Windows 10: Windows Defender Alarm - Trojan:Win32/Occamy.C

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-08-2023
Ran by ***** (administrator) on DESKTOP-UIULLTJ (Acer Spin SP314-54N) (09-08-2023 11:48:32)
Running from C:\Users\*****\Downloads\FRST64.exe
Loaded Profiles: *****
Platform: Microsoft Windows 10 Home Version 22H2 19045.3208 (X64) Language: German (Germany) -> English (United Kingdom)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\SyncTrayzor\SyncTrayzor.exe ->) (Stiftelsen Syncthing -> The Syncthing Authors) C:\Users\*****\AppData\Roaming\SyncTrayzor\syncthing.exe <2>
(DriverStore\FileRepository\cui_dch.inf_amd64_b578901fbed94a8e\igfxCUIServiceN.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b578901fbed94a8e\igfxEMN.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\dptf_helper.exe
(explorer.exe ->) () [File not signed] C:\Program Files\SyncTrayzor\SyncTrayzor.exe
(explorer.exe ->) () [File not signed] D:\shamela4\app\win\64\bin\shamela.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5131.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <5>
(Grammarly, Inc. -> Grammarly) C:\Users\*****\AppData\Local\Grammarly\DesktopIntegrations\Application\1.0.38.801\Grammarly.Desktop.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Mozilla Corporation) [File not signed] C:\Program Files\IceCat\icecat.exe <8>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\PowerFolder.com\PowerFolder\jre\bin\javaw.exe <2>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (CANON INC. -> CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b578901fbed94a8e\igfxCUIServiceN.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3d18534d52d73f63\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d56593f46e53a9ee\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForLinux_1.2.5.0_x64__8wekyb3d8bbwe\wslservice.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(services.exe ->) (TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2330.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5131.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b578901fbed94a8e\igfxextN.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(svchost.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\*****\AppData\Local\Programs\signal-desktop\Signal.exe <4>
(svchost.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe [1262512 2021-06-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2265096 2023-05-26] (voidtools -> voidtools)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1129440 2023-07-07] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5844432 2023-07-03] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\Run: [SyncTrayzor] => C:\Program Files\SyncTrayzor\SyncTrayzor.exe [2319360 2021-08-07] () [File not signed]
HKLM\...\Windows x64\Print Processors\CnXP0PP: C:\Windows\System32\spool\prtprocs\x64\CnXP0PP.DLL [629248 2020-01-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\Windows\system32\CNAS0MPK.DLL [1782272 2020-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON XP-610 Series 64MonitorBE: C:\Windows\system32\E_ILMBLQE.DLL [179712 2013-10-22] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}] -> C:\Program Files\Chromium\Application\115.0.5790.171\Installer\chrmstp.exe [2023-08-07] (The Chromium Authors) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\elastic.lnk [2023-08-06]
ShortcutTarget: elastic.lnk -> D:\new-maktaba-shamila\shamela4\elastic\bin\nircmd.exe (NirSoft) [File not signed]
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerFolder.lnk [2023-07-24]
ShortcutTarget: PowerFolder.lnk -> C:\Program Files\PowerFolder.com\PowerFolder\PowerFolder.exe (dal33t GmbH -> PowerFolder.com)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {8D3F5B09-B63E-4D62-B2D1-270F09FBF9BE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> )
Task: {27E2BB60-5EB4-442C-9F1F-8D8C317C2796} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {A013CD0C-E529-4A37-92FA-B98A9F7DB7DF} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {5F73778D-A1C6-403D-A62D-BFA9815AE7A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {7D486FEB-6994-46FE-B8FD-A492E56CF676} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0D7FE08C-7210-46CC-8B4F-E2BD0F84478C} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {643721E1-132C-4D10-8B1D-EE7F659C8654} - System32\Tasks\CareCenter\Adobe Creative Cloud_Reg_HKLMWow6432Run => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1129440 2023-07-07] (Adobe Inc. -> Adobe Inc.)
