Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2021
Ran by Jaroslak W10 (administrator) on DESKTOP-14SLUCN (Gigabyte Technology Co., Ltd. Z490 AORUS ELITE AC) (07-10-2021 15:14:45)
Running from C:\Users\Jaroslak W10\Downloads
Loaded Profiles: Jaroslak W10
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe <2>
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
(Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371814.inf_amd64_839416aaebad6c82\B371818\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371814.inf_amd64_839416aaebad6c82\B371818\atiesrxx.exe
(Ascora GmbH -> ) C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
(Ascora GmbH -> ) C:\ProgramData\Abelssoft\AntiRansomware\Program\ARWWatcherService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\ArmouryLiveUpdate.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ROG Armoury\MacroAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ROG Armoury\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\LiveUpdateSyncCheck.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Armoury\Protocol\AudioLEDControl\ledcontrolservice3.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ROG Armoury\Tools\Mutually Exclusive AURA Agent.exe
(A-Volute -> NahimicAPI) C:\Program Files\NahimicAPI\NahimicAPISvc64.exe
(A-Volute -> NahimicAPI) C:\Program Files\NahimicAPI\x86\NahimicAPISvc32.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\Launch.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Gigabyte Technology CO.) C:\Program Files\GIGABYTE\Smart Backup\RPMDaemon.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_e43ec0fd38c7d43c\RstMwService.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFCore.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(IObit CO., LTD -> IObit) C:\Users\Jaroslak W10\AppData\Local\Temp\IMF8_BigUpgrade\IMFBigUpgrade1.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PubPlatform.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(KYE) [File not signed] C:\Program Files (x86)\Genius\Manticore\MTHid.exe
(Lespeed Technology Co., Ltd -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
(Lespeed Technology Co., Ltd -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jaroslak W10\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jaroslak W10\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21084.77.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ORANGE VIEW LIMITED -> iTop Inc.) C:\Program Files (x86)\iFun Screen Recorder\iScrRec.exe
(ORANGE VIEW LIMITED -> iTop Inc.) C:\Program Files (x86)\iTop Screenshot\iScrShot.exe
(ORANGE VIEW LIMITED -> iTop Inc.) C:\Program Files (x86)\iTop VPN\iTopVPN.exe
(ORANGE VIEW LIMITED -> iTop Inc.) C:\Program Files (x86)\iTop VPN\iTopVPNMini.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) E:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) F:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe [1220312 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Asus Headset Svc64] => C:\Program Files\NahimicAPI\NahimicAPISvc64.exe [744320 2020-03-23] (A-Volute -> NahimicAPI)
HKLM\...\Run: [Asus Headset Svc32] => C:\Program Files\NahimicAPI\x86\NahimicAPISvc32.exe [583552 2020-03-23] (A-Volute -> NahimicAPI)
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Genius\Manticore\MThid.exe [293376 2013-10-29] (KYE) [File not signed]
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => E:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [868328 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6932176 2021-08-27] (IObit CO., LTD -> IObit)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>) [File not signed]
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-21-2775533619-830361710-3132715996-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-04-17] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2775533619-830361710-3132715996-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-09-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2775533619-830361710-3132715996-1001\...\Run: [Steam] => f:\Program Files (x86)\Steam\steam.exe [4282600 2021-09-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-2775533619-830361710-3132715996-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2775533619-830361710-3132715996-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10484392 2021-07-01] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2775533619-830361710-3132715996-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2775533619-830361710-3132715996-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jarok\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2775533619-830361710-3132715996-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jarok\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2775533619-830361710-3132715996-1004\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jarok\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64"
