-26] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-10-26] CHR Extension: (Google Docs Offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-01] CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\System Profile [2024-05-21] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-29] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-05-14] (Dropbox, Inc -> Dropbox, Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4960120 2022-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243384 2022-08-25] (DTS, Inc. -> DTS Inc.) S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [15360 2020-09-08] (GOTrustID Inc.) [File not signed] R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [336992 2020-09-08] (GoTrustID Inc -> GOTrustID Inc.) R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\AS\IAS\IntelAudioService.exe [531008 2022-01-26] (Intel Corporation -> Intel) R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9903656 2024-04-18] (Logitech Inc -> Logitech, Inc.) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe [344888 2024-03-04] (NortonLifeLock Inc. -> NortonLifelock Inc.) R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe [1059176 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.) R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [841744 2021-03-26] (Acer Incorporated -> Acer Incorporated) S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated) R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [252264 2021-01-25] (TBT_DCH_DRV_PROD -> ) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [342568 2020-11-19] (Acer Incorporated -> Acer Incorporated) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_e34030d00c20947b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_e34030d00c20947b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20211220.011\BHDrvx64.sys [2018784 2021-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\ccSetx64.sys [198288 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2022-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2022-10-04] (AVB Disc Soft, SIA -> Disc Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_42e0121b9785f90e\iaLPSS2_GPIO2_TGL.sys [128680 2020-11-19] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_70d4531ccdd0c3c2\iaLPSS2_I2C_TGL.sys [197288 2020-11-19] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_SPI_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b9ae9f760b62c73a\iaLPSS2_SPI_TGL.sys [155816 2020-11-19] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_UART2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_da87610cdf3862a4\iaLPSS2_UART2_TGL.sys [310440 2020-11-19] (Intel Corporation -> Intel Corporation) R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1544912 2021-08-26] (Intel Corporation -> Intel Corporation) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20211220.061\IDSvia64.sys [1480144 2021-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_2cc98897d8dddf62\IntcUSB.sys [882280 2022-01-26] (Intel Corporation -> Intel(R) Corporation) R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation) R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [98864 2024-04-18] (Logitech Inc -> Logitech, Inc.) R3 MpKsl8cbded80; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6051B52A-8E50-456D-8853-B6C1F64C092E}\MpKslDrv.sys [271648 2024-05-26] (Microsoft Windows -> Microsoft Corporation) S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\nsvst.sys [57120 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.) R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [210640 2021-06-10] (NVIDIA Corporation -> NVIDIA Corporation) R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SRTSP64.SYS [960640 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SRTSPX64.SYS [52864 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SYMEFASI64.SYS [2180248 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SymELAM.sys [36016 2024-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [712432 2021-07-14] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\Ironx64.SYS [306872 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\symnets.sys [492720 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2022-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21056 2024-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601496 2024-05-17] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-17] (Microsoft Windows -> Microsoft Corporation) S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\wpCtrlDrv.sys [1016792 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-05-26 10:56 - 2024-05-26 10:57 - 000000000 ____D C:\FRST 2024-05-25 10:50 - 2024-05-25 10:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation 2024-05-23 14:17 - 2024-05-23 14:17 - 000195475 _____ C:\Users\Michal\OneDrive\Documents\Packaging_v8.pdf 2024-05-23 12:26 - 2024-05-23 12:26 - 000003854 _____ C:\Users\Michal\Downloads\20240520006裝箱明細.xlsx 2024-05-22 10:37 - 2024-05-22 10:37 - 000429071 _____ C:\Users\Michal\OneDrive\Documents\Quotation_Agora Traders Co., Ltd.20240327(1).pdf 2024-05-21 12:32 - 2024-05-21 12:32 - 000005226 _____ C:\Users\Michal\Downloads\庫存異動-20240517_20240521.xlsx 2024-05-21 11:59 - 2024-05-21 11:59 - 000135000 _____ C:\Users\Michal\OneDrive\Documents\玉山個人網路銀行 E.SUN BANK.pdf 2024-05-21 10:51 - 2024-05-21 10:51 - 000800944 _____ C:\WINDOWS\system32\perfh015.dat 2024-05-21 10:51 - 2024-05-21 10:51 - 000419334 _____ C:\WINDOWS\system32\prfh0404.dat 2024-05-21 10:51 - 2024-05-21 10:51 - 000158968 _____ C:\WINDOWS\system32\perfc015.dat 2024-05-21 10:51 - 2024-05-21 10:51 - 000139754 _____ C:\WINDOWS\system32\prfc0404.dat 2024-05-20 22:30 - 2024-05-22 16:04 - 000010824 _____ C:\Users\Michal\OneDrive\Desktop\List DnS.xlsx 2024-05-17 16:22 - 2024-05-17 16:24 - 000000000 ___HD C:\$WinREAgent 2024-05-16 12:14 - 2024-05-15 16:29 - 000000000 ____D C:\Users\Michal\OneDrive\Desktop\专业拍照 2024-05-15 13:33 - 2024-05-15 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2024-05-14 09:58 - 2024-05-14 09:58 - 000005246 _____ C:\Users\Michal\Downloads\進倉單匯出-20240507_20240512.xlsx 2024-05-14 08:25 - 2024-05-14 08:25 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2024-05-13 11:24 - 2024-05-13 11:24 - 003593132 _____ C:\Users\Michal\OneDrive\Documents\Biały Bocian ppt TW(1).pdf 2024-05-08 19:26 - 2024-05-08 19:26 - 000020603 _____ C:\Users\Michal\OneDrive\Desktop\AGORA stany.xlsx 2024-05-08 12:20 - 2024-05-08 12:20 - 000098877 _____ C:\Users\Michal\OneDrive\Documents\83517967.pdf 2024-05-01 09:57 - 2024-05-01 09:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2024-04-30 23:53 - 2024-05-14 23:01 - 000013576 _____ C:\Users\Michal\OneDrive\Desktop\work schedule May.xlsx 2024-04-26 17:30 - 2024-04-26 17:30 - 001428911 _____ C:\Users\Michal\OneDrive\Documents\Packaging_v7(1).pdf 2024-04-26 16:40 - 2024-04-26 16:40 - 001428911 _____ C:\Users\Michal\OneDrive\Documents\Packaging_v7.pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-05-26 10:58 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-05-26 10:52 - 2021-12-28 16:02 - 000000000 ____D C:\Users\Michal\AppData\Local\Norton 2024-05-26 10:45 - 2021-10-24 05:59 - 000000000 ____D C:\Users\Michal\AppData\Local\Host App Service 2024-05-26 10:43 - 2023-12-23 01:32 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2024-05-26 10:42 - 2023-12-29 19:51 - 000273186 _____ C:\Users\Michal\OneDrive\Desktop\Sales Report 2024.xlsx 2024-05-26 10:42 - 2023-12-23 01:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-05-25 16:54 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-05-25 16:52 - 2022-05-07 13:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-05-25 16:09 - 2024-04-11 09:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security Ultra 2024-05-25 14:07 - 2021-11-01 19:54 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Word 2024-05-25 14:07 - 2021-10-27 12:16 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Excel 2024-05-25 13:23 - 2022-05-07 13:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-05-25 12:25 - 2021-07-30 04:08 - 000000000 ____D C:\ProgramData\NVIDIA 2024-05-24 18:06 - 2023-12-23 01:32 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C4CFA74B-EF2F-45C7-8B1A-CAC5D65A4B76} 2024-05-24 14:51 - 2021-10-29 21:03 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-05-24 00:20 - 2021-10-29 21:34 - 000000691 _____ C:\Users\Michal\OneDrive\Desktop\company meeting.txt 2024-05-24 00:09 - 2024-02-18 14:03 - 000025868 _____ C:\Users\Michal\OneDrive\Desktop\36 alcohol order LCL PL - Bielsko.xlsx 2024-05-23 23:54 - 2021-10-24 05:59 - 000000000 ____D C:\Users\Michal\AppData\Local\Packages 2024-05-23 12:52 - 2024-02-19 21:54 - 000267768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll 2024-05-23 12:52 - 2022-10-27 12:50 - 000108024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2024-05-23 12:52 - 2022-10-27 12:50 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2024-05-23 12:52 - 2021-11-20 21:15 - 000206328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2024-05-23 12:52 - 2021-10-27 13:23 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2024-05-23 12:52 - 2021-10-27 12:16 - 002729464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2024-05-23 12:52 - 2021-10-27 12:16 - 000722424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2024-05-23 12:52 - 2021-10-27 12:16 - 000218616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2024-05-22 18:26 - 2021-11-01 19:41 - 000000000 ____D C:\Users\Michal\AppData\Local\CrashDumps 2024-05-21 19:39 - 2021-10-29 21:18 - 000000000 ____D C:\Users\Michal\AppData\Roaming\vlc 2024-05-21 12:44 - 2023-02-10 14:29 - 000015147 _____ C:\Users\Michal\OneDrive\Desktop\cashflow 2024.xlsx 2024-05-21 10:58 - 2021-10-27 12:16 - 000000000 ____D C:\ProgramData\Packages 2024-05-21 10:51 - 2023-12-23 01:37 - 002358948 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-05-21 10:51 - 2022-05-07 13:22 - 000000000 ____D C:\WINDOWS\INF 2024-05-21 10:49 - 2021-11-05 14:35 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Dropbox 2024-05-21 10:48 - 2021-11-05 14:32 - 000000000 ____D C:\Users\Michal\AppData\Local\Dropbox 2024-05-21 10:48 - 2021-10-29 21:11 - 