Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu poněkolika pokusech o nabourání do účtů (WOT, Insta, FB...)

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
bilejpes
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 24 úno 2011 17:50

Prosím o kontrolu logu poněkolika pokusech o nabourání do účtů (WOT, Insta, FB...)

#1 Příspěvek od bilejpes »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-12-2022
Ran by dvacl (administrator) on RUDOLF (MSI MS-7758) (17-12-2022 17:59:34)
Running from C:\Users\dvacl\Desktop
Loaded Profiles: dvacl
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2364 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0) [File not signed] C:\Program Files\SPC_Gear\GK550.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\atieclxx.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\atiesrxx.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RTUWPSrvcMain.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [870136 2021-10-28] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Launch 0 FwCustom] => C:\Program Files\SPC_Gear\GK550.exe [3572224 2018-11-30] (0) [File not signed]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-12-15] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [MicrosoftEdgeAutoLaunch_DD7281EFDCD22F0502B4473C5E1909BC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3877280 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-27] (Piriform Software Ltd -> Piriform Software Ltd) [File not signed]
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148016 2022-11-23] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\stkMonitor: C:\WINDOWS\system32\stkMonitor.dll [65680 2022-11-29] (Amazon.com Services LLC -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-15] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {072F584A-1F1F-4718-9E88-A7B3B0C55004} - System32\Tasks\GoogleUpdateTaskMachineCore{8BA5B634-4303-44F3-9B4B-5797A7239ADB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-15] (Google LLC -> Google LLC)
Task: {22B8EBDB-ED10-4B01-BA17-94EF44AAA3C1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-87297680-2717088268-3221549041-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4172168 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {24AB492F-1E17-4FDD-9BBB-566544975F7C} - System32\Tasks\Opera scheduled Autoupdate 1661611824 => C:\Users\dvacl\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-11-23] (Opera Norway AS -> Opera Software)
Task: {31404599-6131-4D8C-8BEC-3CB144379C68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3E30E0A9-E6A5-4760-B32C-5C5847BD3DD3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {49E35024-DCE0-4315-ADA7-A1336DC5BD5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {59964752-9BCF-41F2-B5CF-69C4C0D043E7} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {629EC3BC-D739-4281-8C34-9850B7387AC9} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {70FA1D45-5EC9-42DC-8BEF-65E27713B57E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8A0AAF48-2927-45EE-A980-BF267E4A5E1F} - System32\Tasks\MXWTPTTTYKDUYVXJ_run => C:\Users\dvacl\AppData\Roaming\CyberLink\MediaCache\MXWTPTTTYKDUYVXJ.exe (No File)
Task: {8DBE7BBD-2995-4788-96E5-663A2C541360} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8F7D202F-8550-4466-B1AB-BC7EE4F13C22} - System32\Tasks\GoogleUpdateTaskMachineUA{04FD54C7-EBA3-427F-810C-B55C756E0572} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-15] (Google LLC -> Google LLC)
Task: {99678388-5B32-4116-AB37-DD921B871E4D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4172168 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C03ED9A-E0C8-4AAE-B540-0A8BCCD07D6A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {9EB1120D-61DE-4B67-8C59-8EFBAC2E1FFD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-87297680-2717088268-3221549041-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4172168 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7ED06A6-2C6E-42C5-A2B9-E41135C3B510} - System32\Tasks\CCleanerSkipUAC - dvacl => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BA0EFBC6-C3E3-47A9-A902-76E28B576094} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56760 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E5276305-5F21-47E9-AB85-F42A4DCCB719} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{b3e1bc0f-bea6-4274-929d-a19c14f68c18}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{bef09cf7-70f0-4e9f-b189-f83e44c0c1eb}: [DhcpNameServer] 10.0.1.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-17]
Edge DownloadDir: Default -> D:\Download
Edge HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
Edge StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... oogle.com/"
Edge Extension: (Authenticator) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2022-06-17]
Edge Extension: (Video Player) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bobjnignhcpkfnjcgegmdjijonimcmke [2022-08-25]
Edge Extension: (Send to Kindle for Google Chrome™) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2022-06-17]
Edge Extension: (Ruffle) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\donbcfbmhbcapadipfkeojnmajbakjdc [2022-12-16]
Edge Extension: (Dokumenty Google offline) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-30]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-12-15]
Edge Extension: (GAuth Authenticator) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilgcnhelpchnceeipipijaljkblbcobl [2022-06-17]
Edge Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2022-12-15]
Edge Profile: C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-12-17]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default [2022-12-17]
CHR HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... google.com"
CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2022-06-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-09]
