Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022 Ran by patrik (administrator) on DESKTOP-RGPBKBA (Gigabyte Technology Co., Ltd. B550 AORUS MASTER) (21-10-2022 17:00:48) Running from C:\Users\xxxx\Downloads Loaded Profiles: patrik Platform: Microsoft Windows 10 Pro Version 22H2 19045.2130 (X64) Language: Italiano (Italia) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\AvastBrowserCrashHandler.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\AvastBrowserCrashHandler64.exe (C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5> (C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCopyAccelerator.exe (C:\Users\patrik\AppData\Local\PlariumPlay\8.0.0-0.0.3\PlariumPlay.exe ->) (Plarium Global Ltd -> ) C:\Users\patrik\AppData\Local\PlariumPlay\8.0.0-0.0.3\PlariumPlayInfo.exe (C:\Users\patrik\AppData\Local\PlariumPlay\8.0.0-0.0.3\PlariumPlay.exe ->) (Plarium Global Ltd -> ) C:\Users\patrik\AppData\Local\PlariumPlay\StandAloneApps\flash_wrapper\2\flash_wrapper.exe <4> (explorer.exe ->) (FxSound, LLC -> FxSound LLC) C:\Program Files\FxSound LLC\FxSound\FxSound.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <45> (explorer.exe ->) (Navigraph Kommanditbolag -> Navigraph) G:\util\Navigraph Navdata Center\Navigraph Navdata Center.exe <4> (explorer.exe ->) (Navigraph Kommanditbolag -> Navigraph) G:\util\Navigraph\Simlink\NavigraphSimlink.exe (explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) G:\util\razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe (G:\util\razer\Razer Cortex\CortexLauncherService.exe ->) (Razer USA Ltd. -> Razer Inc.) G:\util\razer\Razer Cortex\RazerCortex.exe (G:\util\razer\Razer Cortex\RazerCortex.exe ->) (Razer USA Ltd. -> Razer Inc.) G:\util\razer\Razer Cortex\FPSRunner32.exe (G:\util\razer\Razer Cortex\RazerCortex.exe ->) (Razer USA Ltd. -> Razer Inc.) G:\util\razer\Razer Cortex\x64\FPSRunner64.exe (G:\util\razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) G:\util\razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Plarium Global Ltd -> Plarium) C:\Users\patrik\AppData\Local\PlariumPlay\8.0.0-0.0.3\PlariumPlay.exe <6> (services.exe ->) () [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe (services.exe ->) (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe (services.exe ->) (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) C:\Program Files (x86)\MaskVPN\mask_svc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsi.inf_amd64_b4f641531657e529\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Plarium Global Ltd -> ) C:\Users\patrik\AppData\Local\PlariumPlay\8.0.0-0.0.3\PlariumPlayClientService\PlariumPlayClientService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) G:\util\razer\Razer Cortex\CortexLauncherService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) G:\util\razer\Synapse3\Service\Razer Synapse Service.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (voidtools -> voidtools) G:\util\Everything\Everything.exe <2> (spacedeskService.exe ->) (Datronicsoft, Inc. -> datronicsoft) C:\Windows\System32\spacedeskServiceTray.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Softdeluxe) [File not signed] G:\util\Free Download Manager\helperservice.exe (WhatsApp LLC -> WhatsApp) C:\Users\patrik\AppData\Local\WhatsApp\app-2.2238.7\WhatsApp.exe <7> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe [1249848 2021-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Everything] => G:\util\Everything\Everything.exe [2261600 2021-05-12] (voidtools -> voidtools) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKLM-x32\...\Run: [RazerCortex] => G:\util\razer\Razer Cortex\RazerCortex.exe [543736 2022-10-08] (Razer USA Ltd. -> Razer Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-1434250523-2177302535-3085710208-1001\...\Run: [Steam] => S:\steam\steam.exe [4234088 2022-10-19] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1434250523-2177302535-3085710208-1001\...\Run: [Synapse3] => G:\util\razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-1434250523-2177302535-3085710208-1001\...\Run: [PlariumPlay] => C:\Users\patrik\AppData\Local\PlariumPlay\PlariumPlay --args -run-with-os (No File) HKU\S-1-5-21-1434250523-2177302535-3085710208-1001\...\Run: [uTorrent] => C:\Users\patrik\AppData\Roaming\uTorrent\uTorrent.exe [2185376 2022-09-20] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-1434250523-2177302535-3085710208-1001\...\Run: [ut] => C:\Users\patrik\AppData\Roaming\uTorrent\uTorrent.exe [2185376 2022-09-20] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-1434250523-2177302535-3085710208-1001\...\Run: [EpicGamesLauncher] => G:\util\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32687568 2022-09-21] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1434250523-2177302535-3085710208-1001\...\Run: [Navigraph Simlink] => G:\util\Navigraph\Simlink\NavigraphSimlink.exe [993072 2022-09-07] (Navigraph Kommanditbolag -> Navigraph) HKU\S-1-5-21-1434250523-2177302535-3085710208-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1434250523-2177302535-3085710208-1001\...\Run: [Navigraph Navdata Center] => G:\util\Navigraph Navdata Center\Navigraph Navdata Center.exe [126290672 2022-09-21] (Navigraph Kommanditbolag -> Navigraph) HKU\S-1-5-18\...