Prosím o kontrolu logu. Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu.

Příspěvekod jaro3 » 24 úno 2021 22:39

OK.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu.

Příspěvekod agassi » 26 úno 2021 18:54

Tak jsem provedl mem test a bylo nalezeno 0 chyb.
Hold se musím spokojit s tím co mám.....
V každém případě díky moc za pomoc.

A.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu.

Příspěvekod jaro3 » 26 úno 2021 23:11

00000000085F Čas na roztočení ploten
000000000023 Ohlášeno neopravitelných chyb
000000000481 Časový limit příkazu

on ten disk není v dobrém stavu.

ještě můžeme zkusit:
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu.

Příspěvekod agassi » 27 úno 2021 13:47

Tak jsem ještě provedl test a níže posílám výsledky:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
Ran by Aleš a Soňka (administrator) on DESKTOP-8RL2U20 (Hewlett-Packard HP Pavilion g6 Notebook PC) (27-02-2021 13:08:55)
Running from C:\Users\Aleš a Soňka\Desktop
Loaded Profiles: Aleš a Soňka
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1612945515\fsorsp64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1612945515\fsulprothoster.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.) [File not signed]
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-4088385291-536979078-2633650649-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4088385291-536979078-2633650649-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50011008 2021-01-20] (Google LLC -> )
HKU\S-1-5-21-4088385291-536979078-2633650649-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG6400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBT.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\spe__PC: C:\Windows\System32\spool\prtprocs\x64\spe__pc.dll [41984 2015-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\WINDOWS\system32\CNBLM4.DLL [267776 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6400 series: C:\WINDOWS\system32\CNMLMBT.DLL [391168 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP520 series: CNMLM94.DLL
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\spe__ Langmon: C:\WINDOWS\system32\spe__l.dll [34304 2015-08-01] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-26] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13B6534E-E39B-4866-BD8B-F8294DE488EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {172A95DB-A8B2-46F6-B78A-12FE89FD0B43} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {22E26F17-07A2-4712-93BB-0E14A79387C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {246579F8-5E3B-4DA8-B52E-5078A993BD84} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {2BD7AA2A-1911-46C3-A237-6506F38B67B6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {515C5EAE-748A-47F5-A221-A10A14EF5C0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {5C1FBB76-BD67-49B0-8227-FDDCDD89C242} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\F-Secure\SAFE\fs_hotfix.exe [308608 2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
Task: {7C7A414E-5EB3-4B0B-9F90-569A7E842974} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {83CFE922-8F35-449F-829E-0BA5B0ADC8A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {9194CFA4-4989-41A0-8778-18EE0E2862CC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {92E86417-A176-4237-BB04-FC621819CDB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {9FD345FE-ED2C-4D95-9B3C-C64040642477} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-04-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AD994B04-E2C7-44A9-BF5F-9011BB168CEA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {CF6CA987-CD15-457A-BFA1-8DD5BF50F394} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {D0AA11F6-5910-4CA2-B569-F583F9A1935D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {EB1F7725-6EB2-4213-8492-56BE5E4612B4} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{10828cd3-e49d-4bbb-a9ea-8b1ae8d88bbc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{eae2b97d-b213-49da-8699-53e9e57947fc}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Aleš a Soňka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-27]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Aleš a Soňka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-02-23]
Edge Extension: (Browsing Protection by F-Secure) - C:\Users\Aleš a Soňka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2021-02-23]
Edge HKLM\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Edge HKLM-x32\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]