Task: {22D8F67D-A132-46BB-88AE-662D51F74A69} - System32\Tasks\CareCenter\AdobeAAMUpdater-1.0_Reg_HKLMRun => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {0FC6FDF4-22C1-4659-8325-690942836529} - System32\Tasks\CareCenter\AdobeGCInvoker-1.0_Reg_HKLMRun => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A7EA24A8-F213-4B02-A8FC-1CAEC40AAD8C} - System32\Tasks\CareCenter\Cisco AnyConnect Secure Mobility Agent for Windows_Reg_HKLMWow6432Run => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1674464 2021-03-31] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
Task: {E8A6D050-EC94-4722-A8AA-040652EE9575} - System32\Tasks\CareCenter\CiscoMeetingDaemon_Reg_HKCURun_S-1-5-21-917627657-1518166570-4135675860-1001 => C:\Users\*****\AppData\Local\WebEx\ciscowebexstart.exe [4937544 2021-11-05] (Cisco WebEx LLC -> Cisco Webex LLC)
Task: {32FD9AAF-4951-48B4-9B34-37227E2B9018} - System32\Tasks\CareCenter\com.squirrel.Teams.Teams_Reg_HKCURun_S-1-5-21-917627657-1518166570-4135675860-1001 => C:\Users\*****\AppData\Local\Microsoft\Teams\Update.exe [2587432 2023-03-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation) -> --processStart "Teams.exe" --process-start-args "--system-initiated"
Task: {CB2A8482-53FE-4336-BAF3-5C92168A92EF} - System32\Tasks\CareCenter\EEventManager_Reg_HKLMWow6432Run => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {AB7691EA-67EF-488C-A654-720A5D6BE6C0} - System32\Tasks\CareCenter\EPPCCMON_Reg_HKLMRun => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BDE9A914-6461-4422-AD0A-F42068580D9F} - System32\Tasks\CareCenter\Everything_Reg_HKLMRun => C:\Program Files\Everything\Everything.exe [2265096 2023-05-26] (voidtools -> voidtools)
Task: {372A97A6-167D-499C-8B4F-51E2C5C07576} - System32\Tasks\CareCenter\Grammarly_Reg_HKCURun_S-1-5-21-917627657-1518166570-4135675860-1001 => C:\Users\*****\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [777304 2023-07-18] (Grammarly, Inc. -> Grammarly)
Task: {7EB9A851-FB21-4CFA-8788-54F4BFCD2E66} - System32\Tasks\CareCenter\org.whispersystems.signal-desktop_Reg_HKCURun_S-1-5-21-917627657-1518166570-4135675860-1001 => C:\Users\*****\AppData\Local\Programs\signal-desktop\Signal.exe [163621088 2023-07-31] (Signal Messenger, LLC -> Signal Messenger, LLC)
Task: {79C7EA18-08D8-41F0-A5A4-07CDACD0F936} - System32\Tasks\CareCenter\PowerFolder.lnk_FolderAppdata_S-1-5-21-917627657-1518166570-4135675860-1001 => C:\Program Files\PowerFolder.com\PowerFolder\PowerFolder.exe [59312 2023-06-07] (dal33t GmbH -> PowerFolder.com)
Task: {77C0D800-5085-428A-9FBD-DB0F97F48E73} - System32\Tasks\CareCenter\Steam_Reg_HKCURun_S-1-5-21-917627657-1518166570-4135675860-1001 => C:\Program Files (x86)\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation)
Task: {FCA3F0FB-1ECC-4B53-94BF-65BB01C64221} - System32\Tasks\Chocolatey Updates => Command(1): C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -> Set-ExecutionPolicy Unrestricted –Force <==== ATTENTION
Task: {FCA3F0FB-1ECC-4B53-94BF-65BB01C64221} - System32\Tasks\Chocolatey Updates => Command(2): C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -> .\ .\samplescript.ps1 <==== ATTENTION
Task: {5B0E75EA-D5CC-49B5-B2A6-DF776FB74F68} - System32\Tasks\EPSON XP-610 Series Invitation {41734558-72E1-452F-AA96-3CAF989BC79A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {C5E6250B-EDB2-4829-B652-E0CA03CAA383} - System32\Tasks\EPSON XP-610 Series Invitation {44A7F2B6-5662-4B10-93BE-699E6190BA69} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B4FD13D1-1742-4D17-BCDC-2E98C74FFE10} - System32\Tasks\EPSON XP-610 Series Update {41734558-72E1-452F-AA96-3CAF989BC79A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {CC7734B3-078B-4490-AAFD-5E54C416DADC} - System32\Tasks\EPSON XP-610 Series Update {44A7F2B6-5662-4B10-93BE-699E6190BA69} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {1E3BD76B-1B86-4211-9560-B6B37D821810} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe  --automatic (No File)
Task: {33171103-121F-40FE-9025-8BF0FB7C3828} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {262D83FF-C62F-4D7F-AB59-995317A980E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DAE9AA9-5E94-4794-8AD0-15CC79C8FE39} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158656 2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A06AD3A1-AAC1-4C21-86BD-2EBB3BDB2374} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158656 2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {36542DDC-6051-4CFE-815C-E7E8E60BAAAC} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {05D92088-E40B-47ED-A7F0-F4857A747F8C} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4394600 2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {8AF6B551-C942-4469-9844-16963676DEB8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE8D7BB5-A0D2-4DB8-AA31-B5AD41316779} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D4133C81-7AC3-4C16-AC88-F198AC62944A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA47F765-A530-4419-AFE8-652E0497674F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A193B9B-BCC9-4396-8A9C-827BE28A4ADA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {DAF737BA-4855-4070-B610-E9D128DFE022} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-917627657-1518166570-4135675860-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (No File)