HKU\S-1-5-21-2775533619-830361710-3132715996-1004\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jarok\AppData\Local\Microsoft\OneDrive\21.062.0328.0001"
HKU\S-1-5-21-2775533619-830361710-3132715996-1004\...\MountPoints2: {298884b0-664e-11eb-885e-806e6f6e6963} - "G:\startdvd.exe" 
HKU\S-1-5-21-2775533619-830361710-3132715996-1008\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\kosma\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2775533619-830361710-3132715996-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\kosma\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2775533619-830361710-3132715996-1008\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kosma\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64"
HKU\S-1-5-21-2775533619-830361710-3132715996-1008\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kosma\AppData\Local\Microsoft\OneDrive\21.062.0328.0001"
HKU\S-1-5-21-2775533619-830361710-3132715996-1008\...\MountPoints2: {298884b0-664e-11eb-885e-806e6f6e6963} - "G:\startdvd.exe" 
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Perfect PDF 9 Premium Print Processor: C:\Windows\System32\spool\prtprocs\x64\sx_p9_p.dll [264136 2021-05-03] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\WINDOWS\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
Startup: C:\Users\Jaroslak W10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2021-02-07]
ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Startup: C:\Users\Jaroslak W10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-05-02]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07163770-F55A-43DE-817C-8C75C83ACECC} - System32\Tasks\iTop Screenshot Update => C:\Program Files (x86)\iTop Screenshot\AutoUpdate.exe [2800640 2021-07-21] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {07798A3C-FBBA-42E1-A455-4DC2E405948A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {11A00D5F-9184-47FC-8643-AE8085CB7161} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [6768984 2021-03-03] (Lespeed Technology Co., Ltd -> wisecleaner.com)
Task: {2936EF95-78FF-44E5-9891-C9FB2365E4B6} - System32\Tasks\ASUS\ArmouryLiveUpdate => C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\ArmouryLiveUpdate.exe [1462760 2020-03-31] (ASUSTeK Computer Inc. -> )
Task: {2A85615A-B26C-4F89-BB73-FE27014858B8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [269272 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3828CCCB-C98B-4DFB-BABA-3C5F2FC5FD46} - System32\Tasks\iTop Screen Recorder Startup => C:\Program Files (x86)\iFun Screen Recorder\IScrRec.exe [7315456 2021-07-26] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {3D2AA631-DD05-4EF4-AE36-00D69A9616E8} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4532248 2021-07-28] (IObit CO., LTD -> IObit)
Task: {4049E227-B975-497F-8992-8C6AA7D4F262} - System32\Tasks\Abelssoft\Abelssoft AntiRansomware_82 => e:\Program Files (x86)\ErpresservirenStopper\AbLauncher.exe [19248 2020-10-30] (Ascora GmbH -> )
Task: {4B31D836-F46E-41A0-85EE-4B1B33D2F866} - System32\Tasks\iTop Screenshot Startup => C:\Program Files (x86)\iTop Screenshot\iScrShot.exe [7622656 2021-07-21] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {4C5EBED7-C80E-4ED2-8286-56544189F036} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [45540760 2021-01-13] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {527954F0-AC6E-4785-B287-17A5B82B03AD} - System32\Tasks\iTop Screen Recorder Update => C:\Program Files (x86)\iFun Screen Recorder\AutoUpdate.exe [2815488 2021-07-01] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {53D97C27-A413-4928-ABDF-2DED14EFF534} - System32\Tasks\IMF_SkipUAC_Jaroslak W10 => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6932176 2021-08-27] (IObit CO., LTD -> IObit)
Task: {543B0E51-642F-4021-8B1F-8DFE2AD6B781} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-16] (Google LLC -> Google LLC)
Task: {5763B3F6-C1A6-476B-8EA8-FE67F0ABCBD1} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [233184 2020-12-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {5905C11F-38C5-4D6B-8FAA-DDBE58D61E4E} - System32\Tasks\iTop Screen Recorder SkipUAC (Jaroslak W10) => C:\Program Files (x86)\iFun Screen Recorder\IScrRec.exe [7315456 2021-07-26] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {5C373F4C-BE82-47B4-BCA8-E5BE2927B25A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110432 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F9142CC-AD65-483E-84B4-56F43D4E2247} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1794584 2021-04-14] (IObit CO., LTD -> IObit) <==== ATTENTION
Task: {633BFC9A-A47D-4BF8-B162-7D5C022929A7} - System32\Tasks\Driver Booster SkipUAC (Jaroslak W10) => C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe [8335896 2021-09-03] (IObit CO., LTD -> IObit)