\Run: [Synapse3] => G:\util\razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3538440 2022-10-06] (Razer USA Ltd. -> Razer Inc.) HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.18743.103\Installer\chrmstp.exe [2022-10-21] (Avast Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FxSound.lnk [2022-07-27] ShortcutTarget: FxSound.lnk -> C:\Program Files\FxSound LLC\FxSound\FxSound.exe (FxSound, LLC -> FxSound LLC) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0F5F9309-8223-44C6-ACD7-AC2F3072A5E4} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {19550BFB-4E32-4E4E-A01A-0AAABC612421} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012592 2022-10-06] (Avast Software s.r.o. -> AVAST Software) Task: {1AD3937C-E7C3-45FC-8011-4A3315035904} - System32\Tasks\FxSound\Update => C:\Program [Argument = Files\FxSound LLC\FxSound\updater.exe /silent] Task: {23E34334-79C5-486C-8CC1-2B61DDFFDFE1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564760 2022-09-28] (Microsoft Corporation -> Microsoft Corporation) Task: {25800A16-9C84-4FDC-A3A1-9D9082127432} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2A2B43EE-0394-4EE5-BC5D-C4FC7E9E15F1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {2F9CA4C7-050E-41E3-A230-F51D55EBB829} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> ) Task: {345E6B0E-0FE2-4C31-B7D9-EAD4383E1ADC} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-09-21] (Avast Software s.r.o. -> AVAST Software) Task: {3A9184F4-1390-4843-A5EB-9C1C17A48D61} - System32\Tasks\RazerCortexScheduleClean => G:\util\razer\Razer Cortex\RazerCortex.exe [543736 2022-10-08] (Razer USA Ltd. -> Razer Inc.) Task: {3B5E8D73-2C66-45D7-B0E7-65C3A1E0AC64} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209272 2022-10-15] (Microsoft Corporation -> Microsoft Corporation) Task: {3C7B9616-B93B-4BBD-BA3F-A653596ED005} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {3D469703-B2B5-4A7E-8FD5-7D75F4C9F5EF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {40B45F93-1088-4C7C-9499-6B069D07E9E3} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709320 2021-02-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {419252E7-B579-4132-B028-1E993AB7474C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513776 2022-10-15] (Microsoft Corporation -> Microsoft Corporation) Task: {4E84CF93-3E9B-400E-AF23-9FA550AA2F3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4EBA5CA6-AA28-4245-8682-58BB6A99BA4A} - System32\Tasks\CCleanerSkipUAC - patrik => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {50946BC4-D0FC-4A7D-A872-2D652B3B804F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012592 2022-10-06] (Avast Software s.r.o. -> AVAST Software) Task: {530925B8-FE96-40DD-85EF-562B89C7D522} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564760 2022-09-28] (Microsoft Corporation -> Microsoft Corporation) Task: {54F6B703-2C17-4D0A-BB31-C6BCCDA8A0E1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {55486121-9009-4B86-96CB-D58FEE708913} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform) Task: {6325DF13-66C9-48FC-9B99-728B08514A37} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation) Task: {65545B62-DD7E-4D49-B977-27D7EB1E1790} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-12] (Google LLC -> Google LLC) Task: {69DA1421-5E8B-4FCF-9249-4A6E6F8C1B40} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {6AF8CE46-114D-442B-8F61-C9824FD35B50} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-09-21] (Avast Software s.r.o. -> AVAST Software) Task: {6D87EA40-31FA-4CF2-BFB0-41BE47A546B0} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\106.0.1370.52\Installer\setup.exe [3350984 2022-10-21] (Microsoft Corporation -> Microsoft Corporation) Task: {81F1AABB-DF9F-4DF2-AFF7-C82F8E63C937} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209272 2022-10-15] (Microsoft Corporation -> Microsoft Corporation) Task: {83A0B4FB-DEA3-4210-9726-B1763804883A} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [257408 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {85FBE018-F9A9-415B-A7B9-F557977C9DC2} - System32\Tasks\Opera scheduled Autoupdate 1660119856 => C:\Users\patrik\AppData\Local\Programs\Opera\launcher.exe [2527216 2022-08-03] (Opera Norway AS -> Opera Software) Task: {86A72895-4B90-40FA-A114-FBC6C56673EF} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "89571490-41ae-4efd-8c86-9d900fbdfdb5" --version "6.04.10044" --silent Task: {877CC4BB-6C68-49CA-8DF2-7F63B7020181} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {900E74AD-6B7D-4D9D-9D3D-64D367F07FEC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {9267CEDA-BA02-4B5E-8F12-691EEB28962F} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [389504 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {9793D4C7-3B4C-4340-ACCF-1B36D7CBB4A3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {A718A80A-0D81-4BE6-9B22-73CF9B9F0830} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {A9AEE6BF-D66B-412F-8B95-8C1B85FC247B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513776 2022-10-15] (Microsoft Corporation -> Microsoft Corporation) Task: {BA00E180-287F-400F-8B7C-57DE102C7999} - System32\Tasks\FreeDownloadManagerHelperService => g:\util\Free Download Manager\helperservice.exe [128000 2022-04-05] (Softdeluxe) [File not signed] Task: {BF3C848A-B20F-4E0F-A385-0FE557AC6715} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C4586919-2C04-4A25-8AA2-3FE82DC60CA8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-12] (Google LLC -> Google LLC) Task: {CB298F7D-3EBD-4830-ADE9-9CFA21B2C464} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709320 2021-02-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {D160F446-5839-41AE-9CF9-7E57DE3E9020} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {E7394510-4F7F-4848-8BAC-7914E23451DB} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [234880 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {F8AE2CA9-B8B7-4D1D-BE0C-07D58B20BD92} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1dad8db8-540c-4f37-8de7-5e9aca40b27f}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{c7f3cdeb-56e7-47ad-b76e-1e837fe17e92}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\patrik\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-21] Edge Notifications: Default -> hxxps://www.instagram.com; hxxps://www.tiktok.com; hxxps://www.youtube.com Edge DefaultSearchURL: Default -> hxxps://1218.searchexpert.online/?q={searchTerms} Edge DefaultSuggestURL: Default -> hxxps://m.nearbyme.io/search?text={searchTerms} Edge HKLM-x32\...