﻿Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2022
Ran by ZWL (administrator) on ZWL-PC (Dell Inc. OptiPlex 3020) (26-01-2022 14:45:00)
Running from C:\Users\ZWL\Downloads
Loaded Profiles: ZWL
Platform: Microsoft Windows 7 Enterprise  Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> ) C:\Program Files\Google\Drive File Stream\54.0.3.0\crashpad_handler.exe <4>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe <7>
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) D:\kiRRow\apps\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve Corp. -> Valve Corporation) D:\kiRRow\apps\Steam\GameOverlayUI.exe
(Valve Corp. -> Valve Corporation) D:\kiRRow\apps\Steam\steam.exe
(Wube Software) [File not signed] D:\kiRRow\apps\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
(ZeroTier, Inc. -> ) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Combo Cleaner] => C:\Program Files (x86)\Combo Cleaner\ComboCleaner.exe [2024064 2021-11-05] (RCS LT, UAB -> RCS LT)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2021-04-29] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe [55330648 2022-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe [55330648 2022-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3394924902-1472214841-2261831438-1000\...\Run: [loopMIDI] => C:\Users\ZWL\AppData\Roaming\Microsoft\etdsdvav\iivdwvtj.exe (No File)
HKU\S-1-5-21-3394924902-1472214841-2261831438-1000\...\Run: [Steam] => d:\kirrow\apps\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3394924902-1472214841-2261831438-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe [55330648 2022-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3394924902-1472214841-2261831438-1000\...\MountPoints2: {c4fee5a1-a902-11eb-a8eb-d71a721b466a} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe [55330648 2022-01-11] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [221696 2021-03-13] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-05-04]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\ZWL\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {193A6158-EDD6-4F29-B4DC-5A11353DCF10} - System32\Tasks\Microsoft\Windows\Maintenance\Windows.ionBuildTasks.ni => C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe C:\ProgramData\WindowProc\TvqkbGraphic\rtuco_Segpiery.dll /U
Task: {2CDEBB34-F7A9-4CEB-AFF9-7E5351EF3728} - System32\Tasks\Opera scheduled assistant Autoupdate 1626364705 => C:\Users\ZWL\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\ZWL\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A06CF732-05BF-47ED-BB64-DB78FB6FD747} - System32\Tasks\Opera scheduled Autoupdate 1626364704 => C:\Users\ZWL\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {DB0D9578-D780-4849-B5EE-59094F851E2B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-29] (Google LLC -> Google LLC)
Task: {E1FD7C4C-F9B3-475D-9DFA-505E577FB626} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-29] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{95A299D9-DDE9-452C-9495-802BA0AB765F}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]

Chrome: 
=======
CHR Profile: C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default [2022-01-26]
CHR Extension: (Prezentace) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-19]
CHR Extension: (Dokumenty) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-19]
CHR Extension: (Disk Google) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-19]
CHR Extension: (YouTube) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-19]
CHR Extension: (uBlock Origin) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-01-19]
CHR Extension: (Tabulky) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-19]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-19]
CHR Extension: (Gmail) - C:\Users\ZWL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-19]
CHR HKU\S-1-5-21-3394924902-1472214841-2261831438-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-05-04] (philandro Software GmbH -> philandro Software GmbH)
S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [128584 2018-03-26] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S2 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [143488 2021-11-05] (RCS LT, UAB -> RCS LT)
S2 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [151168 2021-11-05] (RCS LT, UAB -> RCS LT)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 ZeroTierOneService; C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe [1702272 2021-04-21] (ZeroTier, Inc. -> )

