VIRY.CZ

Dobrý den, mám podezření na Trojan-Downloader.Win32.Delf.wlb ,tak bych poprosil o kontrolu.Děkuji


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-06-2022
Ran by radom (administrator) on RADEK (ASUS System Product Name) (13-06-2022 16:57:16)
Running from H:\
Loaded Profiles: radom
Platform: Microsoft Windows 11 Home Version 21H2 22000.708 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowser.exe
(C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe
(C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTHKCtrl.exe
(explorer.exe ->) () [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\PATRIOT_MEMORY_x64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) J:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(H:\FRST64.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2204.12.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(J:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.126.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.13\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Sog951x1Sound] => C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\PATRIOT_MEMORY_x64.exe [2418176 2017-04-19] () [File not signed]
HKLM-x32\...\Run: [Creative Hot Key Control] => C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTHKCtrl.exe [650752 2013-07-19] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL (No File)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32637904 2022-06-03] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed] [File is in use]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Steam] => J:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1088456 2022-05-30] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Bethesda.net] => [X]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13980248 2022-05-11] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [5348480 2022-05-06] (IObit CO., LTD -> IObit)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3148016 2022-06-08] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [MicrosoftEdgeAutoLaunch_31FB0F89BB3DBA0F19285F725AC75676] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-13] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0393F8D4-23FD-4F30-8103-16F9D79319AD} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.3.0\AutoUpdate.exe [2463840 2022-04-19] (IObit CO., LTD -> IObit)
Task: {14D30B30-1C12-491D-9190-258CF44F255E} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2159944 2021-10-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {207C194F-B807-4CCD-862A-F7F25B7B16C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A58E98A-C6A6-49D8-9F59-9D0D9F59D4C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3DEF8B59-0FAD-484A-A066-3F3A85218F4A} - System32\Tasks\ASC_SkipUac_radom => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [10951808 2022-05-12] (IObit CO., LTD -> IObit)
Task: {56CA9002-7D81-4A4E-9CD0-F91A1750691D} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1610808 2021-04-14] (ASUSTeK Computer Inc. -> )
Task: {58FFBC9E-8038-4AFE-97B6-F93F0C6F8AB4} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2157024 2022-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {5D793E69-061D-479B-B66B-68F211F620A6} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1794360 2022-01-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {654C1D23-BDEA-4814-8196-2379FA68ACB9} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [5467264 2022-05-12] (IObit CO., LTD -> IObit)
Task: {6A06E1DA-40BB-45F6-AD4E-521561053595} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1471104 2021-10-22] (ASUSTeK Computer Inc. -> )
Task: {6AA30BD0-C871-4967-BF26-5E3D208639B5} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {7BB2FBBC-5E05-4F64-A6C9-EBD3B5C18936} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241960 2021-11-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {98AC1FBA-D192-445B-BAC9-33C39B61B6B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DE5B295-F41F-4913-AB92-71E6B66DF8D2} - System32\Tasks\iTop Private Browser UAC => C:\Program Files\iTop Private Browser\ivBInit.exe [1409928 2022-04-13] (Chengdu Xiao Shan Hu Technology Co., Ltd -> iTop Inc.)
Task: {9F5687FA-F910-4708-BA19-B43536965439} - System32\Tasks\iTop Private Browser Update => C:\Program Files\iTop Private Browser\AutoUpdate.exe [2422664 2022-04-13] (Chengdu Xiao Shan Hu Technology Co., Ltd -> iTop Inc.)
Task: {A282D79C-49D3-489E-9A67-D4D3F8EA7AEA} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [293856 2022-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AD178CE3-F671-4026-96DB-70D2568CE9D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ADFF7BC0-49A9-4AFB-8C25-352CBB77DCF1} - System32\Tasks\GoogleUpdateTaskMachineCore{E5E2DD2B-68F0-41E9-8D75-F47E5CFFB24E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-12] (Google LLC -> Google LLC)
Task: {AFD5CBBF-8D15-49FA-8CBC-2E56DFEED870} - System32\Tasks\GoogleUpdateTaskMachineUA{78A0B6BC-DC69-40E8-9394-1BDB1C1317DE} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-12] (Google LLC -> Google LLC)
Task: {B067DFE8-7E16-41C7-ABC4-E71D8C606FA4} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43022856 2022-01-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {BF0F5F2E-972D-46E5-ADF2-053DE50BBB38} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2021-10-13] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {CA31EE30-BDEE-4066-8422-F95868D1A0BD} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {D242FA64-146B-4A12-B016-0856C92C01F6} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\9.3.0\Scheduler.exe [157784 2022-04-19] (IObit CO., LTD -> IObit)
Task: {DDA1412A-A35A-445C-BD68-AB0F6721BC2A} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {DDE3B198-CDE5-448A-829E-9864D92D03FC} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {DF3A202B-0E6E-4ECB-A1C6-426CCB6F0D34} - System32\Tasks\Driver Booster SkipUAC (radom) => C:\Program Files (x86)\IObit\Driver Booster\9.3.0\DriverBooster.exe [8662600 2022-04-19] (IObit CO., LTD -> IObit)
Task: {E628E5A5-57C8-4B26-AC20-6A7FC3C3B217} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {FA03DE26-9439-432C-BE4C-7BF59EE62A87} - System32\Tasks\Uninstaller_SkipUac_radom => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [7517720 2022-03-24] (IObit CO., LTD -> IObit)
Task: {FCA54B76-BF09-4A28-BE4F-F425AA38B9C1} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d84e5f28a73955 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{500fa420-a116-433c-ba71-d9819e78439f}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\radom\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-13]

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default [2022-06-13]
CHR DownloadDir: H:\chrome stažené soubory
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://find-it.pro/?utm_source=distr_m"
CHR DefaultSearchURL: Default -> hxxps://find-it.pro/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> find-it.pro
CHR DefaultSuggestURL: Default -> hxxps://find-it.pro/search/suggest.php?q={searchTerms}
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-13]
CHR Extension: (IObit Surfing Protection) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn [2022-05-09]
CHR Extension: (Find-it.Pro Search) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-06-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService15; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1300096 2022-04-20] (IObit CO., LTD -> IObit)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [372456 2022-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2022-02-10] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-03-09] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.13\AsusFanControlService.exe [2216264 2022-03-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [650208 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUS)
R2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2022-06-13] (ASUSTeK Computer Inc. -> )
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-12-10] (Creative Technology Ltd) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-05-31] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-04-12] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2271832 2022-05-11] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-05-11] (GOG Sp. z o.o. -> GOG.com)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [396520 2022-01-20] (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158744 2022-02-10] (IObit CO., LTD -> IObit)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3835360 2022-03-10] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-06-13] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-06-08] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-06-08] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2133968 2022-05-04] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6307560 2022-04-08] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [40920 2021-07-07] (IObit CO., LTD -> IObit)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [47904 2022-03-23] (IObit CO., LTD -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46552 2021-07-07] (IObit CO., LTD -> IObit)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [34112 2019-07-02] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43168 2022-03-09] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [507904 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [180224 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
S3 COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [162336 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [162336 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 cpuz145; no ImagePath
R3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2022-06-13] (CPUID S.A.R.L.U. -> CPUID)
R3 ctac32k; C:\Windows\system32\drivers\ctac32k.sys [584224 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 ctaud2k; C:\Windows\system32\drivers\ctaud2k.sys [874016 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [709664 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [709664 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [145440 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [145440 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [31808 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [29208 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 ctprxy2k; C:\Windows\system32\drivers\ctprxy2k.sys [20512 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [685088 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [685088 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 ctsfm2k; C:\Windows\system32\drivers\ctsfm2k.sys [293400 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 emupia; C:\Windows\system32\drivers\emupia2k.sys [150040 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ha10kx2k; C:\Windows\system32\drivers\ha10kx2k.sys [1367576 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 hap16v2k; C:\Windows\system32\drivers\hap16v2k.sys [262160 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 hap17v2k; C:\Windows\system32\drivers\hap17v2k.sys [298008 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 Hsp; C:\Windows\System32\drivers\Hsp.sys [111960 2022-05-11] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2022-04-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2022-04-12] (Intel Corporation -> Intel Corporation)
R3 iobit_monitor_server2021; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [33256 2021-08-11] (IObit CO., LTD -> IObit)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2021-10-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl1de65b79; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8B5876C2-A8BA-4108-8C28-F3F1B6017F7D}\MpKslDrv.sys [137464 2022-06-13] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ossrv; C:\Windows\system32\drivers\ctoss2k.sys [227864 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 PATRIOTRGB; C:\Windows\system32\DRIVERS\PATRIOTRGB.sys [3783680 2017-04-14] (C-MEDIA ELECTRONICS INC. -> Patriot Memory LLC)
R3 rt25cx21; C:\Windows\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_6d0a87e4b66148bc\rt25cx21x64.sys [620472 2022-05-19] (Realtek Semiconductor Corp. -> Realtek)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-13 16:49 - 2022-06-13 16:57 - 000000000 ____D C:\FRST
2022-06-13 16:35 - 2022-06-13 16:35 - 000001577 _____ C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armoury Crate Notice.lnk
2022-06-13 16:09 - 2022-06-13 16:09 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-06-13 16:09 - 2022-06-13 16:09 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-06-13 16:09 - 2022-06-13 16:09 - 000002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-06-13 16:09 - 2022-06-13 16:09 - 000000000 ____D C:\Users\radom\AppData\Local\mbam
2022-06-13 16:09 - 2022-06-13 16:08 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-06-13 16:08 - 2022-06-13 16:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-06-13 16:08 - 2022-06-13 16:08 - 000000000 ____D C:\Program Files\Malwarebytes
2022-06-13 15:56 - 2022-06-13 15:56 - 000000765 _____ C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Launcher.lnk
2022-06-13 14:49 - 2022-06-13 14:49 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-06-13 14:29 - 2022-06-13 14:32 - 000000000 ____D C:\Users\radom\AppData\Roaming\WeMod
2022-06-13 14:29 - 2022-06-13 14:29 - 000000000 ____D C:\Users\radom\AppData\Local\SquirrelTemp
2022-06-13 14:17 - 2022-06-13 14:32 - 000000004 _____ C:\ProgramData\rc.dat
2022-06-13 14:14 - 2022-06-13 14:19 - 000000004 _____ C:\ProgramData\lock.dat
2022-06-13 14:14 - 2022-06-13 14:18 - 000000016 _____ C:\ProgramData\lir.bats
2022-06-13 14:14 - 2022-06-13 14:14 - 000000008 _____ C:\ProgramData\ts.dat
2022-06-13 13:43 - 2022-06-13 15:36 - 000000000 ____D C:\Users\radom\AppData\Roaming\ServiceGet
2022-06-13 13:43 - 2022-06-13 14:19 - 000000000 ____D C:\ProgramData\DiskOptimizer
2022-06-13 13:43 - 2022-06-13 13:54 - 000000000 ____D C:\Users\radom\AppData\Roaming\shftool
2022-06-13 13:43 - 2022-06-13 13:48 - 000000000 ____D C:\Users\radom\AppData\Local\Opera Software
2022-06-13 13:43 - 2022-06-13 13:44 - 000000000 ____D C:\Users\radom\AppData\Roaming\ZGbSB75
2022-06-13 13:43 - 2022-06-13 13:43 - 000000000 ____D C:\Users\radom\AppData\Roaming\Sajepifo
2022-06-13 13:43 - 2022-06-13 13:43 - 000000000 ____D C:\Users\radom\AppData\Roaming\Opera Software
2022-06-13 13:42 - 2022-06-13 13:42 - 000000000 _____ C:\Users\radom\OneDrive\Dokumenty\Trainer.zip
2022-06-12 21:41 - 2022-06-13 15:36 - 000000000 ____D C:\ProgramData\ReShade
2022-06-09 13:40 - 2022-06-09 13:40 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-06-08 14:41 - 2022-06-08 14:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2022-06-08 13:50 - 2022-06-08 15:38 - 000000000 ____D C:\ProgramData\Electronic Arts
2022-06-08 07:58 - 2022-06-08 07:58 - 000003122 _____ C:\Windows\system32\Tasks\MSIAfterburner
2022-06-07 08:36 - 2022-06-07 08:36 - 000000000 ____D C:\Users\radom\AppData\Local\WB Games
2022-06-06 20:22 - 2022-06-06 20:22 - 000000000 ____D C:\Users\radom\AppData\Roaming\GameSparks
2022-06-04 17:37 - 2022-06-04 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo Immortal
2022-06-04 17:32 - 2022-06-04 17:32 - 000000000 ____D C:\Users\radom\AppData\Roaming\EasyAntiCheat
2022-06-04 16:54 - 2022-06-04 16:54 - 000000000 ____D C:\Users\radom\AppData\Local\Frontiers
2022-06-02 20:38 - 2022-06-02 20:39 - 000000000 ____D C:\Windows\LastGood
2022-06-02 20:38 - 2022-06-02 20:38 - 005729992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 002120904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001905928 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001905928 _____ C:\Windows\system32\vulkaninfo.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001602248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001530432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001467072 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001432328 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001432328 _____ C:\Windows\system32\vulkan-1.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001208536 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001177280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000731200 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000725576 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000713280 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 000587336 _____ C:\Windows\system32\nvofapi64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000582720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000460496 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000458816 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 000089327 _____ C:\Windows\system32\nvinfo.pb
2022-06-02 20:37 - 2022-06-02 20:37 - 007616472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 006963928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 006463608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 006226632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 005100768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 002932928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 000852024 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2022-06-02 18:50 - 2022-06-02 19:18 - 000000000 ____D C:\Users\radom\AppData\Roaming\CC
2022-06-02 18:42 - 2022-06-02 18:42 - 000000000 ____D C:\Users\radom\AppData\Roaming\Netease
2022-06-02 18:42 - 2022-06-02 18:42 - 000000000 ____D C:\Users\radom\AppData\Local\UniSDK
2022-06-02 18:42 - 2022-06-02 18:42 - 000000000 ____D C:\Users\radom\AppData\Local\Netease
2022-06-02 18:29 - 2022-06-02 18:29 - 000003360 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3700602199-4179786454-2309774523-1003
2022-06-02 18:29 - 2022-06-02 18:29 - 000002392 _____ C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-02 15:40 - 2022-06-02 15:40 - 000000000 ____D C:\Users\radom\AppData\Local\Endeavor
2022-06-01 12:54 - 2022-06-01 12:54 - 088129536 _____ C:\Windows\system32\config\software.iobit
2022-06-01 12:54 - 2022-06-01 12:54 - 004734976 _____ C:\Windows\system32\config\drivers.iobit
2022-06-01 12:54 - 2022-06-01 12:54 - 000479232 _____ C:\Windows\system32\config\default.iobit
2022-06-01 12:54 - 2022-06-01 12:54 - 000086016 _____ C:\Windows\system32\config\sam.iobit
2022-06-01 12:54 - 2022-06-01 12:54 - 000036864 _____ C:\Windows\system32\config\security.iobit
2022-06-01 12:13 - 2022-06-01 12:13 - 000007626 _____ C:\Users\radom\AppData\Local\Resmon.ResmonCfg
2022-06-01 12:03 - 2022-06-01 12:03 - 1458954163 ____N C:\Windows\MEMORY.DMP
2022-05-31 20:46 - 2022-05-31 20:46 - 004599528 _____ C:\Windows\PE_File.dll
2022-05-31 20:45 - 2022-05-31 20:46 - 000015528 _____ C:\Windows\PE_Rom.dll
2022-05-31 20:45 - 2022-05-31 20:45 - 000000000 _____ C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_TUF GAMING B560-PLUS WIFI.alu
2022-05-31 16:38 - 2022-05-31 16:38 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-05-27 16:12 - 2022-05-20 02:51 - 000082552 _____ C:\Windows\system32\FvSDK_x64.dll
2022-05-27 16:12 - 2022-05-20 02:51 - 000071288 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2022-05-27 08:34 - 2022-05-27 08:34 - 000557056 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2022-05-27 08:34 - 2022-05-27 08:34 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2022-05-27 08:33 - 2022-05-27 08:33 - 000614400 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000335872 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000299008 _____ C:\Windows\system32\EsclScan.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000180224 _____ C:\Windows\system32\EsclProtocol.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000015004 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-05-27 08:28 - 2022-05-27 08:30 - 000000000 ___HD C:\$WinREAgent
2022-05-27 08:21 - 2022-05-27 08:21 - 000137632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2022-05-27 08:21 - 2022-05-27 08:21 - 000050568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2022-05-26 10:03 - 2022-05-26 10:03 - 000000000 ____D C:\Users\radom\AppData\Local\DolmenWindows
2022-05-25 12:23 - 2022-05-25 12:23 - 000000000 ____D C:\Users\radom\AppData\LocalLow\Cradle Games
2022-05-18 18:03 - 2022-05-18 18:08 - 000000000 ____D C:\Users\radom\AppData\LocalLow\Stunlock Studios
2022-05-17 08:43 - 2022-05-17 08:43 - 000003072 _____ C:\Windows\system32\Tasks\ASC_SkipUac_radom
2022-05-15 10:02 - 2022-05-15 10:02 - 000000000 ____D C:\Users\radom\AppData\Local\Streumon
2022-05-15 08:43 - 2022-05-15 08:43 - 000000000 ____D C:\Users\radom\AppData\Local\ww

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-13 16:47 - 2022-04-12 11:01 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-13 16:46 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-13 16:24 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemTemp
2022-06-13 16:09 - 2021-06-05 14:10 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-06-13 15:59 - 2022-04-12 11:02 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-13 15:49 - 2022-05-06 21:27 - 000000000 ____D C:\SteamLibrary
2022-06-13 15:39 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-13 15:39 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\AppReadiness
2022-06-13 15:36 - 2022-05-11 08:22 - 000000000 ____D C:\Users\radom\AppData\Roaming\Telegram Desktop
2022-06-13 15:36 - 2022-05-11 08:22 - 000000000 ____D C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-06-13 15:36 - 2022-04-28 16:29 - 000000000 ____D C:\Users\radom\AppData\Local\ReShade
2022-06-13 15:36 - 2022-04-17 09:39 - 000000000 ____D C:\Users\radom\AppData\Roaming\Origin
2022-06-13 15:36 - 2022-04-17 09:39 - 000000000 ____D C:\Users\radom\AppData\Local\Origin
2022-06-13 15:36 - 2022-04-17 09:39 - 000000000 ____D C:\ProgramData\Origin
2022-06-13 15:36 - 2022-04-13 09:17 - 000000000 ____D C:\Users\radom\AppData\Roaming\vlc
2022-06-13 15:36 - 2022-04-13 08:35 - 000000000 ____D C:\Users\radom\AppData\Roaming\Battle.net
2022-06-13 15:36 - 2022-04-13 08:35 - 000000000 ____D C:\Users\radom\AppData\Local\Battle.net
2022-06-13 15:36 - 2022-04-12 14:35 - 000000000 ____D C:\Users\radom\AppData\Local\EpicGamesLauncher
2022-06-13 15:36 - 2022-04-12 13:36 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2022-06-13 15:36 - 2022-04-12 13:36 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2022-06-13 15:36 - 2022-04-12 12:16 - 000000000 ____D C:\Users\radom\AppData\LocalLow\IObit
2022-06-13 15:36 - 2022-04-12 12:16 - 000000000 ____D C:\ProgramData\ProductData
2022-06-13 15:36 - 2022-04-12 12:15 - 000000000 ____D C:\Users\radom\AppData\Roaming\IObit
2022-06-13 15:36 - 2022-04-12 12:13 - 000000000 ____D C:\Program Files\CrystalDiskMark8
2022-06-13 15:36 - 2022-04-12 12:13 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-06-13 15:36 - 2022-04-12 11:04 - 000000000 ____D C:\ProgramData\PATRIOT_MEMORY
2022-06-13 15:36 - 2022-04-12 10:01 - 000000000 ____D C:\ProgramData\ASUS
2022-06-13 15:36 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\GroupPolicy
2022-06-13 15:36 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\registration
2022-06-13 14:58 - 2022-04-12 10:21 - 000000000 ____D C:\Users\radom\AppData\Local\D3DSCache
2022-06-13 14:49 - 2022-05-10 12:12 - 002762208 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2022-06-13 14:49 - 2021-06-05 14:09 - 000000000 ____D C:\Windows\INF
2022-06-13 14:48 - 2022-05-10 12:12 - 000402920 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000198112 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000136672 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000062928 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2022-06-13 14:48 - 2022-04-12 10:01 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-13 14:45 - 2022-04-12 10:11 - 001616250 _____ C:\Windows\system32\PerfStringBackup.INI
2022-06-13 14:45 - 2021-06-05 19:20 - 000683632 _____ C:\Windows\system32\perfh005.dat
2022-06-13 14:45 - 2021-06-05 19:20 - 000138942 _____ C:\Windows\system32\perfc005.dat
2022-06-13 14:39 - 2022-04-12 10:20 - 000000000 ____D C:\Users\radom
2022-06-13 14:39 - 2022-04-12 10:11 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-13 14:39 - 2022-04-12 10:01 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2022-06-13 14:39 - 2022-04-12 10:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-13 14:39 - 2022-04-12 10:01 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-06-13 14:38 - 2022-04-12 10:01 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2022-06-13 14:15 - 2022-04-12 13:24 - 000000000 ____D C:\plc_debug
2022-06-10 12:07 - 2022-04-12 10:23 - 000000000 ____D C:\Users\radom\OneDrive\Dokumenty\My Games
2022-06-08 10:26 - 2022-04-12 15:53 - 000000000 ____D C:\CZ Manager
2022-06-08 08:39 - 2022-04-17 09:44 - 000000000 ____D C:\Program Files (x86)\Origin
2022-06-08 08:12 - 2022-04-12 17:18 - 000000000 ____D C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-06-08 07:58 - 2021-06-05 14:01 - 000524288 _____ C:\Windows\system32\config\BBI
2022-06-07 22:46 - 2022-04-12 10:12 - 000033800 _____ C:\Windows\system32\BMXStateBkp-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 22:46 - 2022-04-12 10:12 - 000033800 _____ C:\Windows\system32\BMXState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 22:46 - 2022-04-12 10:12 - 000029040 _____ C:\Windows\system32\BMXCtrlState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 22:46 - 2022-04-12 10:12 - 000029040 _____ C:\Windows\system32\BMXBkpCtrlState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 22:46 - 2022-04-12 10:12 - 000011564 _____ C:\Windows\system32\DVCState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 13:44 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\LiveKernelReports
2022-06-03 16:01 - 2022-04-13 08:28 - 000000000 ____D C:\Users\radom\AppData\Local\Ubisoft Game Launcher
2022-06-02 18:29 - 2022-04-12 10:23 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3700602199-4179786454-2309774523-1003
2022-06-01 12:03 - 2022-04-18 14:49 - 000000000 ____D C:\Windows\Minidump
2022-05-31 21:13 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\NDF
2022-05-31 17:48 - 2022-04-12 11:19 - 000000000 ____D C:\Users\radom\AppData\Local\NVIDIA Corporation
2022-05-31 14:09 - 2022-04-13 08:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-05-30 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\MUI
2022-05-30 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\MUI
2022-05-27 16:24 - 2022-04-12 10:25 - 000000000 ____D C:\Users\radom\AppData\Local\NVIDIA
2022-05-27 16:12 - 2022-04-12 10:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-05-27 16:10 - 2022-04-12 11:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-05-27 16:10 - 2022-04-12 10:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-05-27 08:39 - 2022-04-12 10:01 - 000302600 _____ C:\Windows\system32\FNTCACHE.DAT
2022-05-27 08:38 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-05-27 08:38 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ___SD C:\Windows\SysWOW64\F12
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ___SD C:\Windows\system32\F12
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\oobe
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemResources
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\vi-VN
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\oobe
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\lv-LV
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\lt-LT
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\id-ID
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\gl-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\eu-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\et-EE
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\es-MX
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\Dism
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\ca-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\appraiser
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\ShellExperiences
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\ShellComponents
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\bcastdvr
2022-05-27 08:36 - 2021-06-05 14:01 - 000000000 ____D C:\Windows\CbsTemp
2022-05-27 08:33 - 2022-04-12 10:03 - 003101184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-05-26 16:54 - 2022-04-12 11:20 - 000000000 ____D C:\Users\radom\AppData\Local\CrashDumps
2022-05-21 07:24 - 2022-04-12 10:23 - 000000000 ____D C:\Users\radom\OneDrive\Dokumenty\The Surge 2
2022-05-19 10:25 - 2022-04-17 16:43 - 000000000 ____D C:\Users\radom\AppData\Local\ElevatedDiagnostics
2022-05-17 08:43 - 2022-04-12 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2022-05-16 16:31 - 2022-04-13 13:56 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy

==================== Files in the root of some directories ========

2022-06-13 14:14 - 2022-06-13 14:19 - 000000004 _____ () C:\ProgramData\lock.dat
2022-06-13 14:17 - 2022-06-13 14:32 - 000000004 _____ () C:\ProgramData\rc.dat
2022-06-13 14:14 - 2022-06-13 14:14 - 000000008 _____ () C:\ProgramData\ts.dat
2022-04-18 21:02 - 2022-05-11 10:30 - 000000125 _____ () C:\Users\radom\IP_Log_Data.js
2022-04-12 11:13 - 2022-04-12 11:14 - 000000626 _____ () C:\Users\radom\AppData\Roaming\All CPU MeterV3_Settings.ini
2022-04-28 08:13 - 2022-04-28 08:13 - 000000839 _____ () C:\Users\radom\AppData\Roaming\Drives Meter_Settings.ini
2022-04-12 12:56 - 2022-04-12 14:36 - 000000283 _____ () C:\Users\radom\AppData\Roaming\GPU MeterV2_Settings.ini
2022-04-12 14:41 - 2022-04-12 14:41 - 000000724 _____ () C:\Users\radom\AppData\Roaming\GPU Monitor_GPU0_Settings.ini
2022-04-12 11:15 - 2022-04-12 14:34 - 000000516 _____ () C:\Users\radom\AppData\Roaming\GPU Monitor_GPU_Settings.ini
2022-05-02 21:32 - 2022-05-02 21:32 - 140605022 _____ () C:\Users\radom\AppData\Roaming\gta5_patch.bin
2022-04-18 21:02 - 2022-05-11 10:30 - 000000964 _____ () C:\Users\radom\AppData\Roaming\Network Meter_Settings.ini
2022-04-18 21:02 - 2022-05-11 10:30 - 000000019 _____ () C:\Users\radom\AppData\Roaming\Network Meter_Usage.ini
2022-05-02 21:32 - 2022-05-02 21:32 - 000332800 _____ () C:\Users\radom\AppData\Roaming\patcher.dll
2022-04-12 13:27 - 2022-04-14 16:57 - 000002418 _____ () C:\Users\radom\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2022-04-12 14:06 - 2022-05-03 22:58 - 000000122 _____ () C:\Users\radom\AppData\Roaming\System Monitor II_UptimeRecord.ini
2022-04-18 23:50 - 2022-05-03 22:58 - 000000128 _____ () C:\Users\radom\AppData\Roaming\System Uptime Full Plus_Record.ini
2022-04-18 21:03 - 2022-04-18 21:06 - 000000354 _____ () C:\Users\radom\AppData\Roaming\System Uptime Full Plus_Settings.ini
2022-04-18 20:53 - 2022-04-18 20:53 - 000000352 _____ () C:\Users\radom\AppData\Roaming\Top Process Monitor_Settings.ini
2022-04-18 20:47 - 2022-04-18 20:49 - 000000516 _____ () C:\Users\radom\AppData\Roaming\Weather Monitor_Settings.ini
2022-06-01 12:13 - 2022-06-01 12:13 - 000007626 _____ () C:\Users\radom\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-06-2022
Ran by radom (13-06-2022 16:58:06)
Running from H:\
Microsoft Windows 11 Home Version 21H2 22000.708 (X64) (2022-04-12 08:02:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3700602199-4179786454-2309774523-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3700602199-4179786454-2309774523-503 - Limited - Disabled)
Guest (S-1-5-21-3700602199-4179786454-2309774523-501 - Limited - Disabled)
radom (S-1-5-21-3700602199-4179786454-2309774523-1003 - Administrator - Enabled) => C:\Users\radom
WDAGUtilityAccount (S-1-5-21-3700602199-4179786454-2309774523-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 15.4.0 - IObit)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.01.10 - ASUSTeK Computer Inc.)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.1.4 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.45.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{e040e3dd-d66c-4bca-bc40-f9eac8080fee}) (Version: 1.1.45.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{4e2b05b0-eb08-41e5-9eb3-cdcc43d6bee0}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.2.8.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{c289ca16-807e-4373-92c3-29ef5dc2119a}) (Version: 1.2.8.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{8bc53c84-d9aa-4cc6-b19c-261f445494dc}) (Version: 2.1.3.0 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.00.10 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.79 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.18 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{c3ae9104-ed9b-4ab5-9eb1-569697f4514b}) (Version: 1.1.18 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.40 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{a1318319-c95b-48da-beb8-63ed6e4d809a}) (Version: 3.05.40 - ASUSTeK Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.84.0 - Bethesda Softworks)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
Control - Čeština (HKLM\...\{34AD213D-1A18-4480-80DC-77C341DCAD70}}_is1) (Version: 1.1 - Necronos)
CPUID CPU-Z 2.01 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World)
CrystalDiskMark 8.0.4a (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4a - Crystal Dew World)
Diablo Immortal (HKLM-x32\...\Diablo Immortal) (Version: - Blizzard Entertainment)
Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.3.0 - IObit)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.39.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{135617a1-0191-4ed9-a0f7-2786a4739018}) (Version: 1.1.39.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{97f3a665-a91b-4def-91e2-97fec9f22bfa}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Far Cry 6 (HKLM-x32\...\Uplay Install 5266) (Version: - Ubisoft)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
Gadgets Extended Pack (HKLM\...\Gadgets Extended Pack_is1) (Version: 1.0 - GadgetsRevived.com)
GameSDK Service (HKLM-x32\...\{1a192f34-128f-43ed-a83d-f998b9d5f646}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.115 - Google LLC)
IObit Uninstaller 11 (HKLM-x32\...\IObitUninstall) (Version: 11.4.0.2 - IObit)
iTop Private Browser (HKLM-x32\...\iTop Private Browser_is1) (Version: 3.1.0.255 - iTop Inc.)
Kingdoms of Amalur: Re-Reckoning (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Kingdoms of Amalur: Re-Reckoning) (Version: - )
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{2237a879-7fa4-4e21-ae3b-00f6a649b9d9}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.53 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\OneDriveSetup.exe) (Version: 22.099.0508.0001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2022.0124.01 - MSI)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.95 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.113.50894 - Electronic Arts, Inc.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory)
PATRIOT VIPER HEADSET V370 (HKLM-x32\...\{D8D9AEBE-1712-4A4A-BC70-4CD9C82D1951}) (Version: 1.00.0010 - Patriot Memory LLC)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.5 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{387596e5-692e-4baf-bec2-3338d555df7a}) (Version: 1.0.6.5 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1436.31 - Rockstar Games)
REDlauncher (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.58.822 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.7 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.4.8.0 - ASUSTek COMPUTER INC.)
Setup-YMS 3017 (HKLM-x32\...\{66FBD489-5512-46C7-BF23-953E1320C80A}_is1) (Version: 1.0 - FAST CR, a.s.)
Sound Blaster Audigy 5_Audigy Rx (HKLM-x32\...\{81440118-F1CE-4C87-BC8B-F1EB8D3FA190}) (Version: 1.0 - Creative Technology Limited)
Sound Blaster Audigy Series Driver (HKLM-x32\...\IOke_is1) (Version: 1.0.00.03 - Creative Technology Ltd.)
SSDScopeApp version 4.6.0 (HKLM\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 4.6.0 - Transcend Information, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.45.0 - TechPowerUp)
Telegram Desktop (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 130.1.10657 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.1.5.0_x64__qmba6cd70vzyy [2022-06-13] (ASUSTeK COMPUTER INC.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.126.0_x64__kzh8wxbdkxb8p [2022-06-13] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2022-06-13] (Facebook Inc)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-06-13] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0 [2022-06-13] (Spotify AB) [Startup Task]
WinRAR -> C:\Program Files\WinRAR [2022-04-12] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{71B1723C-1EC2-4b4d-868E-FA58C7F95CD9}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Volume_Control.gadget\SoundControl.dll (Orbmu2k) [File not signed] [File is in use]
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{7ED1DCB7-48AD-4D4E-B609-181330032D7F}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GetGPUInfo64.dll () [File not signed] [File is in use]
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2022-04-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2022-04-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2022-04-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2022-04-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\nvshext.dll [2022-06-02] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-13] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-04-12 14:39 - 2014-05-22 22:39 - 000156160 _____ () [File not signed] [File is in use] C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GetGPUInfo64.dll
2022-01-10 07:36 - 2022-01-10 07:36 - 000515584 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2022-01-11 16:52 - 2022-01-11 16:52 - 000479744 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2022-01-11 16:52 - 2022-01-11 16:52 - 000470016 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2022-01-10 07:36 - 2022-01-10 07:36 - 000832512 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2022-04-12 13:41 - 2021-10-13 14:47 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2022-04-12 13:42 - 2021-10-22 11:10 - 000370688 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2022-04-12 13:42 - 2021-10-22 11:10 - 000888320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2022-04-12 13:42 - 2021-10-22 11:09 - 000999424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2022-04-12 13:42 - 2021-10-22 11:11 - 000992768 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2022-04-12 13:42 - 2021-10-22 11:12 - 000956416 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2022-04-12 13:42 - 2021-10-13 14:56 - 001667584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2022-04-12 13:42 - 2021-10-13 14:56 - 001065472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FanInfofromProtocol.dll
2022-04-24 09:13 - 2022-01-12 16:43 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-12-23 15:51 - 2021-12-23 15:51 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000668672 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2022-04-12 14:12 - 2005-07-19 04:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Support\unrar.dll
2021-12-03 15:32 - 2021-12-03 15:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2021-12-03 15:32 - 2021-12-03 15:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2021-12-03 15:32 - 2021-12-03 15:32 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2022-05-13 09:11 - 2022-03-04 04:23 - 126965248 _____ () [File not signed] J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2022-04-12 17:16 - 2021-11-17 13:38 - 000384000 _____ () [File not signed] J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-04-12 17:16 - 2021-11-17 13:38 - 008006656 _____ () [File not signed] J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2022-04-12 13:42 - 2021-10-13 14:56 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2022-04-12 11:04 - 2017-04-19 09:36 - 000254464 ____N (C-MEDIA Electronics INC.) [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\Driver\x64\vista\osConfLib.dll
2022-04-12 11:04 - 2017-04-19 09:36 - 000053760 ____N (Cmedia) [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\Driver\CMHID\CMHID_X64.dll
2022-04-12 10:52 - 2012-12-10 12:51 - 000535552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTAudEp.dll
2022-04-12 10:52 - 2011-09-16 18:04 - 000238080 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTLoadRs.dll
2022-04-12 10:52 - 2013-06-21 13:20 - 000836608 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\HookWndU.DLL
2022-04-12 14:12 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2022-04-12 13:50 - 2022-04-12 13:50 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.126.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2022-04-12 14:39 - 2012-07-26 08:49 - 000087552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sbdrop.dll
2022-04-12 14:12 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2022-05-13 09:11 - 2022-03-04 04:23 - 000983552 _____ (The Chromium Authors) [File not signed] J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2022-04-24 09:13 - 2022-01-12 16:43 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2022-04-24 09:13 - 2022-01-12 16:43 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2022-04-12 13:23 - 2021-10-22 11:27 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libcrypto-1_1-x64.dll
2022-04-12 13:23 - 2021-10-22 11:27 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libssl-1_1-x64.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000078336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qgifd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000102400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicnsd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000079360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicod.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000668160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qjpegd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000062976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qsvgd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000062464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtgad.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000656384 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtiffd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000060416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwbmpd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000936448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwebpd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 003425792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 011002368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 011547648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000568832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Svgd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 009100288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000312832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000304128 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\styles\qwindowsvistastyled.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2022-04-20] (IObit CO., LTD -> IObit)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\Control Panel\Desktop\\Wallpaper -> H:\Programy\programy\miniaplikace\tapeta-astronaut-planeta-vesmir-tapeta-na-zed-2560x1080_14.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "AsioThk32Reg"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\StartupFolder: => "Sidebar621.lnk"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "EADM"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{906AF6D3-EE6B-43F7-B12A-147469DAA9C7}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{1D3DA25F-886C-4E76-8CE1-C1DEC28BD741}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{55660ACC-C39C-4709-90DB-B8B3CBBA844F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [TCP Query User{02673732-126B-4109-9AE0-29F03EA89389}C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [UDP Query User{B1A016E0-BAFC-430E-AFD2-5DD02CDF58D0}C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{870F7EE9-B02E-4D1C-8167-DE53F9D18C49}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{94973D4F-8D7A-4D53-9B83-92A81D84507F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FA269CD2-8ADF-4D76-B5C6-809E859B4E24}] => (Allow) J:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BA115F1F-53FE-450A-BAD2-07ECC94A75C2}] => (Allow) J:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7B578DCA-9B86-402E-9BA9-23ECA48E77A0}] => (Allow) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B671EC40-DBBC-4113-8569-44707002DE48}] => (Allow) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{EFCC7671-0CBA-4F39-97D8-E0B9082CFD5F}J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{5A356859-7339-4016-8C4B-BB8A6E8C979E}J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{164CF23A-1825-49B4-8F2A-91A5BB41EE4F}] => (Allow) G:\SteamLibrary\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{C70B69B4-1D41-4FA9-90BF-E7F978617F8A}] => (Allow) G:\SteamLibrary\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{B7FC8839-5D54-4045-AAEE-BC651F2F8B49}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Ghostwire Tokyo\GWT.exe (ZeniMax Asia K.K.) [File not signed]
FirewallRules: [{C5065A79-540D-48B4-9144-5E130B595ABA}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Ghostwire Tokyo\GWT.exe (ZeniMax Asia K.K.) [File not signed]
FirewallRules: [{88A4F6D5-3076-4F28-AB9F-497385FCA64E}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [{1D054196-BE43-4443-9FCE-CC53E41AA871}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [{EB71E31B-5879-4F04-8F14-FF118F243E43}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\OUTRIDERS\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{C592D76A-258E-4E1E-9D1F-B4BE0F7EB3EC}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\OUTRIDERS\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{68223BAD-D01D-4A36-8A3E-B16AFE92D77C}] => (Allow) G:\SteamLibrary\steamapps\common\King's Bounty II\KingsBounty2\Binaries\Win64\KingsBounty2.exe (1C Online Games Ltd.) [File not signed]
FirewallRules: [{F814042E-D7E6-4966-A01C-5D0FD7F9A6B3}] => (Allow) G:\SteamLibrary\steamapps\common\King's Bounty II\KingsBounty2\Binaries\Win64\KingsBounty2.exe (1C Online Games Ltd.) [File not signed]
FirewallRules: [TCP Query User{67BC7AD3-7186-4912-90EC-4B84D2B9AB41}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{FFA648F4-8B14-4F59-9E09-5E1EC48FE5EB}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E8A7415C-C701-4323-8523-2D3E7CE88C0E}] => (Allow) F:\Uplay\Far Cry 6\bin\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{714F9A21-2D74-4686-8118-0F3D153D4906}] => (Allow) F:\Uplay\Far Cry 6\bin\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{C306FBCB-955B-4370-94B0-FC69F2DB1A59}] => (Allow) F:\Uplay\Far Cry 6\bin_plus\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{35EA8DDA-DD82-4324-B62E-C2739A539049}] => (Allow) F:\Uplay\Far Cry 6\bin_plus\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{C10558D1-FB4F-47C3-9AC0-22FFD557A610}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{1CFCD371-A3F7-459E-A7FF-33DE617ADD0A}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{82CE9236-A58C-4BB6-8D17-C5560ACA5465}] => (Allow) G:\SteamLibrary\steamapps\common\Marvel's Guardians of the Galaxy\bin\gotg.exe () [File not signed]
FirewallRules: [{99656A46-8231-4812-992F-918439524594}] => (Allow) G:\SteamLibrary\steamapps\common\Marvel's Guardians of the Galaxy\bin\gotg.exe () [File not signed]
FirewallRules: [TCP Query User{93F485F2-F9C0-46CA-9C34-57B7B7B31221}J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{7CC4486B-F2D2-4A39-9DD3-BA0BBC0C27A3}J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{A1E4B999-1F89-483F-B726-36D7DE317D41}J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [UDP Query User{F82C62F4-63DA-4499-A1F1-5EE8B8D17A8C}J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{61F06E70-2B00-4688-93F8-659C45B694F1}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{7A768851-5514-4B65-914A-063D3C762400}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{71F5A89D-F145-4308-8B38-77428ED4D123}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{3FA48D0F-3E67-4F73-AFD5-EEE215719801}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{D3FA54EF-0E4C-4342-BD39-128D3F65BFB9}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [TCP Query User{6A8A1FE5-93D9-414A-A0F7-DFE77754D28D}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{DB569EDF-04E6-4049-A4EC-C1EBE8BAF97E}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{66D27C3C-0238-452F-8DC9-B61E7309FB94}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (FromSoftware,Inc. -> FromSoftware, Inc.)
FirewallRules: [{B8685FC7-2773-4301-90E4-438655EB026B}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (FromSoftware,Inc. -> FromSoftware, Inc.)
FirewallRules: [{8C68B55F-671C-4DBE-A045-EAC459F1615C}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{1F86140F-3A22-484E-BC24-F1192DB402BC}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{67073F82-788A-4E14-A880-1B9F1C9D842A}] => (Allow) H:\SteamLibrary\steamapps\common\Saints Row The Third Remastered\SRTTR.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [{0EFC7369-08ED-4BEA-AC2E-D352BB043E60}] => (Allow) H:\SteamLibrary\steamapps\common\Saints Row The Third Remastered\SRTTR.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [{606AFEC8-1F7D-4E19-B8F6-637231AECDAF}] => (Allow) H:7\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe => No File
FirewallRules: [{F91DC324-AF2C-46CA-B51A-85CB6696DE13}] => (Allow) H:7\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe => No File
FirewallRules: [{3155DE38-8DC2-4D90-A132-16AC19F2E2BB}] => (Allow) E:\SteamLibrary\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{0D9ABF88-F1C5-4591-8B14-7035F98EC0EA}] => (Allow) E:\SteamLibrary\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{047CC3BE-613E-4FFE-A279-7352CC417D56}F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe => No File
FirewallRules: [UDP Query User{F4E3CA92-BEE4-4465-9C00-E31335599F8D}F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe => No File
FirewallRules: [{0482B5AE-08D2-4A2A-9C27-F5DA4B4E1155}] => (Allow) F:\SteamLibrary\steamapps\common\GreedFall\GreedFall.exe (Focus Home Interactive S.A -> Spiders)
FirewallRules: [{C60D93FE-654D-48CC-9CA1-53EADDD74A8D}] => (Allow) F:\SteamLibrary\steamapps\common\GreedFall\GreedFall.exe (Focus Home Interactive S.A -> Spiders)
FirewallRules: [{29BC1E67-573B-4473-888D-E7DD3E291096}] => (Allow) G:\SteamLibrary\steamapps\common\WerewolfTheApocalypseEarthblood\WW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9898025A-DFE2-41A1-BA18-4E2163481431}] => (Allow) G:\SteamLibrary\steamapps\common\WerewolfTheApocalypseEarthblood\WW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{A63C90DD-20BB-4337-A87B-F81D29CE28B5}J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe (Stunlock Studios AB -> )
FirewallRules: [UDP Query User{F9874D76-CA0C-43B5-BA5C-206F13BA1392}J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe (Stunlock Studios AB -> )
FirewallRules: [{595166B1-77DE-4718-B62D-5ED1A60A86EB}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{FFCF39AA-8C13-4845-9FEE-71ED7EFEA1FF}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{AB993232-C4C2-4106-8E61-223EB346AB18}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA9AFCD6-4E4B-48D7-954B-16F5A413E998}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22133.500.1346.3200_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E114A10-6921-4B48-97AA-FA653A9CD0CC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22133.500.1346.3200_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40F42F0C-DF89-420A-A0D1-907187C18841}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{9E881159-A12F-4854-88F0-2990683746AE}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{07813F0A-54D3-4215-B768-FE78CB7DB023}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dolmen\Dolmen.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B99FEE8D-581F-4298-8441-88C18AE2F416}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dolmen\Dolmen.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{44B5C74E-A9B9-4461-831A-77CE1C731524}J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe (Massive Work Studio) [File not signed]
FirewallRules: [UDP Query User{93446F8F-3855-4790-8698-B6DBCB40C56C}J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe (Massive Work Studio) [File not signed]
FirewallRules: [{D681B53C-CF0C-42B9-8DB8-ACF799ED5995}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\bin\TheSurge2.exe => No File
FirewallRules: [{CB8D1582-826D-42EF-8B45-CAF61F688C58}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\bin\TheSurge2.exe => No File
FirewallRules: [{8EE399A3-73EC-4EAC-9E6B-BFC7B548FB4D}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\launcher\surge2-launcher.exe => No File
FirewallRules: [{F3268731-1CD2-4A5E-9C0F-17778205BC4C}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\launcher\surge2-launcher.exe => No File
FirewallRules: [{30CB1945-CA21-4D50-907A-947FE3BAFB71}] => (Allow) F:\SteamLibrary\steamapps\common\ELEX2\system\ELEX2.exe (Piranha Bytes) [File not signed]
FirewallRules: [{EF824674-5AA1-440C-A637-0AE984AE0DF9}] => (Allow) F:\SteamLibrary\steamapps\common\ELEX2\system\ELEX2.exe (Piranha Bytes) [File not signed]
FirewallRules: [{8C1B4455-7E6F-469B-A0EB-65D1FB3AA2E1}] => (Allow) F:\SteamLibrary\steamapps\common\Aliens Fireteam Elite\Endeavor.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{225849DA-DF95-45FA-8B51-4677ACE249BA}] => (Allow) F:\SteamLibrary\steamapps\common\Aliens Fireteam Elite\Endeavor.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5BC9E52A-007D-404B-94EA-2B97999D5123}] => (Allow) H:7\SteamLibrary\steamapps\common\GodOfWar\GoW.exe => No File
FirewallRules: [{56A8DFEE-B927-4B00-98D1-76FE2DB467E4}] => (Allow) H:7\SteamLibrary\steamapps\common\GodOfWar\GoW.exe => No File
FirewallRules: [{E4C7359B-2A9E-462A-9BE9-6AA5932E222A}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [{15871324-26CB-49A3-8973-170157FDD0B0}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [TCP Query User{DD4873C9-FD42-461A-99B8-297C1DF223D8}H:7\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) H:7\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{10BF3B2F-C5CF-4AA2-990D-AABDBEAE9D12}H:7\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) H:7\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{EAF44B9E-D817-40E1-9B19-DB8342CFF81F}J:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) J:\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{21ACE594-51C4-4FED-A903-B10B5479F7CD}J:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) J:\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{CF95E571-98F2-4B5A-8FEA-55413D24FC51}] => (Allow) F:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{26422657-9E5B-46BF-8C83-0062C76C00E3}] => (Allow) F:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{F386DF65-C38A-43FB-BE94-00822983B32E}] => (Allow) H:7\SteamLibrary\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe => No File
FirewallRules: [{8AF7BB13-BE6A-4107-BF8D-B51344D6920D}] => (Allow) H:7\SteamLibrary\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe => No File
FirewallRules: [{ECDC0E81-CC93-463B-9E2C-E155E716F132}] => (Allow) F:\SteamLibrary\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe => No File
FirewallRules: [{2A7D6F15-8CFF-44D8-A333-2F7C941499E4}] => (Allow) F:\SteamLibrary\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe => No File
FirewallRules: [{BC9C3FDC-514E-4849-9036-C1B691DFACE1}] => (Allow) D:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{455EC133-C22A-48E7-9469-966813DA84E9}] => (Allow) D:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{D3BD090D-C259-4149-86DF-B587A8BEB819}] => (Allow) F:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{F7DA8028-AA82-4BEE-8ED9-8FDECF9D2230}] => (Allow) F:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{A1C0E62B-02E9-4E61-A3A7-3EE3C5E14E79}] => (Allow) H:7\SteamLibrary\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [{7481A3C1-BD2F-48E3-8830-4FFE6488227E}] => (Allow) H:7\SteamLibrary\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [{3884EA32-0AC5-4E85-B016-33ECE3B1B8E4}] => (Allow) LPort=32682
FirewallRules: [{0DCAD036-48C6-4F25-BE7C-885AAB8CB563}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A8EDB7C2-EA1C-4F89-B183-5565E7177618}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{926E9E74-2D01-402C-AF80-0BF1BE922EA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4643234A-DCC5-448F-8D9C-5F1FAF66E02C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2F0FB499-5090-45A8-A96B-F31FE63CB471}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F95E2F54-EA6A-4611-BE37-E9A0B0830D2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{691DFE92-2C26-4044-99B2-116F6038BB33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56E65B7F-71A3-423D-8425-D3028B3FBA17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4AA87E5F-34CA-4F05-AE53-EACE6B8A44E1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

