Spomalený PC, Sekanie hier

[PureHate44]

Ahoj. cca pár dni mám nejaký spomalený PC a dosť mi sekaju aj staršie tituly hier, Chcel by som poprosiť o kontrolu logu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022
Ran by PC1 (administrator) on DESKTOP-NORVJE6 (MSI MS-7A39) (30-01-2022 15:09:16)
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\PC1\AppData\Roaming\Microsoft\Libs\sihost64.exe
() [File not signed] C:\Users\PC1\AppData\Roaming\Microsoft\Telemetry\sihost32.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0375539.inf_amd64_960c9d1bd877eee2\B375501\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0375539.inf_amd64_960c9d1bd877eee2\B375501\atiesrxx.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\PC1\AppData\Roaming\BitTorrent\updates\7.10.5_46097\bittorrentie.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(XBMC Foundation) [File not signed] C:\Program Files\Kodi\kodi.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2022-01-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33616864 2021-12-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [bt] => C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2022-01-22] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [ZoomE] => C:\Users\PC1\ZoomE.exe [2071040 2022-01-22] (Google Update) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [ZoomX] => C:\Users\PC1\ZoomX.exe [2266624 2022-01-22] (Google Update) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-30] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0586F789-F994-4DB0-A36D-7B4EBE19F292} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\Scheduler.exe [156696 2021-12-29] (IObit CO., LTD -> IObit)
Task: {4C7D76FD-AA76-4245-8913-2DFDB8EB8BAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MpCmdRun.exe [926912 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {501D98F2-FEDD-4A2B-8DD0-F5E289120AC4} - System32\Tasks\CCleanerSkipUAC - PC1 => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6BF24C9E-F330-44A5-ADF8-F42394679FE6} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\AutoUpdate.exe [2462744 2021-12-29] (IObit CO., LTD -> IObit)
Task: {8655CDD3-721E-4411-9C77-3F2B24FC2A8B} - System32\Tasks\TiniTask => C:\Users\Default\Links\pluginsd.js [91978 2022-01-22] () [File not signed]
Task: {9A026B50-56F7-4954-AA44-E52466CE3E30} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {AA2FCCCB-AC2D-4FD1-A361-1D08DF4B21A5} - System32\Tasks\Driver Booster SkipUAC (PC1) => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\DriverBooster.exe [8625688 2022-01-30] (IObit CO., LTD -> IObit) [File not signed]
Task: {C150E6BC-F672-439B-BA5F-CB425D7FABC7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MpCmdRun.exe [926912 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC89BE2D-A86B-4B1D-A192-1DB77E60F872} - System32\Tasks\ZoomX => C:\Users\PC1\ZoomX.exe [2266624 2022-01-22] (Google Update) [File not signed]
Task: {D0A99AF7-342A-4F1F-BE62-6CAA88F72B78} - System32\Tasks\TinyTask => C:\Users\Default\Links\plugins.js [79202 2022-01-22] () [File not signed]
Task: {E16D12FD-5D31-4735-B5B7-91D4334EDE95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MpCmdRun.exe [926912 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FCA05FBB-4EFA-4724-A900-BF74BB493406} - System32\Tasks\ZoomE => C:\Users\PC1\ZoomE.exe [2071040 2022-01-22] (Google Update) [File not signed]
Task: {FF2DA0DB-05E6-45E2-A572-1DA967069CD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MpCmdRun.exe [926912 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{54db6741-c35b-439b-9673-ac7e98521184}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-23]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2022-01-30]
CHR Notifications: Default -> hxxps://jutes.ru; hxxps://sibirem.ru; hxxps://www.giveawayoftheday.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (YouTube) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-20]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-20]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-30]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-01-03]
CHR Extension: (Prezentácie) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-27]
CHR Extension: (Safe Torrent Scanner) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-12-27]
CHR Extension: (Dokumenty) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-27]
CHR Extension: (Disk Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-27]
CHR Extension: (YouTube) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-27]
CHR Extension: (Tabuľky) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-27]
CHR Extension: (Gmail) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-27]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-30]
CHR HKLM\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]