Task: {64231F8C-2E3E-4AC1-8F37-2ABAFE07F54C} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [252984 2021-01-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {66082260-6A58-4668-AB6F-D6F8FDB24FF8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {67294774-87CD-4052-8F29-128CC4302307} - System32\Tasks\iTopVPN_SkipUAC_Jaroslak W10 => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [5808128 2021-08-17] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {68B49E55-DAA1-4E36-952D-48B6F9E98B22} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {6A1A1B93-9168-4017-A87B-A09419EB11A7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110432 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A26FE3F-8351-4D1F-A3E1-A267302DE107} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [387992 2021-01-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {6C334BF0-C243-4F67-B2CC-074AB86334F3} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {6CE2FE96-837B-4E86-9DCC-DB28696CFE4B} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [622040 2021-06-17] (Advanced Micro Devices Inc. -> AMD)
Task: {70119299-1CEE-4F59-BC7B-527F9398FFA3} - System32\Tasks\iTop Screen Recorder UAC => C:\Program Files (x86)\iFun Screen Recorder\iScrInit.exe [952832 2021-07-16] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {74FE452D-0A22-4E1F-BB0C-DB1306EA7EC9} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [15768 2021-01-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {7A485907-6A45-42D3-94EB-A2D0CFE1C438} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\8.7.0\AutoUpdate.exe [2285592 2021-09-03] (IObit CO., LTD -> IObit)
Task: {7BA1C679-C26C-4BFC-B1A4-E741CDE518AE} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {7DD37AE2-1E59-40EF-93B6-373764482E51} - System32\Tasks\ASUS\ledcontrolservice3 => C:\Program Files (x86)\ASUS\ROG Armoury\Protocol\AudioLEDControl\ledcontrolservice3.exe [2557744 2020-01-08] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {84C6A650-3AF6-4D18-95AB-D705582B0D2E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {873B03F5-B2F4-488D-9FB0-F2D89C992B5E} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [33937464 2021-02-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {8CC54814-7148-4101-8B28-7ABA9F86AC48} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {9182546F-73E9-45FE-A426-1740B2B36989} - System32\Tasks\iTopVPN_Scheduler_Jaroslak W10 => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [5808128 2021-08-17] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {93879DE0-99C5-4FC0-8290-20CC79C65A7D} - System32\Tasks\CCleanerSkipUAC - Jaroslak W10 => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {98336519-D1BF-48BB-B3E9-8D4951B052CE} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [18328 2021-01-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {99BBC9C9-EC16-4EEE-A267-59DD144953C9} - System32\Tasks\ASUS\P508PowerAgent => C:\Program Files (x86)\ASUS\ROG Armoury\Mouse\ROG STRIX CARRY\P508PowerAgent.exe [51120 2019-11-01] (ASUSTeK Computer Inc. -> )
Task: {9CF08BE0-7709-42B9-B85D-7C56A9494CEF} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-06-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A2D4FAD7-2380-4D14-AA72-2CBBE4AF811D} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2025488 2021-01-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {A64E2AC9-B6B4-4E8C-B359-86A10B04204D} - System32\Tasks\Software Updater SkipUAC(Jaroslak W10) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4532248 2021-07-28] (IObit CO., LTD -> IObit) <==== ATTENTION
Task: {A9E16025-1B66-4B94-9029-016E7A85B7A9} - System32\Tasks\iTopVPN_Update_Jaroslak W10 => C:\Program Files (x86)\iTop VPN\atud.exe [2956800 2021-08-12] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {A9FF7A8C-DFC1-44E1-A5C4-5E0591BE8938} - System32\Tasks\ASUS\MacroAgent => C:\Program Files (x86)\ASUS\ROG Armoury\MacroAgent.exe [77960 2020-03-31] (ASUSTeK Computer Inc. -> )
Task: {ACA563E8-CD66-43F4-8300-9571F83208CA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {B4489D32-6538-4073-9585-B1F696D6B3DF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {B82D35C6-C5FE-4DEC-9818-7F83BCDC2BDB} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [6902576 2021-07-16] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {C174CD4E-FE97-43B4-8B92-A86EBA8A17CD} - System32\Tasks\ASCU_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [3292624 2021-01-14] (IObit Information Technology -> IObit)
Task: {CC29CAD0-B84A-40F3-96C4-EE52CE0DA858} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-06-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {CD1F4ED5-CC1D-4BDC-BEC3-4C15EE2E7A93} - System32\Tasks\NahimicAPISvc32Run => C:\Program Files\NahimicAPI\x86\NahimicAPISvc32.exe [583552 2020-03-23] (A-Volute -> NahimicAPI)
Task: {D4FC91EF-10A4-49FB-970A-14F38311ED2C} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\8.7.0\Scheduler.exe [156696 2021-08-06] (IObit CO., LTD -> IObit)
Task: {D7349301-5EB0-43E3-8C9D-A75A04052776} - System32\Tasks\NahimicAPISvc64Run => C:\Program Files\NahimicAPI\NahimicAPISvc64.exe [744320 2020-03-23] (A-Volute -> NahimicAPI)
Task: {DCAB65AF-1523-41B4-90EB-83876CB5AF10} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-16] (Google LLC -> Google LLC)