CHR Extension: (Chrome Remote Desktop) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-09]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-20]
CHR Profile: C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-17]
CHR HKU\S-1-5-21-87297680-2717088268-3221549041-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR Profile: C:\Users\dvacl\AppData\Roaming\Opera Software\Opera Stable [2022-12-17]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\dvacl\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-17]
OPR Extension: (Opera Wallet) - C:\Users\dvacl\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-17]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\dvacl\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-08-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncHelper.exe [3389832 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10207488 2022-12-15] (Logitech Inc -> Logitech, Inc.)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.161.0731.0002\OneDriveUpdaterService.exe [3830152 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2022-02-02] () [File not signed]
R2 RTUsbSwSrvc; C:\WINDOWS\RTUWPSrvcMain.exe [933376 2021-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35360 2022-06-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\amdkmdag.sys [94455336 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 CLFCL5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [46952 2021-03-24] (CyberLink Corp. -> CyberLink Corp.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2021-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [79624 2022-02-25] (Intel Corporation -> Intel Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-24] (Logitech Inc -> Logitech)
R3 MpKsl371bf56d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DCECEA3D-C531-44BE-9CBB-D3D93623E4A0}\MpKslDrv.sys [214280 2022-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12183512 2022-02-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2021-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 NTIOLib_1_0_1; \??\C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-17 17:59 - 2022-12-17 18:00 - 000021856 _____ C:\Users\dvacl\Desktop\FRST.txt
2022-12-17 17:59 - 2022-12-17 17:59 - 000000000 ____D C:\Users\dvacl\Desktop\FRST-OlderVersion
2022-12-17 17:59 - 2022-12-17 17:59 - 000000000 ____D C:\FRST
2022-12-16 05:55 - 2022-12-16 05:55 - 000001565 _____ C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2022-12-15 07:48 - 2022-12-15 07:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-12-15 07:48 - 2022-12-15 07:48 - 000000000 ____D C:\Program Files\LGHUB
2022-12-14 17:00 - 2022-12-14 17:00 - 000012367 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-14 16:55 - 2022-12-14 16:57 - 000000000 ___HD C:\$WinREAgent
2022-12-12 01:32 - 2022-12-16 06:05 - 000000000 ____D C:\Users\dvacl\AppData\Local\Zoner
2022-12-11 13:29 - 2022-12-16 05:55 - 000000000 ____D C:\ProgramData\Zoner
2022-12-11 13:15 - 2022-12-17 17:59 - 002375680 _____ (Farbar) C:\Users\dvacl\Desktop\FRST64.exe
2022-12-11 13:10 - 2022-12-11 13:10 - 000000000 ____D C:\AdwCleaner
2022-12-11 05:33 - 2022-12-11 06:02 - 539726116 _____ C:\Users\dvacl\Downloads\VYMENA PARTNERU 7-2.mp4
2022-12-11 04:56 - 2022-12-11 04:56 - 000001091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2022-12-09 00:27 - 2022-12-15 23:36 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-08 00:18 - 2022-12-08 00:18 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2022-12-07 09:04 - 2022-12-12 00:34 - 000000000 ____D C:\Program Files (x86)\Steam
2022-12-07 09:04 - 2022-12-07 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-12-02 08:14 - 2022-12-02 08:14 - 000000000 ___HD C:\Users\dvacl\AppData\LocalLow\AMD
2022-12-02 05:29 - 2022-12-17 13:57 - 000003100 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-12-02 05:29 - 2022-12-02 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2022-12-02 05:29 - 2022-12-02 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2022-12-02 05:25 - 2022-11-30 21:51 - 001966080 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-12-02 05:25 - 2022-11-30 21:51 - 001966080 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-12-02 05:25 - 2022-11-30 21:50 - 001522688 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-12-02 05:25 - 2022-11-30 21:50 - 001522688 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-12-02 05:25 - 2022-11-30 21:50 - 001447904 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 001447904 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 001159480 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 001159480 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000792064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000669184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000594944 _____ C:\WINDOWS\system32\GameManager64.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000537600 _____ C:\WINDOWS\system32\libsmi_guest.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000531968 _____ C:\WINDOWS\system32\libsmi_host.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000529920 _____ C:\WINDOWS\system32\dgtrayicon.exe
2022-12-02 05:25 - 2022-11-30 21:50 - 000493056 _____ C:\WINDOWS\system32\EEURestart.exe
2022-12-02 05:25 - 2022-11-30 21:50 - 000448512 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000351744 _____ C:\WINDOWS\system32\clinfo.exe
2022-12-02 05:25 - 2022-11-30 21:50 - 000197120 _____ C:\WINDOWS\system32\mantle64.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000176640 _____ C:\WINDOWS\system32\mantleaxl64.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000174600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000154112 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000138240 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000137736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000041984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000038912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000034664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2022-12-02 05:25 - 2022-11-30 21:50 - 000034664 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 001507368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 001507368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 000928768 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2022-12-02 05:25 - 2022-11-30 21:49 - 000526336 _____ C:\WINDOWS\system32\atieah64.exe