27-05-2022 08:31:29 Instalační služba modulů systému Windows
31-05-2022 16:37:36 Driver Booster : NVIDIA High Definition Audio
02-06-2022 20:36:19 Driver Booster : NVIDIA GeForce RTX 3070
08-06-2022 14:41:31 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/13/2022 02:39:29 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://INTC-KeyId-b066d9697f5d3a07b425 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(12250ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (06/13/2022 02:39:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4656,R,98) SRUJet: Při otevírání souboru protokolu C:\Windows\system32\SRU\SRU01FD0.log došlo k chybě -1811 (0xfffff8ed).

Error: (06/13/2022 02:16:05 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://INTC-KeyId-b066d9697f5d3a07b425 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(12047ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (06/13/2022 02:15:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/13/2022 01:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ViewFD.exe, verze: 3.5.1.3, časové razítko: 0x62a71fca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x3b000002
ID chybujícího procesu: 0x2678
Čas spuštění chybující aplikace: 0x01d87f1aa8be1cf9
Cesta k chybující aplikaci: C:\Program Files (x86)\ViewFD\ViewFD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 52d9fe18-5dff-4595-82c8-37dc85294582
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2022 01:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ViewFD.exe, verze: 3.5.1.3, časové razítko: 0x62a71fca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x3b000002
ID chybujícího procesu: 0x2678
Čas spuštění chybující aplikace: 0x01d87f1aa8be1cf9
Cesta k chybující aplikaci: C:\Program Files (x86)\ViewFD\ViewFD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 44629a4d-3d3e-4b2e-9e40-4fa88649c83c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2022 01:44:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ViewFD.exe, verze: 3.5.1.3, časové razítko: 0x62a71fca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x3b000002
ID chybujícího procesu: 0x2678
Čas spuštění chybující aplikace: 0x01d87f1aa8be1cf9
Cesta k chybující aplikaci: C:\Program Files (x86)\ViewFD\ViewFD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: da00e67b-51ad-4344-8d2b-a5abe0bf59e7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2022 01:44:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ViewFD.exe, verze: 3.5.1.3, časové razítko: 0x62a71fca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x3b000002
ID chybujícího procesu: 0x2678
Čas spuštění chybující aplikace: 0x01d87f1aa8be1cf9
Cesta k chybující aplikaci: C:\Program Files (x86)\ViewFD\ViewFD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: acdc8d32-9e8c-4a56-80df-db4e55a03049
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (06/13/2022 02:49:04 PM) (Source: DCOM) (EventID: 10005) (User: RADEK)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (06/13/2022 02:49:04 PM) (Source: DCOM) (EventID: 10005) (User: RADEK)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (06/13/2022 02:49:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (06/13/2022 02:25:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Aktualizace Google (gupdate) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/13/2022 02:19:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba DiskOptimizer byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/13/2022 02:15:17 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck se po přijetí pokynu pro vypnutí neukončila správně.

Error: (06/13/2022 02:15:05 PM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/13/2022 02:15:05 PM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2022-06-13 14:20:56
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDownloader:Win32/Emotet!ml
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\Program Files (x86)\Google\Update\GoogleUpdate.exe; file:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{E5E2DD2B-68F0-41E9-8D75-F47E5CFFB24E}->(UTF-16LE); file:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{78A0B6BC-DC69-40E8-9394-1BDB1C1317DE}->(UTF-16LE); process:_pid:4084,ProcessStart:132995961443247130; process:_pid:8788,ProcessStart:132995962705653204; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADFF7BC0-49A9-4AFB-8C25-352CBB77DCF1}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFD5CBBF-8D15-49FA-8CBC-2E56DFEED870}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{E5E2DD2B-68F0-41E9-8D75-F47E5CFFB24E}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{78A0B6BC-DC69-40E8-9394-1BDB1C1317DE}; service:_gupdate; service:_gupdatem; taskscheduler:_C:\Windows\System32\Tasks\GoogleUpdateTaskMach
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:30
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDownloader:Win32/Emotet!ml
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\ProgramData\DiskOptimizer\DiskOptimizer.exe; process:_pid:6964,ProcessStart:132995961455400649; service:_DiskOptimizer
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\ProgramData\DiskOptimizer\DiskOptimizer.exe
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Conteban.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\radom\AppData\Local\Microsoft\Windows\INetCache\IE\2T066TKC\soft[1]; file:_C:\Users\radom\AppData\Local\Temp\Amg2MKwiPbNoT90OgC\Cleaner.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\radom\AppData\Roaming\48ry0165e\C3Xq1maUO2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Convagent.AV!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\radom\AppData\Roaming\9dv2BDRrnt\m4eS8tND4.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6
Event[0]

Date: 2022-06-13 14:39:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===============
Date: 2022-06-13 16:14:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume19\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume19\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1601 05/07/2022
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B560-PLUS WIFI
Processor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Percentage of memory in use: 24%
Total physical RAM: 32637.48 MB
Available physical RAM: 24644.04 MB
Total Virtual: 34137.48 MB
Available Virtual: 20485.83 MB

==================== Drives ================================

Drive c: (Win 11 home) (Fixed) (Total:145.39 GB) (Free:56.95 GB) (Model: TS1TMTE220S) NTFS
Drive d: (hry) (Fixed) (Total:59.48 GB) (Free:25.74 GB) (Model: TS480GSSD220S) NTFS
Drive e: (hry) (Fixed) (Total:385.62 GB) (Free:109.62 GB) (Model: TS480GSSD220S) NTFS
Drive f: (hry) (Fixed) (Total:447.11 GB) (Free:178.43 GB) (Model: Patriot Burst) NTFS
Drive g: (hry) (Fixed) (Total:222.75 GB) (Free:68.16 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive h: (filmy,serialy,programy) (Fixed) (Total:931.51 GB) (Free:272.16 GB) (Model: CT1000BX500SSD1) NTFS
Drive i: (hry) (Fixed) (Total:447.11 GB) (Free:124.26 GB) (Model: Patriot Burst) NTFS
Drive j: (hry) (Fixed) (Total:806.05 GB) (Free:358.21 GB) (Model: TS1TMTE220S) NTFS

\\?\Volume{20257737-9207-4220-aed6-e3c65c6a692c}\ () (Fixed) (Total:0.59 GB) (Free:0.58 GB) NTFS
\\?\Volume{315c4be3-135b-4125-ba68-cb59ac4898fe}\ () (Fixed) (Total:0.5 GB) (Free:0.48 GB) NTFS
\\?\Volume{86cb57dc-243b-47a8-8041-56b02bb4afd6}\ () (Fixed) (Total:1.32 GB) (Free:1.3 GB) NTFS
\\?\Volume{a2bc723d-4792-4731-91e8-9af82ae29eae}\ () (Fixed) (Total:0.02 GB) (Free:0.01 GB) NTFS
\\?\Volume{b066948a-1a31-4d55-9598-f925a5328ac7}\ () (Fixed) (Total:0.11 GB) (Free:0.1 GB) NTFS
\\?\Volume{ba9b590c-cd55-45d8-bde4-09538f7de743}\ () (Fixed) (Total:0.46 GB) (Free:0.05 GB) NTFS
\\?\Volume{a3933231-a351-4da1-a977-c804fd1059da}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{08b6963d-b851-43e9-8705-c937f4eb1d97}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{2642ea35-0c89-4dc2-b37e-3d28571c809c}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{49f082d4-bc96-4402-b612-f968a4b5dbfc}\ () (Fixed) (Total:0.01 GB) (Free:0.01 GB) NTFS
\\?\Volume{3f974160-a7b1-4d0c-a059-0dfc7a4a49d9}\ () (Fixed) (Total:0.81 GB) (Free:0.79 GB) NTFS
\\?\Volume{46d4bdf7-28e8-43cd-9c72-63e0e24db542}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 038DD71B)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 5 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Sousťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Zde přikládám log

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-13-2022
# Duration: 00:00:04
# OS: Windows 10 Home
# Scanned: 32019
# Detected: 32


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\radom\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\radom\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare HKCU\Software\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D242FA64-146B-4A12-B016-0856C92C01F6}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1

***** [ Chromium (and derivatives) ] *****

PUP.Optional.BrowserHijack Find-it.Pro Search - meejmcfbiapijdfaadackoblffmidlig
PUP.Optional.Legacy bbmegnmpleoagolcnjnejdacakedpcgd

***** [ Chromium URLs ] *****

PUP.Optional.BrowserHijack https://find-it.pro/?utm_source=distr_m
PUP.Optional.LockHomepage https://find-it.pro/?utm_source=distr_m