FireFox:
========
FF DefaultProfile: vki8d84i.default-1613210718941
FF ProfilePath: C:\Users\Aleš a Soňka\AppData\Roaming\Mozilla\Firefox\Profiles\vki8d84i.default-1613210718941 [2021-02-27]
FF NewTab: Mozilla\Firefox\Profiles\vki8d84i.default-1613210718941 -> about:newtab
FF Session Restore: Mozilla\Firefox\Profiles\vki8d84i.default-1613210718941 -> is enabled.
FF Extension: (Google Translator for Firefox) - C:\Users\Aleš a Soňka\AppData\Roaming\Mozilla\Firefox\Profiles\vki8d84i.default-1613210718941\Extensions\translator@zoli.bod.xpi [2021-02-13]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-20] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKU\S-1-5-21-4088385291-536979078-2633650649-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 fshoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [244096 2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [244096 2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
S2 fsulhoster; C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1612945515\fshoster64.exe [623736 2021-02-13] (F-Secure Corporation -> F-Secure Corporation)
S2 fsulnethoster; C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1612945515\fshoster64.exe [623736 2021-02-13] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1612945515\fsorsp64.exe [101248 2021-02-13] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1612945515\fsulprothoster.exe [623736 2021-02-13] (F-Secure Corporation -> F-Secure Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1612945515\fsulgk.sys [328168 2021-02-13] (F-Secure Corporation -> F-Secure Corporation)
R1 F-Secure UL HIPS; C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1612945515\fshs.sys [103912 2021-02-13] (F-Secure Corporation -> F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [58752 2020-12-05] (F-Secure Corporation -> F-Secure Corporation)
S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15304 2020-08-01] (Microsoft Windows Early Launch Anti-malware Publisher -> F-Secure Corporation)
R2 fsnif2; C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\nif2\1614076011\nif2s64.sys [177672 2021-02-23] (F-Secure Corporation -> F-Secure Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-03-05] (Martin Malik - REALiX -> REALiX(tm))
S3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver.sys [20016 2011-10-14] (Synaptics Incorporated -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 MpKsld3ab214e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3C8A60E-6572-4377-9B5C-AB401737B91D}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-27 13:08 - 2021-02-27 13:12 - 000016584 _____ C:\Users\Aleš a Soňka\Desktop\FRST.txt
2021-02-27 13:08 - 2021-02-27 13:10 - 000000000 ____D C:\FRST
2021-02-27 13:01 - 2021-02-27 13:01 - 002301440 _____ (Farbar) C:\Users\Aleš a Soňka\Downloads\FRST64(1).exe
2021-02-27 12:59 - 2021-02-27 12:59 - 002301440 _____ (Farbar) C:\Users\Aleš a Soňka\Desktop\FRST64.exe
2021-02-26 08:10 - 2019-12-06 16:51 - 000013657 _____ C:\Users\Aleš a Soňka\Downloads\manual.html
2021-02-26 08:10 - 2019-12-06 16:49 - 000040960 _____ () C:\Users\Aleš a Soňka\Downloads\memtest.exe
2021-02-24 11:48 - 2021-02-24 11:48 - 004707568 _____ (Crystal Dew World ) C:\Users\Aleš a Soňka\Downloads\CrystalDiskInfo8_11_0.exe
2021-02-24 11:46 - 2021-02-24 11:46 - 000000000 ____D C:\Users\Aleš a Soňka\Downloads\backups
2021-02-24 11:37 - 2021-02-24 11:37 - 000002290 _____ C:\Users\Aleš a Soňka\Desktop\as_7546.tmp.txt
2021-02-23 22:31 - 2021-02-23 22:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-23 22:30 - 2021-02-23 22:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-23 22:16 - 2021-02-26 19:28 - 001276943 _____ C:\WINDOWS\ZAM.krnl.trace
2021-02-23 22:16 - 2021-02-23 22:16 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\Zemana
2021-02-23 22:15 - 2021-02-26 19:28 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\AMSDK
2021-02-23 21:42 - 2021-02-23 21:42 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-02-23 21:38 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-02-23 19:58 - 2021-02-23 21:19 - 000000000 ____D C:\zoek_backup
2021-02-23 18:23 - 2021-02-23 18:23 - 000000000 ____D C:\Users\Aleš a Soňka\Downloads\zoek1
2021-02-23 13:29 - 2021-02-23 13:29 - 040494928 _____ (Adlice Software ) C:\Users\Aleš a Soňka\Downloads\RogueKiller_setup.exe
2021-02-23 08:54 - 2021-02-23 08:54 - 000000000 ____D C:\ProgramData\Sophos
2021-02-22 23:13 - 2021-02-25 08:19 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\Adobe
2021-02-22 23:04 - 2021-02-22 23:04 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\mbam
2021-02-22 23:02 - 2021-02-22 23:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-22 22:55 - 2021-02-25 08:16 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\Apps\2.0
2021-02-22 22:29 - 2021-02-22 22:29 - 000448512 _____ (OldTimer Tools) C:\Users\Aleš a Soňka\Downloads\TFC(1).exe
2021-02-22 22:29 - 2021-02-22 22:29 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\ATI
2021-02-22 22:26 - 2021-02-22 22:26 - 000050688 _____ (Atribune.org) C:\Users\Aleš a Soňka\Downloads\ATF-Cleaner(1).exe
2021-02-22 09:43 - 2021-02-23 08:03 - 000000000 ____D C:\AdwCleaner
2021-02-22 08:51 - 2021-02-22 08:51 - 000448512 _____ (OldTimer Tools) C:\Users\Aleš a Soňka\Downloads\TFC.exe
2021-02-22 08:05 - 2021-02-22 08:05 - 000050688 _____ (Atribune.org) C:\Users\Aleš a Soňka\Downloads\ATF-Cleaner.exe
2021-02-22 07:56 - 2021-02-22 07:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Aleš a Soňka\Downloads\HijackThis(1).exe
2021-02-19 08:23 - 2021-02-19 08:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-19 08:19 - 2021-02-19 08:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-19 08:18 - 2021-02-19 08:18 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-19 08:18 - 2021-02-19 08:18 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-19 08:07 - 2021-02-19 08:07 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-18 08:25 - 2021-02-18 08:25 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CGC Consulting s.r.o
2021-02-13 11:35 - 2021-02-13 11:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-27 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-27 12:55 - 2019-01-30 21:26 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-27 12:54 - 2016-11-17 21:34 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\LocalLow\Mozilla