Opera:
=======
OPR Profile: C:\Users\PC1\AppData\Roaming\Opera Software\Opera Stable [2021-12-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-10] (Epic Games Inc. -> Epic Games, Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-11-29] (Rockstar Games, Inc. -> Rockstar Games)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13353768 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\NisSrv.exe [2910272 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MsMpEng.exe [129440 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 2C50ECBD; C:\WINDOWS\System32\drivers\2C50ECBD.sys [478392 2021-04-14] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [49768 2022-01-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0375539.inf_amd64_960c9d1bd877eee2\B375501\amdkmdag.sys [82940968 2022-01-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-11-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2020-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2020-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49592 2022-01-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [437480 2022-01-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-01-29] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-30 15:09 - 2022-01-30 15:09 - 000015658 _____ C:\Users\PC1\Downloads\FRST.txt
2022-01-30 15:08 - 2022-01-30 15:08 - 002311680 _____ (Farbar) C:\Users\PC1\Downloads\FRST64.exe
2022-01-30 14:15 - 2022-01-30 14:15 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-30 14:15 - 2022-01-30 14:15 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-30 14:11 - 2022-01-30 14:10 - 000595472 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2022-01-30 14:11 - 2022-01-30 14:10 - 000160864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2022-01-30 14:11 - 2022-01-30 14:10 - 000049768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendrmgr.sys
2022-01-30 14:10 - 2022-01-30 14:10 - 088753240 _____ C:\WINDOWS\system32\amd_comgr.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 073109040 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 069065256 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 056256608 _____ C:\WINDOWS\system32\amdxc64.so
2022-01-30 14:10 - 2022-01-30 14:10 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2022-01-30 14:10 - 2022-01-30 14:10 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2022-01-30 14:10 - 2022-01-30 14:10 - 001875504 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 001875504 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 001858600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001689392 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001528368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001450544 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 001450544 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 001396824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001396824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001368232 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001115416 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001115416 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000968584 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000968584 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000933416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000848984 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000788528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000761944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000665648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000569200 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2022-01-30 14:10 - 2022-01-30 14:10 - 000569200 _____ C:\WINDOWS\system32\atiapfxx.blb
2022-01-30 14:10 - 2022-01-30 14:10 - 000551000 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000549424 _____ C:\WINDOWS\system32\GameManager64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000537080 _____ C:\WINDOWS\system32\amdmiracast.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000518232 _____ C:\WINDOWS\system32\atieah64.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000492072 _____ C:\WINDOWS\system32\dgtrayicon.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000483888 _____ C:\WINDOWS\system32\EEURestart.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000460336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000459352 _____ C:\WINDOWS\system32\amdlogum.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000413224 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000385072 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000335920 _____ C:\WINDOWS\system32\clinfo.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000253528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000212568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000193440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000185904 _____ C:\WINDOWS\system32\mantle64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000171096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000169008 _____ C:\WINDOWS\system32\mantleaxl64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000168176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000159320 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000158936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000150584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000146992 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000140224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000140216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000133720 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000132656 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000131120 _____ C:\WINDOWS\system32\atidxx64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000130648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000125592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000124976 _____ C:\WINDOWS\system32\amdxc64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000122928 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000111584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000111584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000106584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000106072 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000099888 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000082480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000067120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000062000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000038448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000035376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000019912 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000010622 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2022-01-30 14:09 - 2022-01-30 14:09 - 001159216 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2022-01-30 14:08 - 2022-01-30 14:08 - 072520616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2022-01-30 14:08 - 2022-01-30 14:08 - 043252949 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2022-01-30 14:08 - 2022-01-30 14:08 - 015218520 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 007178376 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 007101648 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 006270096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 005346904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003676976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2022-01-30 14:08 - 2022-01-30 14:08 - 003445648 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003375928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003334136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003306720 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003168296 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003159680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 002992088 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 002930056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 002444592 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 002197880 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001971272 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001965064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001787864 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001610864 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOv251gm.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001598304 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001544160 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001516176 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001435048 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001414992 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001403728 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001382144 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001372296 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001353224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001337544 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001327944 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001287504 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOvlldpgm.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001259632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001195872 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001159088 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001110080 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001078592 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001061480 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000964928 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000873368 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000852040 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000751208 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000734680 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000715552 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000692072 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000641632 _____ (ICEpower A/S) C:\WINDOWS\system32\ICEsoundAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000604704 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000541024 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000511552 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000467064 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000453184 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000452640 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000448512 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000447088 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000416416 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000406360 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000392776 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000381312 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000378288 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000367520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000366024 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000360248 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000343616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000341056 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000341056 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000332920 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000315880 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000278176 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000266456 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000261144 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000261104 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000260120 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000231824 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000230608 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000220296 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000218176 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000203744 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000190840 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000190840 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000179504 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000174848 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000167032 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\ATKWMI.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000158600 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000157248 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000154264 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000139664 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000122224 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000118496 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000116448 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000105216 _____ C:\WINDOWS\system32\audioLibVc.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000093808 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000090824 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000090080 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000088224 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000083528 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000075448 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-01-30 14:07 - 2022-01-30 14:07 - 000041184 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2022-01-30 14:00 - 2022-01-30 14:00 - 000003184 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler
2022-01-30 14:00 - 2022-01-30 14:00 - 000003170 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2022-01-30 14:00 - 2022-01-30 14:00 - 000002940 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (PC1)
2022-01-30 14:00 - 2022-01-30 14:00 - 000002361 _____ C:\Users\Public\Desktop\Driver Booster 9.lnk
2022-01-30 14:00 - 2022-01-30 14:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 9
2022-01-30 13:58 - 2022-01-30 13:58 - 000000935 _____ C:\Users\PC1\Downloads\[SkT]IObit_Driver_Booster_9.1.0.156_-_loader.torrent
2022-01-29 15:08 - 2022-01-29 15:08 - 000096017 _____ C:\Users\PC1\Downloads\[SkT]Cyberpunk_2077_[v_1.31]_(2020)___GOG-Rip.torrent
2022-01-29 09:28 - 2022-01-29 09:28 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-29 09:13 - 2022-01-29 09:13 - 000002896 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - PC1
2022-01-23 09:44 - 2022-01-23 09:44 - 000017111 _____ C:\Users\PC1\Downloads\[SkT]IObit_Driver_Booster_9.1.0.156.rar.torrent
2022-01-22 23:05 - 2022-01-22 23:05 - 000000000 ____D C:\Users\PC1\Documents\Electronic Arts
2022-01-22 23:05 - 2022-01-22 23:05 - 000000000 ____D C:\Users\PC1\AppData\Local\anadius
2022-01-22 23:02 - 2022-01-22 23:02 - 000000935 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2022-01-22 22:24 - 2022-01-22 22:24 - 005446472 _____ (BitTorrent Inc.) C:\Users\PC1\Downloads\BitTorrent (2).exe
2022-01-22 13:14 - 2022-01-22 13:14 - 005446472 _____ (BitTorrent Inc.) C:\Users\PC1\Downloads\BitTorrent (1).exe
2022-01-22 13:11 - 2022-01-30 14:25 - 000000000 ____D C:\Users\PC1\AppData\LocalLow\BitTorrent
2022-01-22 13:11 - 2022-01-22 13:11 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3805889190-2908880830-1705731779-1001
2022-01-22 09:57 - 2022-01-22 09:57 - 005446472 _____ (BitTorrent Inc.) C:\Users\PC1\Downloads\BitTorrent.exe
2022-01-22 09:35 - 2022-01-22 08:48 - 002266624 ____R (Google Update) C:\Users\PC1\ZoomX.exe
2022-01-22 09:35 - 2022-01-22 08:48 - 002071040 ____R (Google Update) C:\Users\PC1\ZoomE.exe
2022-01-22 09:34 - 2022-01-30 15:04 - 000000000 ____D C:\Users\PC1\AppData\Roaming\BitTorrent
2022-01-22 09:34 - 2022-01-22 10:12 - 000003542 _____ C:\WINDOWS\system32\Tasks\TiniTask
2022-01-22 09:34 - 2022-01-22 10:12 - 000003540 _____ C:\WINDOWS\system32\Tasks\TinyTask
2022-01-22 09:34 - 2022-01-22 10:12 - 000003258 _____ C:\WINDOWS\system32\Tasks\ZoomX
2022-01-22 09:34 - 2022-01-22 10:12 - 000003258 _____ C:\WINDOWS\system32\Tasks\ZoomE
2022-01-22 09:34 - 2022-01-22 09:34 - 000000000 ____D C:\Program Files\Common Files\DESIGNER Cache
2022-01-22 08:47 - 2022-01-22 08:47 - 000045147 _____ C:\Users\PC1\Downloads\[SkT]BitTorrent_Pro_7.10.5_Build_46097(x32x64)[EN]_[Full].torrent
2022-01-16 15:03 - 2022-01-16 15:04 - 000586567 _____ C:\Users\PC1\Downloads\dead-island-definitive-edition-trainer-11-v1.1.2-mrantifun.rar
2022-01-16 15:02 - 2022-01-16 15:02 - 001673208 _____ C:\Users\PC1\Downloads\didev11213tr.zip
2022-01-15 18:39 - 2022-01-15 18:39 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-15 18:39 - 2022-01-15 18:39 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-15 18:39 - 2022-01-15 18:39 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-15 18:31 - 2022-01-15 18:31 - 000000000 ___HD C:\$WinREAgent
2022-01-09 16:38 - 2022-01-15 23:12 - 000259032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-05 15:34 - 2022-01-05 15:34 - 000000000 ____D C:\Users\PC1\Documents\DeadIslandDI
2022-01-05 15:34 - 2022-01-05 15:34 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Steam
2022-01-05 15:30 - 2022-01-05 15:30 - 000000839 _____ C:\Users\PC1\Desktop\Dead Island Definitive Edition.lnk
2022-01-05 15:30 - 2022-01-05 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Island Definitive Edition