Task: {5E6AE606-3144-4CF8-B5B0-C8F7062ECF8E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {DE6E6EDB-2660-4502-A906-9DD8242A0F6B} - System32\Tasks\Quick Access Wi-Fi Power Switch => C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe [211616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {8FBEFECA-68F1-42CC-9E2D-4BF50DB2EEA9} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {41734558-72E1-452F-AA96-3CAF989BC79A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {44A7F2B6-5662-4B10-93BE-699E6190BA69}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {41734558-72E1-452F-AA96-3CAF989BC79A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{41734558-72E1-452F-AA96-3CAF989BC79A} /F:UpdateWORKGROUP\DESKTOP-UIULLTJ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {44A7F2B6-5662-4B10-93BE-699E6190BA69}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{44A7F2B6-5662-4B10-93BE-699E6190BA69} /F:UpdateWORKGROUP\DESKTOP-UIULLTJ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{164f5aa9-e20f-4b80-9f5f-30473a1eacd0}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{164f5aa9-e20f-4b80-9f5f-30473a1eacd0}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5d537c1c-69a6-475d-bc15-cb0c08a63cfb}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{5d537c1c-69a6-475d-bc15-cb0c08a63cfb}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d8beb2db-3430-47df-8610-41ac191fecba}: [DhcpNameServer] 141.2.98.225 141.2.149.10

Edge: 
=======
Edge Profile: C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-29]
Edge Extension: (Edge relevant text changes) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-29]

FireFox:
========
FF DefaultProfile: 3m668vgc.default
FF DefaultProfile: o810xany.default
FF DefaultProfile: g5hiqxym.default
FF ProfilePath: C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\3m668vgc.default [2023-08-06]
FF Extension: (Zotero Date From Last Modified) - C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\3m668vgc.default\Extensions\date-from-last-modified@iris-advies.com.xpi [2020-12-03] [Legacy] [not signed]
FF Extension: (Zotero Memento) - C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\3m668vgc.default\Extensions\zotero-memento@tran.org.xpi [2020-12-03] [Legacy] [not signed]
FF Extension: (Zotero OCR) - C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\3m668vgc.default\Extensions\zotero-ocr@bib.uni-mannheim.de.xpi [2022-05-25] [Legacy] [not signed]
FF Extension: (DOI Manager) - C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\3m668vgc.default\Extensions\zoteroshortdoi@wiernik.org.xpi [2022-02-17] [Legacy] [not signed]
FF Extension: (ZotFile) - C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\3m668vgc.default\Extensions\zotfile@columbia.edu.xpi [2022-11-01] [Legacy] [not signed]
FF Extension: (Zutilo Utility for Zotero) - C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\3m668vgc.default\Extensions\zutilo@www.wesailatdawn.com.xpi [2021-08-30] [Legacy] [not signed]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\icecat\Profiles\o810xany.default [2023-08-09]
FF Homepage: Mozilla\icecat\Profiles\o810xany.default -> hxxps://www.youtube.com/playlist?list=PLEoMzSkcN8oNxnj7jm5V2ZcGc52002pQU|hxxps://www.youtube.com/watch?v=Xy0YgnXFt1M&list=PLEoMzSkcN8oNxnj7jm5V2ZcGc52002pQU&index=4|hxxps://www.youtube.com/watch?v=oSy-TmoxG_Y&list=PLEoMzSkcN8oNxnj7jm5V2ZcGc52002pQU&index=7|hxxps://systemcrafters.net/videos/|hxxps://systemcrafters.net/craft-your-system-with-guix/full-system-install/|hxxps://wiki.systemcrafters.cc/guix|hxxps://wiki.systemcrafters.cc/guix/general-recommendations|hxxps://guix.gnu.org/manual/en/html_node/System-Installation.html|hxxps://wiki.systemcrafters.cc/guix/faqs|hxxps://guix.gnu.org/en/download/|hxxps://guix.gnu.org/packages/X/page/3/|hxxps://www.x.org/wiki/|hxxps://meinnvda.de/
FF Extension: (URLs List) - C:\Users\*****\AppData\Roaming\Mozilla\icecat\Profiles\o810xany.default\Extensions\{88664789-f91e-40e1-adb9-e4e9a8c48867}.xpi [2023-03-22]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961 [2023-08-09]
FF Homepage: Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961 -> chrome://browser/content/blanktab.html
FF Session Restore: Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961 -> is enabled.