Task: {DD80C0E5-FC8E-4BF2-8B12-09D8D712842E} - System32\Tasks\Uninstaller_SkipUac_Jaroslak_W10 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6705688 2021-04-08] (IObit CO., LTD -> IObit)
Task: {E24828DF-21B6-4E49-B48A-321CB3FDC031} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1126872 2021-06-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {EB2C0ACB-C151-4484-ABEA-8323188099BC} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d6fe77fb115b98 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [163176 2021-02-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {EFA4B7F2-6629-41A6-B10A-4CFFB3AAB966} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [163176 2021-02-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F9DAF714-6F9B-4F7E-AB68-8E1E75D6461C} - System32\Tasks\iTop Screenshot SkipUAC (Jaroslak W10) => C:\Program Files (x86)\iTop Screenshot\iScrShot.exe [7622656 2021-07-21] (ORANGE VIEW LIMITED -> iTop Inc.)
Task: {FE4285EB-04B1-4D99-BEC3-C2703B8CE72A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-06-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{56087f3d-3fdd-40c9-a5dc-b9211e2687e1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cefab0fe-28e1-47aa-808f-0c9c7aa5e46c}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jaroslak W10\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-07]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Jaroslak W10\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-28]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: yjp2rqwn.default
FF ProfilePath: C:\Users\Jaroslak W10\AppData\Roaming\Mozilla\Firefox\Profiles\05ewzbfw.default-release-1 [2021-10-06]
FF user.js: detected! => C:\Users\Jaroslak W10\AppData\Roaming\Mozilla\Firefox\Profiles\05ewzbfw.default-release-1\user.js [2021-04-07]
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Jaroslak W10\AppData\Roaming\Mozilla\Firefox\Profiles\05ewzbfw.default-release-1\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2021-01-12]
FF ProfilePath: C:\Users\Jaroslak W10\AppData\Roaming\Mozilla\Firefox\Profiles\yjp2rqwn.default [2021-08-09]
FF user.js: detected! => C:\Users\Jaroslak W10\AppData\Roaming\Mozilla\Firefox\Profiles\yjp2rqwn.default\user.js [2021-04-07]
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Jaroslak W10\AppData\Roaming\Mozilla\Firefox\Profiles\yjp2rqwn.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2021-01-12]
FF ProfilePath: C:\Users\Jaroslak W10\AppData\Roaming\Mozilla\Firefox\Profiles\2fdrg39k.default-release [2021-10-07]
FF user.js: detected! => C:\Users\Jaroslak W10\AppData\Roaming\Mozilla\Firefox\Profiles\2fdrg39k.default-release\user.js [2021-04-07]
FF Session Restore: Mozilla\Firefox\Profiles\2fdrg39k.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\2fdrg39k.default-release -> hxxps://geek.wish.com; hxxps://www.wish.com; hxxps://www.chip.cz; hxxps://www.ashampoo.com; hxxps://aukro.cz
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Jaroslak W10\AppData\Roaming\Mozilla\Firefox\Profiles\2fdrg39k.default-release\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2021-01-12]
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [344184 2021-01-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 ARWWatcherService; C:\ProgramData\Abelssoft\AntiRansomware\Program\ARWWatcherService.exe [24296 2021-03-24] (Ascora GmbH -> )
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [163176 2021-02-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2020-12-17] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [163176 2021-02-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [510936 2021-06-17] (Advanced Micro Devices Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142904 2021-02-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed]
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128920 2021-01-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2405136 2021-08-31] (IObit Information Technology -> IObit)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-10-19] (IObit Information Technology -> IObit)
R3 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10605472 2021-04-17] (Logitech Inc -> Logitech, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3053656 2021-01-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125664 2020-12-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 PMBDeviceInfoProvider; E:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [5463128 2021-01-18] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234824 2021-05-03] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