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-30 15:09 - 2020-12-19 10:48 - 000000000 ____D C:\FRST
2022-01-30 15:08 - 2021-03-09 15:44 - 000000000 ____D C:\Users\PC1\AppData\Local\CrashDumps
2022-01-30 15:06 - 2020-12-20 10:32 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-30 14:58 - 2021-06-26 12:26 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-30 14:24 - 2020-12-20 11:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-30 14:24 - 2020-12-20 10:31 - 000000000 ____D C:\WINDOWS\INF
2022-01-30 14:18 - 2020-12-20 10:53 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-30 14:17 - 2020-12-20 11:00 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-30 14:17 - 2020-12-20 11:00 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-30 14:16 - 2020-12-23 17:30 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-30 14:16 - 2020-12-20 10:32 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-30 14:16 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-30 14:16 - 2020-06-10 20:36 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-30 14:15 - 2021-12-26 08:14 - 000000000 ____D C:\Program Files\CCleaner
2022-01-30 14:15 - 2021-10-08 18:04 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Kodi
2022-01-30 14:13 - 2021-01-02 12:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-30 14:13 - 2020-12-20 10:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-01-30 14:13 - 2020-12-20 10:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-30 14:13 - 2020-12-20 10:27 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-30 14:13 - 2020-11-07 10:27 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-30 14:12 - 2021-10-17 12:09 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-30 14:11 - 2020-12-20 10:41 - 000000000 ____D C:\WINDOWS\system32\AMD
2022-01-30 14:10 - 2021-01-08 09:29 - 000410672 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2022-01-30 14:10 - 2021-01-08 09:29 - 000201640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2022-01-30 14:10 - 2021-01-08 09:29 - 000142936 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-01-30 14:10 - 2021-01-08 09:29 - 000019928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2022-01-30 14:10 - 2020-12-20 11:45 - 000100824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2022-01-30 14:09 - 2020-04-10 19:24 - 000246176 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2022-01-30 14:08 - 2020-12-20 10:42 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-01-30 14:08 - 2020-12-20 10:42 - 000000000 ____D C:\WINDOWS\system32\DAX2
2022-01-30 14:08 - 2020-04-10 19:23 - 005954144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2022-01-30 14:08 - 2020-04-10 19:23 - 003843944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2022-01-30 14:08 - 2020-04-10 19:23 - 000192888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2022-01-30 14:08 - 2020-04-10 19:23 - 000023600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2022-01-30 14:08 - 2020-04-10 19:22 - 000033136 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio3.sys
2022-01-30 14:08 - 2019-10-01 08:34 - 000054984 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio2.sys
2022-01-30 14:02 - 2021-09-17 19:29 - 000000000 ____D C:\ProgramData\ProductData
2022-01-30 14:00 - 2021-03-29 05:02 - 000000000 ____D C:\ProgramData\IObit
2022-01-30 14:00 - 2021-03-29 05:02 - 000000000 ____D C:\Program Files (x86)\IObit
2022-01-30 13:56 - 2020-12-20 10:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-29 19:42 - 2020-12-20 10:55 - 000000000 ____D C:\Users\PC1\AppData\Local\D3DSCache
2022-01-29 09:13 - 2020-12-20 10:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-22 10:01 - 2021-01-23 18:54 - 000000000 ____D C:\Users\PC1\AppData\Roaming\BSplayer
2022-01-22 10:01 - 2021-01-23 18:54 - 000000000 ____D C:\Program Files (x86)\Webteh
2022-01-22 09:58 - 2021-11-13 10:47 - 000000000 ____D C:\Users\PC1\AppData\Local\Adaware
2022-01-22 09:35 - 2020-12-20 14:09 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-01-22 09:35 - 2020-12-20 10:44 - 000000000 ____D C:\Users\PC1
2022-01-22 09:34 - 2020-12-20 10:32 - 000000000 __RHD C:\Users\Public\Libraries
2022-01-22 09:31 - 2021-03-07 19:59 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-22 08:49 - 2020-12-20 17:07 - 000000000 ____D C:\Users\PC1\AppData\Roaming\vlc
2022-01-22 08:29 - 2020-12-20 10:44 - 000002365 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-20 21:45 - 2020-12-20 10:28 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-15 18:31 - 2020-12-20 11:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-15 18:29 - 2020-12-20 11:41 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2022-01-22 09:35 - 2022-01-22 08:48 - 002071040 ____R (Google Update) C:\Users\PC1\ZoomE.exe
2022-01-22 09:35 - 2022-01-22 08:48 - 002266624 ____R (Google Update) C:\Users\PC1\ZoomX.exe
2021-06-06 09:33 - 2021-07-21 20:43 - 000000055 _____ () C:\Users\PC1\AppData\Roaming\EHWID.txt
2021-06-06 09:33 - 2021-12-12 18:52 - 000000011 _____ () C:\Users\PC1\AppData\Roaming\EPW.txt
2021-06-06 09:33 - 2021-07-21 20:43 - 000000009 _____ () C:\Users\PC1\AppData\Roaming\ERole.txt
2021-06-06 09:33 - 2021-12-12 18:52 - 000000012 _____ () C:\Users\PC1\AppData\Roaming\EUser.txt
2021-03-07 19:58 - 2021-03-07 19:58 - 000016438 _____ () C:\Users\PC1\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[PureHate44]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Ran by PC1 (30-01-2022 15:10:42)
Running from C:\Users\PC1\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2020-12-20 09:55:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3805889190-2908880830-1705731779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3805889190-2908880830-1705731779-503 - Limited - Disabled)
Guest (S-1-5-21-3805889190-2908880830-1705731779-501 - Limited - Disabled)
PC1 (S-1-5-21-3805889190-2908880830-1705731779-1001 - Administrator - Enabled) => C:\Users\PC1
WDAGUtilityAccount (S-1-5-21-3805889190-2908880830-1705731779-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
Dead Island Definitive Edition (HKLM-x32\...\Dead Island Definitive Edition_is1) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.1.0 - IObit)
Dying Light Platinum Edition (HKLM-x32\...\Dying Light Platinum Edition_is1) (Version: - )
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Excel (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Kodi) (Version: 19.1.0.0 - XBMC Foundation)
me.fo (HKLM\...\me.fo) (Version: 1.0 - me.fo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
NoxPlayer (HKLM-x32\...\Nox) (Version: 7.0.0.8 - Duodian Technology Co. Ltd.)
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Outlook (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.50.548 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.7.0 - IObit)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
The Sims 4: Deluxe Edition (HKLM-x32\...\The Sims 4: Deluxe Edition_is1) (Version: 1.82.99.1030 / 1.82.99.1530 - RePack)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.3.22 - Black Tree Gaming Ltd.)
WeMod (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\WeMod) (Version: 7.1.22 - WeMod)
Windows Kontrola stavu počítača (HKLM\...\{BDBC15A5-E9F1-485F-A0D3-7526052FB2B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows Kontrola stavu počítača (HKLM\...\{DC04D0BB-5702-4932-ACFF-D39065DCB089}) (Version: 3.1.2109.29003 - Microsoft Corporation)
WinRAR 5.80 Final (HKLM-x32\...\WinRAR 5.80 Final) (Version: 5.80 - Crackingpatching.com Team)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
Wise Program Uninstaller 2.5.1 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 2.5.1 - WiseCleaner.com, Inc.)
Word (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-01-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PC1\Desktop\Peter - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-06-26 12:26 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-06-26 12:26 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-06-26 12:26 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-05-08 17:43 - 2021-05-08 17:43 - 000486400 _____ () [File not signed] C:\Program Files\Kodi\addons\peripheral.joystick\peripheral.joystick.dll
2020-01-05 14:39 - 2020-01-05 14:39 - 000424960 _____ () [File not signed] C:\Program Files\Kodi\LCMS2.DLL
2021-04-11 09:21 - 2021-04-11 09:21 - 002194944 _____ () [File not signed] C:\Program Files\Kodi\libass.dll
2020-07-06 07:11 - 2020-07-06 07:11 - 000855552 _____ () [File not signed] C:\Program Files\Kodi\libbluray.dll
2020-01-12 17:35 - 2020-01-12 17:35 - 000225280 _____ () [File not signed] C:\Program Files\Kodi\libcdio.dll
2020-01-05 14:39 - 2020-01-05 14:39 - 000137728 _____ () [File not signed] C:\Program Files\Kodi\libplist.dll
2020-01-05 14:39 - 2020-01-05 14:39 - 002665984 _____ () [File not signed] C:\Program Files\Kodi\libxml2.dll
2021-02-11 15:46 - 2021-02-11 15:46 - 004008448 _____ () [File not signed] C:\Program Files\Kodi\python3.8.dll
2021-02-11 15:46 - 2021-02-11 15:46 - 000057856 _____ () [File not signed] C:\Program Files\Kodi\python3.dll
2020-01-05 14:39 - 2020-01-05 14:39 - 000136704 _____ () [File not signed] C:\Program Files\Kodi\shairplay.dll
2020-01-05 14:39 - 2020-01-05 14:39 - 000828928 _____ () [File not signed] C:\Program Files\Kodi\sqlite3.dll
2021-02-11 15:46 - 2021-02-11 15:46 - 000078336 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_bz2.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 000119296 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_ctypes.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 000257536 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_decimal.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 000064000 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_elementtree.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 001905152 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_hashlib.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 000152576 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_lzma.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 000019968 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_queue.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 000068608 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_socket.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 000693248 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_sqlite3.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 002535424 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\_ssl.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 000174592 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\pyexpat.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 000018432 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\select.pyd
2021-02-11 15:46 - 2021-02-11 15:46 - 001085440 _____ () [File not signed] C:\Program Files\Kodi\system\python\DLLs\unicodedata.pyd
2020-01-05 14:39 - 2020-01-05 14:39 - 000124416 _____ () [File not signed] C:\Program Files\Kodi\zlib.dll
2021-12-29 11:48 - 2021-12-29 11:48 - 000579072 _____ () [File not signed] C:\Users\PC1\AppData\Roaming\Kodi\addons\pvr.iptvsimple\pvr.iptvsimple.dll
2020-01-05 14:39 - 2020-01-05 14:39 - 000518656 _____ (Pulse-Eight Limited) [File not signed] C:\Program Files\Kodi\cec.dll
2020-01-05 14:39 - 2020-01-05 14:39 - 003064320 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\Kodi\libcurl.dll
2021-06-26 12:26 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2020-05-29 13:12 - 2020-05-29 13:12 - 001228288 _____ (VideoLAN) [File not signed] C:\Program Files\Kodi\libdav1d.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\2C50ECBD.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\2C50ECBD.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-12-20 10:33 - 2021-10-14 12:40 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{76479D23-BABB-4B44-8CA5-99040CC858D8}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B8813231-8AC4-4057-A6EB-9F8ED2076275}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C264E3BA-A0C9-461A-BB44-6FF4D813E63D}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{25674321-2BB6-4356-AB23-C5100729084B}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BC53F919-759A-4705-BB28-C3C739726D24}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{1D9454E8-FDFC-4A4B-89A9-87E90C5AA454}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F80FBF77-6901-481B-A37C-A3C01DADD01C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A5D25BB-4C86-4BED-9EC9-B19527115BD6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{81680637-CA08-4B3B-BA04-B74773689984}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EB9C9D5E-7D50-49C8-A0F2-6C4DF20A864F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{067876AE-4B1F-4377-9894-02C446E96B37}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{A8D6CCC3-8968-455D-85DF-EBB03F73D892}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{D142A9B5-2F0C-44B4-BED0-F8F07DACB470}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F593AD16-ED6C-4530-89D3-90FA278E847C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{161A6779-F0A4-4190-BAF8-B3EC8B275E88}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4575926B-6A4D-48A7-9802-D730BD3D9D19}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{9E22C15B-6F92-4AF8-A903-95C0C53E7FA7}E:\games\dying light platinum edition\dyinglightgame.exe] => (Block) E:\games\dying light platinum edition\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [UDP Query User{A30214CD-5E87-4C9B-837C-4AAE8BC10E11}E:\games\dying light platinum edition\dyinglightgame.exe] => (Block) E:\games\dying light platinum edition\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [{0C9A7129-CC02-4FFE-AAE4-1BCCC6109A94}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54C2042B-931F-48FE-AC55-7EFEF1FD765E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE2748DE-4383-4CE5-9662-60AE78FE20E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B407596-3C51-4591-9339-82D49DB72A5F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{B602A2BC-1C9F-4807-B995-8EC37897CBEC}E:\games\dead island definitive edition\deadislandgame.exe] => (Block) E:\games\dead island definitive edition\deadislandgame.exe (Techland) [File not signed]
FirewallRules: [UDP Query User{48CEB451-F65C-429D-B2E1-875E7E854FD4}E:\games\dead island definitive edition\deadislandgame.exe] => (Block) E:\games\dead island definitive edition\deadislandgame.exe (Techland) [File not signed]
FirewallRules: [{6687BD56-586F-4FE7-836F-22311CE18944}] => (Allow) C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{230EE135-707E-4479-A0B1-DBC9CE4F1932}] => (Allow) C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{F389FFA7-508A-4AF3-96FE-6B551B8EE057}E:\downloads\hry\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\downloads\hry\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{072ED89D-DEA3-401C-A432-99810FDD708F}E:\downloads\hry\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\downloads\hry\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{E5D054F5-30D7-4AB7-8419-FDC2C19B6B9F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-01-2022 11:38:51 Scheduled Checkpoint
15-01-2022 18:29:17 Scheduled Checkpoint
15-01-2022 18:31:07 Inštalátor modulov systému Windows
15-01-2022 18:31:41 Inštalátor modulov systému Windows
30-01-2022 14:05:13 Driver Booster : Radeon RX 570 Series