FF Extension: (English United States Dictionary) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\@unitedstatesenglishdictionary.xpi [2022-01-14]
FF Extension: (Dark Reader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\addon@darkreader.org.xpi [2023-06-27]
FF Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\https-everywhere@eff.org.xpi [2021-07-14]
FF Extension: (Tomato Clock) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\jid1-Kt2kYYgi32zPuw@jetpack.xpi [2022-01-23]
FF Extension: (Privacy Badger) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-06-29]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2023-08-07]
FF Extension: (Language: English (US)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2023-08-07]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\uBlock0@raymondhill.net.xpi [2023-07-28]
FF Extension: (uMatrix) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\uMatrix@raymondhill.net.xpi [2021-07-20]
FF Extension: (Zotero Connector) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\zotero@chnm.gmu.edu.xpi [2023-07-09] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Dunkler Modus - Nachtauge) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\{7c6d56ed-2616-48f2-bfde-d1830f1cf2ed}.xpi [2023-05-04]
FF Extension: (URLs List) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\{88664789-f91e-40e1-adb9-e4e9a8c48867}.xpi [2020-09-21]
FF Extension: (Lightbeam 3.0) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oijrtuiw.default-release-1597097208961\Extensions\{b2b71fbe-73c1-4b90-82fb-a1255bab1a55}.xpi [2020-08-28]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\g5hiqxym.default [2020-11-30]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-10-22]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-07-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-07-07] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR HKU\S-1-5-21-917627657-1518166570-4135675860-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-07-07] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4466744 2019-06-07] (CANON INC. -> CANON INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11867104 2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43272 2023-07-03] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [212744 2023-07-03] (Intel Corporation -> Intel)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [210872 2021-03-21] (DTS, Inc. -> DTS Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [2265096 2023-05-26] (voidtools -> voidtools)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9278784 2023-08-02] (Malwarebytes Inc. -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-12-01] (Microsoft Windows -> Microsoft Corporation)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [804296 2023-07-12] (Oracle Corporation -> Oracle and/or its affiliates)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ChromiumElevationService; "C:\Program Files\Chromium\Application\115.0.5790.99\elevation_service.exe" [X]
S3 Intel(R) SUR QC SAM; "C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe" [X]
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\*****\AppData\Roaming\Zoom"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DM9USB; C:\Windows\System32\drivers\dm9usb.sys [58736 2022-09-08] (WDKTestCert Administrator,132784955112911388 -> DAVICOM Semiconductor, Inc.)
R3 iaLPSS2_GPIO2_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_a88140dd513c6aee\iaLPSS2_GPIO2_ICL.sys [131584 2019-12-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_I2C_ICL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_e0e88582ca2b3459\iaLPSS2_I2C_ICL.sys [198656 2019-12-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_4ef504b29cf2a0df\gna.sys [74336 2019-08-21] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-04-19] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKslda1ddf04; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E45B4B9C-C59B-4964-8683-A488FAB29E36}\MpKslDrv.sys [221480 2023-08-08] (Microsoft Windows -> Microsoft Corporation)
S3 rtump64x64; C:\Windows\System32\drivers\rtump64x64.sys [1140584 2022-04-19] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [253224 2023-07-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [264096 2023-07-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1062048 2023-07-12] (Oracle Corporation -> Oracle and/or its affiliates)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [74048 2021-03-31] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-09 11:48 - 2023-08-09 11:49 - 000040831 _____ C:\Users\*****\Downloads\FRST.txt