2021-02-27 12:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-27 12:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-27 12:52 - 2020-06-07 13:04 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-27 12:52 - 2020-05-31 11:40 - 000004224 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{9C0CDF38-3C2F-49AC-B0E0-77C000B2DB57}
2021-02-27 12:51 - 2016-04-06 11:42 - 000000000 ____D C:\Program Files\CCleaner
2021-02-26 18:50 - 2020-05-31 10:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-26 13:11 - 2020-04-04 09:40 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-26 08:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-25 08:23 - 2020-11-14 21:26 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\Deployment
2021-02-25 08:22 - 2018-08-12 20:22 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-25 08:06 - 2020-05-31 11:40 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-23 22:31 - 2016-01-15 10:25 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-23 22:31 - 2016-01-15 10:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-23 21:42 - 2020-05-31 11:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-23 21:40 - 2020-05-31 10:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-23 21:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-23 21:39 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-23 21:32 - 2016-02-07 15:08 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-02-23 21:19 - 2020-05-31 10:55 - 000000000 ____D C:\Users\Aleš a Soňka
2021-02-23 14:28 - 2016-01-15 09:33 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\Comms
2021-02-23 08:39 - 2016-01-15 09:45 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-23 08:17 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-23 08:06 - 2020-04-08 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-02-23 08:06 - 2017-11-27 22:14 - 000000000 ____D C:\ProgramData\HP
2021-02-23 08:06 - 2017-03-05 18:49 - 000000000 ____D C:\ProgramData\IObit
2021-02-23 08:06 - 2017-03-05 18:48 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Roaming\IObit
2021-02-23 08:06 - 2011-05-20 18:18 - 000000000 ___HD C:\HP
2021-02-23 08:05 - 2016-02-07 15:15 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\Hewlett-Packard
2021-02-23 08:05 - 2016-02-07 15:14 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Roaming\Hewlett-Packard
2021-02-23 08:05 - 2016-02-07 15:05 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-02-22 23:00 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-22 22:53 - 2020-05-31 11:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-22 22:53 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-22 22:53 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-22 22:44 - 2020-05-31 10:51 - 000295224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-22 22:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-22 22:40 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-22 22:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-22 22:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-22 22:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-22 22:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-22 22:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-22 22:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-22 22:40 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-22 22:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-22 08:17 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-02-22 08:17 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-02-22 08:17 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-02-22 08:17 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-02-22 08:17 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-02-22 08:17 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-02-22 08:17 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-02-22 08:17 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-02-22 08:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-02-22 08:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-02-22 08:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-02-22 08:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-02-22 08:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-02-22 08:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-02-22 08:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-02-22 08:16 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-22 08:16 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-22 08:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-02-22 08:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-02-22 08:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-22 08:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-02-21 19:16 - 2018-10-09 09:49 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\PlaceholderTileLogoFolder
2021-02-19 12:08 - 2020-05-30 17:21 - 000000000 ___HD C:\$WinREAgent
2021-02-19 10:10 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\OCR
2021-02-19 08:20 - 2018-03-23 13:12 - 000000000 ____D C:\Users\Aleš a Soňka\AppData\Local\Packages
2021-02-13 12:01 - 2018-08-16 20:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-13 11:38 - 2020-05-31 11:40 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4088385291-536979078-2633650649-1001
2021-02-13 11:37 - 2020-05-31 10:55 - 000002427 _____ C:\Users\Aleš a Soňka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-13 11:37 - 2016-01-15 09:13 - 000000000 ___RD C:\Users\Aleš a Soňka\OneDrive
2021-02-13 11:28 - 2016-01-15 09:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-13 11:11 - 2016-01-15 09:43 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-13 11:05 - 2020-10-04 14:11 - 000000000 ____D C:\Users\Aleš a Soňka\Desktop\Původní data aplikace Firefox
2021-02-13 11:01 - 2020-05-31 11:40 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-13 10:52 - 2020-05-31 11:40 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-13 10:52 - 2020-05-31 11:40 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-13 10:51 - 2020-06-07 13:04 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-13 10:51 - 2020-06-07 13:04 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu.

