Dobrý den,
prosím o kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Babička at 2022-04-05 20:30:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 71 GB (51%) free of 139 GB
Total RAM: 8134 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:30:56, on 5.4.2022
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
C:\Users\Babička\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Users\Babička\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\Avira\Security\Avira.Spotlight.UI.Application.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\85.0.4341.47\opera_crashreporter.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe
C:\Users\Babička\AppData\Local\Temp\scoped_dir5036_1050233590\RSIT.exe
C:\Program Files (x86)\trend micro\Babička.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.29\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\Babička\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Security Updater (AviraSecurityUpdater) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\99.0.4844.84\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9407 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Babička\AppData\Roaming\Mozilla\Firefox\Profiles\naf25sl8.default-release
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.29\BHO\ie_to_edge_bho.dll [2022-04-01 432040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"=C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [2013-01-28 550272]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-04 767176]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Opera Browser Assistant"=C:\Users\Babička\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2021-10-14 4105424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"shell"=explorer.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=C:\Windows\system32\iac25_32.ax
"VIDC.IV41"=IR41_32.AX
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2022-04-05 20:30:47 ----D---- C:\rsit
2022-04-05 20:30:47 ----D---- C:\Program Files (x86)\trend micro
2022-04-05 20:00:27 ----D---- C:\Users\Babička\AppData\Roaming\TeamViewer
======List of files/folders modified in the last 1 month======
2022-04-05 20:30:48 ----D---- C:\Windows\Temp
2022-04-05 20:30:47 ----RD---- C:\Program Files (x86)
2022-04-05 20:22:55 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-05 20:16:11 ----D---- C:\Program Files (x86)\Google
2022-04-05 20:08:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-05 20:08:23 ----RD---- C:\Program Files
2022-04-05 20:00:27 ----RSD---- C:\Windows\Fonts
2022-04-05 09:02:00 ----D---- C:\Windows\SysWOW64
2022-04-02 11:06:43 ----D---- C:\Windows
2022-04-01 07:53:51 ----D---- C:\Windows\System32
2022-04-01 07:53:51 ----D---- C:\Windows\inf
2022-03-09 13:52:07 ----SHD---- C:\System Volume Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys []
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2014-01-28 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2012-09-14 14464]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv_bgp.sys [2020-10-05 315976]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys []
R3 AiChargerPlus;AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [2013-01-28 14848]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys []
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys []
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
S3 cpuz145;cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [2020-09-25 49968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 phantomtap;Phantom TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\phantomtap.sys []
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20); C:\Windows\system32\DRIVERS\RtTeam620.sys []
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-04 344064]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2013-05-13 936728]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2013-07-28 954648]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-04-24 1360016]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe [2013-11-20 1690424]
R2 AviraSecurity;Avira Security; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [2022-03-30 264800]
R2 AviraUpdaterService;Avira Updater Service; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2020-08-25 161376]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 TeamViewer;TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2022-03-31 14864816]
S2 AviraSecurityUpdater;Avira Security Updater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [2022-03-30 264552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-26 224152]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-11-03 155592]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-26 224152]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\99.0.4844.84\elevation_service.exe [2022-03-25 1489240]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-11-03 155592]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.29\elevation_service.exe [2022-04-01 1622952]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2022-04-05 227256]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Zdravím!
Dejte logy FRST+Addition. Jsou přesnější a navíc RSIT není plně kompatibilní s 64b systémy. Děkuji.
Dejte logy FRST+Addition. Jsou přesnější a navíc RSIT není plně kompatibilní s 64b systémy. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu logu
Omlouvám se za pozdní odpověď.
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2022
Ran by Babička (administrator) on BABIČKA-PC (06-04-2022 07:25:24)
Running from C:\Users\Babička\Desktop
Loaded Profiles: Babička
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\Babička\AppData\Local\Programs\Opera\85.0.4341.47\opera_crashreporter.exe
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\Babička\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Opera Software AS -> Opera Software) C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe <22>
(services.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(taskeng.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(taskeng.exe ->) (Trust International BV) [File not signed] C:\Program Files\Trust\GXT 160\GXT160GamingMouse.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7611608 2014-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\Run: [Opera Browser Assistant] => C:\Users\Babička\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\MountPoints2: {d204e89d-194b-11ea-883b-ac9e17f05ea9} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-03-29] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {127FD8C5-0920-45D2-AA28-E9CA0CE244E6} - System32\Tasks\G5-GmTaskPlan => C:\Program Files\Trust\GXT 160\GXT160GamingMouse.exe [3394560 2018-12-06] (Trust International BV) [File not signed]
Task: {144055DB-7511-445C-B8FE-C9F2DE4390EB} - System32\Tasks\Opera scheduled Autoupdate 1575759611 => C:\Users\Babička\AppData\Local\Programs\Opera\launcher.exe [1868032 2022-04-01] (Opera Software AS -> Opera Software)
Task: {1A2864EF-9A9A-41D1-9D80-0BB9B9532F90} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {21DF0DD2-A1D2-4AAD-B4CC-AAB0A22C4A55} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1225528 2013-11-20] (ASUSTeK Computer Inc. -> )
Task: {34BD3A54-70AF-446E-8FD9-31B4B6D0D307} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {44C7FDFF-7A78-47D1-89D1-1E3E4AC87CE0} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [254640 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4FBCC669-6EBF-4133-9199-F68F62B859EB} - System32\Tasks\{CB8722F0-864B-4E2D-AFA6-4B35CF42FE27} => C:\Windows\system32\pcalua.exe -a C:\Users\Babička\Downloads\Age2upA.exe -d C:\Users\Babička\Downloads
Task: {5A963F87-6745-4CD9-AD47-27A8BFF829B8} - System32\Tasks\Opera scheduled assistant Autoupdate 1576477427 => C:\Users\Babička\AppData\Local\Programs\Opera\launcher.exe [1868032 2022-04-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Babička\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {77AD691B-DC95-43AF-ADA7-75CFA6C502A7} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1457464 2013-10-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {826F3607-E079-4CF2-AD88-82B0094E70C9} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1427768 2014-01-07] (ASUSTeK Computer Inc. -> )
Task: {865E44A9-2C1D-46AE-B9D7-E0C6B113CF4F} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {A027A2C9-DCDF-4EBF-A7DD-1097F93DE093} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
Task: {A9F6AA99-4430-49D0-9CAF-DDB37C3B1C3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
Task: {C1A31AEB-AE15-4F82-BCD1-F15D5B0CB2DE} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1666544 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {C6971B86-EFD3-4D01-BDB2-7D02400418C3} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {F4C39589-F578-4A11-8142-29ADBD305A66} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {FDA6C518-EE71-42C8-A4BA-63915A2B37C1} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {FDA6C518-EE71-42C8-A4BA-63915A2B37C1} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {FDA6C518-EE71-42C8-A4BA-63915A2B37C1} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F78DA88C-BBF4-4A6C-A897-4CFC05D237E1}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Babička\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-14]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157
Edge DefaultSearchURL: Default -> hxxps://foecz.innogamescdn.com//favicon.ico?946cdd8b
Edge Extension: (Forge of Empires) - C:\Users\Babička\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\edobebohejbpjjoegjnljiafipdgnled [2020-10-07]
FireFox:
========
FF DefaultProfile: jir2qxt1.default
FF ProfilePath: C:\Users\Babička\AppData\Roaming\Mozilla\Firefox\Profiles\jir2qxt1.default [2020-11-03]
FF ProfilePath: C:\Users\Babička\AppData\Roaming\Mozilla\Firefox\Profiles\naf25sl8.default-release [2022-04-06]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
Chrome:
=======
CHR Profile: C:\Users\Babička\AppData\Local\Google\Chrome\User Data\Default [2022-04-05]
CHR Extension: (YouTube) - C:\Users\Babička\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Babička\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Babička\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-21]
Opera:
=======
OPR Profile: C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable [2022-04-06]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}
OPR Extension: (Avira Safe Shopping) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2022-04-05]
OPR Extension: (Rich Hints Agent) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-12]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-29]
OPR Extension: (Avira Password Manager) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2022-03-12]
OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2019-12-08]
Vivaldi:
=======
VIV Profile: C:\Users\Babička\AppData\Local\Vivaldi\User Data\Default [2020-09-25]