2023-08-09 11:48 - 2023-08-09 11:49 - 000000000 ____D C:\FRST
2023-08-09 11:47 - 2023-08-09 11:47 - 002384896 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2023-08-08 11:06 - 2023-08-08 11:06 - 000001225 _____ C:\Users\*****\Downloads\urls-list-2023-08-08-11-06-23.txt
2023-08-07 23:29 - 2023-08-08 11:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-08-07 11:41 - 2023-08-07 11:41 - 000001213 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\LINE.lnk
2023-08-05 12:25 - 2023-08-05 12:25 - 027311919 ____R C:\Users\*****\Downloads\[Beihefte zur Zeitschrift fur die Alttestamentliche Wissenschaft_ 103] Matthew Black, Georg Fohrer - In Memoriam Paul Kahle (1968, Verlag Alfred Töpelmann) - libgen.li.pdf
2023-08-05 11:02 - 2023-08-05 11:02 - 002957005 ____R C:\Users\*****\Downloads\v22_03_Hanitsch_051-102.pdf
2023-08-04 14:24 - 2023-08-08 11:29 - 000000816 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\المكتبة الشاملة.lnk
2023-08-04 14:24 - 2023-08-04 14:24 - 000000000 ____D C:\Users\*****\AppData\Roaming\shamela_4
2023-08-04 14:17 - 2023-08-04 14:17 - 000000000 ____D C:\Users\*****\Downloads\****2023-08-04_121558
2023-08-04 14:15 - 2023-08-04 14:16 - 127505091 _____ C:\Users\*****\Downloads\****_2023-08-04_121558.zip
2023-08-04 11:56 - 2023-08-04 11:56 - 000609938 _____ C:\Users\*****\Downloads\Blois-Qurn937CIH-2004.pdf
2023-08-04 01:27 - 2023-08-04 01:27 - 000000561 _____ C:\Users\*****\Downloads\urls-list-2023-08-04-01-27-46.txt
2023-08-03 12:45 - 2023-08-03 12:45 - 000001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2023.lnk
2023-08-03 12:11 - 2023-08-03 12:11 - 006054767 _____ C:\Users\*****\Downloads\Brunner_2014_Remarks.pdf
2023-08-03 11:55 - 2023-08-03 11:55 - 000741517 _____ C:\Users\*****\Downloads\aktuelle_analysen_26.pdf
2023-08-03 11:22 - 2023-08-03 11:22 - 000322300 _____ C:\Users\*****\Downloads\Abstract_Hanitsch_paper_1.pdf
2023-08-02 16:45 - 2023-08-02 16:45 - 000129256 ____R C:\Users\*****\Downloads\the_Formative_Period_of_Islam_and_the_Do.pdf
2023-08-02 12:33 - 2023-08-06 10:14 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-08-02 10:23 - 2023-08-02 10:23 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-08-02 10:22 - 2023-08-02 10:22 - 000000752 _____ C:\Users\*****\Downloads\urls-list-2023-08-02-10-22-50.txt
2023-08-01 11:23 - 2023-08-01 11:23 - 000000000 ____D C:\Program Files\Eclipse Adoptium
2023-07-31 19:54 - 2023-07-31 19:54 - 000000000 ____D C:\Users\*****\Downloads\FP5116
2023-07-31 18:21 - 2023-07-31 18:21 - 006790684 _____ C:\Users\*****\Downloads\770508600273360459.pdf
2023-07-31 18:14 - 2023-07-31 18:14 - 000000000 ____D C:\Users\*****\Downloads\waq43317
2023-07-29 19:08 - 2023-07-29 19:08 - 002940331 _____ C:\Users\*****\Downloads\1389d2b2-3af1-4ffc-8072-6d687912bc55.mp4
2023-07-28 22:31 - 2023-07-28 22:31 - 000000645 _____ C:\Users\*****\Downloads\urls-list-2023-07-28-22-31-47.txt
2023-07-28 20:59 - 2023-07-28 20:59 - 000003530 _____ C:\Windows\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2023-07-28 16:01 - 2023-07-28 16:02 - 000282301 ____R C:\Users\*****\Downloads\Overview_traditions_in_collections - pursuit Suraqa.pdf
2023-07-28 13:18 - 2023-07-28 13:18 - 000000000 ____D C:\Users\*****\Downloads\wetransfer_abbildungen_2023-07-27_2309
2023-07-28 12:21 - 2023-07-28 12:21 - 000121841 ____R C:\Users\*****\Downloads\Diagram_asanid_traditions_alBara.pdf
2023-07-27 16:35 - 2023-07-27 16:35 - 000000000 ____D C:\Users\*****\Downloads\waq116113
2023-07-27 12:14 - 2023-07-27 12:14 - 000134921 ____R C:\Users\*****\Downloads\Diagram_asanid_traditions_alZuhri.pdf
2023-07-27 10:11 - 2023-07-27 10:11 - 001562058 _____ C:\Users\*****\Downloads\FSzI_Bd_7_HC_Cover_korr_02.pdf
2023-07-27 10:11 - 2023-07-27 10:11 - 001515675 _____ C:\Users\*****\Downloads\FSzI_Bd_7_HC_Cover_korr.pdf
2023-07-27 10:11 - 2023-07-27 10:11 - 001415399 _____ C:\Users\*****\Downloads\FSzI_Bd_7_HC_Cover_korr_03.pdf
2023-07-26 21:31 - 2023-07-26 21:31 - 000001068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2023.lnk
2023-07-26 00:22 - 2023-07-26 00:22 - 000000415 _____ C:\Users\*****\Downloads\urls-list-2023-07-26-00-22-42.txt
2023-07-26 00:21 - 2023-07-26 00:21 - 000471963 _____ C:\Users\*****\Downloads\quiz-results-my-family-2023-07-25.pdf
2023-07-26 00:08 - 2023-07-26 00:08 - 000471849 _____ C:\Users\*****\Downloads\quiz-results-the-home-2023-07-25.pdf
2023-07-25 23:55 - 2023-07-25 23:55 - 000472241 _____ C:\Users\*****\Downloads\quiz-results-jih-mah-and-soh-2023-07-25.pdf
2023-07-25 23:46 - 2023-07-25 23:46 - 000468289 _____ C:\Users\*****\Downloads\quiz-results-alphabet-quiz-2023-07-25.pdf
2023-07-25 23:42 - 2023-07-25 23:42 - 000105786 _____ C:\Users\*****\Downloads\Orthography.pdf
2023-07-25 23:41 - 2023-07-25 23:41 - 000013143 _____ C:\Users\*****\Downloads\klir____.pfb
2023-07-25 23:41 - 2023-07-25 23:41 - 000009189 _____ C:\Users\*****\Downloads\klir____.afm
2023-07-25 23:41 - 2023-07-25 23:41 - 000006212 _____ C:\Users\*****\Downloads\kli_font.txt
2023-07-25 23:41 - 2023-07-25 23:41 - 000002463 _____ C:\Users\*****\Downloads\klir____.pfm
2023-07-25 23:40 - 2023-07-25 23:40 - 000024033 _____ C:\Users\*****\Downloads\klipid__.ttf
2023-07-25 23:40 - 2023-07-25 23:40 - 000019139 _____ C:\Users\*****\Downloads\kliid___.afm
2023-07-25 23:40 - 2023-07-25 23:40 - 000016413 _____ C:\Users\*****\Downloads\klir____.ttf
2023-07-25 23:40 - 2023-07-25 23:40 - 000015400 _____ C:\Users\*****\Downloads\kliid___.pfb
2023-07-25 23:40 - 2023-07-25 23:40 - 000002729 _____ C:\Users\*****\Downloads\kliid___.pfm
2023-07-25 23:28 - 2023-07-25 23:29 - 000472193 _____ C:\Users\*****\Downloads\quiz-results-basic-language-terminology-2023-07-25.pdf
2023-07-25 22:44 - 2023-07-25 22:44 - 000181779 _____ C:\Users\*****\Downloads\Membership Confirmation – Klingon Language Institute.pdf
2023-07-24 22:03 - 2023-07-24 22:03 - 003826581 _____ C:\Users\*****\Downloads\OneDrive-2023-07-24(1).zip
2023-07-24 21:59 - 2023-07-24 21:59 - 001232082 _____ C:\Users\*****\Downloads\OneDrive-2023-07-24.zip
2023-07-24 20:27 - 2023-07-24 20:27 - 000000504 _____ C:\Users\*****\Downloads\urls-list-2023-07-24-20-27-44.txt
2023-07-24 20:26 - 2023-07-24 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerFolder
2023-07-24 14:57 - 2023-07-24 14:57 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2023.lnk
2023-07-23 12:00 - 2023-07-23 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2023-07-21 23:36 - 2023-07-21 23:36 - 001027394 _____ C:\Users\*****\Downloads\Datenübersicht.pdf
2023-07-17 11:24 - 2023-07-17 11:25 - 000000000 ____D C:\Users\*****\AppData\Local\WhatsApp
2023-07-15 18:46 - 2023-07-15 18:46 - 000002120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kleopatra.lnk
2023-07-14 14:17 - 2023-07-15 11:43 - 000000000 ____D C:\Program Files\scoped_dir3820_1493974707
2023-07-12 12:39 - 2023-07-12 12:39 - 000264096 _____ (Oracle and/or its affiliates) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2023-07-12 12:39 - 2023-07-12 12:39 - 000253224 _____ (Oracle and/or its affiliates) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2023-07-12 12:05 - 2023-07-12 12:05 - 000000000 ___HD C:\$WinREAgent
2023-07-11 10:42 - 2023-07-11 10:42 - 000000000 ____D C:\Program Files\scoped_dir2380_1778905529
2023-07-10 20:00 - 2023-07-10 20:00 - 013731999 _____ C:\Users\*****\OneDrive\Documents\2f23df6b-284c-4192-b5ad-6927ff425ad4.mp4
2023-07-10 15:04 - 2023-07-10 15:04 - 000000000 ____D C:\Program Files\scoped_dir10456_1500925394
2023-07-10 13:57 - 2023-07-10 13:57 - 000000000 ____D C:\Program Files\scoped_dir724_23497490

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-09 11:49 - 2023-01-12 12:42 - 000000000 ____D C:\Users\*****\AppData\Roaming\Signal
2023-08-09 11:49 - 2022-02-10 12:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-09 11:46 - 2020-11-30 16:07 - 000000000 ____D C:\Program Files (x86)\Steam
2023-08-09 11:46 - 2020-11-30 15:52 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2023-08-09 11:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-09 11:41 - 2022-01-31 19:30 - 000000000 ____D C:\Users\*****\AppData\Roaming\PowerFolder
2023-08-09 11:39 - 2020-11-30 15:28 - 000000000 ____D C:\Users\*****
2023-08-09 11:38 - 2020-09-27 07:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-08-09 11:12 - 2023-05-18 13:33 - 000000000 ____D C:\Users\*****\AppData\Local\Malwarebytes
2023-08-08 11:22 - 2022-05-03 11:46 - 000001688 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2023-08-08 11:22 - 2021-05-28 19:26 - 000000000 ___RD C:\Users\*****\Creative Cloud Files
2023-08-08 11:13 - 2020-11-30 15:44 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-08 11:13 - 2020-11-30 15:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-08 11:11 - 2023-05-02 10:59 - 000000000 ____D C:\Users\*****\AppData\Roaming\SyncTrayzor
2023-08-08 11:11 - 2020-11-30 17:47 - 000000000 __SHD C:\Users\*****\IntelGraphicsProfiles
2023-08-08 11:06 - 2020-12-01 13:32 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Word
2023-08-08 11:06 - 2020-11-30 17:46 - 000000000 ____D C:\Users\*****\AppData\Local\Everything
2023-08-08 11:06 - 2020-11-30 16:25 - 000000000 ____D C:\Users\*****\AppData\Roaming\Everything
2023-08-08 10:25 - 2019-12-07 16:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-08-08 03:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Registration
2023-08-07 11:42 - 2022-09-09 17:30 - 000000000 ____D C:\Users\*****\AppData\Roaming\Telegram Desktop
2023-08-07 11:42 - 2022-09-09 17:30 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2023-08-07 11:42 - 2021-07-16 21:07 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LINE
2023-08-07 11:42 - 2020-12-01 14:30 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2023-08-07 11:41 - 2023-05-12 16:59 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2023-08-07 11:41 - 2023-05-12 16:59 - 000000000 ____D C:\Program Files\Chromium
2023-08-07 11:39 - 2020-11-30 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2023-08-07 11:39 - 2020-11-30 16:17 - 000000000 ____D C:\Program Files\Calibre2
2023-08-07 11:17 - 2021-01-15 12:27 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Skype for Desktop
2023-08-07 11:16 - 2020-11-30 15:28 - 000000000 ___SD C:\Users\*****\AppData\Roaming\Microsoft\Credentials
2023-08-06 21:45 - 2020-12-08 14:42 - 000000000 ____D C:\Users\*****\AppData\Roaming\.emacs.d
2023-08-06 19:03 - 2023-01-10 18:24 - 000479500 _____ C:\Windows\system32\perfh011.dat
2023-08-06 19:03 - 2023-01-10 18:24 - 000133362 _____ C:\Windows\system32\perfc011.dat
2023-08-06 19:03 - 2021-12-19 01:56 - 000000000 ____D C:\Windows\SystemTemp
2023-08-06 19:03 - 2020-12-01 14:27 - 000550068 _____ C:\Windows\system32\perfh008.dat
2023-08-06 19:03 - 2020-12-01 14:27 - 000091078 _____ C:\Windows\system32\perfc008.dat
2023-08-06 19:03 - 2020-11-30 15:31 - 002984860 _____ C:\Windows\system32\PerfStringBackup.INI
2023-08-06 19:03 - 2019-12-07 16:50 - 000739866 _____ C:\Windows\system32\perfh007.dat
2023-08-06 19:03 - 2019-12-07 16:50 - 000152130 _____ C:\Windows\system32\perfc007.dat
2023-08-06 19:03 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-08-06 18:57 - 2020-09-27 09:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-08-06 18:57 - 2020-09-27 07:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-06 18:57 - 2020-04-30 09:36 - 000000000 ___HD C:\Intel
2023-08-06 18:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-08-06 18:56 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2023-08-06 18:34 - 2023-05-09 14:03 - 000000000 ____D C:\Users\*****\Transfer
2023-08-06 18:15 - 2020-09-27 07:50 - 000556352 _____ C:\Windows\system32\FNTCACHE.DAT
2023-08-06 13:40 - 2020-12-01 16:42 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2023-08-06 13:38 - 2022-08-04 10:58 - 000000000 ____D C:\Users\*****\AppData\Roaming\com.adobe.dunamis
2023-08-06 13:38 - 2020-11-30 15:34 - 000000000 ____D C:\Users\*****\OneDrive\Documents\Adobe
2023-08-05 01:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-05 01:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-08-04 14:24 - 2020-12-02 17:33 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2023-08-03 23:34 - 2020-12-03 18:00 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Adobe
2023-08-03 12:45 - 2020-12-01 16:42 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-08-03 12:45 - 2020-12-01 16:42 - 000000000 ____D C:\Program Files\Adobe
2023-08-02 15:57 - 2020-11-30 16:08 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-08-02 12:32 - 2020-12-01 13:17 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-02 12:18 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-08-02 10:25 - 2020-11-30 16:25 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-02 10:24 - 2020-11-30 16:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-08-02 10:24 - 2020-11-30 16:24 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-02 10:23 - 2023-06-07 22:34 - 000000000 ____D C:\ProgramData\ChocolateyHttpCache
2023-08-02 10:23 - 2020-11-30 15:40 - 000000000 ____D C:\ProgramData\chocolatey
2023-08-01 11:22 - 2021-08-24 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-07-30 13:19 - 2021-04-07 14:01 - 000000000 ____D C:\Users\*****\AppData\Local\T2GP Launcher
2023-07-30 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-07-29 21:15 - 2022-08-21 22:12 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2023-07-29 11:27 - 2020-09-27 09:53 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-29 11:26 - 2022-08-21 22:37 - 000000445 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2023-07-28 22:32 - 2020-12-01 13:32 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Office
2023-07-28 20:59 - 2020-12-01 16:46 - 000003506 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2023-07-27 17:32 - 2020-11-30 17:40 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-07-27 09:42 - 2023-05-02 11:00 - 000000000 ____D C:\Users\*****\AppData\Local\Syncthing
2023-07-26 23:09 - 2020-12-18 11:00 - 000000000 ____D C:\Windows\Minidump
2023-07-25 09:59 - 2020-11-30 15:31 - 000000000 ____D C:\Users\*****\AppData\Local\Packages
2023-07-25 09:45 - 2021-04-14 23:13 - 000000000 ____D C:\Program Files\Zoom
2023-07-25 09:43 - 2020-12-01 13:22 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pandoc
2023-07-25 09:43 - 2020-12-01 13:22 - 000000000 ____D C:\Users\*****\AppData\Local\Pandoc
2023-07-25 08:08 - 2020-09-27 09:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-07-24 15:21 - 2020-12-03 13:11 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Excel
2023-07-24 14:57 - 2020-11-30 15:31 - 000000000 ____D C:\Users\*****\AppData\Roaming\Adobe
2023-07-23 11:57 - 2022-02-06 23:20 - 000001245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenRefine.lnk
2023-07-21 17:45 - 2020-11-30 15:34 - 000000000 ___SD C:\Users\*****\OneDrive\Documents\Privat
2023-07-21 17:36 - 2021-03-17 16:40 - 000000000 ____D C:\Users\*****\Downloads\URLs
2023-07-21 14:13 - 2020-11-30 15:34 - 000000000 ___SD C:\Users\*****\OneDrive\Documents\Current_Projects
2023-07-18 11:55 - 2021-10-14 15:49 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2023-07-17 11:25 - 2021-10-14 15:49 - 000000000 ____D C:\Users\*****\AppData\Roaming\WhatsApp
2023-07-17 11:25 - 2020-12-01 11:42 - 000000000 ____D C:\Users\*****\AppData\Local\SquirrelTemp
2023-07-15 18:46 - 2022-10-29 23:19 - 000000000 ____D C:\Program Files (x86)\Gpg4win
2023-07-15 18:46 - 2022-10-29 23:19 - 000000000 ____D C:\Program Files (x86)\GnuPG
2023-07-13 03:41 - 2022-08-19 22:23 - 000000000 ____D C:\Windows\system32\lxss
2023-07-13 03:41 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-07-13 03:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-07-13 03:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-07-13 03:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-07-13 03:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-07-13 03:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-07-13 03:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-07-12 14:23 - 2020-09-27 09:53 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-07-12 12:39 - 2023-04-20 09:39 - 000202784 _____ (Oracle and/or its affiliates) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2023-07-12 12:39 - 2023-04-20 09:38 - 001062048 _____ (Oracle and/or its affiliates) C:\Windows\system32\Drivers\VBoxSup.sys
2023-07-12 12:04 - 2021-12-08 16:20 - 000000000 ____D C:\Program Files\dotnet
2023-07-12 12:04 - 2020-11-30 15:46 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-12 12:03 - 2021-12-08 16:20 - 000000000 ____D C:\Program Files (x86)\dotnet
2023-07-12 12:00 - 2020-12-16 12:33 - 000000000 ____D C:\Windows\system32\MRT
2023-07-12 11:55 - 2020-12-16 12:33 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-12 11:43 - 2022-10-14 12:04 - 000002118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-07-12 11:43 - 2022-10-14 12:04 - 000002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-11 20:07 - 2020-09-27 09:52 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-11 20:07 - 2020-09-27 09:52 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2020-12-01 23:42 - 2020-12-01 23:42 - 000000000 _____ () C:\Users\*****\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================