Příspěvekod agassi » 27 úno 2021 13:48

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Aleš a Soňka (27-02-2021 13:18:22)
Running from C:\Users\Aleš a Soňka\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2020-05-31 10:41:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4088385291-536979078-2633650649-500 - Administrator - Disabled)
Aleš a Soňka (S-1-5-21-4088385291-536979078-2633650649-1001 - Administrator - Enabled) => C:\Users\Aleš a Soňka
DefaultAccount (S-1-5-21-4088385291-536979078-2633650649-503 - Limited - Disabled)
Guest (S-1-5-21-4088385291-536979078-2633650649-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4088385291-536979078-2633650649-1004 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4088385291-536979078-2633650649-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: F-Secure SAFE (Disabled - Up to date) {01EEC97C-28E5-34E7-6F5F-47CED8192856}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: F-Secure SAFE (Enabled - Up to date) {31A9D001-F96D-024E-EACB-7693DE78B727}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20140 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
eM Client (HKLM-x32\...\{1450D779-8650-468B-9136-CA836C0A744C}) (Version: 7.2.36908.0 - eM Client Inc.)
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
F-Secure SAFE (HKLM-x32\...\{46B8A013-32EE-4158-A401-E25B63FE5D28}) (Version: 17.9 - F-Secure Corporation)
F-Secure Ultralight 1.0.5438.0 (release) (cc0c4f981bd2f23d1e5e325af11ed0a0ecf2a348) (HKLM-x32\...\{C75644E8-5FB5-4B8F-8FD2-08CC5D7ECD87}) (Version: 1.0.5438.0 - F-Secure Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
HP Support Solutions Framework (HKLM-x32\...\{579A990C-3855-4838-AF23-354CE2264BC0}) (Version: 12.18.34.21 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-4088385291-536979078-2633650649-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MOIS OFFLINE PROD (HKU\S-1-5-21-4088385291-536979078-2633650649-1001\...\a261b523c684f539) (Version: 0.10.11.10 - CGC Consulting s.r.o.)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 86.0.0.7723 - Mozilla)
Mp3tag v2.86 (HKLM-x32\...\Mp3tag) (Version: 2.86 - Florian Heidenreich)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.28162 - Realtek Semiconduct Corp.)
Registrace uživatele zařízení Canon MP520 series (HKLM-x32\...\Registrace uživatele zařízení Canon MP520 series) (Version: - )
ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Verbatim Product Update 1.06 (HKLM-x32\...\Verbatim Product Update_is1) (Version: - Verbatim)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-28] (Microsoft Corporation)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.7.0_x64__v10z8vjag6ke6 [2020-10-12] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4088385291-536979078-2633650649-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Aleš a Soňka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-4088385291-536979078-2633650649-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Aleš a Soňka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-4088385291-536979078-2633650649-1001_Classes\CLSID\{89BB4535-5AE9-43a0-89C5-19B4697E5C5E}\InprocServer32 -> C:\Users\Aleš a Soňka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\iBattery.gadget\bin\Gadget.Interop.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-4088385291-536979078-2633650649-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ !AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [ !AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.5.6.650\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [ !AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.5.6.650\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\F-Secure\SAFE\FsShellExtension64.dll [2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-01-24] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-01-24] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.5.6.650\ASUSWSContextMenu.dll [2020-03-10] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-01-24] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-17 11:34 - 2021-01-17 11:34 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\299bf2e4e23af02175445e6a26f183b3\A4.Foundation.ni.dll
2021-02-04 17:28 - 2021-02-04 17:28 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\a24c26eba4ea3ddce65e74fa4668e293\AEM.Actions.CCAA.Shared.ni.dll
2021-02-04 17:28 - 2021-02-04 17:28 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\b1c480fea6a1f23d52c3e56efa0e3568\AEM.Plugin.EEU.Shared.ni.dll
2021-02-04 17:28 - 2021-02-04 17:28 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\ab84ec371d67664b2b3835984aa2dce2\AEM.Plugin.Hotkeys.Shared.ni.dll
2021-02-04 17:28 - 2021-02-04 17:28 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\067d1b4cc2a05184c6e0a89aaee60af6\AEM.Plugin.DPPE.Shared.ni.dll
2021-02-22 10:32 - 2021-02-22 10:32 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\e6806d3dfa2372f274fedc400ecaea29\AEM.Plugin.Source.Kit.Server.ni.dll
2021-02-04 17:30 - 2021-02-04 17:30 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\20e43f89b55b6c6d58c04b22890cbbc3\AEM.Plugin.WinMessages.Shared.ni.dll
2021-02-04 17:29 - 2021-02-04 17:29 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\2cb21aaa54b1116e4ceda042a9d4ce1e\AEM.Plugin.REG.Shared.ni.dll
2021-02-04 17:28 - 2021-02-04 17:28 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\a0c3b8ce9c35481a6521f517227bbbe2\AEM.Plugin.GD.Shared.ni.dll
2021-02-04 17:29 - 2021-02-04 17:29 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\6cfd22563e0e2c727f094a3de46cf569\AEM.Server.Shared.ni.dll
2021-02-04 17:30 - 2021-02-04 17:30 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\8e824043be59343847600763c50d6229\AEM.Server.ni.dll