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/30/2022 03:08:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: CHXSmartScreen.exe, verzia: 10.0.19041.423, časová značka: 0x0431d1e3
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xe01c7650
Kód výnimky: 0x8000ffff
Odstup chyby: 0x000000000010b362
Identifikácia chybujúceho procesu: 0xf40
Čas spustenia chybujúcej aplikácie: 0x01d815e2e08fa401
Cesta chybujúcej aplikácie: C:\WINDOWS\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 1829a775-053c-450e-b305-4c5cfd13d506
Celé meno chybujúceho balíka: Microsoft.Windows.Apprep.ChxApp_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (01/30/2022 03:08:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: CHXSmartScreen.exe, verzia: 10.0.19041.423, časová značka: 0x0431d1e3
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xe01c7650
Kód výnimky: 0x8000ffff
Odstup chyby: 0x000000000010b362
Identifikácia chybujúceho procesu: 0x2438
Čas spustenia chybujúcej aplikácie: 0x01d815e2cda8092b
Cesta chybujúcej aplikácie: C:\WINDOWS\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 873afab5-eef0-4cbb-b367-0230035e2c9d
Celé meno chybujúceho balíka: Microsoft.Windows.Apprep.ChxApp_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (01/30/2022 02:14:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wwahost.exe, verzia: 10.0.19041.789, časová značka: 0x9bbd7506
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xe01c7650
Kód výnimky: 0x8000ffff
Odstup chyby: 0x000000000010b362
Identifikácia chybujúceho procesu: 0x1c64
Čas spustenia chybujúcej aplikácie: 0x01d815db3eb5a8a6
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wwahost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e5b66029-4a85-4c96-bcae-efdd9052c14a
Celé meno chybujúceho balíka: Microsoft.Windows.CloudExperienceHost_10.0.19041.1266_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (01/30/2022 02:11:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: explorer.exe, verzia: 10.0.19041.1415, časová značka: 0x61622df4
Názov chybujúceho modulu: amdocl64.dll, verzia: 10.0.3302.6, časová značka: 0x616e28fa
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000018491dc
Identifikácia chybujúceho procesu: 0xd5c
Čas spustenia chybujúcej aplikácie: 0x01d815c5b7480b12
Cesta chybujúcej aplikácie: C:\WINDOWS\explorer.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\amdocl64.dll
Identifikácia hlásenia: 432e081d-3564-44b2-b4d4-647cee06a183
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/30/2022 02:11:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: explorer.exe, verzia: 10.0.19041.1415, časová značka: 0x61622df4
Názov chybujúceho modulu: amdocl64.dll, verzia: 10.0.3302.6, časová značka: 0x616e28fa
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000018491dc
Identifikácia chybujúceho procesu: 0x36c0
Čas spustenia chybujúcej aplikácie: 0x01d815c5af31ba4a
Cesta chybujúcej aplikácie: C:\WINDOWS\explorer.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\amdocl64.dll
Identifikácia hlásenia: 1efee2a6-ac07-40f8-bc97-ad752bbae174
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/30/2022 02:05:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/29/2022 03:10:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program BitTorrent.exe version 7.10.5.46097 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 183c

Start Time: 01d81519bc8d6e68

Termination Time: 13

Application Path: C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe

Report Id: 79353a42-83d1-40cd-a7ce-bf255f9ba35e

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread

Error: (01/29/2022 03:08:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program BitTorrent.exe version 7.10.5.46097 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1bc4

Start Time: 01d814e80a049aae

Termination Time: 629

Application Path: C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe

Report Id: 5516c93d-4224-4e43-a412-ffe4b11c2fe9

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread


System errors:
=============
Error: (01/30/2022 02:13:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NORVJE6)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (01/30/2022 02:12:07 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (01/29/2022 09:12:37 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (01/23/2022 12:23:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NORVJE6)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (01/22/2022 10:28:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NORVJE6)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (01/22/2022 09:31:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby AvastWscReporter zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (01/21/2022 04:23:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (01/21/2022 04:23:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Steam Client Service bol dosiahnutý časový limit (30000 ms).


Windows Defender:
================
Date: 2022-01-30 14:25:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-01-29 16:49:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-01-22 14:14:40
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: VirTool:Win32/DefenderTamperingRestore
Severity: Závažná
Category: Nástroj
Path: regkeyvalue:_hklm\software\microsoft\windows defender\real-time protection\\DisableIOAVProtection
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0, NIS: 1.355.2319.0
Engine Version: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-22 10:04:12
Description:
Microsoft Defender Antivirus has detected a suspicious behavior.
Name: Behavior:Win32/DroppedKnownMalware
Severity: Nízka
Category: Podozrivé správanie
Path Found: file:_C:\Users\PC1\AppData\Local\Temp\ZoomE.exe; process:_4116
Detection Origin: Local machine
Detection Type: Suspicious
Detection Source: Real-Time Protection
Status: Executing
Process Name: C:\Users\PC1\AppData\Local\Temp\ZoomE.exe
Security intelligence ID: 41453017067075
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4
Fidelity Label: Low
Target File Name: C:\Users\PC1\AppData\Roaming\Microsoft\Telemetry\sihost32.exe

Date: 2022-01-22 10:04:12
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Sabsik.FL.B!ml
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Users\PC1\AppData\Roaming\Microsoft\Telemetry\sihost32.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\PC1\AppData\Local\Temp\ZoomE.exe
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0, NIS: 1.355.2319.0
Engine Version: AM: 1.1.18800.4, NIS: 1.1.18800.4
Event[0]:

Date: 2022-01-22 10:12:29
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Sabsik.FL.B!ml
Severity: Závažná
Category: Trójsky kôň
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

Date: 2022-01-22 10:11:54
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:Win32/Keygen
Severity: Vysoká
Category: Nástroj
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

Date: 2022-01-22 10:11:06
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:Win32/Keygen
Severity: Vysoká
Category: Nástroj
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

Date: 2022-01-22 10:10:59
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Sabsik.FL.B!ml
Severity: Závažná
Category: Trójsky kôň
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

Date: 2022-01-22 10:10:41
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Sabsik.FL.B!ml
Severity: Závažná
Category: Trójsky kôň
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

CodeIntegrity:
===============
Date: 2022-01-22 08:29:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-01-20 21:10:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2.L0 01/22/2019
Motherboard: MSI B350M GAMING PRO (MS-7A39)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 53%
Total physical RAM: 16335.13 MB
Available physical RAM: 7518.22 MB
Total Virtual: 21613.98 MB
Available Virtual: 3460.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.07 GB) (Free:134.42 GB) NTFS
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:391.01 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{33d4e0ca-0000-0000-0000-90c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{5f94829e-abbd-11eb-b554-806e6f6e6963}\ () (Removable) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D0D77719)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 33D4E0CA)
Partition 1: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)