\Edge\Extension: [fphgeikpdcdcheaochkhldmnfblfogla] FireFox: ======== FF DefaultProfile: gztn3xd7.default FF ProfilePath: C:\Users\patrik\AppData\Roaming\Mozilla\Firefox\Profiles\gztn3xd7.default [2021-06-12] FF ProfilePath: C:\Users\patrik\AppData\Roaming\Mozilla\Firefox\Profiles\dup1xoxm.default-release [2022-10-21] FF NetworkProxy: Mozilla\Firefox\Profiles\dup1xoxm.default-release -> type", 0 FF Session Restore: Mozilla\Firefox\Profiles\dup1xoxm.default-release -> is enabled. FF Notifications: Mozilla\Firefox\Profiles\dup1xoxm.default-release -> hxxps://virali.video FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> G:\util\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> G:\util\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> G:\util\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> G:\util\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-09-21] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-09-21] (Avast Software s.r.o. -> AVAST Software) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Default [2022-10-21] CHR Notifications: Default -> hxxps://phcorner.net CHR StartupUrls: Default -> "hxxps://translate.google.it/?hl=it&tab=TT&pli=1&sl=es&tl=it&op=translate","hxxps://wise.com/login/?redirectUrl=%2Fuser%2Faccount%2F","hxxps://fitgirl-repacks.site/?s=sweet+transit","hxxps://game3rb.com/?s=sweet+transit","hxxps://www.youtube.com/watch?v=xSMBJn4aODk","hxxps://www.youtube.com/watch?v=SghZPL-Ev2A","hxxps://www.youtube.com/","hxxps://answers.ea.com/t5/Discussioni-generali/Momenti-L-ascesa-di-Mbappe/m-p/11963000","hxxps://www.ea.com/it-it/fifa/ultimate-team/web-app/","hxxps://support.xbox.com/it-IT/help/xbox-360/xbox-on-windows/accessories/xbox-controller-for-windows-setup","hxxps://www.amazon.it/Xbox-Wireless-Controller-Nero-Carbone/dp/B07SDFLVKD/ref=sr_1_8?__mk_it_IT=%C3%85M%C3%85%C5%BD%C3%95%C3%91&crid=3VRKYVQTHVIMT&keywords=controller%2Bwireless%2Bxbox%2Bpc&qid=1666252528&qu=eyJxc2MiOiIyLjU5IiwicXNhIjoiMS4wMCIsInFzcCI6IjAuMDAifQ%3D%3D&sprefix=controller%2Bwireless%2Bxbox%2Bpc%2Caps%2C81&sr=8-8&th=1","hxxps://chrome.google.com/webstore/category/extensions?hl=it" CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-01] CHR Profile: C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-21] CHR Profile: C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-21] CHR Notifications: Profile 1 -> hxxps://apsolutamente.org; hxxps://it.myservername.com; hxxps://mediaforyour.com; hxxps://modsfire.com; hxxps://music-home.info; hxxps://oataltaul.com; hxxps://phonestar.info; hxxps://skidrowrepack.com; hxxps://www.azkero.com; hxxps://www.youtube.com; hxxps://youtubecenter.net CHR DefaultSearchURL: Profile 1 -> hxxps://1218.searchexpert.online/?q={searchTerms} CHR DefaultSuggestURL: Profile 1 -> hxxps://m.nearbyme.io/search?text={searchTerms} CHR Session Restore: Profile 1 -> is enabled. CHR Extension: (McAfee® WebAdvisor) - C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-09-22] CHR Extension: (Documenti Google offline) - C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30] CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-10] CHR Profile: C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-10-21] CHR Notifications: Profile 2 -> hxxps://aquamarine-moscow.ru; hxxps://drive.google.com; hxxps://getx.topsandtees.space; hxxps://gomusic.info; hxxps://hecc.ru; hxxps://hisgames.org; hxxps://it.dailyguides.com; hxxps://it.superdealsearch.com; hxxps://it.tipsandtrics.com; hxxps://kxbpr.omouswomani.xyz; hxxps://maximus-time.com; hxxps://msfsaddons.com; hxxps://punktid.com; hxxps://small-games.info; hxxps://uploadhaven.com; hxxps://www.blitzquotidiano.it; hxxps://www.ck12.it; hxxps://www.eskytravel.it; hxxps://www.facebook.com; hxxps://www.g2a.com; hxxps://www.menteinformatica.it; hxxps://www.my-personaltrainer.it; hxxps://www.passfab.it; hxxps://www.pastemytxt.com; hxxps://www.pinterest.it; hxxps://www.reddit.com; hxxps://www.sololibri.net; hxxps://www.voli-diretti.it; hxxps://www.youtube.com; hxxps://x2download.com CHR HomePage: Profile 2 -> hxxp://www.google.it/ CHR DefaultSearchURL: Profile 2 -> hxxps://1218.searchexpert.online/?q={searchTerms} CHR DefaultSuggestURL: Profile 2 -> hxxps://m.nearbyme.io/search?text={searchTerms} CHR Session Restore: Profile 2 -> is enabled. CHR Extension: (Chrono Download Manager) - C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2021-12-05] CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-29] CHR Profile: C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-10-21] CHR DefaultSearchURL: Profile 3 -> hxxps://1218.searchexpert.online/?q={searchTerms} CHR DefaultSuggestURL: Profile 3 -> hxxps://m.nearbyme.io/search?text={searchTerms} CHR Session Restore: Profile 3 -> is enabled. CHR Extension: (McAfee® WebAdvisor) - C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-09-21] CHR Extension: (Documenti Google offline) - C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-18] CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\patrik\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-21] CHR Profile: C:\Users\patrik\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-21] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] Brave: ======= BRA Profile: C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-06-27] BRA Extension: (Google Traduttore) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-06-27] BRA Extension: (Brave Local Data Files Updater) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-06-27] BRA Extension: (Brave NTP background images) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-06-07] BRA Extension: (Wallet Data Files Updater) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-06-27] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-06-27] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-09-09] BRA Extension: (Brave SpeedReader