Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02 Ran by user (administrator) on DESKTOP-JC5DE83 (17-11-2023 11:23:15) Running from C:\Users\user\Desktop\FRST64English.exe.exe Loaded Profiles: user Platform: Microsoft Windows 10 Pro Version 22H2 19045.3693 (X64) Language: Greek (Greece) -> English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe (DriverStore\FileRepository\u0366400.inf_amd64_4021c2cb607d5b92\B366217\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366400.inf_amd64_4021c2cb607d5b92\B366217\atieclxx.exe (explorer.exe ->) (520D4CDF-A287-4423-AB88-D88CCF7E866D -> QuickControls) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.GalaxyBuds_5.8.0.0_x64__3c1yjt4zspk6g\QuickControls\QuickControls.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16> (explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.221.1024.0002\Microsoft.SharePoint.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366400.inf_amd64_4021c2cb607d5b92\B366217\atiesrxx.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2> (services.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe (svchost.exe ->) (520D4CDF-A287-4423-AB88-D88CCF7E866D -> Samsung Electronics Co., Ltd.) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.GalaxyBuds_5.8.0.0_x64__3c1yjt4zspk6g\BudsManager.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2309.6.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [BraveVpnWireguardService] => C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10797080 2023-11-15] (Brave Software, Inc. -> Brave Software, Inc.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2020-05-13] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2590752 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2590752 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Run: [Discord] => C:\Users\user\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub) HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2023-11-11] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\user\AppData\Local\Microsoft\Teams\Update.exe [2587456 2023-02-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2590752 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Run: [Spotify] => C:\Users\user\AppData\Roaming\Spotify\Spotify.exe [19438520 2022-07-29] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70912472 2023-11-15] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-3428885277-3589225921-2990357218-1001\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3894824 2023-11-09] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpfpp092: C:\Windows\System32\spool\prtprocs\x64\hpfpp092.dll [249856 2009-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\PCL hpf3l092.dll: C:\WINDOWS\system32\hpf3l092.dll [136704 2009-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\Installer\chrmstp.exe [2023-11-15] (Brave Software, Inc. -> Brave Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-09-14] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {DEBBA3F5-1208-4D43-A7C0-CD4AA11E921E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {20F22C2C-BFA9-41CA-AB48-D11AABEC0A6B} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {D98DF752-BB95-41A2-B7AC-4F329B9AC053} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {73CA6148-63BE-44A7-8A4B-F7F380A6667C} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-11-04] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {C8894E14-39D1-4461-8326-6318B469BEB1} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-11-04] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {46F86070-F31D-4CE5-8A90-72E16CF5B463} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {0BDF787A-08AA-4DA0-BD32-57678CBC7DD1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e8188609-8b2d-405e-ad8b-6ccea63ff90f" --version "6.17.10746" --silent Task: {6753938C-0B9C-42EA-A52C-5E0390AC57B9} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {6580BD56-F872-460F-9AF2-6933BD2307D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-25] (Google LLC -> Google LLC) Task: {0A496686-60B5-4FDA-AABC-6B3F8FE89F44} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-25] (Google LLC -> Google LLC) Task: {FC14E408-B2CF-468E-BEB6-0EA9505A7E49} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2023-11-14] (HP Inc. -> HP Inc.) Task: {FFDB102B-76DB-4FD1-BD1C-A8D8287F9089} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2023-11-14] (HP Inc. -> HP Inc.) Task: {A05916F7-F23B-42EC-91FD-834565F2DB65} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {B2A85ED2-1C06-42BA-A779-5700CBF25C89} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {83A80BEB-6D83-4866-807A-5E8C76A43FFC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {E6BC759F-F9FD-426A-9AAD-1B30B7A57658} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {8B39ACC7-331F-45AC-A33B-97E211E1F153} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Task: {56E9E3F0-458A-483E-8B27-9291F9BD3004} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [278016 2023-11-14] (Microsoft Windows -> Microsoft Corporation) Task: {CDCDC450-5ADD-480E-A881-C0B6FC16CDE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3358ED43-D1B0-496C-894A-9066D6BF4EB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {839644DB-DD72-42C7-9815-3EA761DD981E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BA65A461-278A-41F3-BEDA-3ED97C27876E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4F0724AB-B6F0-4173-86B0-6196A47D827F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-14] (Microsoft Windows -> Microsoft Corporation) Task: {93A5C737-4811-4D6B-A852-1043E0FEB3AA} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {3FCAF34D-332F-4CDE-A777-B12E613652CE} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676256 2023-11-09] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {F34F234D-A2A6-4CB9-991A-FB2F897F7347} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-11-09] (Mozilla Corporation -> Mozilla Foundation) Task: {1930287A-3D78-4213-A12B-D729378F89C0} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {08276DC3-54E8-42BC-B7C0-19B5EFC08815} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3428885277-3589225921-2990357218-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {FD22E7E0-86D1-4B30-B3E4-6A0683A9CE6A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641416 2023-11-11] (Overwolf Ltd -> Overwolf LTD) Task: {DC65AF89-0AD2-4BB1-956D-9F827335F7D3} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {BFD97C8E-8C18-4D91-9291-66D6903E61A9} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-04-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {5A2C1722-EAB5-4D2E-91B0-A29947B3955C} - System32\Tasks\update-S-1-5-21-3428885277-3589225921-2990357218-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {002F86F1-FDE1-41E8-BF86-915AEEEDAE41} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-3428885277-3589225921-2990357218-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{1f99b65a-9842-43ca-83b0-19e994c7fafc}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{855d36d1-73bd-4f44-95a0-d2299262fdcc}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Edge: ======= Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-17] Edge Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-17] Edge Extension: (Edge relevant text changes) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13] FireFox: ======== FF DefaultProfile: got4wc8b.default FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\got4wc8b.default [2023-11-15] FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\haffiie8.default-release [2023-11-15] FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\haffiie8.default-release\Extensions\@windscribeff.xpi [2023-04-19] FF Extension: (Age Restriction Bypass for YouTube™) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\haffiie8.default-release\Extensions\simple-youtube-age-restriction-bypass@zerody.one.xpi [2022-11-29] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2023-11-17] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-10] CHR Extension: (uBlock Origin) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-11-09] CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17] CHR Extension: (AdBlock — best ad blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-15] CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-25] CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2023-11-15] Brave: ======= BRA Profile: C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-11-15] BRA Extension: (GoPlay Extension) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\edhdonadgbpnhhkdobemjnjdpmfdjnmf [2023-10-18] BRA Extension: (Header Editor) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eningockdidmgiojffjmkdblpjocbhgh [2023-10-11] BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-11-01] BRA Extension: (Brave Local Data Files Updater) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-11-01] BRA Extension: (Brave NTP background images) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-10-03] BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-11-01] BRA