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [59904 2015-01-25] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [382944 2022-01-11] (Google LLC -> Google, Inc.)
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
R3 teVirtualMIDI64; C:\Windows\System32\DRIVERS\teVirtualMIDI64.sys [35840 2021-05-04] (NGO -> Tobias Erichsen)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 zttap300; C:\Windows\System32\DRIVERS\zttap300.sys [30488 2018-03-16] (ZeroTier Networks LLC -> ZeroTier Networks LLC)
U4 DiagTrack; no ImagePath
U4 dmwappushservice; no ImagePath
S3 KProcessHacker3; \??\D:\kiRRow\apps\pHacker\x64\kprocesshacker.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-26 14:43 - 2022-01-26 14:44 - 002311680 _____ (Farbar) C:\Users\ZWL\Downloads\FRST64 (1).exe
2022-01-25 15:29 - 2022-01-25 15:29 - 000002008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-01-25 15:29 - 2022-01-11 11:10 - 000382944 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3525.sys
2022-01-25 15:27 - 2022-01-25 15:29 - 290071896 _____ (Google, Inc.) C:\Users\ZWL\Downloads\GoogleDriveSetup.exe
2022-01-25 15:15 - 2022-01-25 15:15 - 000009184 _____ C:\Users\ZWL\Downloads\pocitacka-20220125T141514Z-001.zip
2022-01-25 14:10 - 2022-01-25 13:20 - 052141904 ____N C:\Users\ZWL\Desktop\VID_20220125_132005.mp4
2022-01-24 19:18 - 2022-01-24 19:40 - 415359220 _____ C:\Users\ZWL\Downloads\S04E05-Vteřiny před katastrofou-Kolize v Alpách (Cable Car Collision).avi
2022-01-22 18:55 - 2022-01-22 18:55 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2022-01-20 19:24 - 2022-01-26 13:41 - 000000000 ___HD C:\ProgramData\Ftpdioy
2022-01-20 18:30 - 2022-01-20 18:30 - 000000606 _____ C:\Users\ZWL\Downloads\timer.ino
2022-01-19 22:58 - 2022-01-19 22:58 - 008540344 _____ (Malwarebytes) C:\Users\ZWL\Downloads\adwcleaner_8.3.1.exe
2022-01-19 15:21 - 2022-01-19 15:21 - 000000000 ____D C:\Windows\pss
2022-01-19 15:13 - 2022-01-19 15:13 - 003392412 _____ C:\Users\ZWL\Downloads\processhacker-2.39-bin.zip
2022-01-19 14:49 - 2022-01-19 14:49 - 000000000 ____D C:\Users\ZWL\AppData\Local\RCS_LT
2022-01-19 14:48 - 2022-01-19 14:50 - 000000000 ____D C:\Program Files (x86)\Combo Cleaner
2022-01-19 14:48 - 2022-01-19 14:48 - 000001894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Combo Cleaner.lnk
2022-01-19 14:48 - 2022-01-19 14:48 - 000001888 _____ C:\Users\Public\Desktop\Combo Cleaner.lnk
2022-01-18 11:47 - 2022-01-18 11:47 - 1133446181 _____ C:\Users\ZWL\Desktop\Factorio.zip
2022-01-18 09:46 - 2022-01-18 09:47 - 003594016 _____ (RCS LT) C:\Users\ZWL\Downloads\CCSetup.exe
2022-01-17 18:33 - 2022-01-17 19:17 - 000038065 _____ C:\Users\ZWL\Downloads\Addition.txt
2022-01-17 18:24 - 2022-01-26 14:45 - 000012053 _____ C:\Users\ZWL\Downloads\FRST.txt
2022-01-17 18:24 - 2022-01-26 14:45 - 000000000 ____D C:\FRST
2022-01-17 18:24 - 2022-01-17 18:24 - 002311680 _____ (Farbar) C:\Users\ZWL\Downloads\FRST64.exe
2022-01-17 18:12 - 2022-01-17 18:12 - 045918843 _____ C:\Users\ZWL\Downloads\Windows6.1-KB3033929-x64.msu
2022-01-17 18:09 - 2022-01-17 18:09 - 002101944 _____ (Malwarebytes) C:\Users\ZWL\Downloads\MBSetup-10789.10789-consumer.exe
2022-01-16 09:27 - 2022-01-16 09:27 - 002240614 _____ C:\Users\ZWL\Downloads\HiJackThis.zip
2022-01-15 17:00 - 2022-01-16 18:02 - 000000000 ____D C:\Windows\SysWOW64\ncp
2022-01-15 10:20 - 2022-01-16 18:02 - 000000000 ____D C:\Users\Public\Security Sessions
2022-01-15 10:18 - 2022-01-16 18:02 - 000000000 ____D C:\Windows\SysWOW64\statReporter
2022-01-15 10:18 - 2022-01-16 18:02 - 000000000 ____D C:\Users\ZWL\AppData\Local\Avira
2022-01-15 10:18 - 2022-01-16 18:02 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-01-15 10:17 - 2022-01-16 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-01-15 10:17 - 2022-01-15 10:20 - 000000000 ____D C:\ProgramData\Avira
2022-01-15 10:17 - 2022-01-15 10:19 - 000000000 ____D C:\Program Files (x86)\Avira
2022-01-14 15:28 - 2022-01-16 18:02 - 000000000 ____D C:\Windows\erdnt
2022-01-14 15:28 - 2022-01-14 15:29 - 000000000 ___SD C:\32788R22FWJFW
2022-01-14 15:28 - 2022-01-14 15:28 - 000000000 ____D C:\Qoobox
2022-01-12 19:03 - 2022-01-12 19:03 - 000000000 ____D C:\AdwCleaner
2022-01-07 09:18 - 2022-01-07 09:18 - 000012964 _____ C:\Users\ZWL\Downloads\v10.zip
2022-01-04 14:24 - 2022-01-04 14:24 - 000000000 ____D C:\Users\ZWL\AppData\Local\Chromium
2022-01-02 19:50 - 2022-01-02 20:36 - 835512320 _____ C:\Users\ZWL\Downloads\Vetřelci (1986).avi
2022-01-01 20:39 - 2022-01-01 22:39 - 2191341226 _____ C:\Users\ZWL\Downloads\The Truman Show (1998) 1080p H264 DolbyD 5.1 & nickarad.mp4
2021-12-29 10:35 - 2021-12-29 10:35 - 001507340 _____ C:\Users\ZWL\Downloads\microbit-test (3).hex
2021-12-29 10:35 - 2021-12-29 10:35 - 001507340 _____ C:\Users\ZWL\Downloads\microbit-test (2).hex
2021-12-29 10:25 - 2021-12-29 10:25 - 001505292 _____ C:\Users\ZWL\Downloads\microbit-test (1).hex
2021-12-29 10:08 - 2021-12-29 10:08 - 001505292 _____ C:\Users\ZWL\Downloads\microbit-test.hex