Updater) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-06-07] BRA Extension: (Brave NTP sponsored images) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\kiofdgfkdiedmmaepkhahkbodobjgdnb [2022-06-27] BRA Extension: (Brave Ad Block Updater (EasyList Italy)) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\nkmllpnhpfieajahfpfmjneipnddhimi [2022-06-27] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\patrik\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-06-27] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> ) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-09-21] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-09-21] (Avast Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.18743.103\elevation_service.exe [2047168 2022-10-06] (Avast Software s.r.o. -> AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6212880 2018-06-26] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9484248 2022-09-28] (Microsoft Corporation -> Microsoft Corporation) R2 CortexLauncherService; G:\util\razer\Razer Cortex\CortexLauncherService.exe [588200 2022-10-08] (Razer USA Ltd. -> Razer Inc.) R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [213432 2021-02-21] (DTS, Inc. -> DTS Inc.) S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [55112984 2022-10-20] (Electronic Arts, Inc. -> ) R2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [147840 2022-01-25] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 Everything; G:\util\Everything\Everything.exe [2261600 2021-05-12] (voidtools -> voidtools) R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [130432 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 MaskVPNService; C:\Program Files (x86)\MaskVPN\mask_svc.exe [7493560 2020-08-06] (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) U2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-10-20] (Malwarebytes Inc. -> Malwarebytes) R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed] S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [127360 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-09-18] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-09-18] (Electronic Arts, Inc. -> Electronic Arts) R2 Plarium Play Client Service; C:\Users\patrik\AppData\Local\PlariumPlay\8.0.0-0.0.3\PlariumPlayClientService\PlariumPlayClientService.exe [99912 2022-08-03] (Plarium Global Ltd -> ) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032040 2022-09-27] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-09-19] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-15] (Razer USA Ltd. -> Razer Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc) R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [362760 2022-09-21] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; G:\util\razer\Synapse3\Service\Razer Synapse Service.exe [300552 2022-10-05] (Razer USA Ltd. -> Razer Inc.) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 spacedeskService; C:\Windows\System32\spacedeskService.exe [1234352 2021-07-01] (Datronicsoft, Inc. -> ) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16360768 2022-08-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdsi.inf_amd64_b4f641531657e529\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdsi.inf_amd64_b4f641531657e529\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 2512C62A; C:\Windows\system32\drivers\2512C62A.sys [255928 2022-10-20] (Malwarebytes Corporation -> Malwarebytes) S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) S3 ddmdrv; C:\Windows\SysWOW64\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 FXVAD; C:\Windows\system32\drivers\fxvad.sys [326656 2022-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 gdrv2; C:\Windows\gdrv2.sys [32600 2022-10-21] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2022-09-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-21] (Malwarebytes Inc. -> Malwarebytes) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2021-06-13] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2015-12-11] (NaturalPoint, Inc -> ) R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc) R3 RzDev_005c; C:\Windows\System32\drivers\RzDev_005c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 spacedeskDriverBus; C:\Windows\System32\drivers\spacedeskDriverBus.sys [97200 2021-07-01] (Datronicsoft, Inc. -> datronicsoft Inc.) S3 spacedeskKtmInputMouse; C:\Windows\System32\drivers\spacedeskKtmInputMouse.sys [36800 2021-06-09] (Datronicsoft, Inc. -> ) R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project) S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [455968 2022-10-14] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-14] (Microsoft Windows -> Microsoft Corporation) S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X] S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X] S3 WinRing0_1_2_0; \??\C:\Users\patrik\AppData\Local\Temp\tmpBF1F.tmp [X] <==== ATTENTION ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-10-21 16:58 - 2022-10-21 17:00 - 000117365 _____ C:\Users\patrik\Downloads\Addition.txt 2022-10-21 16:56 - 2022-10-21 17:01 - 000044822 _____ C:\Users\patrik\Downloads\FRST.txt 2022-10-21 16:56 - 2022-10-21 17:01 - 000000000 ____D C:\FRST 2022-10-21 16:55 - 2022-10-21 16:55 - 002373632 _____ (Farbar) C:\Users\patrik\Downloads\FRST64.exe 2022-10-21 12:03 - 2022-10-21 12:03 - 000001354 _____ C:\Users\patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-10-21 12:03 - 2022-10-21 12:03 - 000000000 ____D C:\Users\patrik\AppData\Local\PCHealthCheck 2022-10-21 11:59 - 2022-10-21 11:59 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\gdrv2.sys 2022-10-21 11:58 - 2022-10-21 11:58 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2022-10-21 11:49 - 2022-10-21 11:49 - 000000000 ____D C:\ProgramData\AomeiBR 2022-10-21 11:48 - 2022-10-21 11:48 - 000262144 _____ C:\Windows\AOMEIBCD 2022-10-21 11:08 - 2022-10-21 11:46 - 000021369 _____ C:\Windows\diagerr.xml 2022-10-21 11:08 - 2022-10-21 11:46 - 000020436 _____ C:\Windows\diagwrn.xml 2022-10-21 10:38 - 2022-10-21 10:38 - 000050113 _____ C:\Users\patrik\Downloads\referto Patrizia.pdf 2022-10-21 08:30 - 2022-10-21 08:30 - 000000028 ____H C:\.GamingRoot 2022-10-20 20:57 - 2022-10-20 20:57 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2022-10-20 19:26 - 2022-10-20 19:26 - 000003482 _____ C:\Windows\system32\Tasks\GraphicsCardEngine 2022-10-20 13:42 - 2022-10-20 13:42 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2022-10-20 13:42 - 2022-10-20 13:42 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2022-10-20 13:42 - 2022-10-20 13:42 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2022-10-20 13:42 - 2022-10-20 13:42 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-10-20 13:42 - 2022-10-20 13:42 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-10-20 13:42 - 2022-10-20 13:42 - 000000000 ____D C:\Users\patrik\AppData\Local\mbam 2022-10-20 13:41 - 2022-10-20 13:41 - 002632256 _____ (Malwarebytes) C:\Users\patrik\Downloads\MBSetup.exe 2022-10-20 13:41 - 2022-10-20 13:41 - 000000000 ____D C:\Program Files\Malwarebytes 2022-10-20 13:38 - 2022-10-20 13:38 - 000001607 _____ C:\Users\patrik\Desktop\JRT.txt 2022-10-20 11:47 - 2022-10-20 11:47 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\2512C62A.sys 2022-10-20 10:10 - 2022-10-20 10:10 - 000000000 ___HD C:\$WinREAgent 2022-10-20 10:02 - 2022-10-20 10:02 - 000000000 ____D C:\Users\patrik\AppData\Roaming\NVIDIA 2022-10-20 09:29 - 2022-10-20 09:29 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2022-10-20 09:29 - 2022-10-20 09:29 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2022-10-20 09:20 - 2022-10-20 09:20 - 000000000 ____D C:\Windows\system32\lxss 2022-10-20 09:20 - 2022-10-20 09:20 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2022-10-20 09:16 - 2022-10-14 06:22 - 001967856 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2022-10-20 09:16 - 2022-10-14 06:22 - 001967856 _____ C:\Windows\system32\vulkaninfo.exe 2022-10-20 09:16 - 2022-10-14 06:22 - 001524472 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-10-20 09:16 - 2022-10-14 06:22 - 001524472 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2022-10-20 09:16 - 2022-10-14 06:22 - 001472552 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2022-10-20 09:16 - 2022-10-14 06:22 - 001432352 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2022-10-20 09:16 - 2022-10-14 06:22 - 001432352 _____ C:\Windows\system32\vulkan-1.dll 2022-10-20 09:16 - 2022-10-14 06:22 - 001213952 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2022-10-20 09:16 - 2022-10-14 06:22 - 001145632 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2022-10-20 09:16 - 2022-10-14 06:22 - 001145632 _____ C:\Windows\SysWOW64\vulkan-1.dll 2022-10-20 09:16 - 2022-10-14 06:18 - 001522664 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2022-10-20 09:16 - 2022-10-14 06:18 - 001185792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2022-10-20 09:16 - 2022-10-14 06:18 - 000870392 _____ C:\Windows\system32\nvofapi64.dll 2022-10-20 09:16 - 2022-10-14 06:18 - 000822760 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2022-10-20 09:16 - 2022-10-14 06:18 - 000693240 _____ C:\Windows\SysWOW64\nvofapi.dll 2022-10-20 09:16 - 2022-10-14 06:17 - 002246664 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2022-10-20 09:16 - 2022-10-14 06:17 - 001653288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2022-10-20 09:16 - 2022-10-14 06:17 - 001261072 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2022-10-20 09:16 - 2022-10-14 06:17 - 000987640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2022-10-20 09:16 - 2022-10-14 06:17 - 000709112 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2022-10-20 09:16 - 2022-10-14 06:16 - 015218664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2022-10-20 09:16 - 2022-10-14 06:16 - 012540952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2022-10-20 09:16 - 2022-10-14 06:16 - 005906944 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll 2022-10-20 09:16 - 2022-10-14 06:16 - 005752824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2022-10-20 09:16 - 2022-10-14 06:16 - 005429288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2022-10-20 09:16 - 2022-10-14 06:16 - 003101208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2022-10-20 09:16 - 2022-10-14 06:16 - 000457264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2022-10-20 09:16 - 2022-10-14 06:15 - 000853544 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2022-10-20 09:16 - 2022-10-14 06:14 - 007587816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2022-10-20 09:16 - 2022-10-14 06:14 - 006457784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2022-10-20 09:16 - 2022-10-13 11:20 - 000129000 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2022-10-20 09:16 - 2022-10-13 11:20 - 000095170 _____ C:\Windows\system32\nvinfo.pb 2022-10-20 09:16 - 2022-10-13 11:20 - 000041984 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll 2022-10-20 09:09 - 2022-07-14 01:32 - 000060112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2022-10-20 08:28 - 2021-10-08 11:00 - 000167544 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2022-10-20 08:27 - 2022-10-20 08:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2022-10-20 08:27 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys 2022-10-15 08:29 - 2022-10-15 08:29 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2022-10-13 10:18 - 2022-10-13 10:18 - 000000000 ____D C:\Program Files\Microsoft Xbox One Controller for Windows 2022-10-13 10:17 - 2022-10-13 10:17 - 003952219 _____ C:\Users\patrik\Downloads\Driver-for-Game-Controllers.zip 2022-10-13 08:59 - 2022-10-13 08:59 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2022-10-13 08:59 - 