S2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [662472 2020-12-04] (Lespeed Technology Co., Ltd -> WiseCleaner.com)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [40512 2021-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0371814.inf_amd64_839416aaebad6c82\B371818\amdkmdag.sys [80473592 2021-09-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-05-02] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43920 2020-12-17] (ASUSTeK Computer Inc. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 etocdrv; C:\WINDOWS\etocdrv.sys [15584 2013-10-31] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Giga-Byte Technology CO., LTD.)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2021-02-04] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv3; C:\WINDOWS\gdrv3.sys [36352 2021-05-07] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R2 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [176112 2020-10-23] (Bitdefender SRL -> BitDefender LLC)
R3 Imf8HpRegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2019-12-17] (IObit Information Technology -> IObit)
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [42360 2019-07-30] (IObit Information Technology -> IObit)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [40920 2021-07-30] (IObit CO., LTD -> IObit)
R3 IMFEFSFileControl; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [40824 2019-08-13] (IObit Information Technology -> IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34192 2019-06-11] (IObit Information Technology -> IObit)
R3 ImfHpFileFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2019-12-17] (IObit Information Technology -> IObit)
R3 ImfObCallback; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfObCallback.sys [33984 2020-03-12] (IObit Information Technology -> IObit)
R3 ImfRealScanner; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRealScanner.sys [53720 2021-08-13] (IObit CO., LTD -> IObit)
R3 ImfRegistryFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRegistryFilter.sys [42360 2019-12-17] (IObit Information Technology -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-04-17] (Logitech Inc -> Logitech)
R3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [43856 2021-03-24] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-24] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-24] (Logitech Inc -> Logitech)
U1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 Trufos; C:\WINDOWS\System32\DRIVERS\TRUFOS.sys [439928 2020-10-23] (Bitdefender SRL -> BitDefender S.R.L.)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [51272 2021-06-13] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com)
U3 avgbdisk; no ImagePath
S3 igfx; \SystemRoot\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_65f8df980f884228\igdkmd64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-07 15:14 - 2021-10-07 15:15 - 000043863 _____ C:\Users\Jaroslak W10\Downloads\FRST.txt
2021-10-07 15:14 - 2021-10-07 15:14 - 002308096 _____ (Farbar) C:\Users\Jaroslak W10\Downloads\FRST64.exe
2021-10-07 14:54 - 2021-10-07 14:54 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-10-07 14:54 - 2021-10-07 14:54 - 000003092 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-10-07 00:14 - 2021-10-07 00:16 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Local\com.n3vgames.trs19
2021-10-07 00:14 - 2021-10-07 00:14 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Local\N3V Games
2021-10-06 19:52 - 2021-10-06 19:52 - 000001433 _____ C:\Users\Jaroslak W10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-06 19:51 - 2021-10-06 19:51 - 014221312 _____ C:\Users\Jaroslak W10\Downloads\WindowsPCHealthCheckSetup(1).msi
2021-10-06 19:15 - 2021-10-06 19:52 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Local\PCHealthCheck
2021-10-06 19:14 - 2021-10-06 19:14 - 014221312 _____ C:\Users\Jaroslak W10\Downloads\WindowsPCHealthCheckSetup.msi
2021-10-06 19:13 - 2021-10-06 19:13 - 000331752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-04 11:43 - 2021-10-04 11:43 - 000024418 _____ C:\Users\Jaroslak W10\OneDrive\Dokumenty\Samolepky.xlsx
2021-10-03 16:02 - 2021-10-03 16:02 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2021-10-03 16:02 - 2021-10-03 16:02 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2021-10-01 23:55 - 2021-10-01 23:55 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-29 03:45 - 2021-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-09-28 23:02 - 2021-10-06 19:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-28 00:27 - 2021-09-28 00:27 - 084046336 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 069809168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 069085184 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 001869320 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-28 00:27 - 2021-09-28 00:27 - 001869320 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-09-28 00:27 - 2021-09-28 00:27 - 001848312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 001689400 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 001537008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 001448952 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-28 00:27 - 2021-09-28 00:27 - 001448952 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-09-28 00:27 - 2021-09-28 00:27 - 001395192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 