==========================================================
Disk: 2 (Protective MBR) (Size: 116.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[PureHate44]

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-30-2022
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 9
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\IdleBuddy
Deleted C:\Users\PC1\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\Users\PC1\Desktop\Internet Search.URL

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0586F789-F994-4DB0-A36D-7B4EBE19F292}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|YixSpeedup

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted banggood.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1899 octets] - [07/03/2021 21:19:11]
AdwCleaner[C00].txt - [1922 octets] - [07/03/2021 21:19:38]
AdwCleaner[S01].txt - [2198 octets] - [30/01/2022 15:20:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[PureHate44]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022
Ran by PC1 (administrator) on DESKTOP-NORVJE6 (MSI MS-7A39) (30-01-2022 16:21:24)
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\PC1\AppData\Roaming\Microsoft\Libs\sihost64.exe
() [File not signed] C:\Users\PC1\AppData\Roaming\Microsoft\Telemetry\sihost32.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(Malwarebytes Inc -> Malwarebytes) C:\Users\PC1\Downloads\adwcleaner_8.3.1.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2022-01-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33616864 2021-12-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [bt] => C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2022-01-22] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [ZoomE] => C:\Users\PC1\ZoomE.exe [2071040 2022-01-22] (Google Update) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [ZoomX] => C:\Users\PC1\ZoomX.exe [2266624 2022-01-22] (Google Update) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-30] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4C7D76FD-AA76-4245-8913-2DFDB8EB8BAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MpCmdRun.exe [926912 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {501D98F2-FEDD-4A2B-8DD0-F5E289120AC4} - System32\Tasks\CCleanerSkipUAC - PC1 => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6BF24C9E-F330-44A5-ADF8-F42394679FE6} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\AutoUpdate.exe [2462744 2021-12-29] (IObit CO., LTD -> IObit)
Task: {8655CDD3-721E-4411-9C77-3F2B24FC2A8B} - System32\Tasks\TiniTask => C:\Users\Default\Links\pluginsd.js [91978 2022-01-22] () [File not signed]
Task: {9A026B50-56F7-4954-AA44-E52466CE3E30} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {AA2FCCCB-AC2D-4FD1-A361-1D08DF4B21A5} - System32\Tasks\Driver Booster SkipUAC (PC1) => C:\Program Files (x86)\IObit\Driver Booster\9.1.0\DriverBooster.exe [8625688 2022-01-30] (IObit CO., LTD -> IObit) [File not signed]
Task: {C150E6BC-F672-439B-BA5F-CB425D7FABC7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MpCmdRun.exe [926912 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC89BE2D-A86B-4B1D-A192-1DB77E60F872} - System32\Tasks\ZoomX => C:\Users\PC1\ZoomX.exe [2266624 2022-01-22] (Google Update) [File not signed]
Task: {D0A99AF7-342A-4F1F-BE62-6CAA88F72B78} - System32\Tasks\TinyTask => C:\Users\Default\Links\plugins.js [79202 2022-01-22] () [File not signed]
Task: {E16D12FD-5D31-4735-B5B7-91D4334EDE95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MpCmdRun.exe [926912 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FCA05FBB-4EFA-4724-A900-BF74BB493406} - System32\Tasks\ZoomE => C:\Users\PC1\ZoomE.exe [2071040 2022-01-22] (Google Update) [File not signed]
Task: {FF2DA0DB-05E6-45E2-A572-1DA967069CD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MpCmdRun.exe [926912 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{54db6741-c35b-439b-9673-ac7e98521184}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-23]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2022-01-30]
CHR Notifications: Default -> hxxps://jutes.ru; hxxps://sibirem.ru; hxxps://www.giveawayoftheday.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (YouTube) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-20]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-20]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-30]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-01-03]
CHR Extension: (Prezentácie) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-27]
CHR Extension: (Safe Torrent Scanner) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-12-27]
CHR Extension: (Dokumenty) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-27]
CHR Extension: (Disk Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-27]
CHR Extension: (YouTube) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-27]
CHR Extension: (Tabuľky) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-27]
CHR Extension: (Gmail) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-27]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-30]
CHR HKLM\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]