2022-10-13 08:59 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2022-10-13 08:59 - 2022-10-13 08:59 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2022-10-13 08:59 - 2022-10-13 08:59 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2022-10-13 08:59 - 2022-10-13 08:59 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2022-10-13 08:59 - 2022-10-13 08:59 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2022-10-13 08:59 - 2022-10-13 08:59 - 000012253 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-10-08 14:54 - 2022-10-08 14:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-10-08 08:27 - 2022-10-13 09:39 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-10-06 10:14 - 2022-10-06 10:14 - 000000000 ____D C:\Program Files\Microsoft Office 15 2022-10-06 10:11 - 2022-10-06 10:11 - 002854912 _____ C:\Users\patrik\Downloads\xb1usb.11059.0.140526x64.msi 2022-10-05 16:05 - 2022-10-05 16:05 - 000110275 _____ C:\Users\patrik\Desktop\DxDiag.txt 2022-10-04 08:46 - 2022-10-04 08:46 - 000000000 ____D C:\GvTemp 2022-10-03 13:02 - 2022-10-03 13:02 - 000000000 ____D C:\ProgramData\McAfee 2022-09-30 09:13 - 2022-09-30 09:13 - 000000000 ____D C:\ProgramData\Frostbite 2022-09-29 17:18 - 2022-10-21 12:17 - 000000000 ____D C:\Program Files\EA 2022-09-29 17:18 - 2022-10-12 11:16 - 000000677 _____ C:\Users\Public\Desktop\FIFA 23.lnk 2022-09-29 17:18 - 2022-09-29 17:18 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2022-09-29 17:18 - 2022-09-29 17:18 - 000000000 ____D C:\Users\patrik\AppData\Roaming\EA 2022-09-29 17:18 - 2022-09-29 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 23 2022-09-28 10:23 - 2022-09-28 10:23 - 000000854 _____ C:\Users\patrik\Desktop\Sweet Transit v0.2.30.lnk 2022-09-22 16:02 - 2022-09-22 16:02 - 000001291 _____ C:\Users\patrik\Desktop\JREAST_TrainSimulator.exe.lnk 2022-09-21 17:08 - 2022-09-21 17:08 - 000005016 _____ C:\ProgramData\rsEngine.config.backup 2022-09-21 17:08 - 2022-09-21 17:08 - 000003856 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) 2022-09-21 17:08 - 2022-09-21 17:08 - 000003272 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon) 2022-09-21 17:08 - 2022-09-21 17:08 - 000000000 ____D C:\Users\patrik\AppData\Local\AVAST Software 2022-09-21 17:08 - 2022-09-21 17:08 - 000000000 ____D C:\ProgramData\AVAST Software 2022-09-21 17:06 - 2022-09-21 17:06 - 000000000 ____D C:\Users\patrik\AppData\Local\Gh 2022-09-21 17:05 - 2022-09-21 17:05 - 000000000 ____D C:\Users\patrik\AppData\Roaming\WeatherZero 2022-09-21 17:04 - 2022-09-21 17:04 - 000003708 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA 2022-09-21 17:04 - 2022-09-21 17:04 - 000003584 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore 2022-09-21 17:04 - 2022-09-21 17:04 - 000000000 ____D C:\Program Files (x86)\AVAST Software 2022-09-21 17:03 - 2022-09-21 17:03 - 000000000 ____D C:\Program Files (x86)\ProfitiyiApplication 2022-09-21 17:01 - 2022-10-21 16:00 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2022-09-21 17:01 - 2022-10-21 16:00 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-10-21 17:00 - 2021-10-31 11:37 - 000000000 ____D C:\Users\patrik\AppData\Roaming\navigraph-desktop 2022-10-21 16:58 - 2021-06-13 16:55 - 000000000 ____D C:\Users\patrik\AppData\Roaming\WhatsApp 2022-10-21 16:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-21 16:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2022-10-21 16:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-21 16:54 - 2021-11-21 09:22 - 000004784 _____ C:\Windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask 2022-10-21 16:54 - 2021-06-12 17:33 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-21 16:54 - 2021-06-12 17:33 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-10-21 16:50 - 2021-06-12 19:24 - 000000000 ____D C:\Program Files (x86)\Google 2022-10-21 16:27 - 2021-06-14 19:34 - 000000000 ____D C:\Users\patrik\AppData\Roaming\uTorrent 2022-10-21 16:26 - 2021-06-14 19:34 - 000000000 ____D C:\Users\patrik\AppData\Local\BitTorrentHelper 2022-10-21 16:05 - 2022-09-03 08:22 - 000000000 ___HD C:\Users\patrik\Downloads\.opera 2022-10-21 16:05 - 2022-08-10 16:27 - 000000000 ___HD C:\Users\patrik\.opera 2022-10-21 16:04 - 2022-02-09 11:04 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-10-21 16:03 - 2021-06-12 19:26 - 000000000 ____D C:\Users\patrik\AppData\LocalLow\Mozilla 2022-10-21 16:00 - 2022-09-18 19:18 - 000000000 ____D C:\SteamLibrary 2022-10-21 16:00 - 2022-08-02 12:50 - 000000000 ____D C:\Users\patrik\AppData\Local\PlariumPlay 2022-10-21 16:00 - 2022-06-10 16:51 - 000003950 _____ C:\Windows\system32\Tasks\RazerCortexScheduleClean 2022-10-21 16:00 - 2022-02-22 19:50 - 000000000 ____D C:\Program Files\CCleaner 2022-10-21 16:00 - 2021-06-13 12:14 - 000003112 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2022-10-21 16:00 - 2021-06-12 18:41 - 000000000 ____D C:\ProgramData\NVIDIA 2022-10-21 13:44 - 2022-09-18 11:02 - 000000000 ____D C:\Users\patrik\AppData\Roaming\Origin 2022-10-21 13:44 - 2022-09-18 11:02 - 000000000 ____D C:\ProgramData\Origin 2022-10-21 13:32 - 2022-01-26 18:17 - 000000000 ____D C:\Users\patrik\AppData\Local\Origin 2022-10-21 12:20 - 2022-06-10 16:44 - 000780828 _____ C:\Windows\system32\perfh00C.dat 2022-10-21 12:20 - 2022-06-10 16:44 - 000149494 _____ C:\Windows\system32\perfc00C.dat 2022-10-21 12:20 - 2022-06-10 16:42 - 000732402 _____ C:\Windows\system32\perfh007.dat 2022-10-21 12:20 - 2022-06-10 16:42 - 000149802 _____ C:\Windows\system32\perfc007.dat 2022-10-21 12:20 - 2021-06-12 18:41 - 003569414 _____ C:\Windows\system32\PerfStringBackup.INI 2022-10-21 12:20 - 2019-12-07 17:09 - 000780056 _____ C:\Windows\system32\perfh010.dat 2022-10-21 12:20 - 2019-12-07 17:09 - 000146364 _____ C:\Windows\system32\perfc010.dat 2022-10-21 12:20 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2022-10-21 12:17 - 2022-09-18 11:09 - 000000000 ____D C:\Program Files (x86)\Origin Games 2022-10-21 12:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2022-10-21 12:01 - 2021-12-14 15:12 - 000000000 ____D C:\Windows\system32\appmgmt 2022-10-21 11:58 - 2021-09-09 08:55 - 000000000 ____D C:\Program Files\TeamViewer 2022-10-21 11:58 - 2021-06-12 17:33 - 000008192 ___SH C:\DumpStack.log.tmp 2022-10-21 11:58 - 2021-06-12 17:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-10-21 11:55 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-10-21 11:47 - 2021-06-13 11:03 - 000001024 ____H C:\AMTAG.BIN 2022-10-21 08:30 - 2022-05-11 17:41 - 000000000 ____D C:\XboxGames 2022-10-21 08:30 - 2021-06-12 17:33 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-10-20 19:26 - 2021-06-14 20:51 - 000003498 _____ C:\Windows\system32\Tasks\EasyTune 1 2022-10-20 19:26 - 2021-06-14 20:51 - 000003398 _____ C:\Windows\system32\Tasks\EasyTune 2022-10-20 19:26 - 2021-06-13 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2022-10-20 19:26 - 2021-06-13 11:49 - 000000000 ____D C:\Program Files (x86)\GIGABYTE 2022-10-20 18:36 - 2022-09-18 18:05 - 000000446 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2022-10-20 17:53 - 2021-06-29 15:55 - 000000000 ____D C:\Users\patrik\AppData\Local\ElevatedDiagnostics 2022-10-20 17:09 - 2021-09-09 16:18 - 000000000 ____D C:\Program Files (x86)\BraveSoftware 2022-10-20 16:14 - 2021-06-12 19:32 - 000000000 ____D C:\ProgramData\Package Cache 2022-10-20 16:13 - 2022-02-11 13:44 - 000000000 ____D C:\Program Files (x86)\MaskVPN 2022-10-20 16:12 - 2022-07-28 19:17 - 000000000 ____D C:\Program Files (x86)\hidemy.name VPN 2022-10-20 13:45 - 2022-06-08 09:53 - 000000000 ____D C:\Windows\system32\Tasks\Service 2022-10-20 13:45 - 2022-05-06 18:00 - 000000000 ____D C:\Program Files\Cheat Engine 7.4 2022-10-20 13:45 - 2022-02-11 13:43 - 000000000 ____D C:\Program Files (x86)\WiseRecovery 2022-10-20 13:45 - 2022-01-21 16:56 - 000002374 _____ C:\Users\patrik\Desktop\dcs - bios - Chrome.lnk 2022-10-20 13:45 - 2021-09-16 20:33 - 000000000 ____D C:\Users\patrik\AppData\Roaming\SFExtended 2022-10-20 13:45 - 2021-09-10 13:13 - 000002334 _____ C:\Users\patrik\Desktop\E R - Chrome.lnk 2022-10-20 13:42 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2022-10-20 13:41 - 2021-12-02 10:41 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-10-20 11:49 - 2022-03-04 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2022-10-20 11:49 - 2022-03-04 18:53 - 000000000 ____D C:\Program Files\Java 2022-10-20 11:48 - 2022-03-04 18:53 - 000195232 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2022-10-20 11:47 - 2021-12-02 10:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2022-10-20 10:35 - 2021-06-12 19:24 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-10-20 10:35 - 2021-06-12 19:24 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-10-20 10:13 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2022-10-20 09:29 - 2021-11-23 11:15 - 000153048 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll 2022-10-20 09:29 - 2021-07-24 19:44 - 002815456 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll 2022-10-20 09:29 - 2021-07-24 19:44 - 000452048 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll 2022-10-20 09:29 - 2021-07-24 19:44 - 000243168 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll 2022-10-20 09:29 - 2021-07-24 19:44 - 000198096 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll 2022-10-20 09:29 - 2021-07-24 19:44 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2022-10-20 09:20 - 2021-06-12 19:32 - 000000000 ____D C:\Users\patrik\AppData\Local\NVIDIA 2022-10-20 09:20 - 2021-06-12 18:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-10-20 09:09 - 2021-06-12 19:32 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-20 09:09 - 2021-06-12 19:32 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-20 09:09 - 2021-06-12 19:32 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-20 09:09 - 2021-06-12 19:32 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-20 09:09 - 2021-06-12 19:32 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-20 09:09 - 2021-06-12 19:32 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-20 09:09 - 2021-06-12 19:32 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-20 09:09 - 2021-06-12 19:32 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-20 09:09 - 2021-06-12 19:32 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-20 09:09 - 2021-06-12 19:32 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2022-10-20 09:09 - 2021-06-12 19:32 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2022-10-20 09:09 - 2021-06-12 18:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2022-10-19 20:25 - 2022-03-26 20:56 - 000000000 ____D C:\Users\patrik\AppData\Roaming\FxSound 2022-10-18 10:43 - 2021-07-26 19:00 - 000000000 ____D C:\Users\patrik\AppData\Local\FlightSimulator 2022-10-18 10:42 - 2021-10-14 20:38 - 000000000 ____D C:\FSUIPC7 2022-10-17 13:17 - 2021-06-12 19:19 - 000000000 ____D C:\Users\patrik 2022-10-17 08:25 - 2021-06-12 19:32 - 002890296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2022-10-17 08:25 - 2021-06-12 19:32 - 002224696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2022-10-17 08:25 - 2021-06-12 19:32 - 001297464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll 2022-10-15 16:41 - 2022-09-02 17:34 - 000011651 _____ C:\Users\patrik\Desktop\formula DARKNET.xlsx 2022-10-15 12:01 - 2021-10-17 14:49 - 000000000 ____D C:\Users\patrik\AppData\Local\WhatsApp 2022-10-15 08:29 - 2021-06-13 11:38 - 000000000 ____D C:\Program Files\Microsoft Office 2022-10-15 08:29 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-10-15 08:24 - 2021-06-12 17:33 - 000003688 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-10-15 08:24 - 2021-06-12 17:33 - 000003564 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-10-14 08:36 - 2021-06-12 17:33 - 000000000 ____D C:\Windows\system32\Drivers\wd 2022-10-13 10:20 - 2021-06-12 19:20 - 000000000 ____D C:\Users\patrik\AppData\Local\Packages 2022-10-13 09:43 - 2021-06-12 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2022-10-13 09:41 - 2021-06-12 20:30 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK 2022-10-13 09:40 - 2021-06-12 17:33 - 000581608 _____ C:\Windows\system32\FNTCACHE.DAT 2022-10-13 09:39 - 2021-06-12 19:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-10-13 09:37 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-10-13 09:37 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2022-10-13 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-10-13 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2022-10-13 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2022-10-13 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2022-10-13 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2022-10-13 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2022-10-13 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-10-13 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2022-10-13 09:01 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2022-10-13 09:01 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll 2022-10-13 08:59 - 2021-06-12 17:36 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2022-10-13 08:53 - 2021-06-13 11:51 - 000000000 ____D C:\Windows\system32\MRT 2022-10-13 08:51 - 2021-06-13 11:51 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-10-12 04:39 - 2022-06-08 18:10 - 000316920 _____ (Microsoft Corporation) C:\Windows\system32\GameInputRedist.dll 2022-10-12 02:55 - 2022-06-08 18:10 - 000199672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GameInputRedist.dll 2022-10-11 12:15 - 2021-07-25 16:51 - 000000000 ____D C:\Users\patrik\AppData\Roaming\discord 2022-10-11 11:20 - 2021-07-25 16:51 - 000000000 ____D C:\Users\patrik\AppData\Local\Discord 2022-10-11 09:20 - 2021-12-13 11:51 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1434250523-2177302535-3085710208-1001 2022-10-11 09:20 - 2021-06-12 19:22 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1434250523-2177302535-3085710208-1001 2022-10-11 09:20 - 2021-06-12 19:19 - 000002444 _____ C:\Users\patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-10-11 09:05 - 2022-07-09 16:53 - 000000805 _____ C:\Users\Public\Desktop\Razer Cortex.lnk 2022-10-11 09:05 - 2021-06-12 20:31 - 000000000 ____D C:\Users\patrik\AppData\Local\Razer 2022-10-11 09:05 - 2021-06-12 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex 2022-10-08 14:54 - 2021-06-12 19:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-10-01 17:15 - 2021-06-12 19:22 - 000000000 ____D C:\Users\patrik\AppData\Local\PlaceholderTileLogoFolder 2022-09-30 09:13 - 2021-06-12 19:20 - 000000000 ____D C:\Users\patrik\AppData\Local\D3DSCache 2022-09-30 09:12 - 2022-09-18 11:03 - 000000000 ____D C:\ProgramData\Electronic Arts 2022-09-29 15:56 - 2021-06-12 18:41 - 000000000 ____D C:\ProgramData\Packages 2022-09-28 10:23 - 2022-08-10 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default) 2022-09-27 08:47 - 2021-11-14 21:45 - 000000000 ____D C:\Users\patrik\AppData\Roaming\ABarthel 2022-09-27 08:45 - 2022-05-27 16:38 - 000000000 ____D C:\ProgramData\Fenix 2022-09-26 15:54 - 2022-05-27 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FenixSim A320 2022-09-22 16:14 - 2021-06-12 19:57 - 000000000 ____D C:\Users\patrik\AppData\Local\CrashDumps 2022-09-21 17:01 - 2022-02-22 19:50 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update 2022-09-21 12:04 - 2022-07-28 10:41 - 000000000 ____D C:\ProgramData\SupremoRemoteDesktop ==================== Files in the root of some directories ======== 2022-09-05 10:49 - 2022-09-05 10:49 - 000685392 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll 2022-09-05 10:49 - 2022-09-05 10:49 - 000608080 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2022-09-05 10:49 - 2022-09-05 10:49 - 000450024 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll 2022-09-05 10:49 - 2022-09-05 10:49 - 002046288 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2022-09-05 10:49 - 2022-09-05 10:49 - 000257872 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2022-09-05 14:30 - 2022-09-05 14:30 - 001106998 _____ (SQLite Development Team) C:\ProgramData\sqlite3.dll 2022-09-05 10:49 - 2022-09-05 10:49 - 000080880 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll 2021-11-08 20:09 - 2021-12-04 19:25 - 000000235 _____ () C:\Users\patrik\AppData\Roaming\config.json 2021-11-08 20:09 - 2021-12-08 16:40 - 000000127 _____ () C:\Users\patrik\AppData\Roaming\log.txt 2021-11-08 20:09 - 2021-12-04 19:25 - 000003150 _____ () C:\Users\patrik\AppData\Roaming\README.txt 2021-11-08 20:09 - 2021-12-04 19:25 - 000058368 _____ () C:\Users\patrik\AppData\Roaming\SimConnect.dll 2021-11-08 20:09 - 2021-12-04 19:25 - 005164544 _____ () C:\Users\patrik\AppData\Roaming\YourControls.exe 2021-12-19 09:54 - 2021-12-19 10:06 - 000000521 _____ () C:\Users\patrik\AppData\Local\Params.xml 2022-08-02 12:49 - 2022-08-03 16:44 - 000284284 _____ () C:\Users\patrik\AppData\Local\PlariumPlay.log 2022-08-07 10:01 - 2022-08-07 10:01 - 000001460 _____ () C:\Users\patrik\AppData\Local\recently-used.xbel 2021-06-15 17:50 - 2021-06-15 17:50 - 000000003 _____ () C:\Users\patrik\AppData\Local\updater.log 2021-06-15 17:50 - 2021-06-15 17:50 - 000000424 _____ () C:\Users\patrik\AppData\Local\UserProducts.xml 2021-11-03 13:32 - 2021-11-03 13:32 - 000000056 _____ () C:\Users\patrik\AppData\Local\X-Plane 11 Preferences.prf 2021-11-03 13:41 - 2021-11-03 13:41 - 000000015 _____ () C:\Users\patrik\AppData\Local\X-Plane_drm_11.prf 2021-11-03 13:32 - 2021-11-03 13:32 - 000000039 _____ () C:\Users\patrik\AppData\Local\x-plane_install_11.txt ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================