000000000 ____D C:\Program Files\CCleaner 2024-05-21 10:47 - 2022-05-07 13:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-05-21 02:33 - 2022-05-07 13:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-05-21 02:31 - 2023-12-23 01:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-05-21 02:31 - 2023-12-23 01:27 - 005215424 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-05-21 02:31 - 2022-05-07 13:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2024-05-21 02:31 - 2022-05-07 13:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-05-21 02:31 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\UUS 2024-05-21 02:31 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-05-21 02:31 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2024-05-21 02:31 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-05-21 02:31 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-05-21 02:31 - 2022-05-07 13:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-05-21 02:31 - 2021-07-30 03:51 - 000012288 ___SH C:\DumpStack.log.tmp 2024-05-21 02:31 - 2021-07-30 03:51 - 000000000 ___HD C:\Intel 2024-05-21 02:30 - 2023-12-23 10:24 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ___SD C:\WINDOWS\system32\F12 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\SystemApps 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-05-21 02:30 - 2022-05-07 13:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-05-21 02:30 - 2022-05-07 13:17 - 000000000 ____D C:\WINDOWS\servicing 2024-05-21 00:14 - 2023-12-23 01:32 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2729801542-2757189542-1995047959-1001 2024-05-21 00:14 - 2023-12-23 01:32 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2729801542-2757189542-1995047959-1001 2024-05-21 00:14 - 2021-10-24 05:59 - 000002390 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-05-20 11:57 - 2024-03-05 17:18 - 000028003 _____ C:\Users\Michal\OneDrive\Desktop\29 alcohol order FCL - zubr.xlsx 2024-05-19 16:19 - 2021-07-30 03:52 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-05-17 16:35 - 2022-05-07 13:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-05-17 16:35 - 2021-11-04 10:57 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-05-17 16:33 - 2021-11-04 10:57 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-05-17 16:32 - 2022-05-07 13:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2024-05-17 16:32 - 2022-05-07 13:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll 2024-05-17 16:32 - 2021-07-30 03:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-05-17 16:29 - 2023-12-23 01:31 - 003214336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-05-15 17:35 - 2021-10-24 06:01 - 000000000 ____D C:\Users\Michal\AppData\Local\D3DSCache 2024-05-15 16:33 - 2024-01-24 15:32 - 000000000 ____D C:\Users\Michal\AppData\Roaming\AnyDesk 2024-05-15 14:42 - 2024-04-25 13:57 - 000071773 _____ C:\Users\Michal\OneDrive\Desktop\24 Lamp order FCL.xlsx 2024-05-15 14:03 - 2022-09-21 23:59 - 000000112 _____ C:\Users\Michal\AppData\Roaming\JP2K CS6 Prefs 2024-05-15 13:33 - 2021-11-05 14:32 - 000000000 ____D C:\Program Files (x86)\Dropbox 2024-05-12 18:09 - 2024-02-19 21:54 - 000267784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll.0 2024-05-09 17:54 - 2024-03-19 12:51 - 000025634 _____ C:\Users\Michal\OneDrive\Desktop\37 alcohol order LCL UK.xlsx 2024-05-09 17:50 - 2021-11-04 22:58 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\PowerPoint 2024-05-08 21:06 - 2023-12-23 01:32 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-05-08 21:06 - 2023-12-23 01:32 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-05-02 14:38 - 2022-09-21 17:03 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Zoom 2024-05-01 09:57 - 2021-10-29 21:03 - 000000000 ____D C:\Program Files (x86)\Google 2024-05-01 00:30 - 2022-09-29 15:38 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2024-05-01 00:30 - 2021-10-24 05:59 - 000000000 __SHD C:\Users\Michal\IntelGraphicsProfiles 2024-05-01 00:29 - 2024-04-25 12:37 - 000023380 _____ C:\Users\Michal\OneDrive\Desktop\38 alcohol order LCL IT Monte.xlsx 2024-04-30 23:55 - 2021-10-29 21:34 - 000024432 _____ C:\Users\Michal\OneDrive\Desktop\Big Goals plan 1.xlsx 2024-04-29 11:54 - 2023-12-23 01:28 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Spelling 2024-04-26 11:24 - 2021-11-08 12:18 - 000000132 _____ C:\Users\Michal\AppData\Roaming\Adobe PNG Format CC Prefs ==================== Files in the root of some directories ======== 2022-04-07 22:33 - 2022-09-22 00:20 - 000000132 _____ () C:\Users\Michal\AppData\Roaming\Adobe AIFF Format CC Prefs 2021-11-08 12:18 - 2024-04-26 11:24 - 000000132 _____ () C:\Users\Michal\AppData\Roaming\Adobe PNG Format CC Prefs 2022-09-21 23:59 - 2024-05-15 14:03 - 000000112 _____ () C:\Users\Michal\AppData\Roaming\JP2K CS6 Prefs 2022-10-19 11:41 - 2022-10-19 11:41 - 000000000 _____ () C:\Users\Michal\AppData\Local\oobelibMkey.log 2022-10-04 02:57 - 2022-10-04 02:57 - 000000017 _____ () C:\Users\Michal\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================