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Nalezené položky smažte (přesauňte do karantény), restartujte a dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-06-2022
Ran by radom (13-06-2022 19:27:21)
Running from H:\
Microsoft Windows 11 Home Version 21H2 22000.708 (X64) (2022-04-12 08:02:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3700602199-4179786454-2309774523-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3700602199-4179786454-2309774523-503 - Limited - Disabled)
Guest (S-1-5-21-3700602199-4179786454-2309774523-501 - Limited - Disabled)
radom (S-1-5-21-3700602199-4179786454-2309774523-1003 - Administrator - Enabled) => C:\Users\radom
WDAGUtilityAccount (S-1-5-21-3700602199-4179786454-2309774523-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.01.10 - ASUSTeK Computer Inc.)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.1.4 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.45.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{e040e3dd-d66c-4bca-bc40-f9eac8080fee}) (Version: 1.1.45.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{4e2b05b0-eb08-41e5-9eb3-cdcc43d6bee0}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.2.8.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{c289ca16-807e-4373-92c3-29ef5dc2119a}) (Version: 1.2.8.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{8bc53c84-d9aa-4cc6-b19c-261f445494dc}) (Version: 2.1.3.0 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.00.10 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.79 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.18 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{c3ae9104-ed9b-4ab5-9eb1-569697f4514b}) (Version: 1.1.18 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.40 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{a1318319-c95b-48da-beb8-63ed6e4d809a}) (Version: 3.05.40 - ASUSTeK Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.84.0 - Bethesda Softworks)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
Control - Čeština (HKLM\...\{34AD213D-1A18-4480-80DC-77C341DCAD70}}_is1) (Version: 1.1 - Necronos)
CPUID CPU-Z 2.01 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World)
CrystalDiskMark 8.0.4a (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4a - Crystal Dew World)
Diablo Immortal (HKLM-x32\...\Diablo Immortal) (Version: - Blizzard Entertainment)
Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.3.0 - IObit)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.39.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{135617a1-0191-4ed9-a0f7-2786a4739018}) (Version: 1.1.39.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{97f3a665-a91b-4def-91e2-97fec9f22bfa}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Far Cry 6 (HKLM-x32\...\Uplay Install 5266) (Version: - Ubisoft)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
Gadgets Extended Pack (HKLM\...\Gadgets Extended Pack_is1) (Version: 1.0 - GadgetsRevived.com)
GameSDK Service (HKLM-x32\...\{1a192f34-128f-43ed-a83d-f998b9d5f646}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.115 - Google LLC)
IObit Uninstaller 11 (HKLM-x32\...\IObitUninstall) (Version: 11.4.0.2 - IObit)
iTop Private Browser (HKLM-x32\...\iTop Private Browser_is1) (Version: 3.1.0.255 - iTop Inc.)
Kingdoms of Amalur: Re-Reckoning (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Kingdoms of Amalur: Re-Reckoning) (Version: - )
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{2237a879-7fa4-4e21-ae3b-00f6a649b9d9}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.53 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\OneDriveSetup.exe) (Version: 22.099.0508.0001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2022.0124.01 - MSI)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.95 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.113.50894 - Electronic Arts, Inc.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory)
PATRIOT VIPER HEADSET V370 (HKLM-x32\...\{D8D9AEBE-1712-4A4A-BC70-4CD9C82D1951}) (Version: 1.00.0010 - Patriot Memory LLC)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.5 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{387596e5-692e-4baf-bec2-3338d555df7a}) (Version: 1.0.6.5 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1436.31 - Rockstar Games)
REDlauncher (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.58.822 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.7 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.4.8.0 - ASUSTek COMPUTER INC.)
Setup-YMS 3017 (HKLM-x32\...\{66FBD489-5512-46C7-BF23-953E1320C80A}_is1) (Version: 1.0 - FAST CR, a.s.)
Sound Blaster Audigy 5_Audigy Rx (HKLM-x32\...\{81440118-F1CE-4C87-BC8B-F1EB8D3FA190}) (Version: 1.0 - Creative Technology Limited)
Sound Blaster Audigy Series Driver (HKLM-x32\...\IOke_is1) (Version: 1.0.00.03 - Creative Technology Ltd.)
SSDScopeApp version 4.6.0 (HKLM\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 4.6.0 - Transcend Information, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.45.0 - TechPowerUp)
Telegram Desktop (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 130.1.10657 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.1.5.0_x64__qmba6cd70vzyy [2022-06-13] (ASUSTeK COMPUTER INC.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.126.0_x64__kzh8wxbdkxb8p [2022-06-13] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2022-06-13] (Facebook Inc)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-06-13] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0 [2022-06-13] (Spotify AB) [Startup Task]
WinRAR -> C:\Program Files\WinRAR [2022-04-12] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{71B1723C-1EC2-4b4d-868E-FA58C7F95CD9}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Volume_Control.gadget\SoundControl.dll (Orbmu2k) [File not signed] [File is in use]
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{7ED1DCB7-48AD-4D4E-B609-181330032D7F}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GetGPUInfo64.dll () [File not signed] [File is in use]
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\nvshext.dll [2022-06-02] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-13] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-04-12 14:39 - 2014-05-22 22:39 - 000156160 _____ () [File not signed] [File is in use] C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GetGPUInfo64.dll
2022-01-10 07:36 - 2022-01-10 07:36 - 000515584 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2022-01-11 16:52 - 2022-01-11 16:52 - 000479744 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2022-01-11 16:52 - 2022-01-11 16:52 - 000470016 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2022-01-10 07:36 - 2022-01-10 07:36 - 000832512 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2022-04-12 13:41 - 2021-10-13 14:47 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2022-04-12 13:42 - 2021-10-22 11:10 - 000370688 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2022-04-12 13:42 - 2021-10-22 11:10 - 000888320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2022-04-12 13:42 - 2021-10-22 11:09 - 000999424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2022-04-12 13:42 - 2021-10-22 11:11 - 000992768 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2022-04-12 13:42 - 2021-10-22 11:12 - 000956416 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2022-04-12 13:42 - 2021-10-13 14:56 - 001667584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2022-04-12 13:42 - 2021-10-13 14:56 - 001065472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FanInfofromProtocol.dll
2022-04-24 09:13 - 2022-01-12 16:43 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-12-23 15:51 - 2021-12-23 15:51 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000668672 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2021-12-03 15:32 - 2021-12-03 15:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2021-12-03 15:32 - 2021-12-03 15:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2021-12-03 15:32 - 2021-12-03 15:32 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2022-04-12 13:24 - 2022-04-12 13:24 - 080653824 _____ () [File not signed] C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.1.5.0_x64__qmba6cd70vzyy\ArmouryCrate.dll
2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2022-04-12 13:42 - 2021-10-13 14:56 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2022-04-12 11:04 - 2017-04-19 09:36 - 000254464 ____N (C-MEDIA Electronics INC.) [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\Driver\x64\vista\osConfLib.dll
2022-04-12 11:04 - 2017-04-19 09:36 - 000053760 ____N (Cmedia) [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\Driver\CMHID\CMHID_X64.dll
2022-04-12 10:52 - 2012-12-10 12:51 - 000535552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTAudEp.dll
2022-04-12 10:52 - 2011-09-16 18:04 - 000238080 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTLoadRs.dll
2022-04-12 10:52 - 2013-06-21 13:20 - 000836608 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\HookWndU.DLL
2022-04-12 14:12 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2022-04-12 13:50 - 2022-04-12 13:50 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.126.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2022-04-12 14:12 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2022-04-24 09:13 - 2022-01-12 16:43 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2022-04-24 09:13 - 2022-01-12 16:43 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2022-04-12 13:23 - 2021-10-22 11:27 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libcrypto-1_1-x64.dll
2022-04-12 13:23 - 2021-10-22 11:27 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libssl-1_1-x64.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000078336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qgifd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000102400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicnsd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000079360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicod.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000668160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qjpegd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000062976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qsvgd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000062464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtgad.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000656384 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtiffd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000060416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwbmpd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000936448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwebpd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 003425792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 011002368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 011547648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000568832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Svgd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 009100288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000312832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000304128 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\styles\qwindowsvistastyled.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\Control Panel\Desktop\\Wallpaper -> H:\Programy\programy\miniaplikace\tapeta-astronaut-planeta-vesmir-tapeta-na-zed-2560x1080_14.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "AsioThk32Reg"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\StartupFolder: => "Sidebar621.lnk"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "EADM"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{906AF6D3-EE6B-43F7-B12A-147469DAA9C7}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{1D3DA25F-886C-4E76-8CE1-C1DEC28BD741}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{55660ACC-C39C-4709-90DB-B8B3CBBA844F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [TCP Query User{02673732-126B-4109-9AE0-29F03EA89389}C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [UDP Query User{B1A016E0-BAFC-430E-AFD2-5DD02CDF58D0}C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{870F7EE9-B02E-4D1C-8167-DE53F9D18C49}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{94973D4F-8D7A-4D53-9B83-92A81D84507F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FA269CD2-8ADF-4D76-B5C6-809E859B4E24}] => (Allow) J:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BA115F1F-53FE-450A-BAD2-07ECC94A75C2}] => (Allow) J:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7B578DCA-9B86-402E-9BA9-23ECA48E77A0}] => (Allow) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B671EC40-DBBC-4113-8569-44707002DE48}] => (Allow) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{EFCC7671-0CBA-4F39-97D8-E0B9082CFD5F}J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{5A356859-7339-4016-8C4B-BB8A6E8C979E}J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{164CF23A-1825-49B4-8F2A-91A5BB41EE4F}] => (Allow) G:\SteamLibrary\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{C70B69B4-1D41-4FA9-90BF-E7F978617F8A}] => (Allow) G:\SteamLibrary\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{B7FC8839-5D54-4045-AAEE-BC651F2F8B49}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Ghostwire Tokyo\GWT.exe (ZeniMax Asia K.K.) [File not signed]
FirewallRules: [{C5065A79-540D-48B4-9144-5E130B595ABA}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Ghostwire Tokyo\GWT.exe (ZeniMax Asia K.K.) [File not signed]
FirewallRules: [{88A4F6D5-3076-4F28-AB9F-497385FCA64E}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [{1D054196-BE43-4443-9FCE-CC53E41AA871}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [{EB71E31B-5879-4F04-8F14-FF118F243E43}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\OUTRIDERS\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{C592D76A-258E-4E1E-9D1F-B4BE0F7EB3EC}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\OUTRIDERS\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{68223BAD-D01D-4A36-8A3E-B16AFE92D77C}] => (Allow) G:\SteamLibrary\steamapps\common\King's Bounty II\KingsBounty2\Binaries\Win64\KingsBounty2.exe (1C Online Games Ltd.) [File not signed]
FirewallRules: [{F814042E-D7E6-4966-A01C-5D0FD7F9A6B3}] => (Allow) G:\SteamLibrary\steamapps\common\King's Bounty II\KingsBounty2\Binaries\Win64\KingsBounty2.exe (1C Online Games Ltd.) [File not signed]
FirewallRules: [TCP Query User{67BC7AD3-7186-4912-90EC-4B84D2B9AB41}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{FFA648F4-8B14-4F59-9E09-5E1EC48FE5EB}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E8A7415C-C701-4323-8523-2D3E7CE88C0E}] => (Allow) F:\Uplay\Far Cry 6\bin\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{714F9A21-2D74-4686-8118-0F3D153D4906}] => (Allow) F:\Uplay\Far Cry 6\bin\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{C306FBCB-955B-4370-94B0-FC69F2DB1A59}] => (Allow) F:\Uplay\Far Cry 6\bin_plus\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{35EA8DDA-DD82-4324-B62E-C2739A539049}] => (Allow) F:\Uplay\Far Cry 6\bin_plus\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{C10558D1-FB4F-47C3-9AC0-22FFD557A610}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{1CFCD371-A3F7-459E-A7FF-33DE617ADD0A}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{82CE9236-A58C-4BB6-8D17-C5560ACA5465}] => (Allow) G:\SteamLibrary\steamapps\common\Marvel's Guardians of the Galaxy\bin\gotg.exe () [File not signed]
FirewallRules: [{99656A46-8231-4812-992F-918439524594}] => (Allow) G:\SteamLibrary\steamapps\common\Marvel's Guardians of the Galaxy\bin\gotg.exe () [File not signed]
FirewallRules: [TCP Query User{93F485F2-F9C0-46CA-9C34-57B7B7B31221}J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{7CC4486B-F2D2-4A39-9DD3-BA0BBC0C27A3}J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{A1E4B999-1F89-483F-B726-36D7DE317D41}J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [UDP Query User{F82C62F4-63DA-4499-A1F1-5EE8B8D17A8C}J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{61F06E70-2B00-4688-93F8-659C45B694F1}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{7A768851-5514-4B65-914A-063D3C762400}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{71F5A89D-F145-4308-8B38-77428ED4D123}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{3FA48D0F-3E67-4F73-AFD5-EEE215719801}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{D3FA54EF-0E4C-4342-BD39-128D3F65BFB9}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [TCP Query User{6A8A1FE5-93D9-414A-A0F7-DFE77754D28D}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{DB569EDF-04E6-4049-A4EC-C1EBE8BAF97E}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{8C68B55F-671C-4DBE-A045-EAC459F1615C}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{1F86140F-3A22-484E-BC24-F1192DB402BC}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{67073F82-788A-4E14-A880-1B9F1C9D842A}] => (Allow) H:\SteamLibrary\steamapps\common\Saints Row The Third Remastered\SRTTR.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [{0EFC7369-08ED-4BEA-AC2E-D352BB043E60}] => (Allow) H:\SteamLibrary\steamapps\common\Saints Row The Third Remastered\SRTTR.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [{606AFEC8-1F7D-4E19-B8F6-637231AECDAF}] => (Allow) H:7\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe => No File
FirewallRules: [{F91DC324-AF2C-46CA-B51A-85CB6696DE13}] => (Allow) H:7\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe => No File
FirewallRules: [{3155DE38-8DC2-4D90-A132-16AC19F2E2BB}] => (Allow) E:\SteamLibrary\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{0D9ABF88-F1C5-4591-8B14-7035F98EC0EA}] => (Allow) E:\SteamLibrary\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{047CC3BE-613E-4FFE-A279-7352CC417D56}F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe => No File
FirewallRules: [UDP Query User{F4E3CA92-BEE4-4465-9C00-E31335599F8D}F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe => No File
FirewallRules: [{0482B5AE-08D2-4A2A-9C27-F5DA4B4E1155}] => (Allow) F:\SteamLibrary\steamapps\common\GreedFall\GreedFall.exe (Focus Home Interactive S.A -> Spiders)
FirewallRules: [{C60D93FE-654D-48CC-9CA1-53EADDD74A8D}] => (Allow) F:\SteamLibrary\steamapps\common\GreedFall\GreedFall.exe (Focus Home Interactive S.A -> Spiders)
FirewallRules: [{29BC1E67-573B-4473-888D-E7DD3E291096}] => (Allow) G:\SteamLibrary\steamapps\common\WerewolfTheApocalypseEarthblood\WW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9898025A-DFE2-41A1-BA18-4E2163481431}] => (Allow) G:\SteamLibrary\steamapps\common\WerewolfTheApocalypseEarthblood\WW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{A63C90DD-20BB-4337-A87B-F81D29CE28B5}J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe (Stunlock Studios AB -> )
FirewallRules: [UDP Query User{F9874D76-CA0C-43B5-BA5C-206F13BA1392}J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe (Stunlock Studios AB -> )
FirewallRules: [{595166B1-77DE-4718-B62D-5ED1A60A86EB}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{FFCF39AA-8C13-4845-9FEE-71ED7EFEA1FF}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{AB993232-C4C2-4106-8E61-223EB346AB18}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA9AFCD6-4E4B-48D7-954B-16F5A413E998}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22133.500.1346.3200_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E114A10-6921-4B48-97AA-FA653A9CD0CC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22133.500.1346.3200_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40F42F0C-DF89-420A-A0D1-907187C18841}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{9E881159-A12F-4854-88F0-2990683746AE}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{07813F0A-54D3-4215-B768-FE78CB7DB023}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dolmen\Dolmen.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B99FEE8D-581F-4298-8441-88C18AE2F416}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dolmen\Dolmen.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{44B5C74E-A9B9-4461-831A-77CE1C731524}J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe (Massive Work Studio) [File not signed]
FirewallRules: [UDP Query User{93446F8F-3855-4790-8698-B6DBCB40C56C}J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe (Massive Work Studio) [File not signed]
FirewallRules: [{D681B53C-CF0C-42B9-8DB8-ACF799ED5995}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\bin\TheSurge2.exe => No File
FirewallRules: [{CB8D1582-826D-42EF-8B45-CAF61F688C58}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\bin\TheSurge2.exe => No File
FirewallRules: [{8EE399A3-73EC-4EAC-9E6B-BFC7B548FB4D}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\launcher\surge2-launcher.exe => No File
FirewallRules: [{F3268731-1CD2-4A5E-9C0F-17778205BC4C}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\launcher\surge2-launcher.exe => No File
FirewallRules: [{30CB1945-CA21-4D50-907A-947FE3BAFB71}] => (Allow) F:\SteamLibrary\steamapps\common\ELEX2\system\ELEX2.exe (Piranha Bytes) [File not signed]
FirewallRules: [{EF824674-5AA1-440C-A637-0AE984AE0DF9}] => (Allow) F:\SteamLibrary\steamapps\common\ELEX2\system\ELEX2.exe (Piranha Bytes) [File not signed]
FirewallRules: [{8C1B4455-7E6F-469B-A0EB-65D1FB3AA2E1}] => (Allow) F:\SteamLibrary\steamapps\common\Aliens Fireteam Elite\Endeavor.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{225849DA-DF95-45FA-8B51-4677ACE249BA}] => (Allow) F:\SteamLibrary\steamapps\common\Aliens Fireteam Elite\Endeavor.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5BC9E52A-007D-404B-94EA-2B97999D5123}] => (Allow) H:7\SteamLibrary\steamapps\common\GodOfWar\GoW.exe => No File
FirewallRules: [{56A8DFEE-B927-4B00-98D1-76FE2DB467E4}] => (Allow) H:7\SteamLibrary\steamapps\common\GodOfWar\GoW.exe => No File
FirewallRules: [{E4C7359B-2A9E-462A-9BE9-6AA5932E222A}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [{15871324-26CB-49A3-8973-170157FDD0B0}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [TCP Query User{DD4873C9-FD42-461A-99B8-297C1DF223D8}H:7\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) H:7\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{10BF3B2F-C5CF-4AA2-990D-AABDBEAE9D12}H:7\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) H:7\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{EAF44B9E-D817-40E1-9B19-DB8342CFF81F}J:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) J:\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{21ACE594-51C4-4FED-A903-B10B5479F7CD}J:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) J:\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{CF95E571-98F2-4B5A-8FEA-55413D24FC51}] => (Allow) F:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{26422657-9E5B-46BF-8C83-0062C76C00E3}] => (Allow) F:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{F386DF65-C38A-43FB-BE94-00822983B32E}] => (Allow) H:7\SteamLibrary\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe => No File
FirewallRules: [{8AF7BB13-BE6A-4107-BF8D-B51344D6920D}] => (Allow) H:7\SteamLibrary\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe => No File
FirewallRules: [{ECDC0E81-CC93-463B-9E2C-E155E716F132}] => (Allow) F:\SteamLibrary\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe => No File
FirewallRules: [{2A7D6F15-8CFF-44D8-A333-2F7C941499E4}] => (Allow) F:\SteamLibrary\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe => No File
FirewallRules: [{BC9C3FDC-514E-4849-9036-C1B691DFACE1}] => (Allow) D:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{455EC133-C22A-48E7-9469-966813DA84E9}] => (Allow) D:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{D3BD090D-C259-4149-86DF-B587A8BEB819}] => (Allow) F:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{F7DA8028-AA82-4BEE-8ED9-8FDECF9D2230}] => (Allow) F:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{A1C0E62B-02E9-4E61-A3A7-3EE3C5E14E79}] => (Allow) H:7\SteamLibrary\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [{7481A3C1-BD2F-48E3-8830-4FFE6488227E}] => (Allow) H:7\SteamLibrary\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [{0DCAD036-48C6-4F25-BE7C-885AAB8CB563}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A8EDB7C2-EA1C-4F89-B183-5565E7177618}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{926E9E74-2D01-402C-AF80-0BF1BE922EA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4643234A-DCC5-448F-8D9C-5F1FAF66E02C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2F0FB499-5090-45A8-A96B-F31FE63CB471}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F95E2F54-EA6A-4611-BE37-E9A0B0830D2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{691DFE92-2C26-4044-99B2-116F6038BB33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56E65B7F-71A3-423D-8425-D3028B3FBA17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4AA87E5F-34CA-4F05-AE53-EACE6B8A44E1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7298DB4D-F93A-40E9-A9AC-D14A05A40723}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (FromSoftware,Inc. -> FromSoftware, Inc.)
FirewallRules: [{07440F7F-22FF-4F7D-AF56-676F92CB8A02}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (FromSoftware,Inc. -> FromSoftware, Inc.)
FirewallRules: [{DB1C1207-7CC7-484B-84C1-4253CC4EC209}] => (Allow) LPort=32682

==================== Restore Points =========================

27-05-2022 08:31:29 Instalační služba modulů systému Windows
31-05-2022 16:37:36 Driver Booster : NVIDIA High Definition Audio
02-06-2022 20:36:19 Driver Booster : NVIDIA GeForce RTX 3070
08-06-2022 14:41:31 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/13/2022 07:25:51 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://INTC-KeyId-b066d9697f5d3a07b425 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(12094ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (06/13/2022 07:20:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program CheatEvolution.exe verze 2.3.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3e18

Čas spuštění: 01d87f4110924346

Čas ukončení: 4

Cesta k aplikaci: H:\CheatEvolution\CheatEvolution.exe

ID hlášení: aca59868-da00-42a6-bc24-e15d9a1d16f7

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (06/13/2022 02:39:29 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://INTC-KeyId-b066d9697f5d3a07b425 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(12250ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (06/13/2022 02:39:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4656,R,98) SRUJet: Při otevírání souboru protokolu C:\Windows\system32\SRU\SRU01FD0.log došlo k chybě -1811 (0xfffff8ed).

Error: (06/13/2022 02:16:05 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://INTC-KeyId-b066d9697f5d3a07b425 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(12047ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (06/13/2022 02:15:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/13/2022 01:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ViewFD.exe, verze: 3.5.1.3, časové razítko: 0x62a71fca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x3b000002
ID chybujícího procesu: 0x2678
Čas spuštění chybující aplikace: 0x01d87f1aa8be1cf9
Cesta k chybující aplikaci: C:\Program Files (x86)\ViewFD\ViewFD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 52d9fe18-5dff-4595-82c8-37dc85294582
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2022 01:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ViewFD.exe, verze: 3.5.1.3, časové razítko: 0x62a71fca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x3b000002
ID chybujícího procesu: 0x2678
Čas spuštění chybující aplikace: 0x01d87f1aa8be1cf9
Cesta k chybující aplikaci: C:\Program Files (x86)\ViewFD\ViewFD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 44629a4d-3d3e-4b2e-9e40-4fa88649c83c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (06/13/2022 07:25:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AdvancedSystemCareService15 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (06/13/2022 07:23:33 PM) (Source: DCOM) (EventID: 10005) (User: RADEK)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby asComSvc s argumenty Není k dispozici za účelem spuštění serveru:
{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}

Error: (06/13/2022 07:23:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ASUS Com Service bylo dosaženo časového limitu (30000 ms).

Error: (06/13/2022 07:22:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/13/2022 07:22:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI_Companion_Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/13/2022 07:22:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LightingService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/13/2022 07:22:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LightKeeperService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/13/2022 07:22:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2022-06-13 14:20:56
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDownloader:Win32/Emotet!ml
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\Program Files (x86)\Google\Update\GoogleUpdate.exe; file:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{E5E2DD2B-68F0-41E9-8D75-F47E5CFFB24E}->(UTF-16LE); file:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{78A0B6BC-DC69-40E8-9394-1BDB1C1317DE}->(UTF-16LE); process:_pid:4084,ProcessStart:132995961443247130; process:_pid:8788,ProcessStart:132995962705653204; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADFF7BC0-49A9-4AFB-8C25-352CBB77DCF1}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFD5CBBF-8D15-49FA-8CBC-2E56DFEED870}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{E5E2DD2B-68F0-41E9-8D75-F47E5CFFB24E}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{78A0B6BC-DC69-40E8-9394-1BDB1C1317DE}; service:_gupdate; service:_gupdatem; taskscheduler:_C:\Windows\System32\Tasks\GoogleUpdateTaskMach
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:30
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDownloader:Win32/Emotet!ml
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\ProgramData\DiskOptimizer\DiskOptimizer.exe; process:_pid:6964,ProcessStart:132995961455400649; service:_DiskOptimizer
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\ProgramData\DiskOptimizer\DiskOptimizer.exe
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Conteban.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\radom\AppData\Local\Microsoft\Windows\INetCache\IE\2T066TKC\soft[1]; file:_C:\Users\radom\AppData\Local\Temp\Amg2MKwiPbNoT90OgC\Cleaner.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\radom\AppData\Roaming\48ry0165e\C3Xq1maUO2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Convagent.AV!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\radom\AppData\Roaming\9dv2BDRrnt\m4eS8tND4.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6
Event[0]

Date: 2022-06-13 14:39:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===============
Date: 2022-06-13 19:27:31
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume19\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-06-13 16:14:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume19\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume19\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1601 05/07/2022
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B560-PLUS WIFI
Processor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Percentage of memory in use: 14%
Total physical RAM: 32637.48 MB
Available physical RAM: 27864.8 MB
Total Virtual: 34137.48 MB
Available Virtual: 26070.57 MB

==================== Drives ================================

Drive c: (Win 11 home) (Fixed) (Total:145.39 GB) (Free:56.39 GB) (Model: TS1TMTE220S) NTFS
Drive d: (hry) (Fixed) (Total:59.48 GB) (Free:25.75 GB) (Model: TS480GSSD220S) NTFS
Drive e: (hry) (Fixed) (Total:385.62 GB) (Free:109.62 GB) (Model: TS480GSSD220S) NTFS
Drive f: (hry) (Fixed) (Total:447.11 GB) (Free:178.43 GB) (Model: Patriot Burst) NTFS
Drive g: (hry) (Fixed) (Total:222.75 GB) (Free:68.16 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive h: (filmy,serialy,programy) (Fixed) (Total:931.51 GB) (Free:274.72 GB) (Model: CT1000BX500SSD1) NTFS
Drive i: (hry) (Fixed) (Total:447.11 GB) (Free:124.26 GB) (Model: Patriot Burst) NTFS
Drive j: (hry) (Fixed) (Total:806.05 GB) (Free:357.9 GB) (Model: TS1TMTE220S) NTFS

\\?\Volume{20257737-9207-4220-aed6-e3c65c6a692c}\ () (Fixed) (Total:0.59 GB) (Free:0.58 GB) NTFS
\\?\Volume{315c4be3-135b-4125-ba68-cb59ac4898fe}\ () (Fixed) (Total:0.5 GB) (Free:0.48 GB) NTFS
\\?\Volume{86cb57dc-243b-47a8-8041-56b02bb4afd6}\ () (Fixed) (Total:1.32 GB) (Free:1.3 GB) NTFS
\\?\Volume{a2bc723d-4792-4731-91e8-9af82ae29eae}\ () (Fixed) (Total:0.02 GB) (Free:0.01 GB) NTFS
\\?\Volume{b066948a-1a31-4d55-9598-f925a5328ac7}\ () (Fixed) (Total:0.11 GB) (Free:0.1 GB) NTFS
\\?\Volume{ba9b590c-cd55-45d8-bde4-09538f7de743}\ () (Fixed) (Total:0.46 GB) (Free:0.05 GB) NTFS
\\?\Volume{a3933231-a351-4da1-a977-c804fd1059da}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{08b6963d-b851-43e9-8705-c937f4eb1d97}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{2642ea35-0c89-4dc2-b37e-3d28571c809c}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{49f082d4-bc96-4402-b612-f968a4b5dbfc}\ () (Fixed) (Total:0.01 GB) (Free:0.01 GB) NTFS
\\?\Volume{3f974160-a7b1-4d0c-a059-0dfc7a4a49d9}\ () (Fixed) (Total:0.81 GB) (Free:0.79 GB) NTFS
\\?\Volume{46d4bdf7-28e8-43cd-9c72-63e0e24db542}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 038DD71B)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 5 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================




# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-13-2022
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 32
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted C:\Users\radom\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\radom\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKCU\Software\IObit\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D242FA64-146B-4A12-B016-0856C92C01F6}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1

***** [ Chromium (and derivatives) ] *****

Deleted Find-it.Pro Search - meejmcfbiapijdfaadackoblffmidlig
Deleted bbmegnmpleoagolcnjnejdacakedpcgd

***** [ Chromium URLs ] *****

Deleted https://find-it.pro/?utm_source=distr_m
Deleted https://find-it.pro/?utm_source=distr_m

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4512 octets] - [13/06/2022 18:09:57]
AdwCleaner[S01].txt - [4573 octets] - [13/06/2022 18:11:30]
AdwCleaner[S02].txt - [4634 octets] - [13/06/2022 18:14:54]
AdwCleaner[S03].txt - [4695 octets] - [13/06/2022 19:22:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Chybí log FRST. Dal jste pouze Additional a log ADW po smazání.