VIV Extension: (Chrome Media Router) - C:\Users\Babička\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-13] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-07-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe [1690424 2013-11-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264800 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [264552 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161376 2020-08-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14864816 2022-03-31] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] (ASUSTeK Computer Inc. -> )
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation -> MCCI Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 cpuz145; C:\Windows\temp\cpuz145\cpuz145_x64.sys [49968 2020-09-25] (CPUID -> CPUID)
S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2019-11-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Semiconductor Corp -> Realtek Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-06-27] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-06 07:25 - 2022-04-06 07:26 - 000017622 _____ C:\Users\Babička\Desktop\FRST.txt
2022-04-06 07:23 - 2022-04-06 07:25 - 000000000 ____D C:\FRST
2022-04-06 07:23 - 2022-04-06 07:23 - 002365440 _____ (Farbar) C:\Users\Babička\Desktop\FRST64.exe
2022-04-06 07:21 - 2022-04-06 07:21 - 002070528 _____ (Farbar) C:\Users\Babička\Downloads\FRST.exe
2022-04-05 20:30 - 2022-04-05 20:30 - 000000000 ____D C:\rsit
2022-04-05 20:30 - 2022-04-05 20:30 - 000000000 ____D C:\Program Files (x86)\trend micro
2022-04-05 20:29 - 2022-04-05 20:29 - 001107968 _____ C:\Users\Babička\Downloads\RSIT.exe
2022-04-05 20:00 - 2022-04-06 04:44 - 000000000 ____D C:\Program Files\TeamViewer
2022-04-05 20:00 - 2022-04-05 20:03 - 000000000 ____D C:\Users\Babička\AppData\Local\TeamViewer
2022-04-05 20:00 - 2022-04-05 20:00 - 000000856 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2022-04-05 20:00 - 2022-04-05 20:00 - 000000844 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2022-04-05 20:00 - 2022-04-05 20:00 - 000000000 ____D C:\Users\Babička\AppData\Roaming\TeamViewer
2022-04-05 19:59 - 2022-04-05 19:59 - 035970624 _____ (TeamViewer Germany GmbH) C:\Users\Babička\Downloads\TeamViewer_Setup_x64.exe
2022-04-05 18:41 - 2022-04-06 04:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-02 11:07 - 2022-04-02 11:07 - 000003710 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance
2022-04-02 11:06 - 2022-04-02 11:06 - 000003232 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-06 07:20 - 2020-11-03 14:34 - 000000000 ____D C:\Users\Babička\AppData\LocalLow\Mozilla
2022-04-06 07:16 - 2019-12-08 22:36 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-06 06:45 - 2009-07-14 06:45 - 000031024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-04-06 06:45 - 2009-07-14 06:45 - 000031024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-04-06 06:26 - 2020-06-26 05:31 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:26 - 2020-06-26 05:31 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-06 04:50 - 2022-02-11 09:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-06 04:44 - 2020-11-03 14:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-06 04:44 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-04-06 04:44 - 2009-07-14 06:45 - 000281144 _____ C:\Windows\system32\FNTCACHE.DAT
2022-04-05 20:08 - 2021-10-06 10:11 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-04-05 20:05 - 2019-12-07 21:59 - 000062304 _____ C:\Users\Babička\AppData\Local\GDIPFONTCACHEV1.DAT
2022-04-04 18:29 - 2019-12-08 01:00 - 000004082 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1575759611
2022-04-03 18:47 - 2020-06-26 05:32 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-03 18:47 - 2020-06-26 05:32 - 000002192 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-02 11:07 - 2021-07-08 18:25 - 000002648 _____ C:\Windows\system32\Tasks\Avira_Security_Systray
2022-04-02 11:06 - 2020-01-28 08:08 - 000003306 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2022-04-01 07:53 - 2009-07-14 17:18 - 000668866 _____ C:\Windows\system32\perfh005.dat
2022-04-01 07:53 - 2009-07-14 17:18 - 000141526 _____ C:\Windows\system32\perfc005.dat
2022-04-01 07:53 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2022-04-01 07:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2022-03-29 20:17 - 2020-11-03 14:27 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-29 20:17 - 2020-11-03 14:27 - 000002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-20 21:24 - 2009-07-14 07:08 - 000032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2022-03-09 13:55 - 2019-12-08 00:03 - 000000000 ____D C:\Windows\system32\MRT
2022-03-09 13:52 - 2019-12-08 00:03 - 145666720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2022-02-25 09:10
==================== End of FRST.txt ========================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2022
Ran by Babička (06-04-2022 07:26:19)
Running from C:\Users\Babička\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2019-12-06 22:53:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-776276023-2905961984-2135141943-500 - Administrator - Disabled)
Babička (S-1-5-21-776276023-2905961984-2135141943-1000 - Administrator - Enabled) => C:\Users\Babička
Guest (S-1-5-21-776276023-2905961984-2135141943-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-776276023-2905961984-2135141943-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.58 - ASUSTeK Computer Inc.)
AMD Catalyst Install Manager (HKLM\...\{8C1DA63E-3B80-46B5-64CC-8BE27A0C3FB4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.13.0 - Asmedia Technology)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.64.27947 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{073825B9-FF06-4690-8CE4-3C0B72036122}) (Version: 2.0.6.37231 - Avira Operations GmbH & Co. KG) Hidden
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.240.20.1016 - BlueStack Systems, Inc.)
Forge of Empires (HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\4862c360be837f19c9ca97df47419227) (Version: 1.0 - Forge of Empires)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.84 - Google LLC)
GXT 160 Gaming Mouse (HKLM-x32\...\{51406256-C18E-4204-BD82-9240AB4820F6}_is1) (Version: 1.0 - Trust International BV)
HWiNFO64 Version 6.20 (HKLM\...\HWiNFO64_is1) (Version: 6.20 - Martin Malik - REALiX)
MahJong Suite 2019 v16.0 (HKLM-x32\...\MahJong Suite_is1) (Version: 16.0 - TreeCardGames)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.29 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.29 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 99.0 (x64 cs)) (Version: 99.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{FCCF4B77-432F-EA83-4289-40C1DFA14C85}) (Version: 1.00.0000 - Název společnosti:) Hidden
Opera Stable 85.0.4341.47 (HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\Opera 85.0.4341.47) (Version: 85.0.4341.47 - Opera Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7255 - Realtek Semiconductor Corp.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.28.8 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
WinRAR 5.90 beta 2 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.90.2 - win.rar GmbH)
WinRAR 5.90 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.2 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-02-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-02-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-02-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-02-06] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [839680 2009-07-14] (Microsoft Windows -> Intel Corporation)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Babička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Forge of Empires.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=edobebohejbpjjoegjnljiafipdgnled
==================== Loaded Modules (Whitelisted) =============
2019-12-07 22:27 - 2013-04-06 02:28 - 000662016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2019-12-07 22:28 - 2013-03-13 18:12 - 000870912 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2019-12-07 22:27 - 2013-10-22 15:25 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2019-12-07 22:27 - 2013-10-22 15:25 - 000053248 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2019-12-07 22:28 - 2013-11-20 23:12 - 002783744 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000685056 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000834560 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000766976 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000776704 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2019-12-07 22:28 - 2014-01-14 10:50 - 001138176 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2019-12-07 22:28 - 2014-01-07 11:19 - 005778416 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2019-12-07 22:28 - 2010-06-21 16:21 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2019-12-07 22:27 - 2013-04-06 02:28 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2019-12-07 22:27 - 2022-04-06 04:44 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-02-11 08:08 - 2014-02-11 08:08 - 000817152 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2015-08-04 01:25 - 2015-08-04 01:25 - 000214528 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2015-08-04 01:25 - 2015-08-04 01:25 - 000102400 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-11 08:08 - 2014-02-11 08:08 - 003650560 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2020-01-15 02:09 - 2020-01-15 02:09 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\7588b4c9036a571683b7f5807e33af27\A4.Foundation.ni.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\019a2526f23cea41d6e9f68facb87b9d\AEM.Actions.CCAA.Shared.ni.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\63c254c751ea2d8f2d4825cfa32e4284\AEM.Plugin.EEU.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\839a1b5dd727ca43c1b632a9ba3d744b\AEM.Plugin.Hotkeys.Shared.ni.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\9c9f4c7ef8d007288e3b7cb41371457f\AEM.Plugin.DPPE.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\2d71f1e7a45ab07a54ff90b0f0685dbd\AEM.Plugin.Source.Kit.Server.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\d29c90e6a8b805851a14cf6d430c3b2a\AEM.Plugin.WinMessages.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\8c5805137e7e8b10d466e0f521e5056e\AEM.Plugin.REG.Shared.ni.dll