2021-02-04 17:30 - 2021-02-04 17:30 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\8b0dfc591b480594610bbaa94430d4db\APM.Foundation.ni.dll
2021-02-22 11:20 - 2021-02-22 11:20 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\4f9523253033d141734969c0866c932c\ATICCCom.ni.dll
2021-02-04 17:31 - 2021-02-04 17:31 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\af1df7a28635d8dc2019da4ad419ebaa\CCC.Implementation.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\d18e017d86840cf4e291065a203bf595\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2021-02-22 10:35 - 2021-02-22 10:35 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\c473afacd64a10cb325e6c9ac524f824\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2021-02-22 10:55 - 2021-02-22 10:55 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\1de0b258089f746ad04d1233cf969b29\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\dd5cc863637abdfb436e9ceaee87b61a\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\119e8f5a6e9313af4844f1cb23d04601\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\bf72cdb8017728ac2915993a05842fee\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\ec62501776136c97cc7f8ede3f99c6d9\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2021-02-22 11:16 - 2021-02-22 11:16 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\7ee8d68f2500cbf06d0e1339d0509d76\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\ea99ad5efa6b77f631f17f3f6514113d\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2021-02-22 11:20 - 2021-02-22 11:20 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\b25d1017d66178bbb77c5038da1e5327\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2021-02-22 10:35 - 2021-02-22 10:35 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\e51ade072914adc16c9cc1a4eb929b0b\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\af53ba99fab78381ec29e55adfd889b7\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2021-02-22 11:16 - 2021-02-22 11:16 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\1946be912a1389e3b2e8e684bdb2c6fa\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\528e8766b99ec47ea476e036a210492b\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2021-02-22 10:56 - 2021-02-22 10:56 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\b3107cf758db9f29066e5548859e950a\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2021-02-22 11:16 - 2021-02-22 11:16 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\6d4486fb59307bec3ac8923aebc72ef1\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2021-02-22 11:16 - 2021-02-22 11:16 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\ebccb64be88b1b07b48f2652531555a7\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\e7f1c1a772858f2bc0d52f6c35e98cf6\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2021-02-22 10:35 - 2021-02-22 10:35 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\59f37443a686efbf0c52772f1db24e0e\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2021-02-22 11:15 - 2021-02-22 11:15 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\12c979ab0dac8ba20586fa52ec4c5cef\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\3e009bed5e4d5046f36f132a1b75aa95\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2021-02-22 10:56 - 2021-02-22 10:56 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\e62039c5f426da0d2aa0415ba6806c9e\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2021-02-22 10:56 - 2021-02-22 10:56 - 000096256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4f2f79c#\73b0f1411d421cf80be838629e17ed37\CLI.Aspect.CrossFireX.Graphics.Dashboard.ni.dll
2021-02-22 11:16 - 2021-02-22 11:16 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\b0e1ae0abff9a1471337ff4e5cb5f5f6\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\4c50ca884ddb173946e52d51eeb28571\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2021-02-22 11:15 - 2021-02-22 11:15 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\44b63310c195cfc86fdc7b385b24d1af\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\2597fa5cfc6bbd186558dd3ddb3875f3\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\0e5e46fe8262765fc01f531393cea826\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\1b793612380f60d287e5c5f86122e89c\CLI.Caste.A4.Runtime.ni.dll
2021-02-22 10:34 - 2021-02-22 10:34 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\0f047cf9e2239851a811b935d7b109d0\CLI.Caste.A4.Shared.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\ad42a31ed395b0ecbe316f65491d24af\CLI.Caste.A4.Dashboard.ni.dll
2021-02-22 10:55 - 2021-02-22 10:55 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\756be47d421c14309af0c8d9dddc6a29\CLI.Caste.Fuel.Shared.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\237f6779fe63e0a2c1d282dcaae5138d\CLI.Caste.Fuel.Runtime.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\9da73010c1ac2627c98cd659770a1f1e\CLI.Caste.Fuel.Dashboard.ni.dll
2021-02-22 11:16 - 2021-02-22 11:16 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\a5e2e36025e5e42aeff913bbda1aa6d6\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2021-02-22 10:35 - 2021-02-22 10:35 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\d9023f90cb9c233a1ef9d29afe619a5d\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2021-02-22 10:55 - 2021-02-22 10:55 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\2c859919bad3bef7b22e820c8331e258\CLI.Caste.Graphics.Dashboard.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\67666baee565c9b0f6a67df38462c2f3\CLI.Caste.HydraVision.Runtime.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\be62787dd2bab6bbe758bb473b72c8e4\CLI.Caste.HydraVision.Shared.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\c0e53f1337994c1667cf8986471b8253\CLI.Caste.HydraVision.Dashboard.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\0552c276520bab46992e3d931c858708\CLI.Caste.Platform.Shared.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\753c0337e60bbef84ae2e4d415b423f7\CLI.Caste.Platform.Runtime.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\8cc70011780cd7107d94671bcc46c204\CLI.Caste.Platform.Dashboard.ni.dll