Extension: (Wallet Data Files Updater) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-11-01] BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-11-01] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-11-22] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-02-26] BRA Extension: (Brave NTP sponsored images) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2023-11-01] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-01] BRA Extension: (Brave Ads Resources) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\iblokdlgekdjophgeonmanpnjihcjkjj [2023-10-21] BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-11-01] BRA Extension: (Brave SpeedReader Updater) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-06-06] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-11-01] BRA Extension: (Brave NTP sponsored images) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\nckpknljimkeefilndhgljafclhkjcfj [2022-08-21] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\user\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-11-01] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901960 2022-01-23] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-11-04] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-11-04] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\brave_vpn_helper.exe [2762264 2023-11-15] (Brave Software, Inc. -> Brave Software, Inc.) S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10797080 2023-11-15] (Brave Software, Inc. -> Brave Software, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-16] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-07-29] (EasyAntiCheat Oy -> Epic Games, Inc) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.221.1024.0002\FileSyncHelper.exe [3507104 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-14] (HP Inc. -> HP Inc.) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed] R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-15] (Malwarebytes Inc. -> Malwarebytes) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.221.1024.0002\OneDriveUpdaterService.exe [3843600 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641416 2023-11-11] (Overwolf Ltd -> Overwolf LTD) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14283048 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [1300352 2021-05-29] (Windscribe Limited -> Windscribe Limited) S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-23] (PUBG CORPORATION -> PUBG Corporation) S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\elevation_service.exe" [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ALSysIO; C:\Users\user\AppData\Local\Temp\ALSysIO64.sys [47240 2023-11-16] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222800 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-11-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2023-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188016 2023-11-16] (Malwarebytes Inc. -> Malwarebytes) S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) S3 psvolacc; C:\WINDOWS\system32\drivers\psvolacc.sys [34520 2018-12-06] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc. -> Razer Inc) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2021-05-26] (Windscribe Limited -> The OpenVPN Project) S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2021-04-09] (Microsoft Corporation) [File not signed] U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-08] (Microsoft Windows -> Microsoft Corporation) S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [35752 2021-05-29] (Windscribe Limited -> ) R3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2021-05-26] (Windscribe Limited -> WireGuard LLC) S3 xhunter1; C:\WINDOWS\xhunter1.sys [2522256 2022-01-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2023-11-17 11:21 - 2023-11-17 11:21 - 000001424 _____ C:\Users\user\Desktop\eset.txt 2023-11-16 20:58 - 2023-11-16 20:58 - 000001381 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2023-11-16 20:58 - 2023-11-16 20:58 - 000001275 _____ C:\Users\user\Desktop\ESET Online Scanner.lnk 2023-11-16 20:58 - 2023-11-16 20:58 - 000000000 ____D C:\Users\user\AppData\Local\ESET 2023-11-16 20:57 - 2023-11-16 20:58 - 015274968 _____ (ESET) C:\Users\user\Desktop\esetonlinescanner.exe 2023-11-16 20:56 - 2023-11-16 20:56 - 000188016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2023-11-15 22:52 - 2023-11-15 22:52 - 000001234 _____ C:\Users\user\Desktop\3.txt 2023-11-15 21:59 - 2023-11-15 21:59 - 