2020-01-15 02:10 - 2020-01-15 02:11 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\9ee52225fc22b2410331a09f44548251\AEM.Plugin.GD.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\d5cba25a1c6a64e8c7fa5a9f31cec231\AEM.Server.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\e07245a6e7c600468974919a1f69c9dd\AEM.Server.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\e33914cb907a7cc5c95935861ee9e076\APM.Foundation.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\e7d9bc8b53ca1cc29685c72ec84d6cec\ATICCCom.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\b4fea844170a08ddc6c431eea93e3d6a\CCC.Implementation.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.2042675f#\e94509c9ebf9b82e3efc3bbda174c464\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\221951dbfaaf884dca9bfbeace69d4e4\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\b889f25f6860153f1b4b46f7bc11612f\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\f90a201efe17d2d1da88221d1f6e8d1f\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\73fd736cf49ed7b6c548e7dd4bd733b7\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\36c7a7fb33999f948769224c8795733c\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\7c69f84ae884a1a19cdc66663c48b6df\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000152576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4ede500c#\33cb8ee0bfaa19981207f9603b6a30ec\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\d056cb645fea2c0a3a99565b385ca338\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000111616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5a772e69#\779e6f46010c185e8a1f1562eb25edd6\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.648b65fc#\4e76607b801139c1998859a5ac9ef54f\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\b5450c9cf28cf8e4a35e7659d1191a36\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\73325bc0b1b8d0ba1a3201c43716349b\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\fd7adc4267f87bd0c4208e8e3b03b594\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\411ce6b58232fea2b2aa2f5c84af6c6f\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000320512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.87ad5c75#\ebe9648ed46275077be1103c63cae20a\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\e0d9b1aae1dc641d9f176c9c78873eaf\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000449024 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\98d3a3d1bf9b589ac73cd4f2af6858b4\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\1bc74af4595f7d4bb14dba08b398f202\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\6f6076a09f11da2851c3307519a0f101\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\3744857021d8101b5210d22c860c4327\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\662f96cd34ee44039f2daef6c9690d04\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\ef7c45342fd8e6ceaa362984f5f93611\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\af96fdf26092113e59decdf8be5ab4ed\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\3e21ad0f6a8894bed67d8502be9c1df9\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000023552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c2a2b491#\8ecdc6148799328ea530049ccd6858fd\CLI.Aspect.WiFi.Fuel.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\b1a65725e974542589e37b125f7d7451\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\0bbf02bda177ca3a7b84bb2569624623\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000081408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.caa5cc64#\5d1d1a30165f19647cae2e299842193f\CLI.Aspect.Fets.Fuel.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 001315840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d7e090dc#\2d4458a5ae0ee0a1b007f57268e6b2c7\CLI.Aspect.User.Fuel.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\e41de46d0e4024f3555702356a8f2ca6\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\45799d4f52fc1baf50fb7daa4da37449\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\4d90236c99dd27f8d3ab76b51c4cc78b\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\8aa73981fe14b1169ae744249b49ebc4\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.efd83192#\adfc58616b8fd406632c43a5d48f0451\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f45bd021#\d19b1eb1a4df7a43eb8a5c86c998e5d7\CLI.Aspect.DPPE.Fuel.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\5b4378a0e07ace571758b30de14b73d5\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\e14d9dd065cb4ca4f4a9f15b22d80a72\CLI.Caste.A4.Runtime.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\bbb18c203d447a3d164533b79bfe8b63\CLI.Caste.A4.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\7d1976a67d7feec95e59eabf618297e0\CLI.Caste.A4.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\55fae9c0031ec7cf7b0c0bd87e9ed6af\CLI.Caste.Fuel.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\6de7e27e7bdf3258a4a1e67a835e88aa\CLI.Caste.Fuel.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\8f74b65cde0a90f1f555936b0789bcd3\CLI.Caste.Fuel.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\b9da81a3b3902ae8ac3de35b279e3fbf\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\9f777e1371667aee33b444579e488331\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\7190220bcbcd8f6004440ffdbfb10a31\CLI.Caste.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\bf9007de074c15128c42d9e66c3e548a\CLI.Caste.HydraVision.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\e92846c25595b0153e743001a11a6cb1\CLI.Caste.HydraVision.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\a54d5067e24f3e8bb50c3d941b293835\CLI.Caste.HydraVision.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\0b574f371c97f0b70872f4b6466f75eb\CLI.Caste.Platform.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\54fd89f72062d55a9afef3084daa6d6f\CLI.Caste.Platform.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\3140b1a228b955f43d88936cac28de17\CLI.Caste.Platform.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000350720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combinee84f0351#\a6e88fdcf633703241e3e6bced20a067\CLI.Combined.Fusion.Aspects.Runtime.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\fea89b95b344d2ebe320f10a94ab4e48\CLI.Component.Runtime.Shared.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\da748716ec86deaa760e20181d1a619c\CLI.Component.Systemtray.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\e36c082efa2466d7b250a51ff0438117\CLI.Component.Dashboard.ProfileManager2.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\cd96790b7a550e83ed394fa9e5844672\CLI.Component.Runtime.Shared.Private.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\6850d3d4b5eb2b7fe353760abb5b2a04\CLI.Component.Runtime.Extension.EEU.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\41cc25eff0e3d8edf1821df8498c8dee\CLI.Component.Dashboard.Shared.Private.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\c3bc2c11a319e69d797337b2cc3587ad\CLI.Component.Client.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\0273c82b8f75aa9a50df83826fb26be5\CLI.Component.Dashboard.Shared.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\2aec8615458cf942c0e2028f92d88b12\CLI.Foundation.Private.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\38821c827083bc34f72bccdb0757d696\CLI.Foundation.XManifest.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\dee3b70a4046d047575cdf95d09bb8c4\CLI.Foundation.CoreAudioAPI.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 001079296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\fd0264f191dc3c5e5a2e573fe8769d5c\CLI.Foundation.Client.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\6f296ece52b7593d404229e421fee706\CLI.Foundation.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\b799a8aa0290c014a50b485ec4518ba1\DEM.Foundation.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\97f5dd517e1b54c950b1f62c1172f593\DEM.Graphics.I0601.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\cf73a32e0fd9188ffcf89b05ed5bd8a4\DEM.Graphics.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\bfe2a7e89d34afe293fb5d26816fe2f2\Fuel.Foundation.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\467f27fa881e9eee9938168f95dc6e17\LOG.Foundation.Implementation.ni.dll
2020-01-15 02:09 - 2020-01-15 02:09 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\58f64e3662d5697ba6ad38611a27e297\LOG.Foundation.Private.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\76ee3197f92e46c4cc38b66d2d5595be\LOG.Foundation.Implementation.Private.ni.dll
2020-01-15 02:09 - 2020-01-15 02:09 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\2f1f9cdcfda600aa16f01e782ef0c7b7\LOG.Foundation.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\d6f8cbc0a19dae825e2ca119e7016d2c\MOM.Foundation.ni.dll
2020-01-16 07:00 - 2020-01-16 07:00 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\b9455d2a4b125a9d7e3d6637781d805d\MOM.Implementation.ni.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\da39baa62f53888d047f806d04ced8ec\NEWAEM.Foundation.ni.dll
2015-08-04 01:14 - 2015-08-04 01:14 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiamcsy.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\c16b11e04389e5ba0d99cecfc307efc8\ADL.Foundation.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\c7a7c988826890798bbc742c9864090a\APM.Server.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\a37f3de8f54c67d3bce8a4672dc11e37\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\a538e3df64b89ac3db691171226e7845\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\6b00eff566823d6135e3b93a1cbdf8dd\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\ac8eb6f3c4ba1eb7fd0f91a34f8e8a45\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\621758585a73cfd74ab55f5f95d78852\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\40d424fc6a16594519daa1c689c89e50\CLI.Component.Client.Shared.Private.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\8da37d6cb8a205c82ae13d47ebad5ed0\CLI.Component.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\0754d3a7c5a1a4926b9f1135776a8c1f\CLI.Component.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000016896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\9d4ddaf3de969fda425ac69f13dba963\DEM.Graphics.I0703.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\c25fa3a043afdf24b320131aa7b94af0\DEM.Graphics.I0706.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\7234dedea2336b99a9a5d0683afdd2f3\DEM.Graphics.I0709.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\a81b5967c5677f9df28ad5a6aa350bc7\DEM.Graphics.I0712.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\8736bd1276a5b25a28d6d0c1e774bed0\DEM.Graphics.I0804.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\024c713fb7e27db9423067a526369684\DEM.Graphics.I0805.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\01ea55cb3e0e9eb8d22b1ce938834673\DEM.Graphics.I0812.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\c4028bdc6e21646bb914aff5f5fcf6a6\DEM.Graphics.I0906.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\e281200b255768cf133cdd28a9b76bbe\DEM.Graphics.I0912.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\700f1d3c7f1acfce2b1d50a06fb62308\DEM.Graphics.I1010.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\0b4b1658b4b990236add1fdc4f881be4\Localization.Foundation.Private.ni.dll
2020-01-16 07:00 - 2020-01-16 07:00 - 000244224 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\41432a0338c479832c26b1573387fbb6\ResourceManagement.Foundation.Implementation.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\868862dbc53fb7230ad4b87a09d34a15\ResourceManagement.Foundation.Private.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\d346ccd31b9fba7f6d0c37fcb47bdc29\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\17b3d8779e8932fe7c972a7121ecff53\CLI.Caste.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\eb508a50337ae084981276a067fbf4ad\CLI.Caste.Graphics.Runtime.ni.dll
2019-12-07 22:27 - 2013-04-06 02:28 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2019-12-07 22:27 - 2013-10-22 15:25 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\ASACPI.DLL
2019-12-07 22:28 - 2013-11-20 23:06 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2019-12-07 22:28 - 2013-11-20 20:06 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsAcpi.dll
2019-12-07 22:27 - 2013-04-06 02:28 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\asacpiEx.dll
2019-12-07 22:27 - 2013-10-22 15:25 - 000677888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2019-12-07 22:27 - 2013-10-22 15:25 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000677888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\asacpiex.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000677888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll
2019-12-07 22:28 - 2013-09-09 05:52 - 001079808 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2019-12-07 22:28 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2019-12-07 22:28 - 2014-01-21 12:04 - 000897536 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2019-12-07 22:28 - 2013-11-20 20:06 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\asacpiEx.dll
2019-03-28 00:48 - 2019-03-28 00:48 - 000115200 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000335360 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\d08f94aa74361f555a8348e097ca37bf\Microsoft.WindowsAPICodePack.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 002546688 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\21d6de9013f3886311cf40d9e69aa8d8\Microsoft.WindowsAPICodePack.Shell.ni.dll
2020-01-15 15:43 - 2020-01-15 15:43 - 000913920 _____ (ServiceStack) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\1c451b416fc7b4c8b1ecd15a4bb91187\ServiceStack.Text.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{30F46450-625D-4D44-9A08-68F84F79D9A0}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [UDP Query User{22DB1099-405F-4305-86C7-8FF9B02E1379}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [TCP Query User{11DBA86F-8155-401E-8119-39AF9FB1C058}C:\program files\dune 2000\dune2000.dat] => (Allow) C:\program files\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{79CA3095-B2BB-46BF-884A-6CB48408DDAE}C:\program files\dune 2000\dune2000.dat] => (Allow) C:\program files\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{9EE04F48-BFF6-43A8-84C8-C80DF36EA006}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [UDP Query User{58D30A73-CB88-4943-8DC4-FAEE5276BE30}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [TCP Query User{7AE90DFB-7B3F-4CC4-A985-25E7FE74807F}C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [UDP Query User{8ABA3F3B-162F-4B15-BBD1-42679F4CB782}C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [TCP Query User{8F8FAF6F-0570-4CCF-BA88-5152C23B0DB8}C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{1AC2333E-93DD-449D-BA7D-44570C288AC5}C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{C514E07A-2B98-4192-812D-3D077003992B}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{F6F7B434-58FE-4C6C-8089-AFC04C68D2D5}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{ED4506ED-86F6-4EC6-AC60-F69DC8970DE7}C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{BE7DAC33-0BDD-476A-872D-0AF41079FE77}C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{8C993456-CF95-4B21-998F-690821CDAA30}C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{6B24176F-8C2E-4D47-B6B8-08C51FE9AB91}C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{D1F24E73-3770-4EF6-A058-9D215E479201}C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{3BBBD4FE-47AD-40B6-8A75-FA816C40FA2E}C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [{583EB049-AECB-4092-B7AA-791D8E819E22}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{85E4DC18-774D-4C45-8F0A-E0CA8E0D37F1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{80A09480-0B4C-4801-BC42-43290BA6440A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{26007467-8B22-40F0-9DC3-52B73427295B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{20A55377-0B69-4395-BEA7-3142BB41D039}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.29\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{228EECDE-3DB8-49EF-A478-5045CA8E1CC6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{847770BD-D3F5-429F-B1B2-BBC1DC20BF4E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{372B5059-A62E-40EF-BFCF-7C29101B81BD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{72004298-11CE-49E1-B1E1-F20F41266A8D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{125C26C9-2D6E-43CA-901F-1B066FD7E679}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{44D90824-3887-4544-AC14-2C2D92918774}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{DDA6542F-7C97-4C8D-9825-A4DB15E92DDB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
12-01-2022 14:24:16 Windows Update
09-02-2022 08:46:45 Windows Update
09-03-2022 13:51:51 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/30/2022 08:44:33 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Nelze číst data o výkonu ze služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (03/20/2022 04:25:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 98.0.1.8107 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 270
Čas spuštění: 01d83c261a986e4f
Čas ukončení: 1330
Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
ID hlášení: 58aba807-a859-11ec-870c-ac9e17f05ea9
Error: (03/12/2022 12:20:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AsSysCtrlService.exe, verze: 0.0.0.0, časové razítko: 0x532bf8f2
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x64c
Čas spuštění chybující aplikace: 0x01d835d7f66fdbc6
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 10ea2100-a1ee-11ec-9195-ac9e17f05ea9
Error: (03/11/2022 04:11:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 98.0.0.8098 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1010
Čas spuštění: 01d8352052cd0c0a
Čas ukončení: 270
Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
ID hlášení: 1d659847-a145-11ec-ba5d-ac9e17f05ea9
Error: (02/28/2022 02:14:08 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (02/28/2022 10:43:43 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (02/28/2022 09:22:15 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (02/28/2022 05:21:56 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
System errors:
=============
Error: (04/06/2022 07:29:11 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/04/2022 11:08:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/26/2022 10:22:05 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (03/22/2022 05:42:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/17/2022 06:10:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/12/2022 08:12:39 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (12/03/2021 09:31:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Avira Security neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/03/2021 09:31:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Security bylo dosaženo časového limitu (30000 ms).
Windows Defender:
================Event[0]:
Date: 2021-09-28 13:05:21.355
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2021-06-30 07:19:34.622
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-30 07:19:34.622
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-04 07:34:45.528
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.341.8.0
Předchozí verze podpisu:1.339.1767.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-04 07:34:45.528
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1702 12/14/2015
Motherboard: ASUSTeK COMPUTER INC. A58M-A/USB3
Processor: AMD A8-7650K Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 46%
Total physical RAM: 8134.2 MB
Available physical RAM: 4383.82 MB
Total Virtual: 16266.54 MB
Available Virtual: 12638.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:135.36 GB) (Free:68.26 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:3.04 GB) (Free:1.04 GB) NTFS
Drive e: () (Fixed) (Total:94.48 GB) (Free:90.17 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: E8CDE8CD)
Partition 1: (Not Active) - (Size=3 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=135.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=94.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2022
Ran by Babička (administrator) on BABIČKA-PC (06-04-2022 07:25:24)
Running from C:\Users\Babička\Desktop
Loaded Profiles: Babička
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\Babička\AppData\Local\Programs\Opera\85.0.4341.47\opera_crashreporter.exe
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\Babička\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Opera Software AS -> Opera Software) C:\Users\Babička\AppData\Local\Programs\Opera\opera.exe <22>
(services.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(taskeng.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(taskeng.exe ->) (Trust International BV) [File not signed] C:\Program Files\Trust\GXT 160\GXT160GamingMouse.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7611608 2014-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\Run: [Opera Browser Assistant] => C:\Users\Babička\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\MountPoints2: {d204e89d-194b-11ea-883b-ac9e17f05ea9} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-03-29] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {127FD8C5-0920-45D2-AA28-E9CA0CE244E6} - System32\Tasks\G5-GmTaskPlan => C:\Program Files\Trust\GXT 160\GXT160GamingMouse.exe [3394560 2018-12-06] (Trust International BV) [File not signed]
Task: {144055DB-7511-445C-B8FE-C9F2DE4390EB} - System32\Tasks\Opera scheduled Autoupdate 1575759611 => C:\Users\Babička\AppData\Local\Programs\Opera\launcher.exe [1868032 2022-04-01] (Opera Software AS -> Opera Software)
Task: {1A2864EF-9A9A-41D1-9D80-0BB9B9532F90} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {21DF0DD2-A1D2-4AAD-B4CC-AAB0A22C4A55} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1225528 2013-11-20] (ASUSTeK Computer Inc. -> )
Task: {34BD3A54-70AF-446E-8FD9-31B4B6D0D307} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {44C7FDFF-7A78-47D1-89D1-1E3E4AC87CE0} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [254640 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4FBCC669-6EBF-4133-9199-F68F62B859EB} - System32\Tasks\{CB8722F0-864B-4E2D-AFA6-4B35CF42FE27} => C:\Windows\system32\pcalua.exe -a C:\Users\Babička\Downloads\Age2upA.exe -d C:\Users\Babička\Downloads
Task: {5A963F87-6745-4CD9-AD47-27A8BFF829B8} - System32\Tasks\Opera scheduled assistant Autoupdate 1576477427 => C:\Users\Babička\AppData\Local\Programs\Opera\launcher.exe [1868032 2022-04-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Babička\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {77AD691B-DC95-43AF-ADA7-75CFA6C502A7} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1457464 2013-10-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {826F3607-E079-4CF2-AD88-82B0094E70C9} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1427768 2014-01-07] (ASUSTeK Computer Inc. -> )
Task: {865E44A9-2C1D-46AE-B9D7-E0C6B113CF4F} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {A027A2C9-DCDF-4EBF-A7DD-1097F93DE093} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
Task: {A9F6AA99-4430-49D0-9CAF-DDB37C3B1C3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
Task: {C1A31AEB-AE15-4F82-BCD1-F15D5B0CB2DE} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1666544 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {C6971B86-EFD3-4D01-BDB2-7D02400418C3} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {F4C39589-F578-4A11-8142-29ADBD305A66} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {FDA6C518-EE71-42C8-A4BA-63915A2B37C1} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {FDA6C518-EE71-42C8-A4BA-63915A2B37C1} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {FDA6C518-EE71-42C8-A4BA-63915A2B37C1} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F78DA88C-BBF4-4A6C-A897-4CFC05D237E1}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Babička\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-14]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157
Edge DefaultSearchURL: Default -> hxxps://foecz.innogamescdn.com//favicon.ico?946cdd8b
Edge Extension: (Forge of Empires) - C:\Users\Babička\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\edobebohejbpjjoegjnljiafipdgnled [2020-10-07]
FireFox:
========
FF DefaultProfile: jir2qxt1.default
FF ProfilePath: C:\Users\Babička\AppData\Roaming\Mozilla\Firefox\Profiles\jir2qxt1.default [2020-11-03]
FF ProfilePath: C:\Users\Babička\AppData\Roaming\Mozilla\Firefox\Profiles\naf25sl8.default-release [2022-04-06]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
Chrome:
=======
CHR Profile: C:\Users\Babička\AppData\Local\Google\Chrome\User Data\Default [2022-04-05]
CHR Extension: (YouTube) - C:\Users\Babička\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Babička\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Babička\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-21]
Opera:
=======
OPR Profile: C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable [2022-04-06]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}
OPR Extension: (Avira Safe Shopping) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2022-04-05]
OPR Extension: (Rich Hints Agent) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-12]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-29]
OPR Extension: (Avira Password Manager) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2022-03-12]
OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\Babička\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2019-12-08]
Vivaldi:
=======
VIV Profile: C:\Users\Babička\AppData\Local\Vivaldi\User Data\Default [2020-09-25]
VIV Extension: (Chrome Media Router) - C:\Users\Babička\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-13] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-07-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe [1690424 2013-11-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264800 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [264552 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161376 2020-08-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14864816 2022-03-31] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] (ASUSTeK Computer Inc. -> )
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation -> MCCI Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 cpuz145; C:\Windows\temp\cpuz145\cpuz145_x64.sys [49968 2020-09-25] (CPUID -> CPUID)
S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2019-11-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Semiconductor Corp -> Realtek Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-06-27] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-06 07:25 - 2022-04-06 07:26 - 000017622 _____ C:\Users\Babička\Desktop\FRST.txt
2022-04-06 07:23 - 2022-04-06 07:25 - 000000000 ____D C:\FRST
2022-04-06 07:23 - 2022-04-06 07:23 - 002365440 _____ (Farbar) C:\Users\Babička\Desktop\FRST64.exe
2022-04-06 07:21 - 2022-04-06 07:21 - 002070528 _____ (Farbar) C:\Users\Babička\Downloads\FRST.exe
2022-04-05 20:30 - 2022-04-05 20:30 - 000000000 ____D C:\rsit
2022-04-05 20:30 - 2022-04-05 20:30 - 000000000 ____D C:\Program Files (x86)\trend micro
2022-04-05 20:29 - 2022-04-05 20:29 - 001107968 _____ C:\Users\Babička\Downloads\RSIT.exe
2022-04-05 20:00 - 2022-04-06 04:44 - 000000000 ____D C:\Program Files\TeamViewer
2022-04-05 20:00 - 2022-04-05 20:03 - 000000000 ____D C:\Users\Babička\AppData\Local\TeamViewer
2022-04-05 20:00 - 2022-04-05 20:00 - 000000856 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2022-04-05 20:00 - 2022-04-05 20:00 - 000000844 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2022-04-05 20:00 - 2022-04-05 20:00 - 000000000 ____D C:\Users\Babička\AppData\Roaming\TeamViewer
2022-04-05 19:59 - 2022-04-05 19:59 - 035970624 _____ (TeamViewer Germany GmbH) C:\Users\Babička\Downloads\TeamViewer_Setup_x64.exe
2022-04-05 18:41 - 2022-04-06 04:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-02 11:07 - 2022-04-02 11:07 - 000003710 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance
2022-04-02 11:06 - 2022-04-02 11:06 - 000003232 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-06 07:20 - 2020-11-03 14:34 - 000000000 ____D C:\Users\Babička\AppData\LocalLow\Mozilla
2022-04-06 07:16 - 2019-12-08 22:36 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-06 06:45 - 2009-07-14 06:45 - 000031024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-04-06 06:45 - 2009-07-14 06:45 - 000031024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-04-06 06:26 - 2020-06-26 05:31 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:26 - 2020-06-26 05:31 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-06 04:50 - 2022-02-11 09:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-06 04:44 - 2020-11-03 14:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-06 04:44 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-04-06 04:44 - 2009-07-14 06:45 - 000281144 _____ C:\Windows\system32\FNTCACHE.DAT
2022-04-05 20:08 - 2021-10-06 10:11 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-04-05 20:05 - 2019-12-07 21:59 - 000062304 _____ C:\Users\Babička\AppData\Local\GDIPFONTCACHEV1.DAT
2022-04-04 18:29 - 2019-12-08 01:00 - 000004082 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1575759611
2022-04-03 18:47 - 2020-06-26 05:32 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-03 18:47 - 2020-06-26 05:32 - 000002192 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-02 11:07 - 2021-07-08 18:25 - 000002648 _____ C:\Windows\system32\Tasks\Avira_Security_Systray
2022-04-02 11:06 - 2020-01-28 08:08 - 000003306 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2022-04-01 07:53 - 2009-07-14 17:18 - 000668866 _____ C:\Windows\system32\perfh005.dat
2022-04-01 07:53 - 2009-07-14 17:18 - 000141526 _____ C:\Windows\system32\perfc005.dat
2022-04-01 07:53 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2022-04-01 07:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2022-03-29 20:17 - 2020-11-03 14:27 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-29 20:17 - 2020-11-03 14:27 - 000002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-20 21:24 - 2009-07-14 07:08 - 000032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2022-03-09 13:55 - 2019-12-08 00:03 - 000000000 ____D C:\Windows\system32\MRT
2022-03-09 13:52 - 2019-12-08 00:03 - 145666720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2022-02-25 09:10
==================== End of FRST.txt ========================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2022
Ran by Babička (06-04-2022 07:26:19)
Running from C:\Users\Babička\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2019-12-06 22:53:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-776276023-2905961984-2135141943-500 - Administrator - Disabled)
Babička (S-1-5-21-776276023-2905961984-2135141943-1000 - Administrator - Enabled) => C:\Users\Babička
Guest (S-1-5-21-776276023-2905961984-2135141943-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-776276023-2905961984-2135141943-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.58 - ASUSTeK Computer Inc.)
AMD Catalyst Install Manager (HKLM\...\{8C1DA63E-3B80-46B5-64CC-8BE27A0C3FB4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.13.0 - Asmedia Technology)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.64.27947 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{073825B9-FF06-4690-8CE4-3C0B72036122}) (Version: 2.0.6.37231 - Avira Operations GmbH & Co. KG) Hidden
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.240.20.1016 - BlueStack Systems, Inc.)
Forge of Empires (HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\4862c360be837f19c9ca97df47419227) (Version: 1.0 - Forge of Empires)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.84 - Google LLC)
GXT 160 Gaming Mouse (HKLM-x32\...\{51406256-C18E-4204-BD82-9240AB4820F6}_is1) (Version: 1.0 - Trust International BV)
HWiNFO64 Version 6.20 (HKLM\...\HWiNFO64_is1) (Version: 6.20 - Martin Malik - REALiX)
MahJong Suite 2019 v16.0 (HKLM-x32\...\MahJong Suite_is1) (Version: 16.0 - TreeCardGames)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.29 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.29 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 99.0 (x64 cs)) (Version: 99.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{FCCF4B77-432F-EA83-4289-40C1DFA14C85}) (Version: 1.00.0000 - Název společnosti:) Hidden
Opera Stable 85.0.4341.47 (HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\Opera 85.0.4341.47) (Version: 85.0.4341.47 - Opera Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7255 - Realtek Semiconductor Corp.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.28.8 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
WinRAR 5.90 beta 2 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.90.2 - win.rar GmbH)
WinRAR 5.90 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.2 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-02-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-02-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-02-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-02-06] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [839680 2009-07-14] (Microsoft Windows -> Intel Corporation)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Babička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Forge of Empires.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=edobebohejbpjjoegjnljiafipdgnled
==================== Loaded Modules (Whitelisted) =============
2019-12-07 22:27 - 2013-04-06 02:28 - 000662016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2019-12-07 22:28 - 2013-03-13 18:12 - 000870912 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2019-12-07 22:27 - 2013-10-22 15:25 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2019-12-07 22:27 - 2013-10-22 15:25 - 000053248 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2019-12-07 22:28 - 2013-11-20 23:12 - 002783744 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000685056 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000834560 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000766976 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000776704 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2019-12-07 22:28 - 2014-01-14 10:50 - 001138176 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2019-12-07 22:28 - 2014-01-07 11:19 - 005778416 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2019-12-07 22:28 - 2010-06-21 16:21 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2019-12-07 22:27 - 2013-04-06 02:28 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2019-12-07 22:27 - 2022-04-06 04:44 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-02-11 08:08 - 2014-02-11 08:08 - 000817152 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2015-08-04 01:25 - 2015-08-04 01:25 - 000214528 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2015-08-04 01:25 - 2015-08-04 01:25 - 000102400 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-11 08:08 - 2014-02-11 08:08 - 003650560 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2020-01-15 02:09 - 2020-01-15 02:09 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\7588b4c9036a571683b7f5807e33af27\A4.Foundation.ni.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\019a2526f23cea41d6e9f68facb87b9d\AEM.Actions.CCAA.Shared.ni.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\63c254c751ea2d8f2d4825cfa32e4284\AEM.Plugin.EEU.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\839a1b5dd727ca43c1b632a9ba3d744b\AEM.Plugin.Hotkeys.Shared.ni.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\9c9f4c7ef8d007288e3b7cb41371457f\AEM.Plugin.DPPE.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\2d71f1e7a45ab07a54ff90b0f0685dbd\AEM.Plugin.Source.Kit.Server.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\d29c90e6a8b805851a14cf6d430c3b2a\AEM.Plugin.WinMessages.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\8c5805137e7e8b10d466e0f521e5056e\AEM.Plugin.REG.Shared.ni.dll
2020-01-15 02:10 - 2020-01-15 02:11 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\9ee52225fc22b2410331a09f44548251\AEM.Plugin.GD.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\d5cba25a1c6a64e8c7fa5a9f31cec231\AEM.Server.Shared.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\e07245a6e7c600468974919a1f69c9dd\AEM.Server.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\e33914cb907a7cc5c95935861ee9e076\APM.Foundation.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\e7d9bc8b53ca1cc29685c72ec84d6cec\ATICCCom.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\b4fea844170a08ddc6c431eea93e3d6a\CCC.Implementation.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.2042675f#\e94509c9ebf9b82e3efc3bbda174c464\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\221951dbfaaf884dca9bfbeace69d4e4\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\b889f25f6860153f1b4b46f7bc11612f\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\f90a201efe17d2d1da88221d1f6e8d1f\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\73fd736cf49ed7b6c548e7dd4bd733b7\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\36c7a7fb33999f948769224c8795733c\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\7c69f84ae884a1a19cdc66663c48b6df\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000152576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4ede500c#\33cb8ee0bfaa19981207f9603b6a30ec\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\d056cb645fea2c0a3a99565b385ca338\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000111616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5a772e69#\779e6f46010c185e8a1f1562eb25edd6\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.648b65fc#\4e76607b801139c1998859a5ac9ef54f\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\b5450c9cf28cf8e4a35e7659d1191a36\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\73325bc0b1b8d0ba1a3201c43716349b\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\fd7adc4267f87bd0c4208e8e3b03b594\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\411ce6b58232fea2b2aa2f5c84af6c6f\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000320512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.87ad5c75#\ebe9648ed46275077be1103c63cae20a\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\e0d9b1aae1dc641d9f176c9c78873eaf\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000449024 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\98d3a3d1bf9b589ac73cd4f2af6858b4\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\1bc74af4595f7d4bb14dba08b398f202\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\6f6076a09f11da2851c3307519a0f101\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\3744857021d8101b5210d22c860c4327\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\662f96cd34ee44039f2daef6c9690d04\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\ef7c45342fd8e6ceaa362984f5f93611\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\af96fdf26092113e59decdf8be5ab4ed\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\3e21ad0f6a8894bed67d8502be9c1df9\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000023552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c2a2b491#\8ecdc6148799328ea530049ccd6858fd\CLI.Aspect.WiFi.Fuel.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\b1a65725e974542589e37b125f7d7451\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\0bbf02bda177ca3a7b84bb2569624623\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000081408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.caa5cc64#\5d1d1a30165f19647cae2e299842193f\CLI.Aspect.Fets.Fuel.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 001315840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d7e090dc#\2d4458a5ae0ee0a1b007f57268e6b2c7\CLI.Aspect.User.Fuel.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\e41de46d0e4024f3555702356a8f2ca6\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\45799d4f52fc1baf50fb7daa4da37449\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\4d90236c99dd27f8d3ab76b51c4cc78b\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\8aa73981fe14b1169ae744249b49ebc4\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.efd83192#\adfc58616b8fd406632c43a5d48f0451\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f45bd021#\d19b1eb1a4df7a43eb8a5c86c998e5d7\CLI.Aspect.DPPE.Fuel.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\5b4378a0e07ace571758b30de14b73d5\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\e14d9dd065cb4ca4f4a9f15b22d80a72\CLI.Caste.A4.Runtime.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\bbb18c203d447a3d164533b79bfe8b63\CLI.Caste.A4.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\7d1976a67d7feec95e59eabf618297e0\CLI.Caste.A4.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\55fae9c0031ec7cf7b0c0bd87e9ed6af\CLI.Caste.Fuel.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\6de7e27e7bdf3258a4a1e67a835e88aa\CLI.Caste.Fuel.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\8f74b65cde0a90f1f555936b0789bcd3\CLI.Caste.Fuel.Dashboard.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\b9da81a3b3902ae8ac3de35b279e3fbf\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\9f777e1371667aee33b444579e488331\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\7190220bcbcd8f6004440ffdbfb10a31\CLI.Caste.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\bf9007de074c15128c42d9e66c3e548a\CLI.Caste.HydraVision.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\e92846c25595b0153e743001a11a6cb1\CLI.Caste.HydraVision.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\a54d5067e24f3e8bb50c3d941b293835\CLI.Caste.HydraVision.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\0b574f371c97f0b70872f4b6466f75eb\CLI.Caste.Platform.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\54fd89f72062d55a9afef3084daa6d6f\CLI.Caste.Platform.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\3140b1a228b955f43d88936cac28de17\CLI.Caste.Platform.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000350720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combinee84f0351#\a6e88fdcf633703241e3e6bced20a067\CLI.Combined.Fusion.Aspects.Runtime.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\fea89b95b344d2ebe320f10a94ab4e48\CLI.Component.Runtime.Shared.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\da748716ec86deaa760e20181d1a619c\CLI.Component.Systemtray.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\e36c082efa2466d7b250a51ff0438117\CLI.Component.Dashboard.ProfileManager2.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\cd96790b7a550e83ed394fa9e5844672\CLI.Component.Runtime.Shared.Private.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\6850d3d4b5eb2b7fe353760abb5b2a04\CLI.Component.Runtime.Extension.EEU.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\41cc25eff0e3d8edf1821df8498c8dee\CLI.Component.Dashboard.Shared.Private.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\c3bc2c11a319e69d797337b2cc3587ad\CLI.Component.Client.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\0273c82b8f75aa9a50df83826fb26be5\CLI.Component.Dashboard.Shared.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\2aec8615458cf942c0e2028f92d88b12\CLI.Foundation.Private.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\38821c827083bc34f72bccdb0757d696\CLI.Foundation.XManifest.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\dee3b70a4046d047575cdf95d09bb8c4\CLI.Foundation.CoreAudioAPI.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 001079296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\fd0264f191dc3c5e5a2e573fe8769d5c\CLI.Foundation.Client.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\6f296ece52b7593d404229e421fee706\CLI.Foundation.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\b799a8aa0290c014a50b485ec4518ba1\DEM.Foundation.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\97f5dd517e1b54c950b1f62c1172f593\DEM.Graphics.I0601.ni.dll
2020-01-15 02:11 - 2020-01-15 02:11 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\cf73a32e0fd9188ffcf89b05ed5bd8a4\DEM.Graphics.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\bfe2a7e89d34afe293fb5d26816fe2f2\Fuel.Foundation.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\467f27fa881e9eee9938168f95dc6e17\LOG.Foundation.Implementation.ni.dll
2020-01-15 02:09 - 2020-01-15 02:09 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\58f64e3662d5697ba6ad38611a27e297\LOG.Foundation.Private.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\76ee3197f92e46c4cc38b66d2d5595be\LOG.Foundation.Implementation.Private.ni.dll
2020-01-15 02:09 - 2020-01-15 02:09 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\2f1f9cdcfda600aa16f01e782ef0c7b7\LOG.Foundation.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\d6f8cbc0a19dae825e2ca119e7016d2c\MOM.Foundation.ni.dll
2020-01-16 07:00 - 2020-01-16 07:00 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\b9455d2a4b125a9d7e3d6637781d805d\MOM.Implementation.ni.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\da39baa62f53888d047f806d04ced8ec\NEWAEM.Foundation.ni.dll
2015-08-04 01:14 - 2015-08-04 01:14 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiamcsy.dll
2020-01-15 02:10 - 2020-01-15 02:10 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\c16b11e04389e5ba0d99cecfc307efc8\ADL.Foundation.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\c7a7c988826890798bbc742c9864090a\APM.Server.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\a37f3de8f54c67d3bce8a4672dc11e37\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\a538e3df64b89ac3db691171226e7845\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\6b00eff566823d6135e3b93a1cbdf8dd\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\ac8eb6f3c4ba1eb7fd0f91a34f8e8a45\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\621758585a73cfd74ab55f5f95d78852\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\40d424fc6a16594519daa1c689c89e50\CLI.Component.Client.Shared.Private.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\8da37d6cb8a205c82ae13d47ebad5ed0\CLI.Component.Runtime.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\0754d3a7c5a1a4926b9f1135776a8c1f\CLI.Component.Dashboard.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000016896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\9d4ddaf3de969fda425ac69f13dba963\DEM.Graphics.I0703.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\c25fa3a043afdf24b320131aa7b94af0\DEM.Graphics.I0706.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\7234dedea2336b99a9a5d0683afdd2f3\DEM.Graphics.I0709.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\a81b5967c5677f9df28ad5a6aa350bc7\DEM.Graphics.I0712.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\8736bd1276a5b25a28d6d0c1e774bed0\DEM.Graphics.I0804.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\024c713fb7e27db9423067a526369684\DEM.Graphics.I0805.ni.dll
2020-01-15 13:42 - 2020-01-15 13:42 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\01ea55cb3e0e9eb8d22b1ce938834673\DEM.Graphics.I0812.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\c4028bdc6e21646bb914aff5f5fcf6a6\DEM.Graphics.I0906.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\e281200b255768cf133cdd28a9b76bbe\DEM.Graphics.I0912.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\700f1d3c7f1acfce2b1d50a06fb62308\DEM.Graphics.I1010.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\0b4b1658b4b990236add1fdc4f881be4\Localization.Foundation.Private.ni.dll
2020-01-16 07:00 - 2020-01-16 07:00 - 000244224 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\41432a0338c479832c26b1573387fbb6\ResourceManagement.Foundation.Implementation.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\868862dbc53fb7230ad4b87a09d34a15\ResourceManagement.Foundation.Private.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\d346ccd31b9fba7f6d0c37fcb47bdc29\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2020-01-15 13:39 - 2020-01-15 13:39 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\17b3d8779e8932fe7c972a7121ecff53\CLI.Caste.Graphics.Shared.ni.dll
2020-01-15 13:41 - 2020-01-15 13:41 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\eb508a50337ae084981276a067fbf4ad\CLI.Caste.Graphics.Runtime.ni.dll
2019-12-07 22:27 - 2013-04-06 02:28 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2019-12-07 22:27 - 2013-10-22 15:25 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\ASACPI.DLL
2019-12-07 22:28 - 2013-11-20 23:06 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2019-12-07 22:28 - 2013-11-20 20:06 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsAcpi.dll
2019-12-07 22:27 - 2013-04-06 02:28 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\asacpiEx.dll
2019-12-07 22:27 - 2013-10-22 15:25 - 000677888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2019-12-07 22:27 - 2013-10-22 15:25 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000677888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\asacpiex.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2019-12-07 22:28 - 2013-11-20 23:06 - 000677888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll
2019-12-07 22:28 - 2013-09-09 05:52 - 001079808 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2019-12-07 22:28 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2019-12-07 22:28 - 2014-01-21 12:04 - 000897536 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2019-12-07 22:28 - 2013-11-20 20:06 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\asacpiEx.dll
2019-03-28 00:48 - 2019-03-28 00:48 - 000115200 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 000335360 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\d08f94aa74361f555a8348e097ca37bf\Microsoft.WindowsAPICodePack.ni.dll
2020-01-15 13:40 - 2020-01-15 13:40 - 002546688 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\21d6de9013f3886311cf40d9e69aa8d8\Microsoft.WindowsAPICodePack.Shell.ni.dll
2020-01-15 15:43 - 2020-01-15 15:43 - 000913920 _____ (ServiceStack) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\1c451b416fc7b4c8b1ecd15a4bb91187\ServiceStack.Text.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{30F46450-625D-4D44-9A08-68F84F79D9A0}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [UDP Query User{22DB1099-405F-4305-86C7-8FF9B02E1379}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [TCP Query User{11DBA86F-8155-401E-8119-39AF9FB1C058}C:\program files\dune 2000\dune2000.dat] => (Allow) C:\program files\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{79CA3095-B2BB-46BF-884A-6CB48408DDAE}C:\program files\dune 2000\dune2000.dat] => (Allow) C:\program files\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{9EE04F48-BFF6-43A8-84C8-C80DF36EA006}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [UDP Query User{58D30A73-CB88-4943-8DC4-FAEE5276BE30}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [TCP Query User{7AE90DFB-7B3F-4CC4-A985-25E7FE74807F}C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [UDP Query User{8ABA3F3B-162F-4B15-BBD1-42679F4CB782}C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [TCP Query User{8F8FAF6F-0570-4CCF-BA88-5152C23B0DB8}C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{1AC2333E-93DD-449D-BA7D-44570C288AC5}C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{C514E07A-2B98-4192-812D-3D077003992B}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{F6F7B434-58FE-4C6C-8089-AFC04C68D2D5}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{ED4506ED-86F6-4EC6-AC60-F69DC8970DE7}C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{BE7DAC33-0BDD-476A-872D-0AF41079FE77}C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{8C993456-CF95-4B21-998F-690821CDAA30}C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{6B24176F-8C2E-4D47-B6B8-08C51FE9AB91}C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{D1F24E73-3770-4EF6-A058-9D215E479201}C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{3BBBD4FE-47AD-40B6-8A75-FA816C40FA2E}C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [{583EB049-AECB-4092-B7AA-791D8E819E22}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{85E4DC18-774D-4C45-8F0A-E0CA8E0D37F1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{80A09480-0B4C-4801-BC42-43290BA6440A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{26007467-8B22-40F0-9DC3-52B73427295B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{20A55377-0B69-4395-BEA7-3142BB41D039}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.29\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{228EECDE-3DB8-49EF-A478-5045CA8E1CC6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{847770BD-D3F5-429F-B1B2-BBC1DC20BF4E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{372B5059-A62E-40EF-BFCF-7C29101B81BD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{72004298-11CE-49E1-B1E1-F20F41266A8D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{125C26C9-2D6E-43CA-901F-1B066FD7E679}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{44D90824-3887-4544-AC14-2C2D92918774}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{DDA6542F-7C97-4C8D-9825-A4DB15E92DDB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
12-01-2022 14:24:16 Windows Update
09-02-2022 08:46:45 Windows Update
09-03-2022 13:51:51 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/30/2022 08:44:33 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Nelze číst data o výkonu ze služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (03/20/2022 04:25:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 98.0.1.8107 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 270
Čas spuštění: 01d83c261a986e4f
Čas ukončení: 1330
Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
ID hlášení: 58aba807-a859-11ec-870c-ac9e17f05ea9
Error: (03/12/2022 12:20:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AsSysCtrlService.exe, verze: 0.0.0.0, časové razítko: 0x532bf8f2
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x64c
Čas spuštění chybující aplikace: 0x01d835d7f66fdbc6
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 10ea2100-a1ee-11ec-9195-ac9e17f05ea9
Error: (03/11/2022 04:11:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 98.0.0.8098 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1010
Čas spuštění: 01d8352052cd0c0a
Čas ukončení: 270
Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
ID hlášení: 1d659847-a145-11ec-ba5d-ac9e17f05ea9
Error: (02/28/2022 02:14:08 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (02/28/2022 10:43:43 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (02/28/2022 09:22:15 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (02/28/2022 05:21:56 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
System errors:
=============
Error: (04/06/2022 07:29:11 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/04/2022 11:08:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/26/2022 10:22:05 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (03/22/2022 05:42:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/17/2022 06:10:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/12/2022 08:12:39 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (12/03/2021 09:31:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Avira Security neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/03/2021 09:31:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Security bylo dosaženo časového limitu (30000 ms).