Opera:
=======
OPR Profile: C:\Users\PC1\AppData\Roaming\Opera Software\Opera Stable [2021-12-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-10] (Epic Games Inc. -> Epic Games, Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-11-29] (Rockstar Games, Inc. -> Rockstar Games)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13353768 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\NisSrv.exe [2910272 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.6-0\MsMpEng.exe [129440 2022-01-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 2C50ECBD; C:\WINDOWS\System32\drivers\2C50ECBD.sys [478392 2021-04-14] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [49768 2022-01-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0375539.inf_amd64_960c9d1bd877eee2\B375501\amdkmdag.sys [82940968 2022-01-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-11-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2020-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2020-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49592 2022-01-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [437480 2022-01-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-01-29] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-30 15:20 - 2022-01-30 15:20 - 008540344 _____ (Malwarebytes) C:\Users\PC1\Downloads\adwcleaner_8.3.1.exe
2022-01-30 15:10 - 2022-01-30 15:11 - 000039251 _____ C:\Users\PC1\Downloads\Addition.txt
2022-01-30 15:09 - 2022-01-30 16:21 - 000013984 _____ C:\Users\PC1\Downloads\FRST.txt
2022-01-30 15:08 - 2022-01-30 15:08 - 002311680 _____ (Farbar) C:\Users\PC1\Downloads\FRST64.exe
2022-01-30 14:15 - 2022-01-30 14:15 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-30 14:15 - 2022-01-30 14:15 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-30 14:11 - 2022-01-30 14:10 - 000595472 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2022-01-30 14:11 - 2022-01-30 14:10 - 000160864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2022-01-30 14:11 - 2022-01-30 14:10 - 000049768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendrmgr.sys
2022-01-30 14:10 - 2022-01-30 14:10 - 088753240 _____ C:\WINDOWS\system32\amd_comgr.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 073109040 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 069065256 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 056256608 _____ C:\WINDOWS\system32\amdxc64.so
2022-01-30 14:10 - 2022-01-30 14:10 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2022-01-30 14:10 - 2022-01-30 14:10 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2022-01-30 14:10 - 2022-01-30 14:10 - 001875504 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 001875504 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 001858600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001689392 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001528368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001450544 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 001450544 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 001396824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001396824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001368232 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001115416 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 001115416 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000968584 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000968584 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000933416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000848984 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000788528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000761944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000665648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000569200 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2022-01-30 14:10 - 2022-01-30 14:10 - 000569200 _____ C:\WINDOWS\system32\atiapfxx.blb
2022-01-30 14:10 - 2022-01-30 14:10 - 000551000 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000549424 _____ C:\WINDOWS\system32\GameManager64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000537080 _____ C:\WINDOWS\system32\amdmiracast.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000518232 _____ C:\WINDOWS\system32\atieah64.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000492072 _____ C:\WINDOWS\system32\dgtrayicon.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000483888 _____ C:\WINDOWS\system32\EEURestart.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000460336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000459352 _____ C:\WINDOWS\system32\amdlogum.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000413224 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000385072 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000335920 _____ C:\WINDOWS\system32\clinfo.exe
2022-01-30 14:10 - 2022-01-30 14:10 - 000253528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000212568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000193440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000185904 _____ C:\WINDOWS\system32\mantle64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000171096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000169008 _____ C:\WINDOWS\system32\mantleaxl64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000168176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000159320 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000158936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000150584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000146992 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000140224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000140216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000133720 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000132656 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000131120 _____ C:\WINDOWS\system32\atidxx64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000130648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000125592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000124976 _____ C:\WINDOWS\system32\amdxc64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000122928 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000111584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000111584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000106584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000106072 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000099888 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000082480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000067120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000062000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000038448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000035376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000019912 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2022-01-30 14:10 - 2022-01-30 14:10 - 000010622 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2022-01-30 14:09 - 2022-01-30 14:09 - 001159216 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2022-01-30 14:08 - 2022-01-30 14:08 - 072520616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2022-01-30 14:08 - 2022-01-30 14:08 - 043252949 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2022-01-30 14:08 - 2022-01-30 14:08 - 015218520 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 007178376 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 007101648 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 006270096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 005346904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003676976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2022-01-30 14:08 - 2022-01-30 14:08 - 003445648 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003375928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003334136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003306720 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003168296 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 003159680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 002992088 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 002930056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 002444592 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 002197880 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001971272 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001965064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001787864 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001610864 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOv251gm.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001598304 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001544160 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001516176 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001435048 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001414992 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001403728 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001382144 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001372296 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001353224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001337544 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001327944 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001287504 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOvlldpgm.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001259632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001195872 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001159088 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001110080 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001078592 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 001061480 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000964928 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000873368 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000852040 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000751208 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000734680 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000715552 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000692072 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000641632 _____ (ICEpower A/S) C:\WINDOWS\system32\ICEsoundAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000604704 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000541024 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000511552 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000467064 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000453184 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000452640 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000448512 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000447088 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000416416 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000406360 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000392776 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000381312 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000378288 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000367520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000366024 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000360248 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000343616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000341056 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000341056 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000332920 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000315880 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000278176 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000266456 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000261144 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000261104 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000260120 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000231824 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000230608 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000220296 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000218176 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000203744 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000190840 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000190840 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000179504 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000174848 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000167032 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\ATKWMI.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000158600 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000157248 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000154264 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000139664 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000122224 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000118496 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000116448 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000105216 _____ C:\WINDOWS\system32\audioLibVc.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000093808 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000090824 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000090080 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000088224 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000083528 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000075448 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2022-01-30 14:08 - 2022-01-30 14:08 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-01-30 14:07 - 2022-01-30 14:07 - 000041184 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2022-01-30 14:00 - 2022-01-30 14:00 - 000003170 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2022-01-30 14:00 - 2022-01-30 14:00 - 000002940 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (PC1)
2022-01-30 14:00 - 2022-01-30 14:00 - 000002361 _____ C:\Users\Public\Desktop\Driver Booster 9.lnk
2022-01-30 14:00 - 2022-01-30 14:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 9
2022-01-30 13:58 - 2022-01-30 13:58 - 000000935 _____ C:\Users\PC1\Downloads\[SkT]IObit_Driver_Booster_9.1.0.156_-_loader.torrent
2022-01-29 15:08 - 2022-01-29 15:08 - 000096017 _____ C:\Users\PC1\Downloads\[SkT]Cyberpunk_2077_[v_1.31]_(2020)___GOG-Rip.torrent
2022-01-29 09:28 - 2022-01-29 09:28 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-29 09:13 - 2022-01-29 09:13 - 000002896 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - PC1
2022-01-23 09:44 - 2022-01-23 09:44 - 000017111 _____ C:\Users\PC1\Downloads\[SkT]IObit_Driver_Booster_9.1.0.156.rar.torrent
2022-01-22 23:05 - 2022-01-22 23:05 - 000000000 ____D C:\Users\PC1\Documents\Electronic Arts
2022-01-22 23:05 - 2022-01-22 23:05 - 000000000 ____D C:\Users\PC1\AppData\Local\anadius
2022-01-22 23:02 - 2022-01-22 23:02 - 000000935 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2022-01-22 22:24 - 2022-01-22 22:24 - 005446472 _____ (BitTorrent Inc.) C:\Users\PC1\Downloads\BitTorrent (2).exe
2022-01-22 13:14 - 2022-01-22 13:14 - 005446472 _____ (BitTorrent Inc.) C:\Users\PC1\Downloads\BitTorrent (1).exe
2022-01-22 13:11 - 2022-01-30 14:25 - 000000000 ____D C:\Users\PC1\AppData\LocalLow\BitTorrent
2022-01-22 13:11 - 2022-01-22 13:11 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3805889190-2908880830-1705731779-1001
2022-01-22 09:57 - 2022-01-22 09:57 - 005446472 _____ (BitTorrent Inc.) C:\Users\PC1\Downloads\BitTorrent.exe
2022-01-22 09:35 - 2022-01-22 08:48 - 002266624 ____R (Google Update) C:\Users\PC1\ZoomX.exe
2022-01-22 09:35 - 2022-01-22 08:48 - 002071040 ____R (Google Update) C:\Users\PC1\ZoomE.exe
2022-01-22 09:34 - 2022-01-30 15:14 - 000000000 ____D C:\Users\PC1\AppData\Roaming\BitTorrent
2022-01-22 09:34 - 2022-01-22 10:12 - 000003542 _____ C:\WINDOWS\system32\Tasks\TiniTask
2022-01-22 09:34 - 2022-01-22 10:12 - 000003540 _____ C:\WINDOWS\system32\Tasks\TinyTask
2022-01-22 09:34 - 2022-01-22 10:12 - 000003258 _____ C:\WINDOWS\system32\Tasks\ZoomX
2022-01-22 09:34 - 2022-01-22 10:12 - 000003258 _____ C:\WINDOWS\system32\Tasks\ZoomE
2022-01-22 09:34 - 2022-01-22 09:34 - 000000000 ____D C:\Program Files\Common Files\DESIGNER Cache
2022-01-22 08:47 - 2022-01-22 08:47 - 000045147 _____ C:\Users\PC1\Downloads\[SkT]BitTorrent_Pro_7.10.5_Build_46097(x32x64)[EN]_[Full].torrent
2022-01-16 15:03 - 2022-01-16 15:04 - 000586567 _____ C:\Users\PC1\Downloads\dead-island-definitive-edition-trainer-11-v1.1.2-mrantifun.rar
2022-01-16 15:02 - 2022-01-16 15:02 - 001673208 _____ C:\Users\PC1\Downloads\didev11213tr.zip
2022-01-15 18:39 - 2022-01-15 18:39 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-15 18:39 - 2022-01-15 18:39 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-15 18:39 - 2022-01-15 18:39 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-15 18:31 - 2022-01-15 18:31 - 000000000 ___HD C:\$WinREAgent
2022-01-09 16:38 - 2022-01-15 23:12 - 000259032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-05 15:34 - 2022-01-05 15:34 - 000000000 ____D C:\Users\PC1\Documents\DeadIslandDI
2022-01-05 15:34 - 2022-01-05 15:34 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Steam
2022-01-05 15:30 - 2022-01-05 15:30 - 000000839 _____ C:\Users\PC1\Desktop\Dead Island Definitive Edition.lnk
2022-01-05 15:30 - 2022-01-05 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Island Definitive Edition