000011758 _____ C:\Users\user\Desktop\Malwarebytes 2.txt 2023-11-15 21:34 - 2023-11-15 21:34 - 000002099 _____ C:\Users\user\Desktop\AdwCleaner[C01].txt 2023-11-15 13:44 - 2023-11-15 13:44 - 000012580 _____ C:\Users\user\Desktop\Malwarebytes.txt 2023-11-15 13:19 - 2023-11-16 20:56 - 000000000 ____D C:\Users\user\AppData\Local\Malwarebytes 2023-11-15 13:19 - 2023-11-15 13:19 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-11-15 13:19 - 2023-11-15 13:19 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2023-11-15 13:19 - 2023-11-15 13:19 - 000000000 ____D C:\Users\user\AppData\Local\mbam 2023-11-15 13:18 - 2023-11-15 13:18 - 002606880 _____ (Malwarebytes) C:\Users\user\Downloads\MBSetup.exe 2023-11-15 13:18 - 2023-11-15 13:18 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-11-15 13:18 - 2023-11-15 13:18 - 000000000 ____D C:\Program Files\Malwarebytes 2023-11-15 13:17 - 2023-11-15 13:17 - 000002110 _____ C:\Users\user\Desktop\AdwCleaner[S00].txt 2023-11-15 13:16 - 2023-11-15 21:31 - 000000000 ____D C:\AdwCleaner 2023-11-15 13:15 - 2023-11-15 13:15 - 008791352 _____ (Malwarebytes) C:\Users\user\Downloads\AdwCleaner.exe 2023-11-15 11:47 - 2023-11-15 11:58 - 000000769 _____ C:\Users\user\Desktop\Search.txt 2023-11-15 11:28 - 2023-11-15 13:13 - 000000620 _____ C:\Users\user\Desktop\Fixlog.txt 2023-11-15 11:19 - 2023-11-15 11:19 - 000001084 _____ C:\Users\user\Desktop\FRST64English.exe - Shortcut.lnk 2023-11-14 23:29 - 2023-11-14 23:29 - 000000000 ___HD C:\$WinREAgent 2023-11-14 21:44 - 2023-11-17 11:24 - 000033399 _____ C:\Users\user\Desktop\FRST.txt 2023-11-11 17:51 - 2023-11-17 11:23 - 000000000 ____D C:\FRST 2023-11-11 17:43 - 2023-11-11 17:43 - 002383872 _____ (Farbar) C:\Users\user\Desktop\FRST64English.exe.exe 2023-11-09 22:40 - 2023-11-09 22:40 - 002969821 _____ C:\Users\user\Downloads\Autoruns.zip 2023-11-09 22:40 - 2023-11-09 22:40 - 000000000 ____D C:\Users\user\Downloads\Autoruns 2023-11-09 22:21 - 2023-11-09 22:21 - 001589510 _____ (Igor Pavlov) C:\Users\user\Downloads\7z2301-x64.exe 2023-11-09 22:21 - 2023-11-09 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2023-11-09 22:21 - 2023-11-09 22:21 - 000000000 ____D C:\Program Files\7-Zip 2023-11-09 21:12 - 2023-11-09 22:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-11-09 20:32 - 2023-11-09 22:24 - 000000000 ____D C:\Users\user\Downloads\PSP 2023-11-06 01:47 - 2023-11-06 01:47 - 000001104 _____ C:\Users\user\Desktop\WinDirStat.lnk 2023-11-06 01:47 - 2023-11-06 01:47 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2023-11-06 01:47 - 2023-11-06 01:47 - 000000000 ____D C:\Program Files (x86)\WinDirStat 2023-11-06 01:45 - 2023-11-06 01:45 - 000001681 _____ C:\Users\user\Desktop\League of Legends.lnk 2023-11-06 01:45 - 2023-11-06 01:45 - 000000000 ____D C:\Users\user\Documents\League of Legends 2023-11-06 01:43 - 2023-11-06 01:44 - 000011674 _____ C:\WINDOWS\Macrium Reflect Patch Log.txt 2023-11-06 01:16 - 2023-11-06 01:16 - 000000000 ____D C:\Users\user\AppData\Local\EOSInstallHelper 2023-11-01 23:48 - 2023-11-01 23:48 - 001414950 _____ C:\Users\user\Documents\The Everything Essential German Book.pdf 2023-11-01 23:16 - 2023-11-01 23:16 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2023-10-23 18:18 - 2023-10-23 18:18 - 000074752 _____ C:\Users\user\Documents\Βιογραφικό pdf.pdf 2023-10-23 17:49 - 2023-10-24 14:09 - 000000000 ____D C:\Users\user\Documents\Irrelevant 2 2023-10-23 17:47 - 2023-10-23 17:47 - 000074578 _____ C:\Users\user\Downloads\Βιογραφικό gr.pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2023-11-17 11:19 - 2021-09-18 22:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-11-17 10:46 - 2021-12-20 01:06 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-11-17 10:46 - 2021-05-25 17:13 - 000000000 ____D C:\Program Files (x86)\Google 2023-11-17 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-11-17 09:55 - 2021-05-26 17:54 - 000000000 ____D C:\Program Files (x86)\Overwolf 2023-11-17 09:53 - 2023-09-15 12:29 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll 2023-11-17 09:53 - 2022-10-23 10:46 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2023-11-17 09:53 - 2022-10-23 10:46 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2023-11-17 09:53 - 2021-11-19 22:34 - 000190056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2023-11-17 09:53 - 2021-11-02 20:45 - 002758248 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2023-11-17 09:53 - 2021-11-02 20:45 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2023-11-17 09:53 - 