2022-12-02 05:25 - 2022-11-30 21:49 - 000463912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 000395304 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2022-12-02 05:25 - 2022-11-30 21:49 - 000257024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 000217600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 000201048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 000163944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 000161832 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 000135208 _____ C:\WINDOWS\system32\atidxx64.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 000109096 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2022-12-02 05:25 - 2022-11-30 21:49 - 000065576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2022-12-02 05:25 - 2022-11-30 21:48 - 091440640 _____ C:\WINDOWS\system32\amd_comgr.dll
2022-12-02 05:25 - 2022-11-30 21:48 - 075115048 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2022-12-02 05:25 - 2022-11-30 21:48 - 000503344 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-12-02 05:25 - 2022-11-30 21:48 - 000368688 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-12-02 05:25 - 2022-11-30 21:47 - 000129064 _____ C:\WINDOWS\system32\amdxc64.dll
2022-12-02 05:25 - 2022-11-30 21:47 - 000104488 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2022-12-02 05:25 - 2022-11-30 21:46 - 007008864 _____ C:\WINDOWS\system32\amdsmi.exe
2022-12-02 05:25 - 2022-11-30 21:45 - 000933888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2022-12-02 05:25 - 2022-11-30 21:45 - 000761904 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2022-12-02 05:25 - 2022-11-30 21:45 - 000461824 _____ C:\WINDOWS\system32\amdlogum.exe
2022-12-02 05:25 - 2022-11-30 21:43 - 010558464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2022-12-02 05:25 - 2022-11-30 21:43 - 000559104 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2022-12-02 05:25 - 2022-11-30 21:43 - 000422912 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2022-12-02 05:25 - 2022-11-30 21:42 - 000156576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2022-12-02 05:25 - 2022-11-30 21:42 - 000126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2022-12-02 05:25 - 2022-11-30 21:41 - 001695952 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2022-12-02 05:25 - 2022-11-30 21:41 - 001374800 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2022-12-02 05:25 - 2022-11-30 21:40 - 000553880 _____ C:\WINDOWS\system32\amdmiracast.dll
2022-12-02 05:25 - 2022-11-30 21:40 - 000166448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2022-12-02 05:25 - 2022-11-30 21:40 - 000156608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2022-12-02 05:25 - 2022-11-30 21:40 - 000126328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2022-12-02 05:25 - 2022-11-30 21:39 - 000140888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2022-12-02 05:25 - 2022-11-30 20:05 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2022-12-02 05:25 - 2022-11-30 20:05 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2022-12-02 05:25 - 2022-11-30 19:57 - 000581024 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2022-12-02 05:25 - 2022-11-30 19:57 - 000581024 _____ C:\WINDOWS\system32\atiapfxx.blb
2022-12-02 05:25 - 2022-11-30 19:52 - 080595072 _____ C:\WINDOWS\system32\amdxc64.so
2022-11-29 03:08 - 2022-11-29 03:08 - 000065680 _____ C:\WINDOWS\system32\stkMonitor.dll
2022-11-29 03:08 - 2022-11-29 03:08 - 000002187 ____H C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Send To Kindle.lnk
2022-11-29 03:08 - 2022-11-29 03:08 - 000000000 ___HD C:\Users\dvacl\AppData\Local\Amazon
2022-11-29 03:08 - 2022-11-29 03:08 - 000000000 ____D C:\Program Files (x86)\Amazon
2022-11-27 03:23 - 2022-11-27 03:23 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\Canon_Inc_IC
2022-11-27 03:23 - 2022-11-27 03:23 - 000000000 ___HD C:\Users\dvacl\AppData\Local\CANON_INC
2022-11-26 17:12 - 2022-11-26 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2022-11-26 17:12 - 2022-11-26 17:13 - 000000000 ____D C:\Program Files (x86)\Canon
2022-11-26 17:12 - 2022-11-26 17:12 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\canon
2022-11-26 17:12 - 2022-11-26 17:12 - 000000000 ____D C:\ProgramData\Canon_Inc_IC
2022-11-26 17:12 - 2022-11-26 17:12 - 000000000 ____D C:\Program Files\Canon
2022-11-23 03:29 - 2022-11-23 03:29 - 000000000 ___HD C:\Users\dvacl\AppData\Local\Skyrim Special Edition GOG
2022-11-23 02:14 - 2022-11-23 02:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V - Skyrim Special Edition [GOG.com]
2022-11-23 02:13 - 2022-11-23 02:13 - 000000000 ____D C:\ProgramData\GOG.com
2022-11-23 01:49 - 2022-11-23 01:49 - 000000000 ____D C:\GOG Games
2022-11-20 13:37 - 2022-11-20 13:37 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-11-20 13:37 - 2022-11-20 13:37 - 000000000 ____D C:\Program Files\SPC_Gear
2022-11-19 00:24 - 2022-11-19 00:24 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-18 05:01 - 2022-12-17 13:57 - 000003078 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-11-18 05:01 - 2022-12-02 05:29 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2022-11-18 05:01 - 2022-12-02 05:29 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-11-18 04:45 - 2022-11-18 04:45 - 000000000 ____D C:\ProgramData\Propagation
2022-11-17 17:36 - 2022-11-29 03:45 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\GHISLER
2022-11-17 17:36 - 2022-11-17 17:36 - 000000000 ___HD C:\Users\dvacl\AppData\Local\GHISLER