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-30 16:21 - 2020-12-20 10:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-30 16:21 - 2020-12-19 10:48 - 000000000 ____D C:\FRST
2022-01-30 15:50 - 2020-12-20 10:32 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-30 15:22 - 2020-12-20 11:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-30 15:21 - 2021-03-29 05:02 - 000000000 ____D C:\Users\PC1\AppData\Roaming\IObit
2022-01-30 15:21 - 2021-03-29 05:02 - 000000000 ____D C:\ProgramData\IObit
2022-01-30 15:13 - 2021-06-26 12:26 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-30 15:08 - 2021-03-09 15:44 - 000000000 ____D C:\Users\PC1\AppData\Local\CrashDumps
2022-01-30 14:24 - 2020-12-20 10:31 - 000000000 ____D C:\WINDOWS\INF
2022-01-30 14:18 - 2020-12-20 10:53 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-30 14:17 - 2020-12-20 11:00 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-30 14:17 - 2020-12-20 11:00 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-30 14:16 - 2020-12-23 17:30 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-30 14:16 - 2020-12-20 10:32 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-30 14:16 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-30 14:16 - 2020-06-10 20:36 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-30 14:15 - 2021-12-26 08:14 - 000000000 ____D C:\Program Files\CCleaner
2022-01-30 14:15 - 2021-10-08 18:04 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Kodi
2022-01-30 14:13 - 2021-01-02 12:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-30 14:13 - 2020-12-20 10:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-01-30 14:13 - 2020-12-20 10:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-30 14:13 - 2020-12-20 10:27 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-30 14:13 - 2020-11-07 10:27 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-30 14:12 - 2021-10-17 12:09 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-30 14:11 - 2020-12-20 10:41 - 000000000 ____D C:\WINDOWS\system32\AMD
2022-01-30 14:10 - 2021-01-08 09:29 - 000410672 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2022-01-30 14:10 - 2021-01-08 09:29 - 000201640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2022-01-30 14:10 - 2021-01-08 09:29 - 000142936 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-01-30 14:10 - 2021-01-08 09:29 - 000019928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2022-01-30 14:10 - 2020-12-20 11:45 - 000100824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2022-01-30 14:09 - 2020-04-10 19:24 - 000246176 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2022-01-30 14:08 - 2020-12-20 10:42 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-01-30 14:08 - 2020-12-20 10:42 - 000000000 ____D C:\WINDOWS\system32\DAX2
2022-01-30 14:08 - 2020-04-10 19:23 - 005954144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2022-01-30 14:08 - 2020-04-10 19:23 - 003843944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2022-01-30 14:08 - 2020-04-10 19:23 - 000192888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2022-01-30 14:08 - 2020-04-10 19:23 - 000023600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2022-01-30 14:08 - 2020-04-10 19:22 - 000033136 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio3.sys
2022-01-30 14:08 - 2019-10-01 08:34 - 000054984 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio2.sys
2022-01-30 14:02 - 2021-09-17 19:29 - 000000000 ____D C:\ProgramData\ProductData
2022-01-30 14:00 - 2021-03-29 05:02 - 000000000 ____D C:\Program Files (x86)\IObit
2022-01-29 19:42 - 2020-12-20 10:55 - 000000000 ____D C:\Users\PC1\AppData\Local\D3DSCache
2022-01-29 09:13 - 2020-12-20 10:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-22 10:01 - 2021-01-23 18:54 - 000000000 ____D C:\Users\PC1\AppData\Roaming\BSplayer
2022-01-22 10:01 - 2021-01-23 18:54 - 000000000 ____D C:\Program Files (x86)\Webteh
2022-01-22 09:58 - 2021-11-13 10:47 - 000000000 ____D C:\Users\PC1\AppData\Local\Adaware
2022-01-22 09:35 - 2020-12-20 14:09 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-01-22 09:35 - 2020-12-20 10:44 - 000000000 ____D C:\Users\PC1
2022-01-22 09:34 - 2020-12-20 10:32 - 000000000 __RHD C:\Users\Public\Libraries
2022-01-22 09:31 - 2021-03-07 19:59 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-22 08:49 - 2020-12-20 17:07 - 000000000 ____D C:\Users\PC1\AppData\Roaming\vlc
2022-01-22 08:29 - 2020-12-20 10:44 - 000002365 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-20 21:45 - 2020-12-20 10:28 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-15 23:11 - 2020-12-20 10:32 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-15 18:31 - 2020-12-20 11:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-15 18:29 - 2020-12-20 11:41 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2022-01-22 09:35 - 2022-01-22 08:48 - 002071040 ____R (Google Update) C:\Users\PC1\ZoomE.exe
2022-01-22 09:35 - 2022-01-22 08:48 - 002266624 ____R (Google Update) C:\Users\PC1\ZoomX.exe
2021-06-06 09:33 - 2021-07-21 20:43 - 000000055 _____ () C:\Users\PC1\AppData\Roaming\EHWID.txt
2021-06-06 09:33 - 2021-12-12 18:52 - 000000011 _____ () C:\Users\PC1\AppData\Roaming\EPW.txt
2021-06-06 09:33 - 2021-07-21 20:43 - 000000009 _____ () C:\Users\PC1\AppData\Roaming\ERole.txt
2021-06-06 09:33 - 2021-12-12 18:52 - 000000012 _____ () C:\Users\PC1\AppData\Roaming\EUser.txt
2021-03-07 19:58 - 2021-03-07 19:58 - 000016438 _____ () C:\Users\PC1\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[PureHate44]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Ran by PC1 (30-01-2022 16:22:34)
Running from C:\Users\PC1\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2020-12-20 09:55:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3805889190-2908880830-1705731779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3805889190-2908880830-1705731779-503 - Limited - Disabled)
Guest (S-1-5-21-3805889190-2908880830-1705731779-501 - Limited - Disabled)
PC1 (S-1-5-21-3805889190-2908880830-1705731779-1001 - Administrator - Enabled) => C:\Users\PC1
WDAGUtilityAccount (S-1-5-21-3805889190-2908880830-1705731779-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
Dead Island Definitive Edition (HKLM-x32\...\Dead Island Definitive Edition_is1) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.1.0 - IObit)
Dying Light Platinum Edition (HKLM-x32\...\Dying Light Platinum Edition_is1) (Version: - )
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Excel (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Kodi) (Version: 19.1.0.0 - XBMC Foundation)
me.fo (HKLM\...\me.fo) (Version: 1.0 - me.fo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
NoxPlayer (HKLM-x32\...\Nox) (Version: 7.0.0.8 - Duodian Technology Co. Ltd.)
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Outlook (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.50.548 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.7.0 - IObit)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
The Sims 4: Deluxe Edition (HKLM-x32\...\The Sims 4: Deluxe Edition_is1) (Version: 1.82.99.1030 / 1.82.99.1530 - RePack)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.3.22 - Black Tree Gaming Ltd.)
WeMod (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\WeMod) (Version: 7.1.22 - WeMod)
Windows Kontrola stavu počítača (HKLM\...\{BDBC15A5-E9F1-485F-A0D3-7526052FB2B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Windows Kontrola stavu počítača (HKLM\...\{DC04D0BB-5702-4932-ACFF-D39065DCB089}) (Version: 3.1.2109.29003 - Microsoft Corporation)
WinRAR 5.80 Final (HKLM-x32\...\WinRAR 5.80 Final) (Version: 5.80 - Crackingpatching.com Team)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
Wise Program Uninstaller 2.5.1 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 2.5.1 - WiseCleaner.com, Inc.)
Word (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-15] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-01-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PC1\Desktop\Peter - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\2C50ECBD.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\2C50ECBD.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-12-20 10:33 - 2021-10-14 12:40 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{76479D23-BABB-4B44-8CA5-99040CC858D8}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B8813231-8AC4-4057-A6EB-9F8ED2076275}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C264E3BA-A0C9-461A-BB44-6FF4D813E63D}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{25674321-2BB6-4356-AB23-C5100729084B}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BC53F919-759A-4705-BB28-C3C739726D24}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{1D9454E8-FDFC-4A4B-89A9-87E90C5AA454}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F80FBF77-6901-481B-A37C-A3C01DADD01C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A5D25BB-4C86-4BED-9EC9-B19527115BD6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{81680637-CA08-4B3B-BA04-B74773689984}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EB9C9D5E-7D50-49C8-A0F2-6C4DF20A864F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{067876AE-4B1F-4377-9894-02C446E96B37}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{A8D6CCC3-8968-455D-85DF-EBB03F73D892}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{D142A9B5-2F0C-44B4-BED0-F8F07DACB470}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F593AD16-ED6C-4530-89D3-90FA278E847C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{161A6779-F0A4-4190-BAF8-B3EC8B275E88}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4575926B-6A4D-48A7-9802-D730BD3D9D19}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{9E22C15B-6F92-4AF8-A903-95C0C53E7FA7}E:\games\dying light platinum edition\dyinglightgame.exe] => (Block) E:\games\dying light platinum edition\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [UDP Query User{A30214CD-5E87-4C9B-837C-4AAE8BC10E11}E:\games\dying light platinum edition\dyinglightgame.exe] => (Block) E:\games\dying light platinum edition\dyinglightgame.exe (Techland) [File not signed]
FirewallRules: [{0C9A7129-CC02-4FFE-AAE4-1BCCC6109A94}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54C2042B-931F-48FE-AC55-7EFEF1FD765E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE2748DE-4383-4CE5-9662-60AE78FE20E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B407596-3C51-4591-9339-82D49DB72A5F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{B602A2BC-1C9F-4807-B995-8EC37897CBEC}E:\games\dead island definitive edition\deadislandgame.exe] => (Block) E:\games\dead island definitive edition\deadislandgame.exe (Techland) [File not signed]
FirewallRules: [UDP Query User{48CEB451-F65C-429D-B2E1-875E7E854FD4}E:\games\dead island definitive edition\deadislandgame.exe] => (Block) E:\games\dead island definitive edition\deadislandgame.exe (Techland) [File not signed]
FirewallRules: [{6687BD56-586F-4FE7-836F-22311CE18944}] => (Allow) C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{230EE135-707E-4479-A0B1-DBC9CE4F1932}] => (Allow) C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{F389FFA7-508A-4AF3-96FE-6B551B8EE057}E:\downloads\hry\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\downloads\hry\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{072ED89D-DEA3-401C-A432-99810FDD708F}E:\downloads\hry\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\downloads\hry\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{E5D054F5-30D7-4AB7-8419-FDC2C19B6B9F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-01-2022 11:38:51 Scheduled Checkpoint
15-01-2022 18:29:17 Scheduled Checkpoint
15-01-2022 18:31:07 Inštalátor modulov systému Windows
15-01-2022 18:31:41 Inštalátor modulov systému Windows
30-01-2022 14:05:13 Driver Booster : Radeon RX 570 Series

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/30/2022 03:18:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program BitTorrent.exe version 7.10.5.46097 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 150c