2021-02-04 17:30 - 2021-02-04 17:30 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\0619ae2c3e8cc53377fbecef51f243ed\CLI.Component.Runtime.Shared.ni.dll
2021-02-22 11:20 - 2021-02-22 11:20 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\dfff39149c8e27593d1a824546fc918b\CLI.Component.Systemtray.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\197bf5cf7fb1b4891e579ec04e9eef33\CLI.Component.Dashboard.ProfileManager2.ni.dll
2021-02-22 10:34 - 2021-02-22 10:34 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\780c8bd8339ff2def14b0207cd808a3b\CLI.Component.Runtime.Shared.Private.ni.dll
2021-02-22 11:20 - 2021-02-22 11:20 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\c2b5ee81f835f248ac92e192a11b37f2\CLI.Component.Runtime.Extension.EEU.ni.dll
2021-02-22 10:33 - 2021-02-22 10:33 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\e0ac251c51c9ce70532e3b80d17036b1\CLI.Component.Dashboard.Shared.Private.ni.dll
2021-02-22 10:34 - 2021-02-22 10:34 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\5627e1355102d34ea0fb784888ab8e34\CLI.Component.Client.Shared.ni.dll
2021-02-22 10:34 - 2021-02-22 10:34 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\007e57a69242e84ff334564a788165c0\CLI.Component.Dashboard.Shared.ni.dll
2021-02-04 17:30 - 2021-02-04 17:30 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\a0a2b615cdc294c7d3af29f42d6f3369\CLI.Foundation.Private.ni.dll
2021-02-22 11:20 - 2021-02-22 11:20 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\4e50f43f222133081bca51d4ec374497\CLI.Foundation.XManifest.ni.dll
2021-02-04 17:30 - 2021-02-04 17:30 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\bcdee5c6fe25466f8c29767f6b2b1294\CLI.Foundation.CoreAudioAPI.ni.dll
2021-02-22 10:34 - 2021-02-22 10:34 - 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\e71d9ac8050ddbc61de0d405425ffb71\CLI.Foundation.Client.ni.dll
2021-02-22 10:32 - 2021-02-22 10:32 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\f427fb4249819cdad708ab341925f176\CLI.Foundation.ni.dll
2021-02-04 17:29 - 2021-02-04 17:29 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\5d12a5ba7cfcf92e2bdedb9c65064c74\DEM.Foundation.ni.dll
2021-02-04 17:29 - 2021-02-04 17:29 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\5658790b6d8ee4f840d1ca57866316ce\DEM.Graphics.I0601.ni.dll
2021-02-04 17:29 - 2021-02-04 17:29 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\dfa1099aca23fc47444238db01432d1e\DEM.Graphics.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\7224c4f48b25b446a37e68bf70496628\Fuel.Foundation.ni.dll
2021-02-22 11:21 - 2021-02-22 11:21 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\e8caa0b0ef82e5f8b64cc8d85740b649\LOG.Foundation.Implementation.ni.dll
2021-01-17 11:34 - 2021-01-17 11:34 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\bb140c3f749aad3e194c37b732486584\LOG.Foundation.Private.ni.dll
2021-02-04 17:31 - 2021-02-04 17:31 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\941a6700366b94ec64b62cc506f95d74\LOG.Foundation.Implementation.Private.ni.dll
2021-02-22 10:31 - 2021-02-22 10:31 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\14a13de1f3708f74c0de29e5d486a6de\LOG.Foundation.ni.dll
2021-02-04 17:31 - 2021-02-04 17:31 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\c718fcd8c25b703ccad4cb802f9c7dca\MOM.Foundation.ni.dll
2021-02-22 11:22 - 2021-02-22 11:22 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\942416935b21cacc907f56d100506704\MOM.Implementation.ni.dll
2021-02-04 17:28 - 2021-02-04 17:28 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\ae9a13269043d55e4140d5868270661d\NEWAEM.Foundation.ni.dll
2021-02-04 17:28 - 2021-02-04 17:28 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\79c00831b1c30bf18fb586d85535361d\ADL.Foundation.ni.dll
2021-02-04 17:30 - 2021-02-04 17:30 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\11725f354a5e8c6ce052906bd4a8e5e8\APM.Server.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000783872 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.79734f7a#\ee4275611386e7caa8525721f42d22b6\CLI.Aspect.PowerXpress.Graphics.Runtime.ni.dll
2021-02-22 10:56 - 2021-02-22 10:56 - 000357888 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b3da5a8f#\8115c9f4be5c153a71dc876fbb8dd313\CLI.Aspect.PowerXpress.Graphics.Shared.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000595456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4846ba2#\4b2f4a30c7c2dd195fd6e39df3e80028\CLI.Aspect.PowerXpress.Graphics.Dashboard.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\9290d5fffa3771fc564d5a494bbaef80\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2021-02-22 10:34 - 2021-02-22 10:34 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\4a1483e26ec981cde398a218ac363ad1\CLI.Component.Client.Shared.Private.ni.dll
2021-02-22 11:20 - 2021-02-22 11:20 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\e6ebbe99ad169505a7b1614029784799\CLI.Component.Runtime.ni.dll
2021-02-22 11:19 - 2021-02-22 11:19 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\de0138b3d17f3b789606957fedfe666f\CLI.Component.Dashboard.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0702\b412bf450c79457c9c6e02719fef3a99\DEM.Graphics.I0702.ni.dll
2021-02-22 11:16 - 2021-02-22 11:16 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\5252f14189e3677767b454164fb541cf\DEM.Graphics.I0709.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000009728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0710\8eeed39b8e461125c3b64ec004190ba5\DEM.Graphics.I0710.ni.dll