001395192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 001368248 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 001107192 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 001107192 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000959872 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000959872 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000942072 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000797176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000769552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000674296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000557576 _____ C:\WINDOWS\system32\GameManager64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000557576 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000535544 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000500752 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-09-28 00:27 - 2021-09-28 00:27 - 000491536 _____ C:\WINDOWS\system32\EEURestart.exe
2021-09-28 00:27 - 2021-09-28 00:27 - 000468984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000420872 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000418824 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000344072 _____ C:\WINDOWS\system32\clinfo.exe
2021-09-28 00:27 - 2021-09-28 00:27 - 000260600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000219640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000202672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000201744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000193432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000181264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000178672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000170248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000166904 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000157352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000150072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000142864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000141320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000139728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000139704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000139256 _____ C:\WINDOWS\system32\atidxx64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000137720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000133632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000125600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000113656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000113136 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000111080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000111064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000110080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000091128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000075768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000070640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000047112 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000044016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000019936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-09-28 00:27 - 2021-09-28 00:27 - 000019936 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-09-28 00:26 - 2021-09-28 00:26 - 058279064 _____ C:\WINDOWS\system32\amdxc64.so
2021-09-28 00:26 - 2021-09-28 00:26 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-09-28 00:26 - 2021-09-28 00:26 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-09-28 00:26 - 2021-09-28 00:26 - 000846328 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-09-28 00:26 - 2021-09-28 00:26 - 000562656 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-09-28 00:26 - 2021-09-28 00:26 - 000562656 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-09-28 00:26 - 2021-09-28 00:26 - 000524792 _____ C:\WINDOWS\system32\atieah64.exe
2021-09-28 00:26 - 2021-09-28 00:26 - 000466936 _____ C:\WINDOWS\system32\amdlogum.exe
2021-09-28 00:26 - 2021-09-28 00:26 - 000393208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-09-28 00:25 - 2021-09-28 00:25 - 000246200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2021-09-25 23:17 - 2021-09-25 23:17 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2775533619-830361710-3132715996-1001
2021-09-25 23:17 - 2021-09-25 23:17 - 000002443 _____ C:\Users\Jaroslak W10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-17 20:47 - 2021-09-17 20:47 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-16 19:31 - 2021-09-16 19:31 - 000000000 ____D C:\ProgramData\NCH Software