Omlouvám se,zde je.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-06-2022
Ran by radom (administrator) on RADEK (ASUS System Product Name) (13-06-2022 21:09:47)
Running from H:\
Loaded Profiles: radom
Platform: Microsoft Windows 11 Home Version 21H2 22000.708 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowser.exe
(C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTHKCtrl.exe
(explorer.exe ->) () [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\PATRIOT_MEMORY_x64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <28>
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) J:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe
(J:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.126.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.13\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Sog951x1Sound] => C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\PATRIOT_MEMORY_x64.exe [2418176 2017-04-19] () [File not signed]
HKLM-x32\...\Run: [Creative Hot Key Control] => C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTHKCtrl.exe [650752 2013-07-19] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL (No File)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32637904 2022-06-03] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed] [File is in use]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Steam] => J:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1088456 2022-05-30] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Bethesda.net] => [X]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13980248 2022-05-11] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3720464 2020-12-24] (IObit Information Technology -> IObit)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3148016 2022-06-08] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [MicrosoftEdgeAutoLaunch_31FB0F89BB3DBA0F19285F725AC75676] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-13] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0393F8D4-23FD-4F30-8103-16F9D79319AD} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.3.0\AutoUpdate.exe [2463840 2022-04-19] (IObit CO., LTD -> IObit)
Task: {14D30B30-1C12-491D-9190-258CF44F255E} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2159944 2021-10-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {207C194F-B807-4CCD-862A-F7F25B7B16C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A58E98A-C6A6-49D8-9F59-9D0D9F59D4C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56CA9002-7D81-4A4E-9CD0-F91A1750691D} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1610808 2021-04-14] (ASUSTeK Computer Inc. -> )
Task: {58FFBC9E-8038-4AFE-97B6-F93F0C6F8AB4} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2157024 2022-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {5D793E69-061D-479B-B66B-68F211F620A6} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1794360 2022-01-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {654C1D23-BDEA-4814-8196-2379FA68ACB9} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [3262224 2020-12-24] (IObit Information Technology -> IObit)
Task: {6A06E1DA-40BB-45F6-AD4E-521561053595} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1471104 2021-10-22] (ASUSTeK Computer Inc. -> )
Task: {7BB2FBBC-5E05-4F64-A6C9-EBD3B5C18936} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241960 2021-11-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {7ED53E70-8F9B-4FCA-BF7B-F268595DCD15} - System32\Tasks\ASC_SkipUac_radom => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [9501968 2020-12-24] (IObit Information Technology -> IObit)
Task: {98AC1FBA-D192-445B-BAC9-33C39B61B6B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DE5B295-F41F-4913-AB92-71E6B66DF8D2} - System32\Tasks\iTop Private Browser UAC => C:\Program Files\iTop Private Browser\ivBInit.exe [1409928 2022-04-13] (Chengdu Xiao Shan Hu Technology Co., Ltd -> iTop Inc.)
Task: {9F5687FA-F910-4708-BA19-B43536965439} - System32\Tasks\iTop Private Browser Update => C:\Program Files\iTop Private Browser\AutoUpdate.exe [2422664 2022-04-13] (Chengdu Xiao Shan Hu Technology Co., Ltd -> iTop Inc.)
Task: {A282D79C-49D3-489E-9A67-D4D3F8EA7AEA} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [293856 2022-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AD178CE3-F671-4026-96DB-70D2568CE9D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ADFF7BC0-49A9-4AFB-8C25-352CBB77DCF1} - System32\Tasks\GoogleUpdateTaskMachineCore{E5E2DD2B-68F0-41E9-8D75-F47E5CFFB24E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-12] (Google LLC -> Google LLC)
Task: {AFD5CBBF-8D15-49FA-8CBC-2E56DFEED870} - System32\Tasks\GoogleUpdateTaskMachineUA{78A0B6BC-DC69-40E8-9394-1BDB1C1317DE} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-12] (Google LLC -> Google LLC)
Task: {B067DFE8-7E16-41C7-ABC4-E71D8C606FA4} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43022856 2022-01-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {BF0F5F2E-972D-46E5-ADF2-053DE50BBB38} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2021-10-13] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {CA31EE30-BDEE-4066-8422-F95868D1A0BD} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {DDA1412A-A35A-445C-BD68-AB0F6721BC2A} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {DDE3B198-CDE5-448A-829E-9864D92D03FC} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {DF3A202B-0E6E-4ECB-A1C6-426CCB6F0D34} - System32\Tasks\Driver Booster SkipUAC (radom) => C:\Program Files (x86)\IObit\Driver Booster\9.3.0\DriverBooster.exe [8662600 2022-04-19] (IObit CO., LTD -> IObit)
Task: {E628E5A5-57C8-4B26-AC20-6A7FC3C3B217} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {FA03DE26-9439-432C-BE4C-7BF59EE62A87} - System32\Tasks\Uninstaller_SkipUac_radom => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [7517720 2022-03-24] (IObit CO., LTD -> IObit)
Task: {FCA54B76-BF09-4A28-BE4F-F425AA38B9C1} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d84e5f28a73955 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{500fa420-a116-433c-ba71-d9819e78439f}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\radom\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-13]

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default [2022-06-13]
CHR DownloadDir: H:\chrome stažené soubory
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://find-it.pro/?utm_source=distr_m","hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://find-it.pro/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> find-it.pro
CHR DefaultSuggestURL: Default -> hxxps://find-it.pro/search/suggest.php?q={searchTerms}
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-13]
CHR Extension: (IObit Surfing Protection) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn [2022-05-09]
CHR Extension: (Find-it.Pro Search) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-06-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService14; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1288976 2020-12-24] (IObit Information Technology -> IObit)
S2 AdvancedSystemCareService15; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1288976 2020-12-24] (IObit Information Technology -> IObit)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [372456 2022-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2022-04-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-03-09] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.13\AsusFanControlService.exe [2216264 2022-03-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [650208 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUS)
R2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2022-06-13] (ASUSTeK Computer Inc. -> )
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-12-10] (Creative Technology Ltd) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-05-31] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2271832 2022-05-11] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-05-11] (GOG Sp. z o.o. -> GOG.com)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [396520 2022-01-20] (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158744 2022-02-10] (IObit CO., LTD -> IObit)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3835360 2022-03-10] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-06-13] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-06-08] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-06-08] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2133968 2022-05-04] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6307560 2022-04-08] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [40496 2020-06-03] (IObit Information Technology -> IObit)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [46008 2020-07-21] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46008 2020-06-03] (IObit Information Technology -> IObit)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [34112 2019-07-02] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43168 2022-03-09] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [507904 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [180224 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
S3 COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [162336 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [162336 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2022-06-13] (CPUID S.A.R.L.U. -> CPUID)
R3 ctac32k; C:\Windows\system32\drivers\ctac32k.sys [584224 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 ctaud2k; C:\Windows\system32\drivers\ctaud2k.sys [874016 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [709664 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [709664 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [145440 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [145440 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [31808 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [29208 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 ctprxy2k; C:\Windows\system32\drivers\ctprxy2k.sys [20512 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [685088 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [685088 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 ctsfm2k; C:\Windows\system32\drivers\ctsfm2k.sys [293400 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 emupia; C:\Windows\system32\drivers\emupia2k.sys [150040 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ha10kx2k; C:\Windows\system32\drivers\ha10kx2k.sys [1367576 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 hap16v2k; C:\Windows\system32\drivers\hap16v2k.sys [262160 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 hap17v2k; C:\Windows\system32\drivers\hap17v2k.sys [298008 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 Hsp; C:\Windows\System32\drivers\Hsp.sys [111960 2022-05-11] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2022-04-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2022-04-12] (Intel Corporation -> Intel Corporation)
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [32520 2020-12-02] (IObit Information Technology -> IObit)
S3 iobit_monitor_server2021; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [32520 2020-12-02] (IObit Information Technology -> IObit)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2021-10-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl73cffbd0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8B5876C2-A8BA-4108-8C28-F3F1B6017F7D}\MpKslDrv.sys [137464 2022-06-13] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ossrv; C:\Windows\system32\drivers\ctoss2k.sys [227864 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 PATRIOTRGB; C:\Windows\system32\DRIVERS\PATRIOTRGB.sys [3783680 2017-04-14] (C-MEDIA ELECTRONICS INC. -> Patriot Memory LLC)
R3 rt25cx21; C:\Windows\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_6d0a87e4b66148bc\rt25cx21x64.sys [620472 2022-05-19] (Realtek Semiconductor Corp. -> Realtek)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 gameflt; \SystemRoot\System32\DriverStore\FileRepository\gameflt.inf_amd64_e8beb16efa6399c0\gameflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-13 19:42 - 2022-06-13 19:42 - 082399232 _____ C:\Windows\system32\config\software.iobit
2022-06-13 19:42 - 2022-06-13 19:42 - 004411392 _____ C:\Windows\system32\config\drivers.iobit
2022-06-13 19:42 - 2022-06-13 19:42 - 000503808 _____ C:\Windows\system32\config\default.iobit
2022-06-13 19:42 - 2022-06-13 19:42 - 000086016 _____ C:\Windows\system32\config\sam.iobit
2022-06-13 19:42 - 2022-06-13 19:42 - 000036864 _____ C:\Windows\system32\config\security.iobit
2022-06-13 19:36 - 2022-06-13 19:36 - 000003072 _____ C:\Windows\system32\Tasks\ASC_SkipUac_radom
2022-06-13 19:35 - 2022-06-13 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2022-06-13 19:25 - 2022-06-13 19:25 - 000001577 _____ C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armoury Crate Notice.lnk
2022-06-13 18:09 - 2022-06-13 19:22 - 000000000 ____D C:\AdwCleaner
2022-06-13 16:49 - 2022-06-13 21:09 - 000000000 ____D C:\FRST
2022-06-13 16:09 - 2022-06-13 16:09 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-06-13 16:09 - 2022-06-13 16:09 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-06-13 16:09 - 2022-06-13 16:09 - 000002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-06-13 16:09 - 2022-06-13 16:09 - 000000000 ____D C:\Users\radom\AppData\Local\mbam
2022-06-13 16:09 - 2022-06-13 16:08 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-06-13 16:08 - 2022-06-13 16:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-06-13 16:08 - 2022-06-13 16:08 - 000000000 ____D C:\Program Files\Malwarebytes
2022-06-13 15:56 - 2022-06-13 15:56 - 000000765 _____ C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Launcher.lnk
2022-06-13 14:49 - 2022-06-13 14:49 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-06-13 14:29 - 2022-06-13 14:32 - 000000000 ____D C:\Users\radom\AppData\Roaming\WeMod
2022-06-13 14:29 - 2022-06-13 14:29 - 000000000 ____D C:\Users\radom\AppData\Local\SquirrelTemp
2022-06-13 14:17 - 2022-06-13 14:32 - 000000004 _____ C:\ProgramData\rc.dat
2022-06-13 14:14 - 2022-06-13 14:19 - 000000004 _____ C:\ProgramData\lock.dat
2022-06-13 14:14 - 2022-06-13 14:18 - 000000016 _____ C:\ProgramData\lir.bats
2022-06-13 14:14 - 2022-06-13 14:14 - 000000008 _____ C:\ProgramData\ts.dat
2022-06-13 13:43 - 2022-06-13 15:36 - 000000000 ____D C:\Users\radom\AppData\Roaming\ServiceGet
2022-06-13 13:43 - 2022-06-13 14:19 - 000000000 ____D C:\ProgramData\DiskOptimizer
2022-06-13 13:43 - 2022-06-13 13:54 - 000000000 ____D C:\Users\radom\AppData\Roaming\shftool
2022-06-13 13:43 - 2022-06-13 13:48 - 000000000 ____D C:\Users\radom\AppData\Local\Opera Software
2022-06-13 13:43 - 2022-06-13 13:44 - 000000000 ____D C:\Users\radom\AppData\Roaming\ZGbSB75
2022-06-13 13:43 - 2022-06-13 13:43 - 000000000 ____D C:\Users\radom\AppData\Roaming\Sajepifo
2022-06-13 13:43 - 2022-06-13 13:43 - 000000000 ____D C:\Users\radom\AppData\Roaming\Opera Software
2022-06-13 13:42 - 2022-06-13 13:42 - 000000000 _____ C:\Users\radom\OneDrive\Dokumenty\Trainer.zip
2022-06-12 21:41 - 2022-06-13 15:36 - 000000000 ____D C:\ProgramData\ReShade
2022-06-09 13:40 - 2022-06-09 13:40 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-06-08 14:41 - 2022-06-08 14:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2022-06-08 13:50 - 2022-06-08 15:38 - 000000000 ____D C:\ProgramData\Electronic Arts
2022-06-08 07:58 - 2022-06-08 07:58 - 000003122 _____ C:\Windows\system32\Tasks\MSIAfterburner
2022-06-07 08:36 - 2022-06-07 08:36 - 000000000 ____D C:\Users\radom\AppData\Local\WB Games
2022-06-06 20:22 - 2022-06-06 20:22 - 000000000 ____D C:\Users\radom\AppData\Roaming\GameSparks
2022-06-04 17:37 - 2022-06-04 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo Immortal
2022-06-04 17:32 - 2022-06-13 17:53 - 000000000 ____D C:\Users\radom\AppData\Roaming\EasyAntiCheat
2022-06-04 16:54 - 2022-06-04 16:54 - 000000000 ____D C:\Users\radom\AppData\Local\Frontiers
2022-06-02 20:38 - 2022-06-02 20:39 - 000000000 ____D C:\Windows\LastGood
2022-06-02 20:38 - 2022-06-02 20:38 - 005729992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 002120904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001905928 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001905928 _____ C:\Windows\system32\vulkaninfo.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001602248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001530432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001467072 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001432328 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001432328 _____ C:\Windows\system32\vulkan-1.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001208536 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001177280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000731200 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000725576 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000713280 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 000587336 _____ C:\Windows\system32\nvofapi64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000582720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000460496 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000458816 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 000089327 _____ C:\Windows\system32\nvinfo.pb
2022-06-02 20:37 - 2022-06-02 20:37 - 007616472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 006963928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 006463608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 006226632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 005100768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 002932928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 000852024 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2022-06-02 18:50 - 2022-06-02 19:18 - 000000000 ____D C:\Users\radom\AppData\Roaming\CC
2022-06-02 18:42 - 2022-06-02 18:42 - 000000000 ____D C:\Users\radom\AppData\Roaming\Netease
2022-06-02 18:42 - 2022-06-02 18:42 - 000000000 ____D C:\Users\radom\AppData\Local\UniSDK
2022-06-02 18:42 - 2022-06-02 18:42 - 000000000 ____D C:\Users\radom\AppData\Local\Netease
2022-06-02 18:29 - 2022-06-02 18:29 - 000003360 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3700602199-4179786454-2309774523-1003
2022-06-02 18:29 - 2022-06-02 18:29 - 000002392 _____ C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-02 15:40 - 2022-06-02 15:40 - 000000000 ____D C:\Users\radom\AppData\Local\Endeavor
2022-06-01 12:13 - 2022-06-01 12:13 - 000007626 _____ C:\Users\radom\AppData\Local\Resmon.ResmonCfg
2022-05-31 20:46 - 2022-05-31 20:46 - 004599528 _____ C:\Windows\PE_File.dll
2022-05-31 20:45 - 2022-05-31 20:46 - 000015528 _____ C:\Windows\PE_Rom.dll
2022-05-31 20:45 - 2022-05-31 20:45 - 000000000 _____ C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_TUF GAMING B560-PLUS WIFI.alu
2022-05-31 16:38 - 2022-05-31 16:38 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-05-27 16:12 - 2022-05-20 02:51 - 000082552 _____ C:\Windows\system32\FvSDK_x64.dll
2022-05-27 16:12 - 2022-05-20 02:51 - 000071288 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2022-05-27 08:34 - 2022-05-27 08:34 - 000557056 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2022-05-27 08:34 - 2022-05-27 08:34 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2022-05-27 08:33 - 2022-05-27 08:33 - 000614400 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000335872 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000299008 _____ C:\Windows\system32\EsclScan.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000180224 _____ C:\Windows\system32\EsclProtocol.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000015004 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-05-27 08:28 - 2022-05-27 08:30 - 000000000 ___HD C:\$WinREAgent
2022-05-27 08:21 - 2022-05-27 08:21 - 000137632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2022-05-27 08:21 - 2022-05-27 08:21 - 000050568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2022-05-26 10:03 - 2022-05-26 10:03 - 000000000 ____D C:\Users\radom\AppData\Local\DolmenWindows
2022-05-25 12:23 - 2022-05-25 12:23 - 000000000 ____D C:\Users\radom\AppData\LocalLow\Cradle Games
2022-05-18 18:03 - 2022-05-18 18:08 - 000000000 ____D C:\Users\radom\AppData\LocalLow\Stunlock Studios
2022-05-15 10:02 - 2022-05-15 10:02 - 000000000 ____D C:\Users\radom\AppData\Local\Streumon
2022-05-15 08:43 - 2022-05-15 08:43 - 000000000 ____D C:\Users\radom\AppData\Local\ww