2021-02-22 11:15 - 2021-02-22 11:15 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\5e93aedbce33eb9d7f84de52de38623c\DEM.Graphics.I0712.ni.dll
2021-02-22 11:15 - 2021-02-22 11:15 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\aa9984e9a16523bb1fd71b855c687aa6\DEM.Graphics.I0804.ni.dll
2021-02-22 11:17 - 2021-02-22 11:17 - 000009728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0901\2fe32ec8719bc5e139d20434f117fd6f\DEM.Graphics.I0901.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\58c6e0a82fa1629f5583fd56b7323d3c\DEM.Graphics.I0906.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\4fe945ea0f126bb4dccba474e3ee74dd\DEM.Graphics.I1010.ni.dll
2021-02-04 17:30 - 2021-02-04 17:30 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\850f9ba397907bdd65f8b39b38d30802\Localization.Foundation.Private.ni.dll
2021-02-22 11:22 - 2021-02-22 11:22 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\728cdf3754ae85033dd79ad186800036\ResourceManagement.Foundation.Implementation.ni.dll
2021-02-22 10:34 - 2021-02-22 10:34 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\1c70dcc4229d6020dee4a1dec7d82013\ResourceManagement.Foundation.Private.ni.dll
2021-02-22 10:35 - 2021-02-22 10:35 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\cf90b853c4e28581c7cc59c5383c17ba\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2021-02-22 10:32 - 2021-02-22 10:32 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\279fe6e0d04379447e1fe91e00e0f1ab\CLI.Caste.Graphics.Shared.ni.dll
2021-02-22 11:18 - 2021-02-22 11:18 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\38fb846f3a344f93b10dfd7394da66e1\CLI.Caste.Graphics.Runtime.ni.dll
2017-04-21 04:07 - 2017-04-21 04:07 - 001504768 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.5.6.650\ASUSWSShellExt64.dll
2018-01-24 10:31 - 2018-01-24 10:31 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2021-02-22 10:34 - 2021-02-22 10:34 - 000335360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\4f0fd874313da401477c46c3cec85dc9\Microsoft.WindowsAPICodePack.ni.dll
2021-02-22 10:34 - 2021-02-22 10:34 - 002546688 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\a8c5a476b51666456f23a36508ee97da\Microsoft.WindowsAPICodePack.Shell.ni.dll
2007-02-05 08:29 - 2007-02-05 08:29 - 000139264 _____ (Nuance Communications, Inc.) [File not signed] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpHookSE4.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4088385291-536979078-2633650649-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-4088385291-536979078-2633650649-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\http\1611665804\browser\fs_ie_https\fs_ie_https64.dll [2021-01-26] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\http\1611665804\browser\fs_ie_https\fs_ie_https.dll [2021-01-26] (F-Secure Corporation -> F-Secure Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2021-02-24 11:46 - 000000813 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4088385291-536979078-2633650649-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Aleš a Soňka\Pictures\Tapeta Vánoce 2020.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run32: => "WinampAgent"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenu"
HKU\S-1-5-21-4088385291-536979078-2633650649-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4088385291-536979078-2633650649-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4088385291-536979078-2633650649-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4088385291-536979078-2633650649-1001\...\StartupApproved\Run: => "GoogleDriveSync"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F1E85C9C-4AA1-4EA7-A01E-7D96DF41F53A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2021E9DD-2F69-4AB7-B071-74423876B3E7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{94454F9A-46B8-41C3-BF73-A4F13ABD1DDF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0CD1836D-D603-4A89-89A6-A9D1183D6C43}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64EE7A89-D0D7-45A1-83BF-78F9E83F7CCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{820BB4DA-CFB5-4343-841D-F00E44082E31}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D62E5E77-AB67-4566-A93F-DA0CD19EE668}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{3ED677F1-F194-4ECF-8D1E-57283555A1B9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{3F685EB6-A76A-4186-9106-F3D429713478}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{08918E43-B47B-46A9-B74A-CF12979EF20D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3CD1289-6212-42C7-8604-A6E5F9C10BAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{70C5C324-C0D2-41F0-903D-F9F2268541FF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{9F1DE064-E455-4A05-9CBC-9B5992D64C63}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{FCC8AD55-39EE-4687-AACC-28332E4769FC}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{665DDA20-D7D8-47E0-B84F-ACDE521791D4}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{07036F6B-6CE1-47E1-95F9-37265F427076}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{71A0EDA4-B25F-4F1F-8F2F-04BFE9263F94}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{89305385-C739-458F-A606-A188CC60BE24}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{5B2FEDE2-638C-4C5E-A072-84F751EA3D59}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{ABB41B95-7B7B-4945-8E1A-8D514837BAD6}C:\program files\totalcmd\totalcmd64.exe] => (Block) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{5369B97A-1328-4168-B77E-46002A092987}C:\program files\totalcmd\totalcmd64.exe] => (Block) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{358491AB-40BD-40CE-AD93-FDFFFC9A4D5F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

23-02-2021 07:59:53 AdwCleaner_BeforeCleaning_23/02/2021_07:59:43
23-02-2021 08:30:28 JRT Pre-Junkware Removal
26-02-2021 07:55:54 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/26/2021 07:33:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15547

Error: (02/26/2021 07:33:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15547

Error: (02/26/2021 07:33:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/25/2021 01:04:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15390

Error: (02/25/2021 01:04:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15390

Error: (02/25/2021 01:04:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/25/2021 11:58:10 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na SYSTEM, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/25/2021 11:53:05 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na SYSTEM, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (02/25/2021 01:04:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8RL2U20)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/24/2021 02:37:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8RL2U20)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/24/2021 02:37:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8RL2U20)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/24/2021 11:37:04 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby rkrtservice bylo dosaženo časového limitu (30000 ms).

Error: (02/23/2021 09:46:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Touchpoint Analytics neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/23/2021 09:17:54 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/23/2021 09:17:53 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/23/2021 09:17:52 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Windows Defender:
================
Date: 2021-02-25 13:03:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7D24333E-B10A-4005-8569-632AF604273D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-25 11:54:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8AE925DA-568D-468F-AADF-841F287BBE9C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-25 11:45:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E4C64109-627D-4EBE-937F-923029130CA6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-25 11:26:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C163F5EC-D7A2-4FD1-A27A-A81316335673}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-24 11:35:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1B78D9AE-5D4B-4AC0-9DE3-94DBDC3FB92D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-02-27 13:10:50
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1612945515\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: Insyde F.66 01/24/2013
Motherboard: Hewlett-Packard 1670
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 88%
Total physical RAM: 4043.86 MB
Available physical RAM: 464.52 MB
Total Virtual: 6931 MB
Available Virtual: 2619.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:574.54 GB) (Free:456.73 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:17.47 GB) (Free:1.87 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

\\?\Volume{57927533-0000-0000-0000-100000000000}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 57927533)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=574.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End of Addition.txt =======================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu.

Příspěvekod jaro3 » 27 úno 2021 20:57

Odinstaluj:
AVGPCTuneUp pokud najdeš

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
Bylo třeba vše vypnout..

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
Task: {172A95DB-A8B2-46F6-B78A-12FE89FD0B43} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {22E26F17-07A2-4712-93BB-0E14A79387C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {83CFE922-8F35-449F-829E-0BA5B0ADC8A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {EB1F7725-6EB2-4213-8492-56BE5E4612B4} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Edge HKLM\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Edge HKLM-x32\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKU\S-1-5-21-4088385291-536979078-2633650649-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [ !AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
SearchScopes: HKU\S-1-5-21-4088385291-536979078-2633650649-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu.

Příspěvekod agassi » 28 úno 2021 09:39

Tak AVGPCTuneUp jsem v PC nenašel a to jsem dal v Total Commanderu zobrazit skryté soubory i systémové soubory.
Koukám na log a tam je.

Po provedení tvého postupu se po testu PC restartoval.




Fix result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Aleš a Soňka (28-02-2021 09:06:28) Run:1
Running from C:\Users\Aleš a Soňka\Desktop
Loaded Profiles: Aleš a Soňka
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {172A95DB-A8B2-46F6-B78A-12FE89FD0B43} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {22E26F17-07A2-4712-93BB-0E14A79387C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {83CFE922-8F35-449F-829E-0BA5B0ADC8A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-04] (Google LLC -> Google LLC)
Task: {EB1F7725-6EB2-4213-8492-56BE5E4612B4} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Edge HKLM\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Edge HKLM-x32\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKU\S-1-5-21-4088385291-536979078-2633650649-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [ !AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
SearchScopes: HKU\S-1-5-21-4088385291-536979078-2633650649-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{172A95DB-A8B2-46F6-B78A-12FE89FD0B43}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{172A95DB-A8B2-46F6-B78A-12FE89FD0B43}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22E26F17-07A2-4712-93BB-0E14A79387C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22E26F17-07A2-4712-93BB-0E14A79387C4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83CFE922-8F35-449F-829E-0BA5B0ADC8A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83CFE922-8F35-449F-829E-0BA5B0ADC8A7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB1F7725-6EB2-4213-8492-56BE5E4612B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB1F7725-6EB2-4213-8492-56BE5E4612B4}" => removed successfully
C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => removed successfully
HKLM\SOFTWARE\Microsoft\Edge\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade => removed successfully
HKU\S-1-5-21-4088385291-536979078-2633650649-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ !AsusWSShellExt_B => not found
HKU\S-1-5-21-4088385291-536979078-2633650649-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 92993746 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4744638 B
Edge => 0 B
Chrome => 446464 B
Firefox => 166855708 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 9139 B
ProgramData => 9139 B
Public => 9139 B
systemprofile => 9139 B
systemprofile32 => 9139 B
LocalService => 38935 B
NetworkService => 55623 B
Aleš a Soňka => 76198579 B

RecycleBin => 1893541 B
EmptyTemp: => 337.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:11:55 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu.

Příspěvekod jaro3 » 28 úno 2021 17:22

Víc s tím neuděláme , viz ty chyby , vadné sektory na disku.

Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu.

Příspěvekod agassi » 01 bře 2021 12:10

# DelFix v1.010 - Logfile created 01/03/2021 at 11:59:08
# Updated 26/04/2015 by Xplode
# Username : Aleš a Soňka - DESKTOP-8RL2U20
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Aleš a Soňka\Desktop\Fixlog.txt
Deleted : C:\Users\Aleš a Soňka\Desktop\FRST64.exe
Deleted : C:\Users\Aleš a Soňka\Downloads\FRST64(1).exe
Deleted : C:\Users\Aleš a Soňka\Downloads\HijackThis(1).exe
Deleted : C:\Users\Aleš a Soňka\Downloads\hijackthis.log
Deleted : C:\Users\Aleš a Soňka\Downloads\RogueKiller_setup.exe
Deleted : C:\Users\Aleš a Soňka\Downloads\TFC(1).exe
Deleted : C:\Users\Aleš a Soňka\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #17 [AdwCleaner_BeforeCleaning_23/02/2021_07:59:43 | 02/23/2021 06:59:53]
Deleted : RP #18 [JRT Pre-Junkware Removal | 02/23/2021 07:30:28]
Deleted : RP #19 [Instalační služba modulů systému Windows | 02/26/2021 06:55:54]

New restore point created !

########## - EOF - ##########










Díky moc za rady.
A.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 15 hostů