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-17 17:58 - 2022-06-15 16:54 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-17 17:58 - 2022-06-15 11:48 - 000000000 ___HD C:\Users\dvacl\AppData\Local\AMD_Common
2022-12-17 17:55 - 2022-08-27 02:57 - 000002310 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - dvacl
2022-12-17 17:54 - 2022-06-15 11:15 - 000000000 ___HD C:\Users\dvacl\AppData\Local\Packages
2022-12-17 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-17 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-17 17:52 - 2022-08-27 02:57 - 000000000 ____D C:\Program Files\CCleaner
2022-12-17 17:52 - 2022-07-18 00:04 - 000000000 ___HD C:\Users\dvacl\AppData\Local\CrashDumps
2022-12-17 17:39 - 2022-06-15 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-17 15:30 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-17 13:55 - 2022-06-17 23:56 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\LGHUB
2022-12-17 13:55 - 2022-06-15 11:25 - 000000000 ___HD C:\Users\dvacl\AppData\Local\LGHUB
2022-12-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-16 06:36 - 2022-08-27 02:57 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-15 07:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-15 07:53 - 2022-06-15 11:03 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-15 07:53 - 2019-12-07 15:43 - 000716726 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-15 07:53 - 2019-12-07 15:43 - 000144904 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-15 07:46 - 2022-06-15 10:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-15 07:46 - 2022-06-15 10:51 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-12-15 07:46 - 2022-06-15 10:50 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-15 07:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-15 07:46 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-15 07:46 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-15 07:46 - 2019-12-07 09:32 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-14 17:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-14 16:55 - 2022-06-16 20:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-14 16:53 - 2022-06-16 20:11 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-12 16:59 - 2022-06-15 16:54 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-12-11 18:08 - 2022-06-15 11:15 - 000000000 ___HD C:\Users\dvacl\AppData\Local\D3DSCache
2022-12-11 07:47 - 2022-06-15 19:31 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\AIMP
2022-12-11 05:39 - 2022-06-16 04:07 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Zoner
2022-12-11 04:56 - 2022-06-15 15:47 - 000000000 ____D C:\Program Files\Adobe
2022-12-11 04:55 - 2022-07-15 01:35 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-11 02:33 - 2022-10-26 20:42 - 000000000 ___HD C:\Users\dvacl\AppData\Local\Webshare
2022-12-10 14:16 - 2020-08-27 23:24 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-09 18:30 - 2022-06-15 10:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-08 00:18 - 2022-06-15 12:24 - 000000000 ____D C:\Games
2022-12-08 00:18 - 2022-06-15 11:54 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\Wargaming.net
2022-12-07 16:14 - 2022-08-18 01:04 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-12-07 13:29 - 2022-06-15 11:53 - 000000000 ____D C:\ProgramData\Wargaming.net
2022-12-06 05:28 - 2022-06-15 10:54 - 000000000 ___HD C:\Users\dvacl
2022-12-02 14:47 - 2022-06-15 11:15 - 000000000 ___HD C:\Users\dvacl\AppData\Local\AMD
2022-12-02 05:29 - 2022-06-15 11:39 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-12-02 05:29 - 2022-06-15 10:51 - 000000000 ____D C:\Program Files\AMD
2022-12-02 05:25 - 2020-06-05 16:40 - 000000000 ____D C:\AMD
2022-11-30 21:49 - 2022-05-28 01:27 - 001979944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2022-11-30 21:43 - 2022-11-10 17:22 - 000177832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2022-11-30 21:43 - 2022-05-28 01:27 - 000222664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2022-11-30 20:20 - 2022-06-15 11:39 - 002977880 _____ (AMD Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2022-11-29 03:47 - 2022-08-27 15:50 - 000003534 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1661611824
2022-11-28 16:19 - 2022-07-07 20:32 - 000000000 ___HD C:\Users\dvacl\AppData\Local\ElevatedDiagnostics
2022-11-28 16:06 - 2022-08-27 15:50 - 000001411 ____H C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-11-23 03:29 - 2022-07-07 00:29 - 000000000 ____D C:\Users\dvacl\OneDrive\Dokumenty\My Games
2022-11-20 13:37 - 2020-11-09 01:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GK550 Keyboard
2022-11-19 00:41 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-19 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-19 00:24 - 2022-06-15 10:54 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-17 04:27 - 2022-06-15 19:31 - 000000000 ____D C:\Program Files (x86)\AIMP