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-13 20:25 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-13 20:13 - 2022-04-12 11:01 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-13 20:01 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\AppReadiness
2022-06-13 19:49 - 2022-04-12 17:18 - 000000000 ____D C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-06-13 19:48 - 2022-04-12 13:24 - 000000000 ____D C:\plc_debug
2022-06-13 19:44 - 2021-06-05 14:09 - 000000000 ____D C:\Windows\INF
2022-06-13 19:42 - 2022-05-06 21:27 - 000000000 ____D C:\SteamLibrary
2022-06-13 19:40 - 2022-04-12 13:19 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2022-06-13 19:36 - 2022-04-12 12:16 - 000000000 ____D C:\Users\radom\AppData\LocalLow\IObit
2022-06-13 19:36 - 2022-04-12 12:15 - 000000000 ____D C:\ProgramData\IObit
2022-06-13 19:36 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemTemp
2022-06-13 19:35 - 2022-04-12 12:15 - 000000000 ____D C:\Users\radom\AppData\Roaming\IObit
2022-06-13 19:35 - 2022-04-12 12:15 - 000000000 ____D C:\Program Files (x86)\IObit
2022-06-13 19:31 - 2022-04-12 10:11 - 001616250 _____ C:\Windows\system32\PerfStringBackup.INI
2022-06-13 19:31 - 2021-06-05 19:20 - 000683632 _____ C:\Windows\system32\perfh005.dat
2022-06-13 19:31 - 2021-06-05 19:20 - 000138942 _____ C:\Windows\system32\perfc005.dat
2022-06-13 19:25 - 2022-04-12 10:11 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-13 19:25 - 2022-04-12 10:01 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2022-06-13 19:25 - 2022-04-12 10:01 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2022-06-13 19:25 - 2022-04-12 10:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-13 19:25 - 2021-06-05 14:01 - 000524288 _____ C:\Windows\system32\config\BBI
2022-06-13 16:09 - 2021-06-05 14:10 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-06-13 15:59 - 2022-04-12 11:02 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-13 15:39 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-13 15:36 - 2022-05-11 08:22 - 000000000 ____D C:\Users\radom\AppData\Roaming\Telegram Desktop
2022-06-13 15:36 - 2022-05-11 08:22 - 000000000 ____D C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-06-13 15:36 - 2022-04-28 16:29 - 000000000 ____D C:\Users\radom\AppData\Local\ReShade
2022-06-13 15:36 - 2022-04-17 09:39 - 000000000 ____D C:\Users\radom\AppData\Roaming\Origin
2022-06-13 15:36 - 2022-04-17 09:39 - 000000000 ____D C:\Users\radom\AppData\Local\Origin
2022-06-13 15:36 - 2022-04-17 09:39 - 000000000 ____D C:\ProgramData\Origin
2022-06-13 15:36 - 2022-04-13 09:17 - 000000000 ____D C:\Users\radom\AppData\Roaming\vlc
2022-06-13 15:36 - 2022-04-13 08:35 - 000000000 ____D C:\Users\radom\AppData\Roaming\Battle.net
2022-06-13 15:36 - 2022-04-13 08:35 - 000000000 ____D C:\Users\radom\AppData\Local\Battle.net
2022-06-13 15:36 - 2022-04-12 14:35 - 000000000 ____D C:\Users\radom\AppData\Local\EpicGamesLauncher
2022-06-13 15:36 - 2022-04-12 13:36 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2022-06-13 15:36 - 2022-04-12 13:36 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2022-06-13 15:36 - 2022-04-12 12:16 - 000000000 ____D C:\ProgramData\ProductData
2022-06-13 15:36 - 2022-04-12 12:13 - 000000000 ____D C:\Program Files\CrystalDiskMark8
2022-06-13 15:36 - 2022-04-12 12:13 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-06-13 15:36 - 2022-04-12 11:04 - 000000000 ____D C:\ProgramData\PATRIOT_MEMORY
2022-06-13 15:36 - 2022-04-12 10:01 - 000000000 ____D C:\ProgramData\ASUS
2022-06-13 15:36 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\GroupPolicy
2022-06-13 15:36 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\registration
2022-06-13 14:58 - 2022-04-12 10:21 - 000000000 ____D C:\Users\radom\AppData\Local\D3DSCache
2022-06-13 14:49 - 2022-05-10 12:12 - 002762208 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000402920 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000198112 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000136672 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000062928 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2022-06-13 14:48 - 2022-04-12 10:01 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-13 14:39 - 2022-04-12 10:20 - 000000000 ____D C:\Users\radom
2022-06-13 14:39 - 2022-04-12 10:01 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-06-10 12:07 - 2022-04-12 10:23 - 000000000 ____D C:\Users\radom\OneDrive\Dokumenty\My Games
2022-06-08 10:26 - 2022-04-12 15:53 - 000000000 ____D C:\CZ Manager
2022-06-08 08:39 - 2022-04-17 09:44 - 000000000 ____D C:\Program Files (x86)\Origin
2022-06-07 22:46 - 2022-04-12 10:12 - 000033800 _____ C:\Windows\system32\BMXStateBkp-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 22:46 - 2022-04-12 10:12 - 000033800 _____ C:\Windows\system32\BMXState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 22:46 - 2022-04-12 10:12 - 000029040 _____ C:\Windows\system32\BMXCtrlState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 22:46 - 2022-04-12 10:12 - 000029040 _____ C:\Windows\system32\BMXBkpCtrlState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 22:46 - 2022-04-12 10:12 - 000011564 _____ C:\Windows\system32\DVCState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-07 13:44 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\LiveKernelReports
2022-06-03 16:01 - 2022-04-13 08:28 - 000000000 ____D C:\Users\radom\AppData\Local\Ubisoft Game Launcher
2022-06-02 18:29 - 2022-04-12 10:23 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3700602199-4179786454-2309774523-1003
2022-06-01 12:03 - 2022-04-18 14:49 - 000000000 ____D C:\Windows\Minidump
2022-05-31 21:13 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\NDF
2022-05-31 17:48 - 2022-04-12 11:19 - 000000000 ____D C:\Users\radom\AppData\Local\NVIDIA Corporation
2022-05-31 14:09 - 2022-04-13 08:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-05-30 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\MUI
2022-05-30 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\MUI
2022-05-27 16:24 - 2022-04-12 10:25 - 000000000 ____D C:\Users\radom\AppData\Local\NVIDIA
2022-05-27 16:12 - 2022-04-12 10:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-05-27 16:10 - 2022-04-12 11:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-05-27 16:10 - 2022-04-12 10:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-05-27 08:39 - 2022-04-12 10:01 - 000302600 _____ C:\Windows\system32\FNTCACHE.DAT
2022-05-27 08:38 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-05-27 08:38 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ___SD C:\Windows\SysWOW64\F12
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ___SD C:\Windows\system32\F12
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\oobe
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemResources
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\vi-VN
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\oobe
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\lv-LV
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\lt-LT
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\id-ID
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\gl-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\eu-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\et-EE
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\es-MX
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\Dism
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\ca-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\appraiser
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\ShellExperiences
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\ShellComponents
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\bcastdvr
2022-05-27 08:36 - 2021-06-05 14:01 - 000000000 ____D C:\Windows\CbsTemp
2022-05-27 08:33 - 2022-04-12 10:03 - 003101184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-05-26 16:54 - 2022-04-12 11:20 - 000000000 ____D C:\Users\radom\AppData\Local\CrashDumps
2022-05-21 07:24 - 2022-04-12 10:23 - 000000000 ____D C:\Users\radom\OneDrive\Dokumenty\The Surge 2
2022-05-19 10:25 - 2022-04-17 16:43 - 000000000 ____D C:\Users\radom\AppData\Local\ElevatedDiagnostics
2022-05-16 16:31 - 2022-04-13 13:56 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy

==================== Files in the root of some directories ========

2022-06-13 14:14 - 2022-06-13 14:19 - 000000004 _____ () C:\ProgramData\lock.dat
2022-06-13 14:17 - 2022-06-13 14:32 - 000000004 _____ () C:\ProgramData\rc.dat
2022-06-13 14:14 - 2022-06-13 14:14 - 000000008 _____ () C:\ProgramData\ts.dat
2022-04-18 21:02 - 2022-05-11 10:30 - 000000125 _____ () C:\Users\radom\IP_Log_Data.js
2022-04-12 11:13 - 2022-04-12 11:14 - 000000626 _____ () C:\Users\radom\AppData\Roaming\All CPU MeterV3_Settings.ini
2022-04-28 08:13 - 2022-04-28 08:13 - 000000839 _____ () C:\Users\radom\AppData\Roaming\Drives Meter_Settings.ini
2022-04-12 12:56 - 2022-04-12 14:36 - 000000283 _____ () C:\Users\radom\AppData\Roaming\GPU MeterV2_Settings.ini
2022-04-12 14:41 - 2022-04-12 14:41 - 000000724 _____ () C:\Users\radom\AppData\Roaming\GPU Monitor_GPU0_Settings.ini
2022-04-12 11:15 - 2022-04-12 14:34 - 000000516 _____ () C:\Users\radom\AppData\Roaming\GPU Monitor_GPU_Settings.ini
2022-05-02 21:32 - 2022-05-02 21:32 - 140605022 _____ () C:\Users\radom\AppData\Roaming\gta5_patch.bin
2022-04-18 21:02 - 2022-05-11 10:30 - 000000964 _____ () C:\Users\radom\AppData\Roaming\Network Meter_Settings.ini
2022-04-18 21:02 - 2022-05-11 10:30 - 000000019 _____ () C:\Users\radom\AppData\Roaming\Network Meter_Usage.ini
2022-05-02 21:32 - 2022-05-02 21:32 - 000332800 _____ () C:\Users\radom\AppData\Roaming\patcher.dll
2022-04-12 13:27 - 2022-04-14 16:57 - 000002418 _____ () C:\Users\radom\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2022-04-12 14:06 - 2022-05-03 22:58 - 000000122 _____ () C:\Users\radom\AppData\Roaming\System Monitor II_UptimeRecord.ini
2022-04-18 23:50 - 2022-05-03 22:58 - 000000128 _____ () C:\Users\radom\AppData\Roaming\System Uptime Full Plus_Record.ini
2022-04-18 21:03 - 2022-04-18 21:06 - 000000354 _____ () C:\Users\radom\AppData\Roaming\System Uptime Full Plus_Settings.ini
2022-04-18 20:53 - 2022-04-18 20:53 - 000000352 _____ () C:\Users\radom\AppData\Roaming\Top Process Monitor_Settings.ini
2022-04-18 20:47 - 2022-04-18 20:49 - 000000516 _____ () C:\Users\radom\AppData\Roaming\Weather Monitor_Settings.ini
2022-06-01 12:13 - 2022-06-01 12:13 - 000007626 _____ () C:\Users\radom\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL (No File)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Bethesda.net] => [X]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [GalaxyClient] => [X]
Task: {ADFF7BC0-49A9-4AFB-8C25-352CBB77DCF1} - System32\Tasks\GoogleUpdateTaskMachineCore{E5E2DD2B-68F0-41E9-8D75-F47E5CFFB24E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-12] (Google LLC -> Google LLC)
Task: {AFD5CBBF-8D15-49FA-8CBC-2E56DFEED870} - System32\Tasks\GoogleUpdateTaskMachineUA{78A0B6BC-DC69-40E8-9394-1BDB1C1317DE} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-12] (Google LLC -> Google LLC)
C:\ProgramData\lock.dat
C:\ProgramData\rc.dat
C:\ProgramData\ts.dat
C:\Users\radom\IP_Log_Data.js
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
FirewallRules: [{606AFEC8-1F7D-4E19-B8F6-637231AECDAF}] => (Allow) H:7\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe => No File
FirewallRules: [{F91DC324-AF2C-46CA-B51A-85CB6696DE13}] => (Allow) H:7\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe => No File
FirewallRules: [TCP Query User{047CC3BE-613E-4FFE-A279-7352CC417D56}F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe => No File
FirewallRules: [UDP Query User{F4E3CA92-BEE4-4465-9C00-E31335599F8D}F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe] => (Allow) F:\steamlibrary\steamapps\common\gears5\geargame\binaries\steam\gears5.exe => No File
FirewallRules: [{D681B53C-CF0C-42B9-8DB8-ACF799ED5995}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\bin\TheSurge2.exe => No File
FirewallRules: [{CB8D1582-826D-42EF-8B45-CAF61F688C58}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\bin\TheSurge2.exe => No File
FirewallRules: [{8EE399A3-73EC-4EAC-9E6B-BFC7B548FB4D}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\launcher\surge2-launcher.exe => No File
FirewallRules: [{F3268731-1CD2-4A5E-9C0F-17778205BC4C}] => (Allow) H:7\SteamLibrary\steamapps\common\The Surge 2\launcher\surge2-launcher.exe => No File
FirewallRules: [{5BC9E52A-007D-404B-94EA-2B97999D5123}] => (Allow) H:7\SteamLibrary\steamapps\common\GodOfWar\GoW.exe => No File
FirewallRules: [{56A8DFEE-B927-4B00-98D1-76FE2DB467E4}] => (Allow) H:7\SteamLibrary\steamapps\common\GodOfWar\GoW.exe => No File
FirewallRules: [{E4C7359B-2A9E-462A-9BE9-6AA5932E222A}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [{15871324-26CB-49A3-8973-170157FDD0B0}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [TCP Query User{DD4873C9-FD42-461A-99B8-297C1DF223D8}H:7\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) H:7\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{10BF3B2F-C5CF-4AA2-990D-AABDBEAE9D12}H:7\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) H:7\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{EAF44B9E-D817-40E1-9B19-DB8342CFF81F}J:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) J:\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{21ACE594-51C4-4FED-A903-B10B5479F7CD}J:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) J:\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [{CF95E571-98F2-4B5A-8FEA-55413D24FC51}] => (Allow) F:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{26422657-9E5B-46BF-8C83-0062C76C00E3}] => (Allow) F:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{F386DF65-C38A-43FB-BE94-00822983B32E}] => (Allow) H:7\SteamLibrary\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe => No File
FirewallRules: [{8AF7BB13-BE6A-4107-BF8D-B51344D6920D}] => (Allow) H:7\SteamLibrary\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe => No File
FirewallRules: [{ECDC0E81-CC93-463B-9E2C-E155E716F132}] => (Allow) F:\SteamLibrary\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe => No File
FirewallRules: [{2A7D6F15-8CFF-44D8-A333-2F7C941499E4}] => (Allow) F:\SteamLibrary\steamapps\common\Agents of Mayhem\aom\AOM_Release_Final.exe => No File
FirewallRules: [{BC9C3FDC-514E-4849-9036-C1B691DFACE1}] => (Allow) D:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{455EC133-C22A-48E7-9469-966813DA84E9}] => (Allow) D:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe => No File
FirewallRules: [{D3BD090D-C259-4149-86DF-B587A8BEB819}] => (Allow) F:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{F7DA8028-AA82-4BEE-8ED9-8FDECF9D2230}] => (Allow) F:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{A1C0E62B-02E9-4E61-A3A7-3EE3C5E14E79}] => (Allow) H:7\SteamLibrary\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
FirewallRules: [{7481A3C1-BD2F-48E3-8830-4FFE6488227E}] => (Allow) H:7\SteamLibrary\steamapps\common\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe => No File
C:\ProgramData\DiskOptimizer\DiskOptimizer.exe; process:_pid:6964,ProcessStart:132995961455400649; service:_DiskOptimizer
C:\Users\radom\AppData\Local\Temp
C:\Users\radom\AppData\Roaming\48ry0165e\C3Xq1maUO2.exe
C:\Users\radom\AppData\Roaming\9dv2BDRrnt\m4eS8tND4.exe

EmptyTemp:
End

Uložte do H:\ jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-06-2022
Ran by radom (14-06-2022 07:09:04)
Running from H:\
Microsoft Windows 11 Home Version 21H2 22000.708 (X64) (2022-04-12 08:02:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3700602199-4179786454-2309774523-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3700602199-4179786454-2309774523-503 - Limited - Disabled)
Guest (S-1-5-21-3700602199-4179786454-2309774523-501 - Limited - Disabled)
radom (S-1-5-21-3700602199-4179786454-2309774523-1003 - Administrator - Enabled) => C:\Users\radom
WDAGUtilityAccount (S-1-5-21-3700602199-4179786454-2309774523-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 14.1.0 - IObit)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.01.10 - ASUSTeK Computer Inc.)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.1.4 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.45.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{e040e3dd-d66c-4bca-bc40-f9eac8080fee}) (Version: 1.1.45.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{4e2b05b0-eb08-41e5-9eb3-cdcc43d6bee0}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.2.8.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{c289ca16-807e-4373-92c3-29ef5dc2119a}) (Version: 1.2.8.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{8bc53c84-d9aa-4cc6-b19c-261f445494dc}) (Version: 2.1.3.0 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.00.10 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.79 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.18 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{c3ae9104-ed9b-4ab5-9eb1-569697f4514b}) (Version: 1.1.18 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.40 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{a1318319-c95b-48da-beb8-63ed6e4d809a}) (Version: 3.05.40 - ASUSTeK Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.84.0 - Bethesda Softworks)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
Control - Čeština (HKLM\...\{34AD213D-1A18-4480-80DC-77C341DCAD70}}_is1) (Version: 1.1 - Necronos)
CPUID CPU-Z 2.01 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World)
CrystalDiskMark 8.0.4a (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4a - Crystal Dew World)
Diablo Immortal (HKLM-x32\...\Diablo Immortal) (Version: - Blizzard Entertainment)
Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.3.0 - IObit)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.39.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{135617a1-0191-4ed9-a0f7-2786a4739018}) (Version: 1.1.39.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{97f3a665-a91b-4def-91e2-97fec9f22bfa}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Far Cry 6 (HKLM-x32\...\Uplay Install 5266) (Version: - Ubisoft)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
Gadgets Extended Pack (HKLM\...\Gadgets Extended Pack_is1) (Version: 1.0 - GadgetsRevived.com)
GameSDK Service (HKLM-x32\...\{1a192f34-128f-43ed-a83d-f998b9d5f646}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.115 - Google LLC)
IObit Uninstaller 11 (HKLM-x32\...\IObitUninstall) (Version: 11.4.0.2 - IObit)
iTop Private Browser (HKLM-x32\...\iTop Private Browser_is1) (Version: 3.1.0.255 - iTop Inc.)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{2237a879-7fa4-4e21-ae3b-00f6a649b9d9}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.53 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\OneDriveSetup.exe) (Version: 22.099.0508.0001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2022.0124.01 - MSI)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.95 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.113.50894 - Electronic Arts, Inc.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory)
PATRIOT VIPER HEADSET V370 (HKLM-x32\...\{D8D9AEBE-1712-4A4A-BC70-4CD9C82D1951}) (Version: 1.00.0010 - Patriot Memory LLC)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.5 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{387596e5-692e-4baf-bec2-3338d555df7a}) (Version: 1.0.6.5 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1436.31 - Rockstar Games)
REDlauncher (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.58.822 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.7 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.4.8.0 - ASUSTek COMPUTER INC.)
Setup-YMS 3017 (HKLM-x32\...\{66FBD489-5512-46C7-BF23-953E1320C80A}_is1) (Version: 1.0 - FAST CR, a.s.)
Sound Blaster Audigy 5_Audigy Rx (HKLM-x32\...\{81440118-F1CE-4C87-BC8B-F1EB8D3FA190}) (Version: 1.0 - Creative Technology Limited)
Sound Blaster Audigy Series Driver (HKLM-x32\...\IOke_is1) (Version: 1.0.00.03 - Creative Technology Ltd.)
SSDScopeApp version 4.6.0 (HKLM\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 4.6.0 - Transcend Information, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.45.0 - TechPowerUp)
Telegram Desktop (HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 130.1.10657 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.1.5.0_x64__qmba6cd70vzyy [2022-06-13] (ASUSTeK COMPUTER INC.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.126.0_x64__kzh8wxbdkxb8p [2022-06-13] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2022-06-13] (Facebook Inc)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-06-13] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0 [2022-06-13] (Spotify AB) [Startup Task]
WinRAR -> C:\Program Files\WinRAR [2022-04-12] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{71B1723C-1EC2-4b4d-868E-FA58C7F95CD9}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Volume_Control.gadget\SoundControl.dll (Orbmu2k) [File not signed] [File is in use]
CustomCLSID: HKU\S-1-5-21-3700602199-4179786454-2309774523-1003_Classes\CLSID\{7ED1DCB7-48AD-4D4E-B609-181330032D7F}\InprocServer32 -> C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GetGPUInfo64.dll () [File not signed] [File is in use]
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\nvshext.dll [2022-06-02] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-13] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-04-12 14:39 - 2014-05-22 22:39 - 000156160 _____ () [File not signed] [File is in use] C:\Users\radom\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GetGPUInfo64.dll
2022-01-10 07:36 - 2022-01-10 07:36 - 000515584 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node
2022-01-11 16:52 - 2022-01-11 16:52 - 000479744 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2022-01-11 16:52 - 2022-01-11 16:52 - 000470016 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2022-01-10 07:36 - 2022-01-10 07:36 - 000832512 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node
2022-04-12 13:41 - 2021-10-13 14:47 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2022-04-12 13:42 - 2021-10-22 11:10 - 000370688 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2022-04-12 13:42 - 2021-10-22 11:10 - 000888320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2022-04-12 13:42 - 2021-10-22 11:09 - 000999424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2022-04-12 13:42 - 2021-10-22 11:11 - 000992768 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2022-04-12 13:42 - 2021-10-22 11:12 - 000956416 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2022-04-12 13:42 - 2021-10-13 14:56 - 001667584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2022-04-12 13:42 - 2021-10-13 14:56 - 001065472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FanInfofromProtocol.dll
2022-04-24 09:13 - 2022-01-12 16:43 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-12-23 15:51 - 2021-12-23 15:51 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000668672 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2021-12-03 15:32 - 2021-12-03 15:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2021-12-03 15:32 - 2021-12-03 15:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2021-12-03 15:32 - 2021-12-03 15:32 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2022-04-12 13:24 - 2022-04-12 13:24 - 080653824 _____ () [File not signed] C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.1.5.0_x64__qmba6cd70vzyy\ArmouryCrate.dll
2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2022-04-12 13:42 - 2021-10-13 14:56 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2022-04-12 11:04 - 2017-04-19 09:36 - 000254464 ____N (C-MEDIA Electronics INC.) [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\Driver\x64\vista\osConfLib.dll
2022-04-12 11:04 - 2017-04-19 09:36 - 000053760 ____N (Cmedia) [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\Driver\CMHID\CMHID_X64.dll
2022-04-12 10:52 - 2012-12-10 12:51 - 000535552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTAudEp.dll
2022-04-12 10:52 - 2011-09-16 18:04 - 000238080 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTLoadRs.dll
2022-04-12 10:52 - 2013-06-21 13:20 - 000836608 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\HookWndU.DLL
2022-04-12 14:12 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2022-04-12 13:50 - 2022-04-12 13:50 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.126.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2022-04-12 14:12 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2022-04-24 09:13 - 2022-01-12 16:43 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2022-04-24 09:13 - 2022-01-12 16:43 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2022-04-12 13:23 - 2021-10-22 11:27 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libcrypto-1_1-x64.dll
2022-04-12 13:23 - 2021-10-22 11:27 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libssl-1_1-x64.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000078336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qgifd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000102400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicnsd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000079360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicod.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000668160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qjpegd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000062976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qsvgd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000062464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtgad.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000656384 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtiffd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000060416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwbmpd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000936448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwebpd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 003425792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 011002368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 011547648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000568832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Svgd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 009100288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000312832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2022-04-12 13:41 - 2021-10-13 14:47 - 000304128 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\styles\qwindowsvistastyled.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2020-12-24] (IObit Information Technology -> IObit)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\Control Panel\Desktop\\Wallpaper -> H:\Programy\programy\miniaplikace\tapeta-astronaut-planeta-vesmir-tapeta-na-zed-2560x1080_14.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "AsioThk32Reg"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\StartupFolder: => "Sidebar621.lnk"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\StartupApproved\Run: => "EADM"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{906AF6D3-EE6B-43F7-B12A-147469DAA9C7}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{1D3DA25F-886C-4E76-8CE1-C1DEC28BD741}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{55660ACC-C39C-4709-90DB-B8B3CBBA844F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [TCP Query User{02673732-126B-4109-9AE0-29F03EA89389}C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [UDP Query User{B1A016E0-BAFC-430E-AFD2-5DD02CDF58D0}C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\radom\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{870F7EE9-B02E-4D1C-8167-DE53F9D18C49}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{94973D4F-8D7A-4D53-9B83-92A81D84507F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FA269CD2-8ADF-4D76-B5C6-809E859B4E24}] => (Allow) J:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BA115F1F-53FE-450A-BAD2-07ECC94A75C2}] => (Allow) J:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7B578DCA-9B86-402E-9BA9-23ECA48E77A0}] => (Allow) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B671EC40-DBBC-4113-8569-44707002DE48}] => (Allow) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{EFCC7671-0CBA-4F39-97D8-E0B9082CFD5F}J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [UDP Query User{5A356859-7339-4016-8C4B-BB8A6E8C979E}J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) J:\tiny-tinas-wonderland\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe (Gearbox Software, L.L.C. -> Gearbox)
FirewallRules: [{164CF23A-1825-49B4-8F2A-91A5BB41EE4F}] => (Allow) G:\SteamLibrary\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{C70B69B4-1D41-4FA9-90BF-E7F978617F8A}] => (Allow) G:\SteamLibrary\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{B7FC8839-5D54-4045-AAEE-BC651F2F8B49}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Ghostwire Tokyo\GWT.exe (ZeniMax Asia K.K.) [File not signed]
FirewallRules: [{C5065A79-540D-48B4-9144-5E130B595ABA}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Ghostwire Tokyo\GWT.exe (ZeniMax Asia K.K.) [File not signed]
FirewallRules: [{88A4F6D5-3076-4F28-AB9F-497385FCA64E}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [{1D054196-BE43-4443-9FCE-CC53E41AA871}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [{EB71E31B-5879-4F04-8F14-FF118F243E43}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\OUTRIDERS\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{C592D76A-258E-4E1E-9D1F-B4BE0F7EB3EC}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\OUTRIDERS\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{68223BAD-D01D-4A36-8A3E-B16AFE92D77C}] => (Allow) G:\SteamLibrary\steamapps\common\King's Bounty II\KingsBounty2\Binaries\Win64\KingsBounty2.exe (1C Online Games Ltd.) [File not signed]
FirewallRules: [{F814042E-D7E6-4966-A01C-5D0FD7F9A6B3}] => (Allow) G:\SteamLibrary\steamapps\common\King's Bounty II\KingsBounty2\Binaries\Win64\KingsBounty2.exe (1C Online Games Ltd.) [File not signed]
FirewallRules: [TCP Query User{67BC7AD3-7186-4912-90EC-4B84D2B9AB41}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{FFA648F4-8B14-4F59-9E09-5E1EC48FE5EB}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E8A7415C-C701-4323-8523-2D3E7CE88C0E}] => (Allow) F:\Uplay\Far Cry 6\bin\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{714F9A21-2D74-4686-8118-0F3D153D4906}] => (Allow) F:\Uplay\Far Cry 6\bin\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{C306FBCB-955B-4370-94B0-FC69F2DB1A59}] => (Allow) F:\Uplay\Far Cry 6\bin_plus\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{35EA8DDA-DD82-4324-B62E-C2739A539049}] => (Allow) F:\Uplay\Far Cry 6\bin_plus\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{C10558D1-FB4F-47C3-9AC0-22FFD557A610}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{1CFCD371-A3F7-459E-A7FF-33DE617ADD0A}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{82CE9236-A58C-4BB6-8D17-C5560ACA5465}] => (Allow) G:\SteamLibrary\steamapps\common\Marvel's Guardians of the Galaxy\bin\gotg.exe () [File not signed]
FirewallRules: [{99656A46-8231-4812-992F-918439524594}] => (Allow) G:\SteamLibrary\steamapps\common\Marvel's Guardians of the Galaxy\bin\gotg.exe () [File not signed]
FirewallRules: [TCP Query User{93F485F2-F9C0-46CA-9C34-57B7B7B31221}J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{7CC4486B-F2D2-4A39-9DD3-BA0BBC0C27A3}J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{A1E4B999-1F89-483F-B726-36D7DE317D41}J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [UDP Query User{F82C62F4-63DA-4499-A1F1-5EE8B8D17A8C}J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\age of empires iv\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{61F06E70-2B00-4688-93F8-659C45B694F1}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{7A768851-5514-4B65-914A-063D3C762400}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{71F5A89D-F145-4308-8B38-77428ED4D123}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{3FA48D0F-3E67-4F73-AFD5-EEE215719801}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{D3FA54EF-0E4C-4342-BD39-128D3F65BFB9}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [TCP Query User{6A8A1FE5-93D9-414A-A0F7-DFE77754D28D}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{DB569EDF-04E6-4049-A4EC-C1EBE8BAF97E}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{8C68B55F-671C-4DBE-A045-EAC459F1615C}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{1F86140F-3A22-484E-BC24-F1192DB402BC}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe (TT Games Studios Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{67073F82-788A-4E14-A880-1B9F1C9D842A}] => (Allow) H:\SteamLibrary\steamapps\common\Saints Row The Third Remastered\SRTTR.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [{0EFC7369-08ED-4BEA-AC2E-D352BB043E60}] => (Allow) H:\SteamLibrary\steamapps\common\Saints Row The Third Remastered\SRTTR.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [{3155DE38-8DC2-4D90-A132-16AC19F2E2BB}] => (Allow) E:\SteamLibrary\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{0D9ABF88-F1C5-4591-8B14-7035F98EC0EA}] => (Allow) E:\SteamLibrary\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{0482B5AE-08D2-4A2A-9C27-F5DA4B4E1155}] => (Allow) F:\SteamLibrary\steamapps\common\GreedFall\GreedFall.exe (Focus Home Interactive S.A -> Spiders)
FirewallRules: [{C60D93FE-654D-48CC-9CA1-53EADDD74A8D}] => (Allow) F:\SteamLibrary\steamapps\common\GreedFall\GreedFall.exe (Focus Home Interactive S.A -> Spiders)
FirewallRules: [{29BC1E67-573B-4473-888D-E7DD3E291096}] => (Allow) G:\SteamLibrary\steamapps\common\WerewolfTheApocalypseEarthblood\WW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9898025A-DFE2-41A1-BA18-4E2163481431}] => (Allow) G:\SteamLibrary\steamapps\common\WerewolfTheApocalypseEarthblood\WW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{A63C90DD-20BB-4337-A87B-F81D29CE28B5}J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe (Stunlock Studios AB -> )
FirewallRules: [UDP Query User{F9874D76-CA0C-43B5-BA5C-206F13BA1392}J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe (Stunlock Studios AB -> )
FirewallRules: [{595166B1-77DE-4718-B62D-5ED1A60A86EB}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{FFCF39AA-8C13-4845-9FEE-71ED7EFEA1FF}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{AB993232-C4C2-4106-8E61-223EB346AB18}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA9AFCD6-4E4B-48D7-954B-16F5A413E998}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22133.500.1346.3200_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E114A10-6921-4B48-97AA-FA653A9CD0CC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22133.500.1346.3200_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40F42F0C-DF89-420A-A0D1-907187C18841}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{9E881159-A12F-4854-88F0-2990683746AE}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{07813F0A-54D3-4215-B768-FE78CB7DB023}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dolmen\Dolmen.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B99FEE8D-581F-4298-8441-88C18AE2F416}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Dolmen\Dolmen.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{44B5C74E-A9B9-4461-831A-77CE1C731524}J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe (Massive Work Studio) [File not signed]
FirewallRules: [UDP Query User{93446F8F-3855-4790-8698-B6DBCB40C56C}J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\dolmen\dolmenwindows\binaries\win64\dolmen-win64-shipping.exe (Massive Work Studio) [File not signed]
FirewallRules: [{30CB1945-CA21-4D50-907A-947FE3BAFB71}] => (Allow) F:\SteamLibrary\steamapps\common\ELEX2\system\ELEX2.exe (Piranha Bytes) [File not signed]
FirewallRules: [{EF824674-5AA1-440C-A637-0AE984AE0DF9}] => (Allow) F:\SteamLibrary\steamapps\common\ELEX2\system\ELEX2.exe (Piranha Bytes) [File not signed]
FirewallRules: [{8C1B4455-7E6F-469B-A0EB-65D1FB3AA2E1}] => (Allow) F:\SteamLibrary\steamapps\common\Aliens Fireteam Elite\Endeavor.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{225849DA-DF95-45FA-8B51-4677ACE249BA}] => (Allow) F:\SteamLibrary\steamapps\common\Aliens Fireteam Elite\Endeavor.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{0DCAD036-48C6-4F25-BE7C-885AAB8CB563}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A8EDB7C2-EA1C-4F89-B183-5565E7177618}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{926E9E74-2D01-402C-AF80-0BF1BE922EA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4643234A-DCC5-448F-8D9C-5F1FAF66E02C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2F0FB499-5090-45A8-A96B-F31FE63CB471}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F95E2F54-EA6A-4611-BE37-E9A0B0830D2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{691DFE92-2C26-4044-99B2-116F6038BB33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56E65B7F-71A3-423D-8425-D3028B3FBA17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.187.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4AA87E5F-34CA-4F05-AE53-EACE6B8A44E1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7298DB4D-F93A-40E9-A9AC-D14A05A40723}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (FromSoftware,Inc. -> FromSoftware, Inc.)
FirewallRules: [{07440F7F-22FF-4F7D-AF56-676F92CB8A02}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (FromSoftware,Inc. -> FromSoftware, Inc.)
FirewallRules: [{6C31BECA-F65F-4631-A6F6-4CA98D94C194}] => (Allow) F:\SteamLibrary\steamapps\common\Ancestors Legacy\Anc\Binaries\Win64\Anc-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{53C33DBE-3736-4785-93D0-7DA5A2F532CE}] => (Allow) F:\SteamLibrary\steamapps\common\Ancestors Legacy\Anc\Binaries\Win64\Anc-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6CDEBF6C-2CB5-4561-BF8E-A3B1514F00F5}] => (Allow) LPort=32682