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-26 14:41 - 2021-04-29 18:10 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-26 14:38 - 2009-07-14 05:45 - 000014432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-01-26 14:38 - 2009-07-14 05:45 - 000014432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-01-26 13:52 - 2021-09-23 14:55 - 000000000 ____D C:\Users\ZWL\AppData\Roaming\Factorio
2022-01-26 09:43 - 2009-07-14 13:50 - 000668138 _____ C:\Windows\system32\perfh005.dat
2022-01-26 09:43 - 2009-07-14 13:50 - 000140798 _____ C:\Windows\system32\perfc005.dat
2022-01-26 09:43 - 2009-07-14 06:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-26 09:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-01-26 09:36 - 2021-04-29 18:28 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-26 09:36 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-25 15:29 - 2021-04-29 18:11 - 000000000 ____D C:\Program Files\Google
2022-01-25 15:29 - 2021-04-29 18:10 - 000000000 ____D C:\Users\ZWL\AppData\Local\Google
2022-01-25 14:11 - 2021-04-29 18:11 - 000002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-25 14:11 - 2021-04-29 18:11 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 14:09 - 2021-10-09 16:53 - 000000000 ____D C:\Users\ZWL\AppData\Roaming\vlc
2022-01-22 18:55 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2022-01-21 15:35 - 2021-04-29 18:10 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 15:35 - 2021-04-29 18:10 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-19 14:55 - 2019-08-25 03:26 - 000000000 ____D C:\ProgramData\WindowProc
2022-01-19 14:48 - 2021-04-29 18:08 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-01-18 09:49 - 2021-05-03 18:10 - 001557208 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-01-17 22:07 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2022-01-17 20:10 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-01-17 20:10 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2022-01-17 20:01 - 2021-04-30 14:44 - 000064216 _____ C:\Users\ZWL\AppData\Local\GDIPFONTCACHEV1.DAT
2022-01-17 14:15 - 2021-07-25 17:28 - 000000000 ____D C:\Users\ZWL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2022-01-17 12:23 - 2021-07-26 15:20 - 000000000 ____D C:\Users\ZWL\AppData\Local\cache
2022-01-16 18:03 - 2021-05-03 18:01 - 000004802 __RSH C:\ProgramData\ntuser.pol
2022-01-16 18:03 - 2021-04-29 17:50 - 000000000 ____D C:\Users\ZWL
2022-01-16 18:02 - 2021-07-15 16:57 - 000000000 ____D C:\Users\ZWL\AppData\Roaming\uTorrent
2022-01-16 18:02 - 2021-06-21 14:45 - 000000000 ____D C:\Program Files\GSLITE
2022-01-16 18:02 - 2021-05-13 15:26 - 000000000 ____D C:\Users\ZWL\AppData\Roaming\PSpad
2022-01-16 18:02 - 2021-05-09 11:55 - 000000000 ____D C:\Users\ZWL\AppData\Roaming\Winamp
2022-01-16 18:02 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2022-01-16 18:02 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat
2022-01-12 20:32 - 2021-06-21 19:42 - 000000000 ____D C:\Users\ZWL\AppData\Roaming\Renegade-X Launcher
2022-01-12 13:27 - 2021-06-15 14:43 - 000000000 ____D C:\Users\ZWL\AppData\LocalLow\Temp
2022-01-11 11:49 - 2021-07-15 16:57 - 000000000 ____D C:\Users\ZWL\AppData\LocalLow\uTorrent
2022-01-08 10:36 - 2021-05-18 16:55 - 000000000 ____D C:\Users\ZWL\AppData\Local\Arduino15
2022-01-04 14:24 - 2021-05-17 19:15 - 000000000 ____D C:\Users\ZWL\AppData\Local\SKIDROW

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

LastRegBack: 2022-01-17 00:05
==================== End of FRST.txt ========================