Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.03.2024 01
Ran by lunax (administrator) on DESKTOP-LREAARP (Acer Nitro AN515-52) (25-03-2024 13:16:31)
Running from C:\Users\lunax\OneDrive\Pulpit\FRST64.exe
Loaded Profiles: lunax
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: Dutch (Netherlands) -> English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <10>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8636\Agent.exe
(C:\Huion Tablet\Huion Tablet.exe ->) (Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Huion Tablet\x64\TabletDriverCore.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe
(C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <41>
(explorer.exe ->) (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e335ebb186115025\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_64da94585973233d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(sihost.exe ->) (EAF76292-FADE-4EAB-A62C-FE5E78661D58 -> ) C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4\DesktopApp\ACEStd.exe
(svchost.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(svchost.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(svchost.exe ->) (Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Huion Tablet\Huion Tablet.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-10-12] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-03-06] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [423320 2024-03-19] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11551632 2024-03-19] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\Run: [EpicGamesLauncher] => D:\epicgames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37397480 2024-03-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\Run: [Steam] => D:\steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2024-02-03] () [File not signed]
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [335592 2019-12-04] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91591032 2020-04-14] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\Run: [CCXProcess] => "C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" (No File)
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\Run: [MicrosoftEdgeAutoLaunch_E8980B8735C3CE8D24F16DB99FD3B5FC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [66107808 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1073749821-58844685-1028034250-1001\...\RunOnce: [Uninstall 23.048.0305.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\23.048.0305.0002" [0 2024-02-03] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45285792 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91591032 2020-04-14] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-02-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Run: [Discord] => C:\Users\lunax\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Run: [GogGalaxy] => D:\gog\GOG Galaxy\GalaxyClient.exe [13799776 2022-01-08] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981640 2024-03-25] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70923296 2024-03-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Run: [MicrosoftEdgeAutoLaunch_CFE8E86D2861E10F9687A50B3F595854] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-03-10] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1073749821-58844685-1028034250-1002\...\MountPoints2: {9eeeec2e-5983-11ea-b51d-9828a63a7e2b} - "F:\Auto.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.58\Installer\chrmstp.exe [2024-03-21] (Google LLC -> Google LLC)
Startup: C:\Users\lunax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-11-28]
ShortcutTarget: Twitch.lnk -> C:\Users\lunax\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {22828BDE-A6DA-4F93-A3A4-B7101808234A} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe  -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {E7430BAA-3169-4A56-947D-D593641B009E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kevinkapela00@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A6B59FDF-9563-4A8A-A12C-CDE81F6C39CD} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5167512 2024-03-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {B8D9AC54-E7EE-47CA-90E4-5BBC29FBE2AC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2348952 2024-03-19] (Avast Software s.r.o. -> Avast Software)