==================== Files in the root of some directories ========

2022-06-24 01:13 - 2022-06-24 01:15 - 000007604 ____H () C:\Users\dvacl\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2022
Ran by dvacl (17-12-2022 18:00:42)
Running from C:\Users\dvacl\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2364 (X64) (2022-06-15 10:03:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-87297680-2717088268-3221549041-500 - Administrator - Disabled)
adolf (S-1-5-21-87297680-2717088268-3221549041-1005 - Administrator - Enabled)
DefaultAccount (S-1-5-21-87297680-2717088268-3221549041-503 - Limited - Disabled)
dvacl (S-1-5-21-87297680-2717088268-3221549041-1001 - Administrator - Enabled) => C:\Users\dvacl
Guest (S-1-5-21-87297680-2717088268-3221549041-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-87297680-2717088268-3221549041-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Lightroom Classic (HKLM-x32\...\LTRM_12_0_1) (Version: 12.0.1 - Adobe Inc.)
AIMP (HKLM-x32\...\AIMP) (Version: 5.10.2414 - Artem Izmaylov)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.253 - Amazon)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.11.2 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 2021.2 - Google LLC)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{A51C2A72-1A27-40EA-8718-D6F1AD6D9B79}) (Version: 6.8.0 - Kovid Goyal)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.16.11.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.15.10.3 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.03 - Piriform)
DiRT Rally 2 0 (HKLM-x32\...\DiRT Rally 2 0_is1) (Version: - )
DownloadX ActiveX Download Control 1.6.8 (HKLM-x32\...\CA17A131-B7D9-41D6-868F-29A9BD9FCC8E_is1) (Version: - Genesis Mobile)
Far Cry 6 (HKLM-x32\...\Far Cry 6_is1) (Version: - )
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
Chernobylite Enhanced Edition Season 3 (HKLM-x32\...\FLT_Chernobylite) (Version: - )
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2022.11.25.17 - PandoraTV)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.12.348746 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.161.0731.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Opera Stable 93.0.4585.21 (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Opera 93.0.4585.21) (Version: 93.0.4585.21 - Opera Software)
Pentablet verze 3.2.2.211028 (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.2.2.211028 - XP-PEN Technology)
Remote Mouse version 4.110 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 4.110 - Remote Mouse)
SPC Gear GK550 Omnis Kailh RGB (HKLM-x32\...\{12F382E1-63D4-4B94-BD32-5F845E74FC79}) (Version: 1.00 - COOLING.PL Zdziech Spolka Jawna)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V: Skyrim Special Edition (HKLM-x32\...\1711230643_is1) (Version: 1.6.659.0.8 - GOG.com)
Topaz DeNoise AI (HKLM\...\Topaz DeNoise AI 3.7.0) (Version: 3.7.0 - Topaz Labs LLC)
Topaz Mask AI (HKLM\...\Topaz Mask AI 1.3.9) (Version: 1.3.9 - Topaz Labs LLC)
Topaz Sharpen AI (HKLM\...\Topaz Sharpen AI 4.1.0) (Version: 4.1.0 - Topaz Labs LLC)
Wargaming.net Game Center (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Wargaming.net Game Center) (Version: 22.5.0.733 - Wargaming.net)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
Zoner Photo Studio X CS (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\ZPS X) (Version: 19.2209.2.409 - ZONER a.s.)