2021-11-02 20:45 - 000210536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2023-11-17 09:53 - 2021-11-02 20:45 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2023-11-17 09:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-11-17 09:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-11-17 09:51 - 2021-05-25 20:39 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache 2023-11-17 09:38 - 2021-06-04 03:47 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2023-11-17 09:36 - 2021-05-25 20:40 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-11-17 09:36 - 2021-05-25 20:40 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-11-16 21:49 - 2021-05-26 00:14 - 000000000 ____D C:\Program Files\Microsoft Office 2023-11-16 21:02 - 2021-09-18 22:23 - 001468318 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-11-16 21:02 - 2019-12-07 17:01 - 000551802 _____ C:\WINDOWS\system32\perfh008.dat 2023-11-16 21:02 - 2019-12-07 17:01 - 000088720 _____ C:\WINDOWS\system32\perfc008.dat 2023-11-16 21:02 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2023-11-16 20:56 - 2021-09-18 22:21 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2023-11-16 20:56 - 2021-09-18 22:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-11-16 20:56 - 2021-05-25 21:02 - 000000000 ____D C:\Program Files\TeamViewer 2023-11-16 20:56 - 2020-09-27 06:33 - 000008192 ___SH C:\DumpStack.log.tmp 2023-11-16 16:34 - 2021-05-25 20:38 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2023-11-16 16:34 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-11-15 20:47 - 2021-05-25 23:22 - 000000000 ____D C:\ProgramData\Riot Games 2023-11-15 19:42 - 2021-11-27 21:34 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2023-11-15 19:42 - 2021-11-27 21:34 - 000002329 _____ C:\Users\Public\Desktop\Brave.lnk 2023-11-15 13:18 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-11-15 11:32 - 2021-05-26 00:12 - 000000000 ____D C:\Users\user\AppData\LocalLow\Temp 2023-11-15 11:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-11-15 11:10 - 2021-09-18 22:14 - 000437720 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-11-15 11:10 - 2021-09-12 04:58 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-11-14 23:48 - 2019-12-07 17:05 - 000000000 ___SD C:\WINDOWS\system32\AppV 2023-11-14 23:48 - 2019-12-07 17:05 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-11-14 23:48 - 2019-12-07 17:05 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-11-14 23:48 - 2019-12-07 17:05 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-11-14 23:48 - 2019-12-07 17:01 - 000000000 ____D C:\WINDOWS\SysWOW64\el 2023-11-14 23:48 - 2019-12-07 17:01 - 000000000 ____D C:\WINDOWS\system32\el 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-11-14 23:48 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-11-14 23:48 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2023-11-14 23:47 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-11-14 23:46 - 2019-12-07 17:05 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2023-11-14 23:46 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2023-11-14 23:46 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2023-11-14 23:40 - 2021-09-18 22:16 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-11-14 23:27 - 2021-05-28 12:43 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-11-14 23:25 - 2022-03-22 00:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2023-11-14 23:25 - 2022-01-04 22:19 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2023-11-14 23:25 - 2021-05-25 17:04 - 000000000 ____D C:\Users\user\AppData\Local\Publishers 2023-11-14 23:24 - 2021-05-28 12:43 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-11-14 21:41 - 2021-12-13 02:47 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3428885277-3589225921-2990357218-1001 2023-11-14 21:41 - 2021-09-18 22:21 - 000004694 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-11-14 21:41 - 2021-09-18 22:21 - 000004570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-11-14 21:41 - 2021-09-18 22:21 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-11-14 21:41 - 2021-05-26 00:22 - 000002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-11-11 18:12 - 2023-01-16 20:06 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-11-11 18:12 - 2020-09-27 09:36 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-11-11 17:38 - 2021-06-30 13:08 - 000000000 ____D C:\Users\user\AppData\Local\Roblox 2023-11-09 22:35 - 2021-06-10 20:06 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\MMC 