Task: {2B071D56-1B88-4676-B7B5-B083E4215113} - System32\Tasks\CareCenter\AdobeAAMUpdater-1.0_Reg_HKLMRun => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BF7F9CCE-E41D-4382-89D0-B81C9CDE7408} - System32\Tasks\CareCenter\CCleaner Smart Cleaning_Reg_HKCURun_S-1-5-21-1073749821-58844685-1028034250-1002 => C:\Program Files\CCleaner\CCleaner64.exe [45285792 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) -> C:\Program Files\CCleaner\/MONITOR
Task: {8D20DC40-CE17-4F75-9C5C-DD8EEA8A88A7} - System32\Tasks\CareCenter\CCXProcess_Reg_HKCURun_S-1-5-21-1073749821-58844685-1028034250-1002 => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe  (No File)
Task: {D9D5341E-335C-44E5-A531-016533EB6EDD} - System32\Tasks\CareCenter\DAEMON Tools Lite Automount_Reg_HKCURun_S-1-5-21-1073749821-58844685-1028034250-1002 => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-02-27] (AVB Disc Soft, SIA -> Disc Soft Ltd) -> C:\Program Files\DAEMON Tools Lite\-autorun
Task: {6874987D-6AAF-4359-9BE0-662F52B6FF10} - System32\Tasks\CareCenter\DAX2_APP_Reg_HKLMRun => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-10-12] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) -> C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\-Hide
Task: {A07D970B-91CF-45D2-ADBA-AC195EB3DD99} - System32\Tasks\CareCenter\Huion Tablet.lnk_FolderCommonAppdata => C:\Huion Tablet\Huion Tablet.exe [235240 2019-12-04] (Shenzhen Huion Animation Technology Co.,LTD -> ) -> C:\Huion Tablet\huion-hklm
Task: {1793F485-5867-4098-AF3F-D3F7A22F15A4} - System32\Tasks\CareCenter\Lightshot_Reg_HKLMWow6432Run => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
Task: {D2FB9525-B7DE-4862-8368-6DB07179279B} - System32\Tasks\CareCenter\RtHDVBg_ASC_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) -> C:\Program Files\Realtek\Audio\HDA\/ASC
Task: {46C0D915-0598-456A-A62C-060CC95C0049} - System32\Tasks\CareCenter\RtHDVBg_Dolby_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) -> C:\Program Files\Realtek\Audio\HDA\/FORPCEE4
Task: {3F3CEE3A-26C0-498E-BBA4-8E19799717E6} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) -> C:\Program Files\Realtek\Audio\HDA\-s
Task: {EE60D4DD-6FDF-4FC5-8E09-B476283D767D} - System32\Tasks\CareCenter\SunJavaUpdateSched_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
Task: {6E5DF37D-93D9-4F9B-916A-72B535AC1218} - System32\Tasks\CareCenter\TabletDriver_Reg_HKCURun_S-1-5-21-1073749821-58844685-1028034250-1002 => C:\Huion Tablet\x64\TabletDriverCore.exe [335592 2019-12-04] (Shenzhen Huion Animation Technology Co.,LTD -> )
Task: {58A23459-A51B-41A6-87B1-0F475205C42A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DAF96D10-9F41-4621-BB77-650040E6FDB2} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "7179d6ec-cbf2-472c-9aa4-200937257ef0" --version "6.22.10977" --silent
Task: {306BF8C7-EE90-4C71-9BE9-AD9372927774} - System32\Tasks\CCleanerSkipUAC - lunax => C:\Program Files\CCleaner\CCleaner.exe [39024544 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4C7C35BE-C73C-45A9-A262-03E31BF40C37} - System32\Tasks\CorelUpdateHelperTask-51C87CF0A8F14F9442F227786F259732 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe  -resume (No File)
Task: {9405A6E7-D945-4C01-8712-C7EB6DF97BDF} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-08-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {DA7461DF-701E-4686-AB7C-E032B5BA17D1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-08-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {43839015-53B4-4400-BB83-B58BDE6B06D8} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{B91D1198-7199-4A29-9C2E-46786B180A0F} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {55E76A5C-D6EF-49EA-A2C1-8F4F2ADCFEAD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe  do-task "E7CF176E110C211B" (No File)
Task: {E2424D7A-D509-469D-B531-73672916052E} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [601904 2019-07-19] (Acer Incorporated -> Acer Incorporated)
Task: {CBA5B250-E538-45A4-B54D-198903B8FECB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A5F00121-E42E-46B4-8A87-C2725B61616C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {206F9EF9-1588-4A1C-B78A-0C4B8E148ACF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {6E4E78E9-6A45-4477-A724-0E5AFF33EC3C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD76ABF2-B25F-446C-B458-14ECC908CCB0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA8FA812-09ED-4BE5-9CD3-C9C14BB0EBB9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4987A32B-0301-49D0-B60B-EA62FAB2FA3F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40A1F7B4-D7CD-40E2-86FD-3D6304B49245} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45CDD8F4-D321-4C16-87B7-28AC4A84D562} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E937D04-BAA9-4BE6-8987-4AC511938F51} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe"  /default (No File)
Task: {76B93089-F779-4298-A4EC-F64428C10034} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1073749821-58844685-1028034250-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  /reporting (No File)
Task: {638D3B49-4B07-42F9-A588-FA6D69244DDC} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (No File)
Task: {63000FE5-DF27-486A-AD0A-392735D9043C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1073749821-58844685-1028034250-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (No File)
Task: {791DB119-B59E-4F85-89F5-CF50119EF294} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {FF48FB98-609E-455E-8BB4-92E5C1CF6CF8} - System32\Tasks\ProtonVPN Update => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [62712 2021-05-05] (Proton Technologies AG -> )
Task: {5A3E03B6-0A6D-49B5-9047-A61B8C3BC9F6} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2019-07-18] (Acer Incorporated -> Acer Incorporated)
Task: {87FBC961-BE2A-4038-9B65-AB72BD938D44} - System32\Tasks\update-S-1-5-21-1073749821-58844685-1028034250-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {D72F291E-EC2D-4176-841B-826E3B865F3F} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1073749821-58844685-1028034250-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5917c5f2-e9cb-4d6a-8e51-1ec67c611f7f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5917c5f2-e9cb-4d6a-8e51-1ec67c611f7f}: [DhcpDomain] home
Tcpip\..\Interfaces\{5917c5f2-e9cb-4d6a-8e51-1ec67c611f7f}\14E64627F696461405: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{5917c5f2-e9cb-4d6a-8e51-1ec67c611f7f}\6457E624F68723D214438324: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5917c5f2-e9cb-4d6a-8e51-1ec67c611f7f}\6457E624F68723D244141324: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge Profile: C:\Users\lunax\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-22]
Edge HomePage: Default -> hxxp://acer17win10.msn.com/?pc=ACTE
Edge Extension: (Google Docs Offline) - C:\Users\lunax\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-07]
Edge Extension: (Edge relevant text changes) - C:\Users\lunax\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: ahpbtk7u.default
FF ProfilePath: C:\Users\lunax\AppData\Roaming\Mozilla\Firefox\Profiles\ahpbtk7u.default [2020-01-08]
FF ProfilePath: C:\Users\lunax\AppData\Roaming\Mozilla\Firefox\Profiles\sw09aoiz.default-release [2024-03-25]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\lunax\AppData\Roaming\Mozilla\Firefox\Profiles\sw09aoiz.default-release\Extensions\sp@avast.com.xpi [2019-12-09]
FF Extension: (Avast Online Security) - C:\Users\lunax\AppData\Roaming\Mozilla\Firefox\Profiles\sw09aoiz.default-release\Extensions\wrc@avast.com.xpi [2019-12-09]
FF Plugin: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @gametree.co.kr/GTL -> C:\ProgramData\Gametree\GTL\npGTL.dll [2013-06-13] (NtreevSoft Co.,Ltd -> NtreevSoft)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome: 
=======
CHR Profile: C:\Users\lunax\AppData\Local\Google\Chrome\User Data\Default [2024-03-25]
CHR Notifications: Default -> hxxps://player.pl; hxxps://www.euro.com.pl; hxxps://www.pyszne.pl
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\lunax\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-02-27]
CHR Extension: (Google Docs Offline) - C:\Users\lunax\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\lunax\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-20]
CHR Extension: (Forest Fire) - C:\Users\lunax\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgpfdbnjojpjciohopbeajbaiihapmab [2022-05-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lunax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9138072 2024-03-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [765848 2024-03-19] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1180568 2024-03-19] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-03-19] (Avast Software s.r.o. -> AVAST Software)
R3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2562696 2024-03-22] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-11-24] (BattlEye Innovations e.K. -> )
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1081248 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.)
R2 CorsairCpuIdService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe [240168 2024-01-25] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [152616 2024-01-25] (Corsair Memory, Inc. -> )
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [613968 2024-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-08-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2022-08-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-03-19] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-02-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11560040 2023-05-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1137576 2023-11-04] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2023-12-14] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-11-04] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; D:\gog\GOG Galaxy\GalaxyClientService.exe [1959776 2022-01-08] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-07-17] (GOG Sp. z o.o. -> GOG.com)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [366120 2024-01-25] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-30] (Malwarebytes Inc. -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [21753376 2021-03-20] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_64da94585973233d\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [108792 2021-05-05] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [62712 2021-05-05] (Proton Technologies AG -> )
R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [820016 2019-07-19] (Acer Incorporated -> Acer Incorporated)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [4505072 2023-12-14] (Rockstar Games, Inc. -> Rockstar Games)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9614144 2024-03-06] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2023-10-14] (Acer Incorporated -> Acer Incorporated)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20424 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [230968 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [379960 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292920 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [264760 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548920 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [93752 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [935480 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [694728 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [201680 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306120 2024-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [88480 2022-01-18] (Tages SAS -> )
S3 CorsairGamingAudioService; C:\WINDOWS\System32\drivers\CorsairGamingAudio64.sys [63168 2024-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2024-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2024-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44576 2024-03-22] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-02-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-02-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-11] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [46400 2022-01-18] (Tages SA -> )
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [20986200 2021-03-20] (Mail.Ru LLC -> LLC Mail.Ru)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21861160 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20928 2024-03-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [603416 2024-03-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [38704 2021-05-23] (WireGuard LLC -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1447240 2023-10-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 dump_wmimmc; \??\C:\Program Files (x86)\Star Stable Online\client\GameGuard\dump_wmimmc.sys [X]
S3 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-25 13:16 - 2024-03-25 13:17 - 000043041 _____ C:\Users\lunax\OneDrive\Pulpit\FRST.txt
2024-03-25 13:13 - 2024-03-25 13:11 - 002391552 _____ (Farbar) C:\Users\lunax\OneDrive\Pulpit\FRST64.exe
2024-03-25 13:12 - 2024-03-25 13:16 - 000000000 ____D C:\FRST
2024-03-25 13:11 - 2024-03-25 13:11 - 002391552 _____ (Farbar) C:\Users\lunax\Downloads\FRST64.exe
2024-03-25 13:11 - 2024-03-25 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2024-03-23 00:05 - 2024-03-23 00:05 - 000000000 ____D C:\WINDOWS\system32\lxss
2024-03-23 00:05 - 2024-03-23 00:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-03-23 00:02 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-23 00:02 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-03-23 00:02 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-23 00:02 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-03-23 00:02 - 2024-03-13 18:36 - 001488008 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-03-23 00:02 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-03-23 00:02 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-03-23 00:02 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-23 00:02 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-03-23 00:02 - 2024-03-13 18:36 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-03-23 00:02 - 2024-03-13 18:28 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-03-23 00:02 - 2024-03-13 18:28 - 000670344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-03-23 00:02 - 2024-03-13 18:28 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-03-23 00:02 - 2024-03-13 18:27 - 001543176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-03-23 00:02 - 2024-03-13 18:27 - 001199624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-03-23 00:02 - 2024-03-13 18:26 - 002174072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-03-23 00:02 - 2024-03-13 18:26 - 001626760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-03-23 00:02 - 2024-03-13 18:26 - 001024136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-03-23 00:02 - 2024-03-13 18:26 - 000841840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-03-23 00:02 - 2024-03-13 18:26 - 000787592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-03-23 00:02 - 2024-03-13 18:25 - 016034440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-03-23 00:02 - 2024-03-13 18:25 - 012929144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-03-23 00:02 - 2024-03-13 18:25 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-03-23 00:02 - 2024-03-13 18:25 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-03-23 00:02 - 2024-03-13 18:25 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-03-23 00:02 - 2024-03-13 18:24 - 005913096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-03-23 00:02 - 2024-03-13 18:24 - 005773344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-03-23 00:02 - 2024-03-13 18:23 - 000853104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-03-23 00:02 - 2024-03-13 18:22 - 006946400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-03-23 00:02 - 2024-03-13 18:21 - 006033568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-03-23 00:02 - 2024-03-13 06:29 - 000119399 _____ C:\WINDOWS\system32\nvinfo.pb
2024-03-22 19:59 - 2024-03-22 19:59 - 000000000 ____D C:\WINDOWS\LastGood
2024-03-22 19:47 - 2024-03-22 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-03-19 10:18 - 2024-03-25 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-03-19 10:18 - 2024-03-19 10:18 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2024-03-19 10:18 - 2024-03-19 10:18 - 000000000 ____D C:\Users\lunax\AppData\Roaming\Avast Software
2024-03-19 10:17 - 2024-03-25 12:54 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2024-03-19 10:17 - 2024-03-19 10:17 - 000314264 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-03-19 10:17 - 2024-03-19 10:17 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-03-19 10:17 - 2024-03-19 10:17 - 000000000 ____D C:\Program Files\Avast Software
2024-03-19 10:16 - 2024-03-19 10:16 - 000264088 _____ (AVAST Software) C:\Users\lunax\Downloads\avast_free_antivirus_setup_online.exe
2024-03-19 10:16 - 2024-03-19 10:16 - 000264088 _____ (AVAST Software) C:\Users\lunax\Downloads\avast_free_antivirus_setup_online (1).exe
2024-03-19 10:09 - 2024-03-19 10:09 - 008790880 _____ (Malwarebytes) C:\Users\lunax\Downloads\adwcleaner.exe
2024-03-19 00:19 - 2024-03-19 00:19 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-03-17 22:11 - 2024-03-17 22:11 - 000482980 _____ C:\Users\lunax\Downloads\which-color-goes-better-v0-pbac8avcxwoc1.webp
2024-03-14 17:52 - 2024-03-14 17:52 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-14 17:51 - 2024-03-14 17:51 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-14 17:40 - 2024-03-14 17:40 - 000000000 ___HD C:\$WinREAgent
2024-03-07 00:16 - 2024-03-07 00:16 - 000000000 ____D C:\Users\lunax\AppData\Local\Shivers
2024-03-06 19:09 - 2024-03-06 19:09 - 000000203 _____ C:\Users\lunax\OneDrive\Pulpit\Demonologist.url
2024-03-02 20:27 - 2024-03-03 00:02 - 000000000 ____D C:\Users\lunax\OneDrive\Pulpit\a

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-25 13:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-25 13:08 - 2022-09-17 21:30 - 000000000 ____D C:\Users\lunax\AppData\Local\Battle.net
2024-03-25 13:08 - 2022-09-17 21:12 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-03-25 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-25 12:58 - 2020-01-22 17:47 - 000000000 ____D C:\Program Files\CCleaner
2024-03-25 12:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-25 12:55 - 2023-12-02 21:30 - 000003270 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2024-03-25 12:55 - 2023-09-03 15:53 - 000002174 _____ C:\WINDOWS\system32\Tasks\NitroSense
2024-03-25 12:55 - 2023-03-20 11:43 - 000003058 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1073749821-58844685-1028034250-1001
2024-03-25 12:55 - 2022-09-20 18:49 - 000002950 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-03-25 12:55 - 2022-09-20 18:49 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-03-25 12:55 - 2021-08-18 15:25 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - lunax
2024-03-25 12:55 - 2020-09-25 20:33 - 000004302 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2024-03-25 12:55 - 2020-09-25 20:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-25 12:55 - 2020-09-25 20:33 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-25 12:55 - 2020-09-25 20:33 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-25 12:55 - 2020-09-25 20:33 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-25 12:55 - 2020-09-25 20:33 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-03-25 12:55 - 2020-09-25 20:33 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-25 12:55 - 2020-09-25 20:33 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-25 12:55 - 2020-09-25 20:33 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-25 12:55 - 2020-09-25 20:33 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-25 12:55 - 2020-09-25 20:33 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-25 12:55 - 2020-09-25 20:33 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-25 12:55 - 2020-09-25 20:33 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1073749821-58844685-1028034250-1001
2024-03-25 12:55 - 2020-09-25 20:33 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-25 12:53 - 2019-02-20 05:00 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-25 12:51 - 2023-10-14 20:54 - 000000000 ____D C:\Users\lunax\AppData\Local\Malwarebytes
2024-03-25 12:51 - 2019-10-11 18:57 - 000000000 __SHD C:\Users\lunax\IntelGraphicsProfiles
2024-03-23 00:16 - 2020-01-11 00:44 - 000000000 ____D C:\Users\lunax\AppData\Local\CrashDumps
2024-03-23 00:06 - 2020-01-05 16:13 - 000000000 ____D C:\Users\lunax\AppData\Local\NVIDIA
2024-03-23 00:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-23 00:05 - 2019-02-20 04:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-03-23 00:03 - 2019-11-05 17:16 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\NVIDIA
2024-03-23 00:03 - 2019-08-19 03:38 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\NVIDIA Corporation
2024-03-23 00:03 - 2019-02-20 04:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-03-23 00:01 - 2019-10-11 18:57 - 000000000 ____D C:\Users\lunax\AppData\Local\NVIDIA Corporation
2024-03-22 23:51 - 2020-01-25 21:25 - 000000000 ____D C:\ProgramData\Riot Games
2024-03-22 23:47 - 2020-05-08 20:01 - 000000000 ____D C:\Users\lunax\AppData\Roaming\discord
2024-03-22 23:06 - 2021-06-10 17:19 - 000000000 ____D C:\Users\lunax\AppData\Local\Discord
2024-03-22 19:51 - 2020-09-25 20:35 - 002707166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-22 19:51 - 2020-09-25 19:15 - 000790064 _____ C:\WINDOWS\system32\perfh015.dat
2024-03-22 19:51 - 2020-09-25 19:15 - 000154490 _____ C:\WINDOWS\system32\perfc015.dat
2024-03-22 19:51 - 2019-12-07 16:12 - 000776782 _____ C:\WINDOWS\system32\perfh013.dat
2024-03-22 19:51 - 2019-12-07 16:12 - 000154134 _____ C:\WINDOWS\system32\perfc013.dat
2024-03-22 19:49 - 2024-01-24 17:31 - 000000000 ____D C:\ProgramData\CLink4
2024-03-22 19:47 - 2021-10-11 07:12 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-03-22 19:47 - 2020-07-09 11:08 - 000000000 ____D C:\Users\lunax\AppData\Local\Dropbox
2024-03-22 19:47 - 2020-07-09 11:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-03-22 19:44 - 2020-09-25 20:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-22 19:44 - 2020-09-25 20:23 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-22 19:44 - 2019-12-09 00:38 - 000000000 ____D C:\ProgramData\AVAST Software
2024-03-22 19:43 - 2019-12-07 10:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2024-03-22 19:25 - 2021-12-16 19:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-22 19:18 - 2023-12-02 21:29 - 000000000 ____D C:\Users\lunax\AppData\Local\Overwolf
2024-03-22 12:10 - 2023-10-12 07:16 - 000000000 ____D C:\Program Files\RUXIM
2024-03-21 22:29 - 2020-09-25 20:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-21 20:20 - 2020-04-23 12:26 - 000000000 ____D C:\Users\lunax\OneDrive\Pulpit\gamies
2024-03-21 20:17 - 2023-08-20 13:01 - 000000119 _____ C:\Users\lunax\OneDrive\Pulpit\New Text Document (3).txt
2024-03-21 16:17 - 2020-01-05 16:20 - 000000000 ____D C:\Users\lunax\AppData\Local\D3DSCache
2024-03-21 15:59 - 2019-12-09 00:40 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-20 18:19 - 2024-02-16 23:02 - 000000000 ____D C:\Users\lunax\AppData\Roaming\riot-client-ux
2024-03-20 15:56 - 2019-02-20 05:14 - 000000000 ____D C:\ProgramData\Acer
2024-03-19 10:23 - 2020-03-25 14:04 - 000000000 ____D C:\Users\lunax\AppData\Roaming\Star Stable Online
2024-03-19 10:20 - 2021-06-11 23:22 - 000000000 ____D C:\Users\lunax\AppData\Local\Avast Software
2024-03-19 10:17 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-19 09:01 - 2023-12-14 12:56 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-03-16 17:52 - 2024-02-16 18:38 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-03-16 17:52 - 2022-10-25 18:17 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-03-16 17:52 - 2022-10-25 18:17 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-03-16 17:52 - 2021-11-18 17:03 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-03-16 17:52 - 2021-05-20 17:09 - 002709096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-03-16 17:52 - 2021-05-20 17:09 - 000706152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-03-16 17:52 - 2021-05-20 17:09 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-03-16 17:52 - 2021-05-20 17:09 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-03-16 17:52 - 2020-06-08 11:57 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-14 21:38 - 2020-09-25 20:23 - 000431224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-14 21:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-14 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-14 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-14 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-14 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-14 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-14 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-14 21:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-14 17:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-14 17:51 - 2020-09-25 20:26 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-14 17:39 - 2019-10-09 18:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-14 17:35 - 2019-10-09 18:11 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-14 17:30 - 2019-02-20 04:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-11 06:27 - 2023-12-02 21:30 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-03-07 00:16 - 2020-01-05 16:19 - 000000000 ____D C:\Users\lunax\AppData\Local\UnrealEngine
2024-03-06 19:09 - 2020-01-10 23:53 - 000000000 ____D C:\Users\lunax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-05 17:53 - 2019-10-11 18:57 - 000000000 ____D C:\Users\lunax\AppData\Local\Packages
2024-03-05 17:53 - 2019-10-10 10:01 - 000000000 ____D C:\ProgramData\Packages
2024-03-02 21:01 - 2020-08-25 15:39 - 000000000 ____D C:\Users\lunax\AppData\LocalLow\Unity

==================== Files in the root of some directories ========

2022-08-11 16:37 - 2022-08-11 16:37 - 000001004 _____ () C:\Users\lunax\AppData\Roaming\tof_launcher.reg
2020-03-11 20:33 - 2020-03-11 20:33 - 000000356 _____ () C:\Users\lunax\AppData\Local\karboncalligraphyrc
2021-07-03 15:46 - 2024-03-17 23:22 - 000002359 _____ () C:\Users\lunax\AppData\Local\krita-sysinfo.log
2020-02-21 11:06 - 2024-03-17 23:22 - 009236791 _____ () C:\Users\lunax\AppData\Local\krita.log
2020-03-19 23:26 - 2021-07-03 15:21 - 000213459 _____ () C:\Users\lunax\AppData\Local\kritacrash.log
2023-10-13 21:53 - 2023-10-13 21:53 - 000000152 _____ () C:\Users\lunax\AppData\Local\kritadisplayrc
2020-02-21 11:06 - 2023-10-13 21:53 - 000030396 _____ () C:\Users\lunax\AppData\Local\kritarc
2020-02-25 18:16 - 2023-11-12 19:50 - 000007611 _____ () C:\Users\lunax\AppData\Local\Resmon.ResmonCfg
2020-02-07 23:36 - 2020-02-07 23:36 - 000000003 _____ () C:\Users\lunax\AppData\Local\updater.log
2020-02-07 23:36 - 2020-02-07 23:36 - 000000424 _____ () C:\Users\lunax\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================