Packages:
=========
AMD Link -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDLink_10.22.20004.0_x64__0a9344xs7nr4m [2022-08-07] (Advanced Micro Devices Inc.)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-12-07] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.16.244.0_x64__rz1tebttyb220 [2022-12-12] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-15] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-09-06] (Microsoft Corporation)
Ink Draft -> C:\Program Files\WindowsApps\Microsoft.InkDraft_1.0.1.0_neutral__8wekyb3d8bbwe [2022-07-17] (Microsoft Corporation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.32791.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-10-27] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-87297680-2717088268-3221549041-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2022-11-17] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2022-11-17] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-12-15 07:48 - 2022-12-15 07:47 - 000156160 _____ () [File not signed] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2022-11-20 13:37 - 2013-12-01 11:38 - 000036352 _____ (0) [File not signed] C:\Program Files\SPC_Gear\HidServ.dll
2022-07-11 01:36 - 2019-04-19 16:12 - 001391104 _____ (Remote Mouse) [File not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll
2022-07-24 14:21 - 2019-12-30 21:01 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2022-07-24 14:21 - 2019-12-30 21:00 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2022-07-24 14:21 - 2019-12-30 21:01 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2022-07-24 14:21 - 2019-12-30 21:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2022-07-24 14:21 - 2019-12-30 21:00 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2022-07-24 14:21 - 2019-12-30 21:12 - 000016896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2022-07-24 14:21 - 2019-12-30 21:01 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2022-07-24 14:21 - 2019-12-30 21:02 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2022-07-24 14:21 - 2019-12-30 21:02 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2022-07-24 14:21 - 2019-12-30 21:03 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2022-07-24 14:21 - 2019-12-30 21:00 - 000966144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2022-07-24 14:21 - 2019-12-31 12:35 - 004686848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2022-07-24 14:21 - 2019-12-30 20:33 - 005035008 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2022-07-24 14:21 - 2019-12-30 20:24 - 000674816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2022-07-24 14:21 - 2019-12-30 21:12 - 000251392 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2022-07-24 14:21 - 2019-12-30 20:49 - 004518912 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2022-07-24 14:21 - 2019-12-30 20:24 - 000151040 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-12-16 05:52 - 2022-12-16 06:45 - 000000811 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 acdid.acdsystems.com
0.0.0.0 account.zoner.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Calibre2\;C:\Users\dvacl\AppData\Local\Microsoft\WindowsApps;C:\adb
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\2022\11\IMG_02781-Softness.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "PowerDVD22Agent"
HKLM\...\StartupApproved\Run32: => "ccleaner_update_helper"
HKLM\...\StartupApproved\Run32: => "Launch 0 FwCustom"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer_PowerDVD22"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{1FFED861-7EE8-417E-91EF-B844246D70C5}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{18F78D5F-7B1E-4DEA-920E-104329AC65C6}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{F0213B8D-881A-4E5B-A2A3-5644B758C148}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0B7F1EF0-CAB0-4E7E-AF7C-FCA7924E3196}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2AEB318E-7B64-4189-A6D1-D35F29E53AB7}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [UDP Query User{48CBDE99-2422-47E4-B172-5A879CC15355}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{1D8C30F3-78EB-42A4-BF60-6C2853C26199}] => (Allow) LPort=26822
FirewallRules: [{E52E1085-3270-483C-BBBB-BDCB2EA98314}] => (Allow) LPort=32682
FirewallRules: [{53BA0509-8FD4-4A15-92D1-BE570B7B9C88}] => (Block) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{ADA8C4FF-681A-4CBF-BCE7-A9C97DA4628A}] => (Block) C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A2D71F58-6B64-421B-85FC-5310CA44B3F6}] => (Block) C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd -> Piriform Software Ltd) [File not signed]
FirewallRules: [{FEEA67DA-B594-4102-95E1-F053FA61415E}] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{8D621E16-E833-4755-99A5-BB786E753835}] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{ECE019F3-3FE1-4BEB-893A-E234795AEEF4}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{9E2FF481-7DDB-4B4D-A0D3-98D6B02C6CF6}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{4484A535-EFFB-4FB5-948E-F11B173717FB}] => (Block) C:\Program Files\Topaz Labs LLC\Topaz DeNoise AI\Topaz DeNoise AI.exe (Topaz Labs LLC -> )
FirewallRules: [{41FC2E15-2549-4802-8155-83C6042E308E}] => (Block) C:\Program Files\Topaz Labs LLC\Topaz Mask AI\Topaz Mask AI.exe (Topaz Labs, LLC -> )
FirewallRules: [{AC15FC26-85A6-4B2D-8BC7-4C26933BF9F5}] => (Block) C:\Program Files\Topaz Labs LLC\Topaz Sharpen AI\Topaz Sharpen AI.exe (Topaz Labs LLC -> )
FirewallRules: [{6C18F54D-71B9-4C69-96E9-4CA2A873FE6F}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2023\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [TCP Query User{D50DA3CE-89A9-4F51-8332-070DAA41B678}C:\program files (x86)\far cry 6\bin\farcry6.exe] => (Block) C:\program files (x86)\far cry 6\bin\farcry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) [File not signed]
FirewallRules: [UDP Query User{EF955AE7-1C2B-4DCB-B0EF-41740447F172}C:\program files (x86)\far cry 6\bin\farcry6.exe] => (Block) C:\program files (x86)\far cry 6\bin\farcry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) [File not signed]
FirewallRules: [{CE9D7248-4F0F-47B5-8812-DAB38D7613FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{562DFCD6-AACA-4690-9473-D7829721CE85}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2B381AF9-93A6-4B6D-B163-AB80DBF52A7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8490B7FD-228B-4FBE-A729-29056FAC3D34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{958C1B2C-3FB3-4668-9C5A-D62AF6F22BEE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0316D867-BB72-4398-BA90-2FAF03ADB29D}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F2F793FE-7717-485B-A334-4A45B66EC4B5}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{A99D3435-903C-47C5-A964-01F66D81865C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