2021-09-16 19:22 - 2021-09-16 19:22 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-16 19:22 - 2021-09-16 19:22 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-16 19:22 - 2021-09-16 19:22 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-16 19:22 - 2021-09-16 19:22 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-16 19:22 - 2021-09-16 19:22 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-16 19:22 - 2021-09-16 19:22 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-16 19:21 - 2021-09-16 19:21 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-16 19:21 - 2021-09-16 19:21 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-16 19:21 - 2021-09-16 19:21 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-16 19:21 - 2021-09-16 19:21 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-16 19:21 - 2021-09-16 19:21 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-16 19:21 - 2021-09-16 19:21 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 19:21 - 2021-09-16 19:21 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-16 19:21 - 2021-09-16 19:21 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-16 19:21 - 2021-09-16 19:21 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-16 19:21 - 2021-09-16 19:21 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-16 19:21 - 2021-09-16 19:21 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-16 19:21 - 2021-09-16 19:21 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 19:21 - 2021-09-16 19:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-16 19:21 - 2021-09-16 19:21 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-16 19:21 - 2021-09-16 19:21 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-16 19:17 - 2021-09-16 19:17 - 000000000 ___HD C:\$WinREAgent
2021-09-16 02:32 - 2021-09-16 02:32 - 000541263 _____ C:\Users\Jaroslak W10\OneDrive\Dokumenty\IMG_20210916_0002.pdf
2021-09-16 02:20 - 2021-09-16 02:20 - 000542974 _____ C:\Users\Jaroslak W10\OneDrive\Dokumenty\IMG_20210916_0001.pdf
2021-09-16 02:10 - 2021-09-16 02:10 - 000441691 _____ C:\Users\Jaroslak W10\OneDrive\Dokumenty\cddvd.pdf
2021-09-16 02:10 - 2021-09-16 02:10 - 000000000 ____D C:\Users\Jaroslak W10\AppData\LocalLow\Temp
2021-09-16 02:00 - 2021-09-16 02:00 - 000000000 ____D C:\ProgramData\{150F4013-6884-4350-8DDC-6BFCB4C5DC15}
2021-09-16 01:51 - 2021-09-16 01:51 - 000239360 _____ C:\Users\Jaroslak W10\OneDrive\Dokumenty\dvd.pdf
2021-09-16 01:44 - 2021-09-16 01:44 - 000239445 _____ C:\Users\Jaroslak W10\OneDrive\Dokumenty\dvd_cd.pdf
2021-09-15 22:44 - 2021-09-16 01:45 - 000000000 ____D C:\Users\Jaroslak W10\Downloads\Šablony
2021-09-15 22:08 - 2021-09-15 22:09 - 2043281408 _____ C:\Users\Jaroslak W10\Downloads\CHIPDVD_0921.iso
2021-09-15 22:05 - 2021-09-15 22:05 - 000000412 __RSH C:\ProgramData\ntuser.pol
2021-09-15 22:05 - 2021-09-15 22:05 - 000000000 ____D C:\Users\Jaroslak W10\Downloads\avira-rescue-system
2021-09-15 22:02 - 2021-09-15 22:02 - 001181752 _____ (Akeo Consulting) C:\Users\Jaroslak W10\Downloads\rufus-3.15p.exe
2021-09-15 22:02 - 2021-09-15 22:02 - 000000067 _____ C:\Users\Jaroslak W10\Downloads\rufus.ini
2021-09-15 21:59 - 2021-09-15 22:00 - 1400344576 _____ C:\Users\Jaroslak W10\Downloads\avira-rescue-system.iso
2021-09-15 21:53 - 2020-07-31 18:47 - 000000231 ____N C:\Users\Jaroslak W10\Downloads\README.diskdefines
2021-09-15 21:23 - 2021-09-15 21:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-15 21:19 - 2021-09-15 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2021-09-15 21:18 - 2021-09-15 21:18 - 065435624 _____ (IObit ) C:\Users\Jaroslak W10\Downloads\IObit-Malware-Fighter-Setup(1).exe
2021-09-15 21:10 - 2021-09-15 21:10 - 023723944 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Jaroslak W10\Downloads\winoptimizer18_chip_full.exe
2021-09-13 23:12 - 2021-09-13 23:12 - 000003220 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler
2021-09-13 23:12 - 2021-09-13 23:12 - 000003206 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2021-09-13 23:12 - 2021-09-13 23:12 - 000002994 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Jaroslak W10)
2021-09-13 23:12 - 2021-09-13 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8
2021-09-13 23:02 - 2021-09-13 23:02 - 027097880 _____ (IObit ) C:\Users\Jaroslak W10\Downloads\driver_booster_setup(2).exe
2021-09-12 00:18 - 2021-09-12 00:18 - 005786192 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2021-09-12 00:18 - 2021-09-12 00:18 - 000500792 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2021-09-12 00:18 - 2021-09-12 00:18 - 000352848 _____ (Intel Corporation) C:\WINDOWS\system32\ibtsiva.exe
2021-09-12 00:17 - 2021-09-12 00:17 - 045554408 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2021-09-12 00:17 - 2021-09-12 00:17 - 005336144 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2021-09-12 00:17 - 2021-09-12 00:17 - 001518160 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-07 15:14 - 2021-02-09 23:03 - 000000000 ____D C:\FRST
2021-10-07 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-07 15:03 - 2021-04-23 23:01 - 000000000 ____D C:\Program Files\CCleaner
2021-10-07 15:03 - 2021-02-21 01:17 - 000004224 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FA5A1FBF-86CD-43C1-9B3E-2F1EA397E10D}
2021-10-07 15:01 - 2021-05-14 01:41 - 000760776 _____ C:\WINDOWS\system32\perfh019.dat