==================== Restore Points =========================

08-06-2022 14:41:31 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/14/2022 07:07:21 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://INTC-KeyId-b066d9697f5d3a07b425 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(12063ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (06/14/2022 07:06:34 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (06/14/2022 07:06:34 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/14/2022 07:06:34 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (06/14/2022 07:06:34 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/14/2022 07:00:55 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1003) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo vyvolat poskytovatele jako odpověď na událost 256. Kód chyby 2147942593.

Error: (06/14/2022 07:00:55 AM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1001) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo načíst poskytovatele pautoenr.dll. Kód chyby 193.

Error: (06/13/2022 10:17:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 13.6.2022.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1c6c

Čas spuštění: 01d87f626fafc5f3

Čas ukončení: 12

Cesta k aplikaci: H:\FRST64.exe

ID hlášení: e99663e5-561b-4573-a402-d1eb9c801f95

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown


System errors:
=============
Error: (06/14/2022 07:06:35 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\system32\IntelIHVRouter08.dll

Error: (06/14/2022 07:06:35 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\system32\IntelIHVRouter08.dll

Error: (06/14/2022 07:06:11 AM) (Source: DCOM) (EventID: 10005) (User: RADEK)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby asComSvc s argumenty Není k dispozici za účelem spuštění serveru:
{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}

Error: (06/14/2022 07:06:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ASUS Com Service bylo dosaženo časového limitu (30000 ms).

Error: (06/14/2022 07:05:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Advanced SystemCare Service 14 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2022 07:05:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba cFosSpeed System Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (06/14/2022 07:05:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2022 07:05:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LightingService byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2022-06-13 14:20:56
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDownloader:Win32/Emotet!ml
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\Program Files (x86)\Google\Update\GoogleUpdate.exe; file:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{E5E2DD2B-68F0-41E9-8D75-F47E5CFFB24E}->(UTF-16LE); file:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{78A0B6BC-DC69-40E8-9394-1BDB1C1317DE}->(UTF-16LE); process:_pid:4084,ProcessStart:132995961443247130; process:_pid:8788,ProcessStart:132995962705653204; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADFF7BC0-49A9-4AFB-8C25-352CBB77DCF1}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFD5CBBF-8D15-49FA-8CBC-2E56DFEED870}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{E5E2DD2B-68F0-41E9-8D75-F47E5CFFB24E}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{78A0B6BC-DC69-40E8-9394-1BDB1C1317DE}; service:_gupdate; service:_gupdatem; taskscheduler:_C:\Windows\System32\Tasks\GoogleUpdateTaskMach
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:30
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDownloader:Win32/Emotet!ml
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\ProgramData\DiskOptimizer\DiskOptimizer.exe; process:_pid:6964,ProcessStart:132995961455400649; service:_DiskOptimizer
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\ProgramData\DiskOptimizer\DiskOptimizer.exe
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Conteban.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\radom\AppData\Local\Microsoft\Windows\INetCache\IE\2T066TKC\soft[1]; file:_C:\Users\radom\AppData\Local\Temp\Amg2MKwiPbNoT90OgC\Cleaner.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\radom\AppData\Roaming\48ry0165e\C3Xq1maUO2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6

Date: 2022-06-13 14:19:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Convagent.AV!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\radom\AppData\Roaming\9dv2BDRrnt\m4eS8tND4.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: radek\radom
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1484.0, AS: 1.367.1484.0, NIS: 1.367.1484.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6
Event[0]

Date: 2022-06-13 14:39:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===============
Date: 2022-06-14 07:09:03
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume19\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-06-13 16:14:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume19\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume19\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1601 05/07/2022
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B560-PLUS WIFI
Processor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Percentage of memory in use: 14%
Total physical RAM: 32637.48 MB
Available physical RAM: 27860.89 MB
Total Virtual: 34137.48 MB
Available Virtual: 26004.63 MB

==================== Drives ================================

Drive c: (Win 11 home) (Fixed) (Total:145.39 GB) (Free:65.16 GB) (Model: TS1TMTE220S) NTFS
Drive d: (hry) (Fixed) (Total:59.48 GB) (Free:25.75 GB) (Model: TS480GSSD220S) NTFS
Drive e: (hry) (Fixed) (Total:385.62 GB) (Free:109.62 GB) (Model: TS480GSSD220S) NTFS
Drive f: (hry) (Fixed) (Total:447.11 GB) (Free:156.25 GB) (Model: Patriot Burst) NTFS
Drive g: (hry) (Fixed) (Total:222.75 GB) (Free:68.16 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive h: (filmy,serialy,programy) (Fixed) (Total:931.51 GB) (Free:274.89 GB) (Model: CT1000BX500SSD1) NTFS
Drive i: (hry) (Fixed) (Total:447.11 GB) (Free:124.26 GB) (Model: Patriot Burst) NTFS
Drive j: (hry) (Fixed) (Total:806.05 GB) (Free:358.15 GB) (Model: TS1TMTE220S) NTFS

\\?\Volume{20257737-9207-4220-aed6-e3c65c6a692c}\ () (Fixed) (Total:0.59 GB) (Free:0.58 GB) NTFS
\\?\Volume{315c4be3-135b-4125-ba68-cb59ac4898fe}\ () (Fixed) (Total:0.5 GB) (Free:0.48 GB) NTFS
\\?\Volume{86cb57dc-243b-47a8-8041-56b02bb4afd6}\ () (Fixed) (Total:1.32 GB) (Free:1.3 GB) NTFS
\\?\Volume{a2bc723d-4792-4731-91e8-9af82ae29eae}\ () (Fixed) (Total:0.02 GB) (Free:0.01 GB) NTFS
\\?\Volume{b066948a-1a31-4d55-9598-f925a5328ac7}\ () (Fixed) (Total:0.11 GB) (Free:0.1 GB) NTFS
\\?\Volume{ba9b590c-cd55-45d8-bde4-09538f7de743}\ () (Fixed) (Total:0.46 GB) (Free:0.05 GB) NTFS
\\?\Volume{a3933231-a351-4da1-a977-c804fd1059da}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{08b6963d-b851-43e9-8705-c937f4eb1d97}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{2642ea35-0c89-4dc2-b37e-3d28571c809c}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{49f082d4-bc96-4402-b612-f968a4b5dbfc}\ () (Fixed) (Total:0.01 GB) (Free:0.01 GB) NTFS
\\?\Volume{3f974160-a7b1-4d0c-a059-0dfc7a4a49d9}\ () (Fixed) (Total:0.81 GB) (Free:0.79 GB) NTFS
\\?\Volume{46d4bdf7-28e8-43cd-9c72-63e0e24db542}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 038DD71B)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 5 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-06-2022
Ran by radom (administrator) on RADEK (ASUS System Product Name) (14-06-2022 07:08:06)
Running from H:\
Loaded Profiles: radom
Platform: Microsoft Windows 11 Home Version 21H2 22000.708 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowser.exe
(C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe
(C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\smBootTimeBase.exe
(C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTHKCtrl.exe
(explorer.exe ->) () [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\PATRIOT_MEMORY_x64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.126.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.13\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(services.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Sog951x1Sound] => C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\PATRIOT_MEMORY_x64.exe [2418176 2017-04-19] () [File not signed]
HKLM-x32\...\Run: [Creative Hot Key Control] => C:\Program Files (x86)\Creative\SBAudigy5Rx\SB Audigy 5_RX Control Panel\CTHKCtrl.exe [650752 2013-07-19] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32637904 2022-06-03] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed] [File is in use]
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Steam] => J:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1088456 2022-05-30] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13980248 2022-05-11] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3720464 2020-12-24] (IObit Information Technology -> IObit)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3148016 2022-06-08] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3700602199-4179786454-2309774523-1003\...\Run: [MicrosoftEdgeAutoLaunch_31FB0F89BB3DBA0F19285F725AC75676] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-13] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0393F8D4-23FD-4F30-8103-16F9D79319AD} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.3.0\AutoUpdate.exe [2463840 2022-04-19] (IObit CO., LTD -> IObit)
Task: {14D30B30-1C12-491D-9190-258CF44F255E} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2159944 2021-10-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {207C194F-B807-4CCD-862A-F7F25B7B16C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A58E98A-C6A6-49D8-9F59-9D0D9F59D4C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56CA9002-7D81-4A4E-9CD0-F91A1750691D} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1610808 2021-04-14] (ASUSTeK Computer Inc. -> )
Task: {58FFBC9E-8038-4AFE-97B6-F93F0C6F8AB4} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2157024 2022-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {5D793E69-061D-479B-B66B-68F211F620A6} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1794360 2022-01-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {654C1D23-BDEA-4814-8196-2379FA68ACB9} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [3262224 2020-12-24] (IObit Information Technology -> IObit)
Task: {6A06E1DA-40BB-45F6-AD4E-521561053595} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1471104 2021-10-22] (ASUSTeK Computer Inc. -> )
Task: {7BB2FBBC-5E05-4F64-A6C9-EBD3B5C18936} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241960 2021-11-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {7ED53E70-8F9B-4FCA-BF7B-F268595DCD15} - System32\Tasks\ASC_SkipUac_radom => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [9501968 2020-12-24] (IObit Information Technology -> IObit)
Task: {98AC1FBA-D192-445B-BAC9-33C39B61B6B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DE5B295-F41F-4913-AB92-71E6B66DF8D2} - System32\Tasks\iTop Private Browser UAC => C:\Program Files\iTop Private Browser\ivBInit.exe [1409928 2022-04-13] (Chengdu Xiao Shan Hu Technology Co., Ltd -> iTop Inc.)
Task: {9F5687FA-F910-4708-BA19-B43536965439} - System32\Tasks\iTop Private Browser Update => C:\Program Files\iTop Private Browser\AutoUpdate.exe [2422664 2022-04-13] (Chengdu Xiao Shan Hu Technology Co., Ltd -> iTop Inc.)
Task: {A282D79C-49D3-489E-9A67-D4D3F8EA7AEA} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [293856 2022-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AD178CE3-F671-4026-96DB-70D2568CE9D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B067DFE8-7E16-41C7-ABC4-E71D8C606FA4} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43022856 2022-01-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {BF0F5F2E-972D-46E5-ADF2-053DE50BBB38} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2021-10-13] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {C737C7B6-134C-48D4-BE27-C86507B6E59B} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {CA31EE30-BDEE-4066-8422-F95868D1A0BD} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {DDA1412A-A35A-445C-BD68-AB0F6721BC2A} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {DDE3B198-CDE5-448A-829E-9864D92D03FC} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {DF3A202B-0E6E-4ECB-A1C6-426CCB6F0D34} - System32\Tasks\Driver Booster SkipUAC (radom) => C:\Program Files (x86)\IObit\Driver Booster\9.3.0\DriverBooster.exe [8662600 2022-04-19] (IObit CO., LTD -> IObit)
Task: {FA03DE26-9439-432C-BE4C-7BF59EE62A87} - System32\Tasks\Uninstaller_SkipUac_radom => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [7517720 2022-03-24] (IObit CO., LTD -> IObit)
Task: {FCA54B76-BF09-4A28-BE4F-F425AA38B9C1} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d84e5f28a73955 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{500fa420-a116-433c-ba71-d9819e78439f}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\radom\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-14]