Windows Defender:
================Event[0]:
Date: 2021-09-28 13:05:21.355
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2021-06-30 07:19:34.622
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-30 07:19:34.622
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-04 07:34:45.528
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.341.8.0
Předchozí verze podpisu:1.339.1767.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-04 07:34:45.528
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18200.4
Předchozí verze modulu:1.1.18100.6
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1702 12/14/2015
Motherboard: ASUSTeK COMPUTER INC. A58M-A/USB3
Processor: AMD A8-7650K Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 46%
Total physical RAM: 8134.2 MB
Available physical RAM: 4383.82 MB
Total Virtual: 16266.54 MB
Available Virtual: 12638.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:135.36 GB) (Free:68.26 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:3.04 GB) (Free:1.04 GB) NTFS
Drive e: () (Fixed) (Total:94.48 GB) (Free:90.17 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: E8CDE8CD)
Partition 1: (Not Active) - (Size=3 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=135.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=94.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\MountPoints2: {d204e89d-194b-11ea-883b-ac9e17f05ea9} - G:\LaunchU3.exe -a
Task: {4FBCC669-6EBF-4133-9199-F68F62B859EB} - System32\Tasks\{CB8722F0-864B-4E2D-AFA6-4B35CF42FE27} => C:\Windows\system32\pcalua.exe -a C:\Users\Babička\Downloads\Age2upA.exe -d C:\Users\Babička\Downloads
Task: {A027A2C9-DCDF-4EBF-A7DD-1097F93DE093} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
Task: {A9F6AA99-4430-49D0-9CAF-DDB37C3B1C3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FirewallRules: [TCP Query User{30F46450-625D-4D44-9A08-68F84F79D9A0}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [UDP Query User{22DB1099-405F-4305-86C7-8FF9B02E1379}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [TCP Query User{9EE04F48-BFF6-43A8-84C8-C80DF36EA006}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [UDP Query User{58D30A73-CB88-4943-8DC4-FAEE5276BE30}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [TCP Query User{7AE90DFB-7B3F-4CC4-A985-25E7FE74807F}C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [UDP Query User{8ABA3F3B-162F-4B15-BBD1-42679F4CB782}C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [TCP Query User{8F8FAF6F-0570-4CCF-BA88-5152C23B0DB8}C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{1AC2333E-93DD-449D-BA7D-44570C288AC5}C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{ED4506ED-86F6-4EC6-AC60-F69DC8970DE7}C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{BE7DAC33-0BDD-476A-872D-0AF41079FE77}C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{8C993456-CF95-4B21-998F-690821CDAA30}C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{6B24176F-8C2E-4D47-B6B8-08C51FE9AB91}C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{D1F24E73-3770-4EF6-A058-9D215E479201}C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{3BBBD4FE-47AD-40B6-8A75-FA816C40FA2E}C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babička\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 05-04-2022
Ran by Babička (06-04-2022 10:27:57) Run:1
Running from C:\Users\Babička\Desktop
Loaded Profiles: Babička
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\MountPoints2: {d204e89d-194b-11ea-883b-ac9e17f05ea9} - G:\LaunchU3.exe -a
Task: {4FBCC669-6EBF-4133-9199-F68F62B859EB} - System32\Tasks\{CB8722F0-864B-4E2D-AFA6-4B35CF42FE27} => C:\Windows\system32\pcalua.exe -a C:\Users\Babi�ka\Downloads\Age2upA.exe -d C:\Users\Babi�ka\Downloads
Task: {A027A2C9-DCDF-4EBF-A7DD-1097F93DE093} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
Task: {A9F6AA99-4430-49D0-9CAF-DDB37C3B1C3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FirewallRules: [TCP Query User{30F46450-625D-4D44-9A08-68F84F79D9A0}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [UDP Query User{22DB1099-405F-4305-86C7-8FF9B02E1379}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [TCP Query User{9EE04F48-BFF6-43A8-84C8-C80DF36EA006}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [UDP Query User{58D30A73-CB88-4943-8DC4-FAEE5276BE30}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [TCP Query User{7AE90DFB-7B3F-4CC4-A985-25E7FE74807F}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [UDP Query User{8ABA3F3B-162F-4B15-BBD1-42679F4CB782}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [TCP Query User{8F8FAF6F-0570-4CCF-BA88-5152C23B0DB8}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{1AC2333E-93DD-449D-BA7D-44570C288AC5}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{ED4506ED-86F6-4EC6-AC60-F69DC8970DE7}C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{BE7DAC33-0BDD-476A-872D-0AF41079FE77}C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{8C993456-CF95-4B21-998F-690821CDAA30}C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{6B24176F-8C2E-4D47-B6B8-08C51FE9AB91}C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{D1F24E73-3770-4EF6-A058-9D215E479201}C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{3BBBD4FE-47AD-40B6-8A75-FA816C40FA2E}C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d204e89d-194b-11ea-883b-ac9e17f05ea9} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FBCC669-6EBF-4133-9199-F68F62B859EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FBCC669-6EBF-4133-9199-F68F62B859EB}" => removed successfully
C:\Windows\System32\Tasks\{CB8722F0-864B-4E2D-AFA6-4B35CF42FE27} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CB8722F0-864B-4E2D-AFA6-4B35CF42FE27}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A027A2C9-DCDF-4EBF-A7DD-1097F93DE093}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A027A2C9-DCDF-4EBF-A7DD-1097F93DE093}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9F6AA99-4430-49D0-9CAF-DDB37C3B1C3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F6AA99-4430-49D0-9CAF-DDB37C3B1C3A}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30F46450-625D-4D44-9A08-68F84F79D9A0}D:\dune 2000\dune2000.dat" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{22DB1099-405F-4305-86C7-8FF9B02E1379}D:\dune 2000\dune2000.dat" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9EE04F48-BFF6-43A8-84C8-C80DF36EA006}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{58D30A73-CB88-4943-8DC4-FAEE5276BE30}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7AE90DFB-7B3F-4CC4-A985-25E7FE74807F}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8ABA3F3B-162F-4B15-BBD1-42679F4CB782}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8F8FAF6F-0570-4CCF-BA88-5152C23B0DB8}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1AC2333E-93DD-449D-BA7D-44570C288AC5}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ED4506ED-86F6-4EC6-AC60-F69DC8970DE7}C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BE7DAC33-0BDD-476A-872D-0AF41079FE77}C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8C993456-CF95-4B21-998F-690821CDAA30}C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6B24176F-8C2E-4D47-B6B8-08C51FE9AB91}C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D1F24E73-3770-4EF6-A058-9D215E479201}C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3BBBD4FE-47AD-40B6-8A75-FA816C40FA2E}C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6697116 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 164275175 B
Edge => 0 B
Chrome => 45275267 B
Vivaldi => 376049813 B
Firefox => 1105225619 B
Opera => 74357657 B
Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 58641971 B
systemprofile32 => 58708585 B
LocalService => 58840829 B
NetworkService => 58968957 B
Babička => 557794201 B
RecycleBin => 0 B
EmptyTemp: => 2.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:28:48 ====
Ran by Babička (06-04-2022 10:27:57) Run:1
Running from C:\Users\Babička\Desktop
Loaded Profiles: Babička
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\...\MountPoints2: {d204e89d-194b-11ea-883b-ac9e17f05ea9} - G:\LaunchU3.exe -a
Task: {4FBCC669-6EBF-4133-9199-F68F62B859EB} - System32\Tasks\{CB8722F0-864B-4E2D-AFA6-4B35CF42FE27} => C:\Windows\system32\pcalua.exe -a C:\Users\Babi�ka\Downloads\Age2upA.exe -d C:\Users\Babi�ka\Downloads
Task: {A027A2C9-DCDF-4EBF-A7DD-1097F93DE093} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
Task: {A9F6AA99-4430-49D0-9CAF-DDB37C3B1C3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-03] (Google LLC -> Google LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FirewallRules: [TCP Query User{30F46450-625D-4D44-9A08-68F84F79D9A0}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [UDP Query User{22DB1099-405F-4305-86C7-8FF9B02E1379}D:\dune 2000\dune2000.dat] => (Allow) D:\dune 2000\dune2000.dat => No File
FirewallRules: [TCP Query User{9EE04F48-BFF6-43A8-84C8-C80DF36EA006}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [UDP Query User{58D30A73-CB88-4943-8DC4-FAEE5276BE30}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe => No File
FirewallRules: [TCP Query User{7AE90DFB-7B3F-4CC4-A985-25E7FE74807F}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [UDP Query User{8ABA3F3B-162F-4B15-BBD1-42679F4CB782}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe => No File
FirewallRules: [TCP Query User{8F8FAF6F-0570-4CCF-BA88-5152C23B0DB8}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{1AC2333E-93DD-449D-BA7D-44570C288AC5}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{ED4506ED-86F6-4EC6-AC60-F69DC8970DE7}C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [UDP Query User{BE7DAC33-0BDD-476A-872D-0AF41079FE77}C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{8C993456-CF95-4B21-998F-690821CDAA30}C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{6B24176F-8C2E-4D47-B6B8-08C51FE9AB91}C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{D1F24E73-3770-4EF6-A058-9D215E479201}C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{3BBBD4FE-47AD-40B6-8A75-FA816C40FA2E}C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-776276023-2905961984-2135141943-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d204e89d-194b-11ea-883b-ac9e17f05ea9} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FBCC669-6EBF-4133-9199-F68F62B859EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FBCC669-6EBF-4133-9199-F68F62B859EB}" => removed successfully
C:\Windows\System32\Tasks\{CB8722F0-864B-4E2D-AFA6-4B35CF42FE27} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CB8722F0-864B-4E2D-AFA6-4B35CF42FE27}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A027A2C9-DCDF-4EBF-A7DD-1097F93DE093}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A027A2C9-DCDF-4EBF-A7DD-1097F93DE093}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9F6AA99-4430-49D0-9CAF-DDB37C3B1C3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F6AA99-4430-49D0-9CAF-DDB37C3B1C3A}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30F46450-625D-4D44-9A08-68F84F79D9A0}D:\dune 2000\dune2000.dat" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{22DB1099-405F-4305-86C7-8FF9B02E1379}D:\dune 2000\dune2000.dat" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9EE04F48-BFF6-43A8-84C8-C80DF36EA006}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{58D30A73-CB88-4943-8DC4-FAEE5276BE30}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7AE90DFB-7B3F-4CC4-A985-25E7FE74807F}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8ABA3F3B-162F-4B15-BBD1-42679F4CB782}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.62\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8F8FAF6F-0570-4CCF-BA88-5152C23B0DB8}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1AC2333E-93DD-449D-BA7D-44570C288AC5}C:\users\babi�ka\appdata\local\programs\opera\65.0.3467.78\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ED4506ED-86F6-4EC6-AC60-F69DC8970DE7}C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BE7DAC33-0BDD-476A-872D-0AF41079FE77}C:\users\babi�ka\appdata\local\programs\opera\66.0.3515.44\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8C993456-CF95-4B21-998F-690821CDAA30}C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6B24176F-8C2E-4D47-B6B8-08C51FE9AB91}C:\users\babi�ka\appdata\local\programs\opera\70.0.3728.189\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D1F24E73-3770-4EF6-A058-9D215E479201}C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3BBBD4FE-47AD-40B6-8A75-FA816C40FA2E}C:\users\babi�ka\appdata\local\programs\opera\71.0.3770.228\opera.exe" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6697116 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 164275175 B
Edge => 0 B
Chrome => 45275267 B
Vivaldi => 376049813 B
Firefox => 1105225619 B
Opera => 74357657 B
Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 58641971 B
systemprofile32 => 58708585 B
LocalService => 58840829 B
NetworkService => 58968957 B
Babička => 557794201 B
RecycleBin => 0 B
EmptyTemp: => 2.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:28:48 ====
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu logu
Děkuji moc 
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?