2023-11-09 22:30 - 2021-05-26 01:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-11-09 22:29 - 2021-05-26 01:07 - 000000000 ____D C:\Users\user\AppData\Roaming\Disc-Soft 2023-11-09 22:29 - 2021-05-26 01:06 - 000000000 ____D C:\ProgramData\Disc-Soft 2023-11-09 22:18 - 2023-03-09 21:43 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scoop Apps 2023-11-09 21:57 - 2022-02-09 21:27 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-11-09 21:20 - 2021-05-26 01:56 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-11-09 20:30 - 2021-05-28 12:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-11-08 11:54 - 2023-09-15 12:29 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll.0 2023-11-08 11:44 - 2020-09-27 09:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-11-06 02:13 - 2021-07-10 23:13 - 000000000 ____D C:\Users\user\AppData\Roaming\.minecraft 2023-11-06 01:58 - 2019-06-21 10:02 - 000000000 ____D C:\Users\Anastasia\Downloads\Compressed 2023-11-06 01:50 - 2021-05-28 19:37 - 000001675 _____ C:\Users\user\Desktop\League of Legends PBE.lnk 2023-11-06 01:44 - 2021-05-25 23:22 - 000000000 ____D C:\Riot Games 2023-11-06 01:36 - 2021-05-26 00:02 - 000000896 _____ C:\Users\user\Desktop\OuranioKaiTokso - Shortcut.lnk 2023-11-06 01:24 - 2021-05-26 01:49 - 000000000 ____D C:\ProgramData\Origin 2023-11-06 01:24 - 2021-05-26 00:29 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2023-11-06 01:24 - 2021-05-26 00:29 - 000000000 ____D C:\Users\user\AppData\Local\Rockstar Games 2023-11-06 01:24 - 2021-05-26 00:29 - 000000000 ____D C:\ProgramData\Rockstar Games 2023-11-06 01:24 - 2021-05-26 00:29 - 000000000 ____D C:\Program Files\Rockstar Games 2023-11-06 01:24 - 2019-06-20 13:04 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2023-11-06 01:20 - 2022-01-21 22:52 - 000000000 ____D C:\Program Files\Electronic Arts 2023-11-06 01:20 - 2021-05-26 00:29 - 000000000 ____D C:\ProgramData\Package Cache 2023-11-06 01:18 - 2023-09-23 10:59 - 000000000 ____D C:\Program Files (x86)\Samsung 2023-11-06 01:18 - 2021-05-26 15:37 - 000000000 ____D C:\Users\user\AppData\Local\Overwolf 2023-11-06 01:16 - 2021-05-27 18:39 - 000000000 ____D C:\Program Files (x86)\Epic Games 2023-11-06 01:15 - 2021-05-27 18:39 - 000000000 ____D C:\ProgramData\Epic 2023-11-06 01:15 - 2019-06-18 18:03 - 000000000 ____D C:\Program Files\Epic Games 2023-11-06 00:22 - 2021-05-26 00:52 - 000000000 ____D C:\Program Files\CCleaner 2023-11-05 23:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-11-05 22:07 - 2021-06-09 21:48 - 000000000 ____D C:\Users\user\AppData\Local\AMD_Common 2023-11-04 23:25 - 2021-05-26 18:17 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps 2023-11-03 21:07 - 2021-05-25 17:04 - 000000000 ____D C:\Users\user\AppData\Local\Packages 2023-10-26 22:06 - 2021-09-18 22:21 - 000003714 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-10-26 22:06 - 2021-09-18 22:21 - 000003590 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-10-25 13:51 - 2022-09-29 21:27 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-10-24 19:34 - 2021-05-26 18:15 - 000002319 _____ C:\Users\user\Desktop\TFTactics.lnk 2023-10-24 18:53 - 2022-09-29 21:27 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-10-24 18:53 - 2021-09-18 22:21 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2023-10-23 18:15 - 2021-05-26 01:33 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Word 2023-10-23 18:02 - 2022-11-06 20:03 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Excel 2023-10-23 17:59 - 2021-05-26 01:33 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Office ==================== Files in the root of some directories ======== 2021-05-26 15:39 - 2021-05-26 18:17 - 000000032 _____ () C:\Users\user\AppData\Roaming\.machineId 2021-06-27 22:57 - 2021-06-27 23:00 - 000012288 _____ () C:\Users\user\AppData\Roaming\emp.bin 2021-06-30 18:00 - 2021-06-30 18:00 - 000000000 ___SH () C:\Users\user\AppData\Local\LumaEmu 2021-06-04 10:49 - 2021-06-04 10:49 - 000000000 _____ () C:\Users\user\AppData\Local\oobelibMkey.log 2023-03-09 23:10 - 2023-03-09 23:10 - 000001205 _____ () C:\Users\user\AppData\Local\recently-used.xbel 2021-06-16 08:41 - 2022-02-20 21:07 - 000007597 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg 2021-05-26 01:27 - 2021-05-26 01:27 - 000000003 _____ () C:\Users\user\AppData\Local\updater.log 2021-05-26 01:27 - 2022-03-05 02:00 - 000000424 _____ () C:\Users\user\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================