02-12-2022 05:28:26 Radeon Installer
11-12-2022 12:04:27 Naplánovaný kontrolní bod
14-12-2022 16:55:05 Instalační služba modulů systému Windows
14-12-2022 16:57:21 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/17/2022 02:05:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.2364, časové razítko: 0x67bfcd81
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2364, časové razítko: 0x5b7d4d22
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fe32
ID chybujícího procesu: 0xac0
Čas spuštění chybující aplikace: 0x01d91217e857f426
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: d02fa163-8978-48ac-8d16-9a38b4cbea3b
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (12/17/2022 02:03:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.2364, časové razítko: 0x67bfcd81
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2364, časové razítko: 0x5b7d4d22
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fe32
ID chybujícího procesu: 0x3440
Čas spuštění chybující aplikace: 0x01d91217a1896179
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e45cda5f-f3d9-4fba-89ed-74570a6d2a98
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (12/17/2022 02:01:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.2364, časové razítko: 0x67bfcd81
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2364, časové razítko: 0x5b7d4d22
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fe32
ID chybujícího procesu: 0x313c
Čas spuštění chybující aplikace: 0x01d912175ac34116
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 94e74759-82de-4ad2-8aa2-806f819aeae1
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (12/17/2022 01:59:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.2364, časové razítko: 0x67bfcd81
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2364, časové razítko: 0x5b7d4d22
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fe32
ID chybujícího procesu: 0x263c
Čas spuštění chybující aplikace: 0x01d9121713f37dc9
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 010b8313-8578-4144-9a2f-7551a9ac9b56
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (12/17/2022 01:57:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.2364, časové razítko: 0x67bfcd81
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2364, časové razítko: 0x5b7d4d22
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fe32
ID chybujícího procesu: 0x35b8
Čas spuštění chybující aplikace: 0x01d91216d025daac
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f2f92b7b-1fb9-4a51-ba46-6877d2683751
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (12/17/2022 01:55:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.2364, časové razítko: 0x67bfcd81
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2364, časové razítko: 0x5b7d4d22
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fe32
ID chybujícího procesu: 0x3580
Čas spuštění chybující aplikace: 0x01d91216ccff0c9f
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: de808102-f667-4df9-a9ec-fa7468010ef8
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (12/16/2022 08:05:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.2364, časové razítko: 0x67bfcd81
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2364, časové razítko: 0x5b7d4d22
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fe32
ID chybujícího procesu: 0x34a4
Čas spuštění chybující aplikace: 0x01d91113cfcb12a1
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 4a0099c3-6101-4e79-b613-9e19e19ec8e2
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (12/16/2022 06:21:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.2364, časové razítko: 0x67bfcd81
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2364, časové razítko: 0x5b7d4d22
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fe32
ID chybujícího procesu: 0x2c88
Čas spuštění chybující aplikace: 0x01d9110df85d69ab
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 17ccf8a0-2952-49f1-8fa7-7c275c6cff33
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI


System errors:
=============
Error: (12/17/2022 05:52:44 PM) (Source: DCOM) (EventID: 10000) (User: RUDOLF)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/11/2022 08:31:31 PM) (Source: DCOM) (EventID: 10000) (User: RUDOLF)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/11/2022 01:35:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba cphs byla ukončena s následující chybou:
%%2147942659 = Žádná další data nejsou k dispozici.

Error: (12/11/2022 01:35:48 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (12/11/2022 01:32:24 PM) (Source: DCOM) (EventID: 10000) (User: RUDOLF)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/11/2022 01:21:41 PM) (Source: DCOM) (EventID: 10000) (User: RUDOLF)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/11/2022 05:49:13 AM) (Source: DCOM) (EventID: 10000) (User: RUDOLF)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/11/2022 05:31:23 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


Windows Defender:
================
Date: 2022-12-16 19:10:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DA136F1D-4D07-4A46-9B38-30840BD592FE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-14 19:43:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FB5D88D0-A29A-4981-B240-AB7018AE27C2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-13 18:58:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EDE89CDB-6CFC-485E-948E-0D069D96952F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-12 19:12:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CE01725D-4E1B-486C-A882-63B6411D2B17}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-11 13:16:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C618DFFA-8402-420D-A40C-F2A831CFB403}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: RUDOLF\dvacl