Start Time: 01d815db4adbff15

Termination Time: 109

Application Path: C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe

Report Id: 1ab85635-4d94-495c-9f45-ae73225a2b7b

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread

Error: (01/30/2022 03:08:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: CHXSmartScreen.exe, verzia: 10.0.19041.423, časová značka: 0x0431d1e3
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xe01c7650
Kód výnimky: 0x8000ffff
Odstup chyby: 0x000000000010b362
Identifikácia chybujúceho procesu: 0xf40
Čas spustenia chybujúcej aplikácie: 0x01d815e2e08fa401
Cesta chybujúcej aplikácie: C:\WINDOWS\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 1829a775-053c-450e-b305-4c5cfd13d506
Celé meno chybujúceho balíka: Microsoft.Windows.Apprep.ChxApp_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (01/30/2022 03:08:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: CHXSmartScreen.exe, verzia: 10.0.19041.423, časová značka: 0x0431d1e3
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xe01c7650
Kód výnimky: 0x8000ffff
Odstup chyby: 0x000000000010b362
Identifikácia chybujúceho procesu: 0x2438
Čas spustenia chybujúcej aplikácie: 0x01d815e2cda8092b
Cesta chybujúcej aplikácie: C:\WINDOWS\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 873afab5-eef0-4cbb-b367-0230035e2c9d
Celé meno chybujúceho balíka: Microsoft.Windows.Apprep.ChxApp_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (01/30/2022 02:14:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wwahost.exe, verzia: 10.0.19041.789, časová značka: 0x9bbd7506
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xe01c7650
Kód výnimky: 0x8000ffff
Odstup chyby: 0x000000000010b362
Identifikácia chybujúceho procesu: 0x1c64
Čas spustenia chybujúcej aplikácie: 0x01d815db3eb5a8a6
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wwahost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e5b66029-4a85-4c96-bcae-efdd9052c14a
Celé meno chybujúceho balíka: Microsoft.Windows.CloudExperienceHost_10.0.19041.1266_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (01/30/2022 02:11:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: explorer.exe, verzia: 10.0.19041.1415, časová značka: 0x61622df4
Názov chybujúceho modulu: amdocl64.dll, verzia: 10.0.3302.6, časová značka: 0x616e28fa
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000018491dc
Identifikácia chybujúceho procesu: 0xd5c
Čas spustenia chybujúcej aplikácie: 0x01d815c5b7480b12
Cesta chybujúcej aplikácie: C:\WINDOWS\explorer.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\amdocl64.dll
Identifikácia hlásenia: 432e081d-3564-44b2-b4d4-647cee06a183
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/30/2022 02:11:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: explorer.exe, verzia: 10.0.19041.1415, časová značka: 0x61622df4
Názov chybujúceho modulu: amdocl64.dll, verzia: 10.0.3302.6, časová značka: 0x616e28fa
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000018491dc
Identifikácia chybujúceho procesu: 0x36c0
Čas spustenia chybujúcej aplikácie: 0x01d815c5af31ba4a
Cesta chybujúcej aplikácie: C:\WINDOWS\explorer.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\amdocl64.dll
Identifikácia hlásenia: 1efee2a6-ac07-40f8-bc97-ad752bbae174
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/30/2022 02:05:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service AvastWscReporter since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/29/2022 03:10:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program BitTorrent.exe version 7.10.5.46097 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 183c

Start Time: 01d81519bc8d6e68

Termination Time: 13

Application Path: C:\Users\PC1\AppData\Roaming\BitTorrent\BitTorrent.exe

Report Id: 79353a42-83d1-40cd-a7ce-bf255f9ba35e

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread


System errors:
=============
Error: (01/30/2022 03:21:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/30/2022 03:21:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/30/2022 03:21:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD Crash Defender Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/30/2022 02:13:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NORVJE6)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (01/30/2022 02:12:07 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (01/29/2022 09:12:37 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (01/23/2022 12:23:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NORVJE6)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (01/22/2022 10:28:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NORVJE6)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2022-01-30 14:25:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-01-29 16:49:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-01-22 14:14:40
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: VirTool:Win32/DefenderTamperingRestore
Severity: Závažná
Category: Nástroj
Path: regkeyvalue:_hklm\software\microsoft\windows defender\real-time protection\\DisableIOAVProtection
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0, NIS: 1.355.2319.0
Engine Version: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-22 10:04:12
Description:
Microsoft Defender Antivirus has detected a suspicious behavior.
Name: Behavior:Win32/DroppedKnownMalware
Severity: Nízka
Category: Podozrivé správanie
Path Found: file:_C:\Users\PC1\AppData\Local\Temp\ZoomE.exe; process:_4116
Detection Origin: Local machine
Detection Type: Suspicious
Detection Source: Real-Time Protection
Status: Executing
Process Name: C:\Users\PC1\AppData\Local\Temp\ZoomE.exe
Security intelligence ID: 41453017067075
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4
Fidelity Label: Low
Target File Name: C:\Users\PC1\AppData\Roaming\Microsoft\Telemetry\sihost32.exe

Date: 2022-01-22 10:04:12
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Sabsik.FL.B!ml
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Users\PC1\AppData\Roaming\Microsoft\Telemetry\sihost32.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\PC1\AppData\Local\Temp\ZoomE.exe
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0, NIS: 1.355.2319.0
Engine Version: AM: 1.1.18800.4, NIS: 1.1.18800.4
Event[0]:

Date: 2022-01-22 10:12:29
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Sabsik.FL.B!ml
Severity: Závažná
Category: Trójsky kôň
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

Date: 2022-01-22 10:11:54
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:Win32/Keygen
Severity: Vysoká
Category: Nástroj
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

Date: 2022-01-22 10:11:06
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:Win32/Keygen
Severity: Vysoká
Category: Nástroj
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

Date: 2022-01-22 10:10:59
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Sabsik.FL.B!ml
Severity: Závažná
Category: Trójsky kôň
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

Date: 2022-01-22 10:10:41
Description:
Microsoft Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Sabsik.FL.B!ml
Severity: Závažná
Category: Trójsky kôň
Error Code: 0x80508014
Error description: Položku v karanténe nie je možné obnoviť.
Security intelligence Version: AV: 1.355.2319.0, AS: 1.355.2319.0
Engine Version: 1.1.18800.4

CodeIntegrity:
===============
Date: 2022-01-22 08:29:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-01-20 21:10:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2.L0 01/22/2019
Motherboard: MSI B350M GAMING PRO (MS-7A39)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 54%
Total physical RAM: 16335.13 MB
Available physical RAM: 7504.8 MB
Total Virtual: 20047.13 MB
Available Virtual: 2766.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.07 GB) (Free:135.66 GB) NTFS
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:391.01 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{33d4e0ca-0000-0000-0000-90c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{5f94829e-abbd-11eb-b554-806e6f6e6963}\ () (Removable) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D0D77719)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 33D4E0CA)
Partition 1: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)

==========================================================
Disk: 2 (Protective MBR) (Size: 116.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\Users\PC1\AppData\Local\Temp
C:\Users\PC1\AppData\Roaming\Microsoft\Telemetry\sihost32.exe
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [ZoomE] => C:\Users\PC1\ZoomE.exe [2071040 2022-01-22] (Google Update) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [ZoomX] => C:\Users\PC1\ZoomX.exe [2266624 2022-01-22] (Google Update) [File not signed] <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\PC1\AppData\Roaming\IObit
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte do C:\Users\PC1\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[PureHate44]

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Ran by PC1 (30-01-2022 17:09:31) Run:2
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Users\PC1\AppData\Local\Temp
C:\Users\PC1\AppData\Roaming\Microsoft\Telemetry\sihost32.exe
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [ZoomE] => C:\Users\PC1\ZoomE.exe [2071040 2022-01-22] (Google Update) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [ZoomX] => C:\Users\PC1\ZoomX.exe [2266624 2022-01-22] (Google Update) [File not signed] <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\PC1\AppData\Roaming\IObit
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\PC1\AppData\Local\Temp => moved successfully
C:\Users\PC1\AppData\Roaming\Microsoft\Telemetry\sihost32.exe => moved successfully
"HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ZoomE" => removed successfully
"HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ZoomX" => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\Users\PC1\AppData\Roaming\IObit => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 73495553 B
Java, Flash, Steam htmlcache => 265668568 B
Windows/system/drivers => 12935447 B
Edge => 40960 B
Chrome => 441918467 B
Firefox => 0 B
Opera => 4970907 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15874 B
NetworkService => 37721876 B
PC1 => 38284667 B

RecycleBin => 0 B
EmptyTemp: => 835.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 30-01-2022 17:10:24)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 17:10:24 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[PureHate44]

Odskúšam hry a dam vedieť

[Rudy]

OK.

[PureHate44]

Je to o trošku lepšie, ale stale to nie je ono :-/
Mohli by sme sa na to pozrieť detailnejšie ? :-/
Asi viem, kde už je chyba :-/
https://ctrlv.sk/fEec

[Rudy]

Myslíte teplotu CPU? Ta je sice hraniční, ale nemyslím, že je to ta příčina. Hry se sekají od začátku hraní, nebo až později (po zahřátí)?

[PureHate44]

Odzačiatku.....