2021-10-07 15:01 - 2021-05-14 01:41 - 000151484 _____ C:\WINDOWS\system32\perfc019.dat
2021-10-07 15:01 - 2020-11-19 01:55 - 002606070 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-07 15:01 - 2019-12-07 16:43 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-07 15:01 - 2019-12-07 16:43 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-07 15:01 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-07 15:00 - 2021-07-17 21:46 - 000000000 ____D C:\Program Files (x86)\iTop VPN
2021-10-07 14:56 - 2021-03-16 18:35 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-07 14:56 - 2021-02-03 20:51 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-07 14:55 - 2021-07-14 22:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Abelssoft
2021-10-07 14:55 - 2021-06-13 20:43 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Roaming\Wise Care 365
2021-10-07 14:55 - 2021-02-04 03:25 - 000000000 ___RD C:\Users\Jaroslak W10\OneDrive
2021-10-07 14:55 - 2021-02-03 20:51 - 000000000 ____D C:\Users\Jaroslak W10\AppData\LocalLow\Mozilla
2021-10-07 14:54 - 2021-04-23 23:25 - 000000000 ____D C:\Intel
2021-10-07 14:54 - 2021-02-21 01:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-07 14:54 - 2021-02-09 02:10 - 000000000 ____D C:\Program Files\NahimicAPI
2021-10-07 14:54 - 2021-02-07 02:59 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Roaming\LGHUB
2021-10-07 14:54 - 2021-02-07 02:59 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Local\LGHUB
2021-10-07 14:54 - 2021-02-03 20:33 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-10-07 14:54 - 2020-11-19 01:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-07 14:54 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-10-07 14:53 - 2020-11-19 00:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-07 00:22 - 2021-04-23 23:07 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Local\CrashDumps
2021-10-07 00:14 - 2021-02-21 01:18 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Local\D3DSCache
2021-10-07 00:10 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-06 20:05 - 2021-02-03 21:07 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-10-06 19:12 - 2021-02-03 20:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-06 18:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-06 18:55 - 2021-04-07 19:55 - 000000000 ____D C:\ProgramData\ProductData
2021-10-05 13:47 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-05 13:35 - 2021-08-08 15:59 - 000000000 ____D C:\Program Files (x86)\iFun Screen Recorder
2021-10-04 11:43 - 2021-02-07 02:21 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-10-03 15:30 - 2020-11-19 01:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-01 23:33 - 2021-02-07 00:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-10-01 23:29 - 2021-03-16 18:35 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 23:29 - 2021-03-16 18:35 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-29 20:44 - 2021-02-28 17:24 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d707de945c18ee
2021-09-29 20:44 - 2020-11-19 01:48 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-29 03:45 - 2021-02-03 20:51 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-28 00:27 - 2021-02-07 00:23 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-09-28 00:26 - 2021-07-30 01:07 - 000109520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2021-09-26 00:24 - 2021-02-28 17:26 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Local\AMD_Common
2021-09-16 19:31 - 2021-02-21 02:05 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Local\PlaceholderTileLogoFolder
2021-09-16 19:31 - 2021-02-04 03:24 - 000000000 ____D C:\Users\Jaroslak W10\AppData\Local\Packages
2021-09-16 19:31 - 2020-11-19 01:50 - 000000000 ____D C:\ProgramData\Packages
2021-09-16 19:27 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-16 19:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-16 19:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-16 19:17 - 2021-02-04 23:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-16 19:15 - 2021-02-04 23:22 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-09-15 22:02 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-09-15 21:24 - 2021-05-17 19:07 - 000000000 ____D C:\Users\jarok\AppData\Local\CrashDumps
2021-09-15 21:24 - 2021-04-27 12:07 - 000000000 ____D C:\Users\kosma\AppData\Local\CrashDumps
2021-09-15 21:19 - 2021-02-04 23:23 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-09-15 21:17 - 2021-05-03 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2021-09-13 23:14 - 2021-02-04 03:32 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-13 23:12 - 2021-04-07 19:54 - 000000000 ____D C:\Program Files (x86)\IObit
2021-09-13 22:58 - 2021-02-25 00:18 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2021-07-02 17:16 - 2021-07-02 17:16 - 000000893 _____ () C:\Users\Jaroslak W10\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================