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default [2022-06-14]
CHR DownloadDir: H:\chrome stažené soubory
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://find-it.pro/?utm_source=distr_m","hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://find-it.pro/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> find-it.pro
CHR DefaultSuggestURL: Default -> hxxps://find-it.pro/search/suggest.php?q={searchTerms}
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-13]
CHR Extension: (IObit Surfing Protection) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn [2022-05-09]
CHR Extension: (Find-it.Pro Search) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-06-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\radom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService14; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1288976 2020-12-24] (IObit Information Technology -> IObit)
U2 AdvancedSystemCareService15; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1288976 2020-12-24] (IObit Information Technology -> IObit)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [372456 2022-05-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2022-04-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-03-09] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.13\AsusFanControlService.exe [2216264 2022-03-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [650208 2022-04-12] (ASUSTeK COMPUTER INC. -> ASUS)
R2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2022-06-14] (ASUSTeK Computer Inc. -> )
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-12-10] (Creative Technology Ltd) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-05-31] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-04-12] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2271832 2022-05-11] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-05-11] (GOG Sp. z o.o. -> GOG.com)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [396520 2022-01-20] (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158744 2022-02-10] (IObit CO., LTD -> IObit)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3835360 2022-03-10] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-06-13] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-06-08] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-06-08] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2133968 2022-05-04] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6307560 2022-04-08] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_85bdfc6120959831\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [40496 2020-06-03] (IObit Information Technology -> IObit)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [46008 2020-07-21] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46008 2020-06-03] (IObit Information Technology -> IObit)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [34112 2019-07-02] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43168 2022-03-09] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [507904 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [180224 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
S3 COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [162336 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [162336 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 cpuz145; C:\Windows\temp\cpuz145\cpuz145_x64.sys [49968 2022-06-14] (CPUID -> CPUID)
R3 ctac32k; C:\Windows\system32\drivers\ctac32k.sys [584224 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 ctaud2k; C:\Windows\system32\drivers\ctaud2k.sys [874016 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [709664 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [709664 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [145440 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [145440 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [31808 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [29208 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 ctprxy2k; C:\Windows\system32\drivers\ctprxy2k.sys [20512 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [685088 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [685088 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 ctsfm2k; C:\Windows\system32\drivers\ctsfm2k.sys [293400 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 emupia; C:\Windows\system32\drivers\emupia2k.sys [150040 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ha10kx2k; C:\Windows\system32\drivers\ha10kx2k.sys [1367576 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 hap16v2k; C:\Windows\system32\drivers\hap16v2k.sys [262160 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 hap17v2k; C:\Windows\system32\drivers\hap17v2k.sys [298008 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 Hsp; C:\Windows\System32\drivers\Hsp.sys [111960 2022-05-11] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2022-04-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2022-04-12] (Intel Corporation -> Intel Corporation)
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [32520 2020-12-02] (IObit Information Technology -> IObit)
S3 iobit_monitor_server2021; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [32520 2020-12-02] (IObit Information Technology -> IObit)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2021-10-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
S3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
S3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl30b7d0e5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8B5876C2-A8BA-4108-8C28-F3F1B6017F7D}\MpKslDrv.sys [137464 2022-06-14] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ossrv; C:\Windows\system32\drivers\ctoss2k.sys [227864 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 PATRIOTRGB; C:\Windows\system32\DRIVERS\PATRIOTRGB.sys [3783680 2017-04-14] (C-MEDIA ELECTRONICS INC. -> Patriot Memory LLC)
R3 rt25cx21; C:\Windows\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_6d0a87e4b66148bc\rt25cx21x64.sys [620472 2022-05-19] (Realtek Semiconductor Corp. -> Realtek)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-13 22:30 - 2022-06-13 22:30 - 000003122 _____ C:\Windows\system32\Tasks\MSIAfterburner
2022-06-13 22:05 - 2022-06-13 22:05 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2022-06-13 19:42 - 2022-06-13 19:42 - 082399232 _____ C:\Windows\system32\config\software.iobit
2022-06-13 19:42 - 2022-06-13 19:42 - 004411392 _____ C:\Windows\system32\config\drivers.iobit
2022-06-13 19:42 - 2022-06-13 19:42 - 000503808 _____ C:\Windows\system32\config\default.iobit
2022-06-13 19:42 - 2022-06-13 19:42 - 000086016 _____ C:\Windows\system32\config\sam.iobit
2022-06-13 19:42 - 2022-06-13 19:42 - 000036864 _____ C:\Windows\system32\config\security.iobit
2022-06-13 19:36 - 2022-06-13 19:36 - 000003072 _____ C:\Windows\system32\Tasks\ASC_SkipUac_radom
2022-06-13 19:35 - 2022-06-13 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2022-06-13 18:09 - 2022-06-13 19:22 - 000000000 ____D C:\AdwCleaner
2022-06-13 16:49 - 2022-06-14 07:08 - 000000000 ____D C:\FRST
2022-06-13 16:09 - 2022-06-13 16:09 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-06-13 16:09 - 2022-06-13 16:09 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-06-13 16:09 - 2022-06-13 16:09 - 000002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-06-13 16:09 - 2022-06-13 16:09 - 000000000 ____D C:\Users\radom\AppData\Local\mbam
2022-06-13 16:09 - 2022-06-13 16:08 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-06-13 16:08 - 2022-06-13 16:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-06-13 16:08 - 2022-06-13 16:08 - 000000000 ____D C:\Program Files\Malwarebytes
2022-06-13 15:56 - 2022-06-13 15:56 - 000000765 _____ C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Launcher.lnk
2022-06-13 14:49 - 2022-06-13 14:49 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-06-13 14:29 - 2022-06-13 14:32 - 000000000 ____D C:\Users\radom\AppData\Roaming\WeMod
2022-06-13 14:29 - 2022-06-13 14:29 - 000000000 ____D C:\Users\radom\AppData\Local\SquirrelTemp
2022-06-13 14:14 - 2022-06-13 14:18 - 000000016 _____ C:\ProgramData\lir.bats
2022-06-13 13:43 - 2022-06-13 15:36 - 000000000 ____D C:\Users\radom\AppData\Roaming\ServiceGet
2022-06-13 13:43 - 2022-06-13 14:19 - 000000000 ____D C:\ProgramData\DiskOptimizer
2022-06-13 13:43 - 2022-06-13 13:54 - 000000000 ____D C:\Users\radom\AppData\Roaming\shftool
2022-06-13 13:43 - 2022-06-13 13:48 - 000000000 ____D C:\Users\radom\AppData\Local\Opera Software
2022-06-13 13:43 - 2022-06-13 13:44 - 000000000 ____D C:\Users\radom\AppData\Roaming\ZGbSB75
2022-06-13 13:43 - 2022-06-13 13:43 - 000000000 ____D C:\Users\radom\AppData\Roaming\Sajepifo
2022-06-13 13:43 - 2022-06-13 13:43 - 000000000 ____D C:\Users\radom\AppData\Roaming\Opera Software
2022-06-13 13:42 - 2022-06-13 13:42 - 000000000 _____ C:\Users\radom\OneDrive\Dokumenty\Trainer.zip
2022-06-12 21:41 - 2022-06-13 15:36 - 000000000 ____D C:\ProgramData\ReShade
2022-06-09 13:40 - 2022-06-09 13:40 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-06-08 14:41 - 2022-06-08 14:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2022-06-08 13:50 - 2022-06-08 15:38 - 000000000 ____D C:\ProgramData\Electronic Arts
2022-06-07 08:36 - 2022-06-07 08:36 - 000000000 ____D C:\Users\radom\AppData\Local\WB Games
2022-06-06 20:22 - 2022-06-06 20:22 - 000000000 ____D C:\Users\radom\AppData\Roaming\GameSparks
2022-06-04 17:37 - 2022-06-04 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo Immortal
2022-06-04 17:32 - 2022-06-13 17:53 - 000000000 ____D C:\Users\radom\AppData\Roaming\EasyAntiCheat
2022-06-04 16:54 - 2022-06-04 16:54 - 000000000 ____D C:\Users\radom\AppData\Local\Frontiers
2022-06-02 20:38 - 2022-06-02 20:39 - 000000000 ____D C:\Windows\LastGood
2022-06-02 20:38 - 2022-06-02 20:38 - 005729992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 002120904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001905928 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001905928 _____ C:\Windows\system32\vulkaninfo.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001602248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001530432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 001467072 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001432328 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001432328 _____ C:\Windows\system32\vulkan-1.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001208536 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001177280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000731200 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000725576 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000713280 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 000587336 _____ C:\Windows\system32\nvofapi64.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000582720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000460496 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-06-02 20:38 - 2022-06-02 20:38 - 000458816 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2022-06-02 20:38 - 2022-06-02 20:38 - 000089327 _____ C:\Windows\system32\nvinfo.pb
2022-06-02 20:37 - 2022-06-02 20:37 - 007616472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 006963928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 006463608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 006226632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 005100768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 002932928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-06-02 20:37 - 2022-06-02 20:37 - 000852024 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2022-06-02 18:50 - 2022-06-02 19:18 - 000000000 ____D C:\Users\radom\AppData\Roaming\CC
2022-06-02 18:42 - 2022-06-02 18:42 - 000000000 ____D C:\Users\radom\AppData\Roaming\Netease
2022-06-02 18:42 - 2022-06-02 18:42 - 000000000 ____D C:\Users\radom\AppData\Local\UniSDK
2022-06-02 18:42 - 2022-06-02 18:42 - 000000000 ____D C:\Users\radom\AppData\Local\Netease
2022-06-02 18:29 - 2022-06-02 18:29 - 000003360 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3700602199-4179786454-2309774523-1003
2022-06-02 18:29 - 2022-06-02 18:29 - 000002392 _____ C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-02 15:40 - 2022-06-02 15:40 - 000000000 ____D C:\Users\radom\AppData\Local\Endeavor
2022-06-01 12:13 - 2022-06-01 12:13 - 000007626 _____ C:\Users\radom\AppData\Local\Resmon.ResmonCfg
2022-05-31 20:46 - 2022-05-31 20:46 - 004599528 _____ C:\Windows\PE_File.dll
2022-05-31 20:45 - 2022-05-31 20:46 - 000015528 _____ C:\Windows\PE_Rom.dll
2022-05-31 20:45 - 2022-05-31 20:45 - 000000000 _____ C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_TUF GAMING B560-PLUS WIFI.alu
2022-05-31 16:38 - 2022-05-31 16:38 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-05-27 16:12 - 2022-05-20 02:51 - 000082552 _____ C:\Windows\system32\FvSDK_x64.dll
2022-05-27 16:12 - 2022-05-20 02:51 - 000071288 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2022-05-27 08:34 - 2022-05-27 08:34 - 000557056 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2022-05-27 08:34 - 2022-05-27 08:34 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2022-05-27 08:33 - 2022-05-27 08:33 - 000614400 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000335872 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000299008 _____ C:\Windows\system32\EsclScan.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000180224 _____ C:\Windows\system32\EsclProtocol.dll
2022-05-27 08:33 - 2022-05-27 08:33 - 000015004 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-05-27 08:28 - 2022-05-27 08:30 - 000000000 ___HD C:\$WinREAgent
2022-05-27 08:21 - 2022-05-27 08:21 - 000137632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2022-05-27 08:21 - 2022-05-27 08:21 - 000050568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2022-05-26 10:03 - 2022-05-26 10:03 - 000000000 ____D C:\Users\radom\AppData\Local\DolmenWindows
2022-05-25 12:23 - 2022-05-25 12:23 - 000000000 ____D C:\Users\radom\AppData\LocalLow\Cradle Games
2022-05-18 18:03 - 2022-05-18 18:08 - 000000000 ____D C:\Users\radom\AppData\LocalLow\Stunlock Studios
2022-05-15 10:02 - 2022-05-15 10:02 - 000000000 ____D C:\Users\radom\AppData\Local\Streumon
2022-05-15 08:43 - 2022-05-15 08:43 - 000000000 ____D C:\Users\radom\AppData\Local\ww

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-14 07:07 - 2022-04-12 13:24 - 000000000 ____D C:\plc_debug
2022-06-14 07:07 - 2022-04-12 10:11 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-14 07:07 - 2022-04-12 10:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-14 07:07 - 2022-04-12 10:01 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-06-14 07:07 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemTemp
2022-06-14 07:07 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-14 07:06 - 2022-04-12 10:01 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2022-06-14 07:06 - 2022-04-12 10:01 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2022-06-14 07:06 - 2021-06-05 14:01 - 000524288 _____ C:\Windows\system32\config\BBI
2022-06-14 07:05 - 2022-04-12 10:20 - 000000000 ____D C:\Users\radom
2022-06-14 07:05 - 2021-06-05 14:09 - 000000000 ____D C:\Windows\INF
2022-06-14 07:01 - 2022-04-12 11:01 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-13 22:30 - 2022-04-12 10:12 - 000033800 _____ C:\Windows\system32\BMXStateBkp-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-13 22:30 - 2022-04-12 10:12 - 000033800 _____ C:\Windows\system32\BMXState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-13 22:30 - 2022-04-12 10:12 - 000029040 _____ C:\Windows\system32\BMXCtrlState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-13 22:30 - 2022-04-12 10:12 - 000029040 _____ C:\Windows\system32\BMXBkpCtrlState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-13 22:30 - 2022-04-12 10:12 - 000011564 _____ C:\Windows\system32\DVCState-{00000006-00000000-00000000-00001102-00000008-10241102}.rfx
2022-06-13 22:11 - 2022-05-06 21:27 - 000000000 ____D C:\SteamLibrary
2022-06-13 22:05 - 2022-04-12 10:21 - 000000000 ____D C:\Users\radom\AppData\Local\D3DSCache
2022-06-13 21:10 - 2022-04-12 13:36 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2022-06-13 20:01 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\AppReadiness
2022-06-13 19:49 - 2022-04-12 17:18 - 000000000 ____D C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-06-13 19:40 - 2022-04-12 13:19 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2022-06-13 19:36 - 2022-04-12 12:16 - 000000000 ____D C:\Users\radom\AppData\LocalLow\IObit
2022-06-13 19:36 - 2022-04-12 12:15 - 000000000 ____D C:\ProgramData\IObit
2022-06-13 19:35 - 2022-04-12 12:15 - 000000000 ____D C:\Users\radom\AppData\Roaming\IObit
2022-06-13 19:35 - 2022-04-12 12:15 - 000000000 ____D C:\Program Files (x86)\IObit
2022-06-13 19:31 - 2022-04-12 10:11 - 001616250 _____ C:\Windows\system32\PerfStringBackup.INI
2022-06-13 19:31 - 2021-06-05 19:20 - 000683632 _____ C:\Windows\system32\perfh005.dat
2022-06-13 19:31 - 2021-06-05 19:20 - 000138942 _____ C:\Windows\system32\perfc005.dat
2022-06-13 16:09 - 2021-06-05 14:10 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-06-13 15:59 - 2022-04-12 11:02 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-13 15:39 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-13 15:36 - 2022-05-11 08:22 - 000000000 ____D C:\Users\radom\AppData\Roaming\Telegram Desktop
2022-06-13 15:36 - 2022-05-11 08:22 - 000000000 ____D C:\Users\radom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-06-13 15:36 - 2022-04-28 16:29 - 000000000 ____D C:\Users\radom\AppData\Local\ReShade
2022-06-13 15:36 - 2022-04-17 09:39 - 000000000 ____D C:\Users\radom\AppData\Roaming\Origin
2022-06-13 15:36 - 2022-04-17 09:39 - 000000000 ____D C:\Users\radom\AppData\Local\Origin
2022-06-13 15:36 - 2022-04-17 09:39 - 000000000 ____D C:\ProgramData\Origin
2022-06-13 15:36 - 2022-04-13 09:17 - 000000000 ____D C:\Users\radom\AppData\Roaming\vlc
2022-06-13 15:36 - 2022-04-13 08:35 - 000000000 ____D C:\Users\radom\AppData\Roaming\Battle.net
2022-06-13 15:36 - 2022-04-13 08:35 - 000000000 ____D C:\Users\radom\AppData\Local\Battle.net
2022-06-13 15:36 - 2022-04-12 14:35 - 000000000 ____D C:\Users\radom\AppData\Local\EpicGamesLauncher
2022-06-13 15:36 - 2022-04-12 13:36 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2022-06-13 15:36 - 2022-04-12 12:16 - 000000000 ____D C:\ProgramData\ProductData
2022-06-13 15:36 - 2022-04-12 12:13 - 000000000 ____D C:\Program Files\CrystalDiskMark8
2022-06-13 15:36 - 2022-04-12 12:13 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-06-13 15:36 - 2022-04-12 11:04 - 000000000 ____D C:\ProgramData\PATRIOT_MEMORY
2022-06-13 15:36 - 2022-04-12 10:01 - 000000000 ____D C:\ProgramData\ASUS
2022-06-13 15:36 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\GroupPolicy
2022-06-13 15:36 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\registration
2022-06-13 14:49 - 2022-05-10 12:12 - 002762208 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000402920 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000198112 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000136672 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2022-06-13 14:48 - 2022-05-10 12:12 - 000062928 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2022-06-13 14:48 - 2022-04-12 10:01 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-10 12:07 - 2022-04-12 10:23 - 000000000 ____D C:\Users\radom\OneDrive\Dokumenty\My Games
2022-06-08 10:26 - 2022-04-12 15:53 - 000000000 ____D C:\CZ Manager
2022-06-08 08:39 - 2022-04-17 09:44 - 000000000 ____D C:\Program Files (x86)\Origin
2022-06-07 13:44 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\LiveKernelReports
2022-06-03 16:01 - 2022-04-13 08:28 - 000000000 ____D C:\Users\radom\AppData\Local\Ubisoft Game Launcher
2022-06-02 18:29 - 2022-04-12 10:23 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3700602199-4179786454-2309774523-1003
2022-06-01 12:03 - 2022-04-18 14:49 - 000000000 ____D C:\Windows\Minidump
2022-05-31 21:13 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\NDF
2022-05-31 17:48 - 2022-04-12 11:19 - 000000000 ____D C:\Users\radom\AppData\Local\NVIDIA Corporation
2022-05-31 14:09 - 2022-04-13 08:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-05-30 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\MUI
2022-05-30 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\MUI
2022-05-27 16:24 - 2022-04-12 10:25 - 000000000 ____D C:\Users\radom\AppData\Local\NVIDIA
2022-05-27 16:12 - 2022-04-12 10:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-05-27 16:10 - 2022-04-12 11:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-05-27 16:10 - 2022-04-12 10:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-05-27 08:39 - 2022-04-12 10:01 - 000302600 _____ C:\Windows\system32\FNTCACHE.DAT
2022-05-27 08:38 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-05-27 08:38 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ___SD C:\Windows\SysWOW64\F12
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ___SD C:\Windows\system32\F12
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\oobe
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemResources
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\vi-VN
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\oobe
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\lv-LV
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\lt-LT
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\id-ID
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\gl-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\eu-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\et-EE
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\es-MX
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\Dism
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\ca-ES
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\appraiser
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\ShellExperiences
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\ShellComponents
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-05-27 08:38 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\bcastdvr
2022-05-27 08:36 - 2021-06-05 14:01 - 000000000 ____D C:\Windows\CbsTemp
2022-05-27 08:33 - 2022-04-12 10:03 - 003101184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-05-26 16:54 - 2022-04-12 11:20 - 000000000 ____D C:\Users\radom\AppData\Local\CrashDumps
2022-05-21 07:24 - 2022-04-12 10:23 - 000000000 ____D C:\Users\radom\OneDrive\Dokumenty\The Surge 2
2022-05-19 10:25 - 2022-04-17 16:43 - 000000000 ____D C:\Users\radom\AppData\Local\ElevatedDiagnostics
2022-05-16 16:31 - 2022-04-13 13:56 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy

==================== Files in the root of some directories ========

2022-04-12 11:13 - 2022-04-12 11:14 - 000000626 _____ () C:\Users\radom\AppData\Roaming\All CPU MeterV3_Settings.ini
2022-04-28 08:13 - 2022-04-28 08:13 - 000000839 _____ () C:\Users\radom\AppData\Roaming\Drives Meter_Settings.ini
2022-04-12 12:56 - 2022-04-12 14:36 - 000000283 _____ () C:\Users\radom\AppData\Roaming\GPU MeterV2_Settings.ini
2022-04-12 14:41 - 2022-04-12 14:41 - 000000724 _____ () C:\Users\radom\AppData\Roaming\GPU Monitor_GPU0_Settings.ini
2022-04-12 11:15 - 2022-04-12 14:34 - 000000516 _____ () C:\Users\radom\AppData\Roaming\GPU Monitor_GPU_Settings.ini
2022-05-02 21:32 - 2022-05-02 21:32 - 140605022 _____ () C:\Users\radom\AppData\Roaming\gta5_patch.bin
2022-04-18 21:02 - 2022-05-11 10:30 - 000000964 _____ () C:\Users\radom\AppData\Roaming\Network Meter_Settings.ini
2022-04-18 21:02 - 2022-05-11 10:30 - 000000019 _____ () C:\Users\radom\AppData\Roaming\Network Meter_Usage.ini
2022-05-02 21:32 - 2022-05-02 21:32 - 000332800 _____ () C:\Users\radom\AppData\Roaming\patcher.dll
2022-04-12 13:27 - 2022-04-14 16:57 - 000002418 _____ () C:\Users\radom\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2022-04-12 14:06 - 2022-05-03 22:58 - 000000122 _____ () C:\Users\radom\AppData\Roaming\System Monitor II_UptimeRecord.ini
2022-04-18 23:50 - 2022-05-03 22:58 - 000000128 _____ () C:\Users\radom\AppData\Roaming\System Uptime Full Plus_Record.ini
2022-04-18 21:03 - 2022-04-18 21:06 - 000000354 _____ () C:\Users\radom\AppData\Roaming\System Uptime Full Plus_Settings.ini
2022-04-18 20:53 - 2022-04-18 20:53 - 000000352 _____ () C:\Users\radom\AppData\Roaming\Top Process Monitor_Settings.ini
2022-04-18 20:47 - 2022-04-18 20:49 - 000000516 _____ () C:\Users\radom\AppData\Roaming\Weather Monitor_Settings.ini
2022-06-01 12:13 - 2022-06-01 12:13 - 000007626 _____ () C:\Users\radom\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Potřebuji vidět obsah souboru fixlog.txt. Měl by být v H:\. Děkuji.

Dobrý den,bohuželž už to nemohu najít.Bude to problém? děkuji

Pokud jste si ho nesmazal, je tam, kam se ukládají ostatní logy, které vytvořil FRST. Podstatné je, zda se něco změnilo.

Zatím se zdá,že je vše v pořádku.

Tak to jsem rád!

Děkuji za pomoc.Mějte se.