CodeIntegrity:
===============
Date: 2022-12-16 05:43:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-12-11 13:41:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\67.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-10-27 08:20:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\65.0.4.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-10-21 06:48:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V2.13 03/07/2014
Motherboard: MSI Z77A-G43 (MS-7758)
Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 16%
Total physical RAM: 24524.43 MB
Available physical RAM: 20424.85 MB
Total Virtual: 28108.43 MB
Available Virtual: 20523 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:447.02 GB) (Free:115.1 GB) (Model: Patriot Burst) NTFS
Drive d: (SSD) (Fixed) (Total:447.14 GB) (Free:72.79 GB) (Model: Patriot Burst) NTFS

\\?\Volume{d765b008-6d47-4712-b3df-090dbd5ce3c7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 0610802F)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 56DA8679)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=42)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: C87DD721)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=42)

==========================================================
Disk: 3 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu poněkolika pokusech o nabourání do účtů (WOT, Insta, FB...)

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bilejpes
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 24 úno 2011 17:50

Re: Prosím o kontrolu logu poněkolika pokusech o nabourání do účtů (WOT, Insta, FB...)

#3 Příspěvek od bilejpes »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-20-2022
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2364)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [11/12/2022 13:10:55]
AdwCleaner[S01].txt - [1481 octets] - [20/12/2022 02:32:39]
AdwCleaner[S02].txt - [1542 octets] - [20/12/2022 02:34:32]
AdwCleaner[C02].txt - [1732 octets] - [20/12/2022 02:34:40]
AdwCleaner[S03].txt - [1664 octets] - [20/12/2022 02:36:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu poněkolika pokusech o nabourání do účtů (WOT, Insta, FB...)

#4 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {072F584A-1F1F-4718-9E88-A7B3B0C55004} - System32\Tasks\GoogleUpdateTaskMachineCore{8BA5B634-4303-44F3-9B4B-5797A7239ADB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-15] (Google LLC -> Google LLC)
Task: {8F7D202F-8550-4466-B1AB-BC7EE4F13C22} - System32\Tasks\GoogleUpdateTaskMachineUA{04FD54C7-EBA3-427F-810C-B55C756E0572} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-15] (Google LLC -> Google LLC)
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

Hosts:
EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bilejpes
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 24 úno 2011 17:50

Re: Prosím o kontrolu logu poněkolika pokusech o nabourání do účtů (WOT, Insta, FB...)

#5 Příspěvek od bilejpes »

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-12-2022
Ran by dvacl (20-12-2022 11:08:30) Run:1
Running from C:\Users\dvacl\Desktop
Loaded Profiles: dvacl
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {072F584A-1F1F-4718-9E88-A7B3B0C55004} - System32\Tasks\GoogleUpdateTaskMachineCore{8BA5B634-4303-44F3-9B4B-5797A7239ADB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-15] (Google LLC -> Google LLC)
Task: {8F7D202F-8550-4466-B1AB-BC7EE4F13C22} - System32\Tasks\GoogleUpdateTaskMachineUA{04FD54C7-EBA3-427F-810C-B55C756E0572} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-15] (Google LLC -> Google LLC)
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{072F584A-1F1F-4718-9E88-A7B3B0C55004}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{072F584A-1F1F-4718-9E88-A7B3B0C55004}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{8BA5B634-4303-44F3-9B4B-5797A7239ADB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{8BA5B634-4303-44F3-9B4B-5797A7239ADB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F7D202F-8550-4466-B1AB-BC7EE4F13C22}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F7D202F-8550-4466-B1AB-BC7EE4F13C22}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{04FD54C7-EBA3-427F-810C-B55C756E0572} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{04FD54C7-EBA3-427F-810C-B55C756E0572}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24418483 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 406976710 B
Windows/system/drivers => 1118591 B
Edge => 0 B
Chrome => 11878085 B
Firefox => 0 B
Opera => 5911947 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1152942 B
systemprofile32 => 5033768 B
LocalService => 5033768 B
NetworkService => 5039928 B
dvacl => 11851357 B
adolf => 11851357 B

RecycleBin => 317780109 B
EmptyTemp: => 771.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:08:34 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu poněkolika pokusech o nabourání do účtů (WOT, Insta, FB...)

#6 Příspěvek od Rudy »

Smazáno, log již vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bilejpes
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 24 úno 2011 17:50

Re: Prosím o kontrolu logu poněkolika pokusech o nabourání do účtů (WOT, Insta, FB...)

#7 Příspěvek od bilejpes »

Mockrát děkuji za pomoc a ochotu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu poněkolika pokusech o nabourání do účtů (WOT, Insta, FB...)

#8 Příspěvek od Rudy »

Rádo se stalo! :-)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno