Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

FRSIT log z Windows 10 (2 posty)

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
5manager5
Návštěvník
Návštěvník
Příspěvky: 267
Registrován: 10 led 2009 21:21

FRSIT log z Windows 10 (2 posty)

#1 Příspěvek od 5manager5 »

Zdravím,

ďakujem za pozretie, ADWCleaner nenašiel nič.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
Ran by igorv (administrator) on DESKTOP-PB3B57S (TOSHIBA Satellite L650) (10-02-2023 21:58:24)
Running from C:\Users\igorv\Downloads
Loaded Profiles: igorv
Platform: Microsoft Windows 10 Home Version 22H2 19045.2546 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe <4>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [MicrosoftEdgeAutoLaunch_12DCDEA817FD98234F2AB1F8B100D4B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4252008 2023-01-31] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.121\Installer\chrmstp.exe [2023-02-09] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5FAD471F-3397-45A2-B287-345CB7DE5E54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7ACEDB39-AB4B-430F-B549-01D1792DD499} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8A04D2FF-1A11-428D-B9FA-AA379E4A25A1} - System32\Tasks\GoogleUpdateTaskMachineUA{A5FF526E-0839-42BD-8196-FCE1D6C6D732} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {8B621601-AE74-4D4A-9EAC-3C7835A0C1BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ACA11C1B-FC37-4AD6-83E9-E1D06F6B018B} - System32\Tasks\GoogleUpdateTaskMachineCore{8F5C90FE-E2FF-4C5D-B1F6-73990ACFA8C9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {DAFB6C4A-564B-45FE-92CA-A848A593EA33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{1b830fbc-5f0e-4a85-a095-15d1aeb2d45b}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{2835ed5a-0fac-45c6-bfda-73ae710e5958}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{7ae0656c-d38d-4fa0-9319-481e1e5b4555}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Edge:
=======
Edge DefaultProfile: Profile 4
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2023-02-10]
Edge HomePage: Profile 4 -> hxxp://www.google.sk/

Chrome:
=======
CHR Profile: C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default [2023-02-06]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-03]
CHR Extension: (Spúšťač aplikácie pre Disk (od Googlu)) - C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-02-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-03]
CHR HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe [714864 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
S2 DSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDTabSysSvc.exe [301192 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe [451248 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R2 dynabookSettingService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe [44797568 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dhotkey; C:\Windows\System32\drivers\dhotkey.sys [52360 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R1 dsrvctldrv; C:\Windows\System32\drivers\dsrvctldrv.sys [29328 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\Windows\System32\drivers\DVALZ_O.SYS [47464 2022-07-17] (Dynabook Inc. -> Dynabook Inc.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ_O; C:\Windows\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-10 21:58 - 2023-02-10 22:00 - 000012390 _____ C:\Users\igorv\Downloads\FRST.txt
2023-02-10 21:57 - 2023-02-10 21:59 - 000000000 ____D C:\FRST
2023-02-10 21:56 - 2023-02-10 21:57 - 002378240 _____ (Farbar) C:\Users\igorv\Downloads\FRST64.exe
2023-02-04 10:21 - 2023-02-04 10:25 - 000000000 ___HD C:\$WinREAgent
2023-02-03 08:58 - 2023-02-09 14:35 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-31 17:39 - 2023-02-02 14:45 - 000000000 ____D C:\Users\igorv\AppData\Roaming\vlc
2023-01-22 16:26 - 2023-01-22 16:26 - 000000000 ____D C:\Program Files (x86)\aida64extreme_build_6323_fgv5q3cdyb
2023-01-22 16:18 - 2023-02-08 18:36 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-01-18 10:07 - 2023-01-18 10:08 - 001201396 _____ C:\Windows\Minidump\011823-42046-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-10 22:01 - 2022-03-09 15:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-10 21:54 - 2022-12-25 18:56 - 000000000 ____D C:\Program Files (x86)\Steam
2023-02-10 21:53 - 2022-03-09 10:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-02-10 20:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-10 19:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-10 19:23 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-02-10 16:12 - 2022-03-09 10:22 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-09 16:11 - 2022-03-09 10:52 - 000000000 ____D C:\Users\igorv
2023-02-09 10:37 - 2022-03-09 10:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-09 10:37 - 2020-02-21 11:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-08 19:36 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-02-08 19:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-08 19:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-07 17:31 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2023-02-07 17:14 - 2022-03-09 10:55 - 000000000 ____D C:\Users\igorv\AppData\Local\Packages
2023-02-07 14:14 - 2022-10-07 19:11 - 000000000 ____D C:\Users\igorv\AppData\Local\CrashDumps
2023-02-06 09:22 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-02-04 12:35 - 2022-03-09 10:49 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-04 12:27 - 2022-03-09 10:17 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2023-02-04 12:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-04 10:57 - 2022-03-09 10:21 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-03 08:58 - 2022-03-09 15:06 - 000000000 ____D C:\Users\igorv\AppData\Local\Google
2023-02-03 08:08 - 2022-03-09 10:20 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-03 08:08 - 2022-03-09 10:20 - 000003508 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-28 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2023-01-28 22:04 - 2022-10-23 08:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-28 22:04 - 2022-03-24 16:14 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2023-01-18 18:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-01-18 10:09 - 2022-07-04 14:36 - 000000000 ____D C:\Windows\Minidump
2023-01-18 10:07 - 2022-07-04 14:36 - 637648792 _____ C:\Windows\MEMORY.DMP
2023-01-11 18:51 - 2022-03-09 13:02 - 000000000 ____D C:\Windows\system32\MRT
2023-01-11 18:46 - 2022-03-09 13:02 - 150199536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2022-03-09 11:38 - 2022-03-09 11:38 - 000007602 _____ () C:\Users\igorv\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Naposledy upravil(a) 5manager5 dne 10 úno 2023 22:52, celkem upraveno 2 x.

5manager5
Návštěvník
Návštěvník
Příspěvky: 267
Registrován: 10 led 2009 21:21

Re: FRSIT log z Windows 10

#2 Příspěvek od 5manager5 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
Ran by igorv (10-02-2023 22:02:34)
Running from C:\Users\igorv\Downloads
Microsoft Windows 10 Home Version 22H2 19045.2546 (X64) (2022-03-09 09:45:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2415662125-1334251306-1017844622-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2415662125-1334251306-1017844622-503 - Limited - Disabled)
Guest (S-1-5-21-2415662125-1334251306-1017844622-501 - Limited - Disabled)
igorv (S-1-5-21-2415662125-1334251306-1017844622-1001 - Administrator - Enabled) => C:\Users\igorv
WDAGUtilityAccount (S-1-5-21-2415662125-1334251306-1017844622-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 70.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2415662125-1334251306-1017844622-1001_Classes\CLSID\{32696747-d167-38ad-6e20-2fec78940514}\localserver32 -> "C:\Program Files\Microsoft PC Manager\MSPCManager.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-08] (Google LLC -> Google, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\igorv\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) =============

2022-12-25 18:58 - 2022-11-07 11:17 - 000387072 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-12-25 18:58 - 2022-11-07 11:17 - 008052736 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\0e743fcb7671363518924eb54f75c4e1\A4.Foundation.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\e3398d899a5f8dad2f8b0ca8b2b14c61\AEM.Actions.CCAA.Shared.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\0a825fc66c95e1767511b6413581ae6c\AEM.Plugin.EEU.Shared.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\8ed00a594b16d1b6283c6ad98d7bd289\AEM.Plugin.Hotkeys.Shared.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\a7aa014b174bacde99ad22c18b9ef5e1\AEM.Plugin.DPPE.Shared.ni.dll
2023-02-08 10:53 - 2023-02-08 10:53 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\3371eec6a799d20394e51b8611fb2f94\AEM.Plugin.Source.Kit.Server.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\c00e3f9b88ebc3948a211e051df20912\AEM.Plugin.WinMessages.Shared.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\483a0d101a62d4f3e37e26528e728eaa\AEM.Plugin.REG.Shared.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\c7aba31a8af9cbcb3c146d077d2dd8cf\AEM.Plugin.GD.Shared.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\72ecad8c78a194c04567a266d9302fd9\AEM.Server.Shared.ni.dll
2023-02-08 10:53 - 2023-02-08 10:53 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\a31648c6fc012905b3868af8dd3904c2\AEM.Server.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\f6d3c611377c78cf813a3e65fa5ef246\APM.Foundation.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\739bd44bae25ad5992972400b5138287\ATICCCom.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\e896658f8c8b12c344b1e54b576253ba\CCC.Implementation.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\caa16c7575d0180b1c35b73772dcdf0a\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\13d159c079b65304206ab7f1c5cc20d9\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\b0688dfd87cf7a77dc43e134091f7242\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\6f87e8f535f50abb331ddfbbd53d28c6\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\bfb7598682046b0dedb745d3265cb052\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\aa9aa953cb0870cd9cdee15162627cce\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\b3f4c23752c1c6eaf6e7f0e6845c6139\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\df725ae3e62a211c61b077404211dd5e\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\3dc9913cb38f2dcd1dd2054a08fabcc1\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\824c5dd2828013414329f5f15475eb91\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\799847f7a65a122d461dfc57e932aa0a\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\f43c225c39a503a5ca15460284dd39d9\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\f2b54f94b362d4127e1158cc35bb37e0\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\57c286568a01a44a094858ab28d836bf\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\9ebb62640de6ec65aec446d712456064\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\51615ac2ed8cd859d15f48c15e8a51fb\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\5df6357da28318b0c7abdb80c6d1603f\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\2eb0266c244955faefd8acd995ae9b98\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\b45cf6408f038b457316969ebd602629\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\b8da97b857a8e325fee1d52feafcb6a0\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\3836ddee9539b759a1123027aa086fb8\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\d7df54d5d7938c4f9bc5a3f9ee0b7f1c\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\da897e4bbacf387149923c1c2a65dd9e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\f57865ab4d8c846219f93e9c667e92d6\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2022-07-02 11:14 - 2022-07-02 11:14 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\739bfe4ab5924222597f90a24b1d641c\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\21c9bb1219b7ec491b180d3858f39efa\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\3ec5b0d098c12b3bd2ab142823ff40d9\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\572e7ba5025b794fe125f741342a2ced\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\c398e0bb8954af45b42cd48ce6d89547\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\46cf4ba01f46d3bbd25a3f183612cdd9\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\0ad2b8cfdf7277eb505eca8ef71fef43\CLI.Caste.A4.Runtime.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\23feda6f317be3422858e7926a220cfd\CLI.Caste.A4.Shared.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\6f6f51b6dcbf20a6d9b0104623d94f33\CLI.Caste.A4.Dashboard.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\2ffddfae323343e492a8b9f3c8cd4d57\CLI.Caste.Fuel.Shared.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\abaf51f969af62f01c439499754a5a90\CLI.Caste.Fuel.Runtime.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\435509d4c14c46e61aaa813b7c8efd73\CLI.Caste.Fuel.Dashboard.ni.dll
2022-08-31 18:05 - 2022-08-31 18:05 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\c8a50a88c1c2049d926ef2388188cfd4\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\62a95bbfa3ad549537e5de589a70b606\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\1cd4ab6b760670c1a20c7a85d593ac34\CLI.Caste.Graphics.Dashboard.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\489569a4f3e0472bd1f9c160c63ad460\CLI.Caste.HydraVision.Runtime.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\f2ddf5a9a298079d8f8ffea6bbb49200\CLI.Caste.HydraVision.Shared.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\58e1df8cceab3d89759890f4bd87f1df\CLI.Caste.HydraVision.Dashboard.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\306bba52e455d92491f02570eaee8ae5\CLI.Caste.Platform.Shared.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\aeec2c916f052216de3903dd62c02f18\CLI.Caste.Platform.Runtime.ni.dll
2023-02-08 10:56 - 2023-02-08 10:56 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\48326761af2d0f9e47bb7a7c400b4c49\CLI.Caste.Platform.Dashboard.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\63e4630be8b758da9094d72ea07b8aa8\CLI.Component.Runtime.Shared.ni.dll
2023-02-08 10:56 - 2023-02-08 10:56 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\479def4c025af4d3c491d2682598ef77\CLI.Component.Systemtray.ni.dll
2023-02-08 10:56 - 2023-02-08 10:56 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\60b3476e7af261720bf2de13c4c58695\CLI.Component.Dashboard.ProfileManager2.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\53eee4d3ee34c21a12c9e4f907362a5e\CLI.Component.Runtime.Shared.Private.ni.dll
2022-07-02 11:16 - 2022-07-02 11:16 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\027e64e73c329a16766cee46d84db38e\CLI.Component.Runtime.Extension.EEU.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\caf09e61e7d17fe43ce97ae611c58abf\CLI.Component.Dashboard.Shared.Private.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\1ae86d5430cc8c9a19dca721d52d4748\CLI.Component.Client.Shared.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\16bc096c01824c6b9e20d269697f578f\CLI.Component.Dashboard.Shared.ni.dll
2022-08-31 18:04 - 2022-08-31 18:04 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\361bc2c411d7ff82d4db2d1b6f8000d7\CLI.Foundation.Private.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\49dd70310adfa7cc5cfe6194a0e64d85\CLI.Foundation.XManifest.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\8ff4806e5cca69894d553f8befb8dc66\CLI.Foundation.CoreAudioAPI.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\6c09ff25e3eeabd734cc04d29c8b18dd\CLI.Foundation.Client.ni.dll
2023-02-08 10:53 - 2023-02-08 10:53 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\a36188e1c51840ee48d9537b2c4c5d99\CLI.Foundation.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\8cb6fc56a001c65f709af6fdaf603bac\DEM.Foundation.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\a3c0143b23065cda75c54473596b4fd8\DEM.Graphics.I0601.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\d6a1a93f297da5304ef1eb216702ac65\DEM.Graphics.ni.dll
2022-08-31 18:06 - 2022-08-31 18:06 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\b38549758f82ebb4baec6dfc500776cf\Fuel.Foundation.ni.dll
2023-02-08 10:56 - 2023-02-08 10:56 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\dd7dd610056677ab76e1cac39cefc069\LOG.Foundation.Implementation.ni.dll
2023-02-08 10:53 - 2023-02-08 10:53 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\397625b562a3c82e6a0f87fad027ae4f\LOG.Foundation.Private.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\b137bfc87c723cb78ed5f202536e529a\LOG.Foundation.Implementation.Private.ni.dll
2023-02-08 10:53 - 2023-02-08 10:53 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\9d3c1f04963b198f7e5e837ecc01fa83\LOG.Foundation.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\8d96824ead8d65124ce26daa099a2e4a\MOM.Foundation.ni.dll
2023-02-08 10:57 - 2023-02-08 10:57 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\7af7899017d9fde1566b19d0b8dce259\MOM.Implementation.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\6790cd1c9ed36153850ad2d995ccb019\NEWAEM.Foundation.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\71d66045028bc07fee0d28e6f49573cd\ADL.Foundation.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\50e5c28effff3e67cb243c80a1f66aca\APM.Server.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\d04af2bc9c19327fdd665c10f43a1c63\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\b0d458a83a35dc34f4b0a1606a0e8cc5\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\31f1a71c9a34e21a7e4b2ca7bfa7a832\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2023-02-08 10:56 - 2023-02-08 10:56 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\499958633f26733f8eb6318cae1ca186\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2023-02-08 10:56 - 2023-02-08 10:56 - 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\d1d0192ea32ed96651eb3f97e59578cc\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\53ecfd7abb7fc80e4bf1eb1bdee0decf\CLI.Component.Client.Shared.Private.ni.dll
2023-02-08 10:56 - 2023-02-08 10:56 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\01dcfdccb97a6148047e01fd98bb144d\CLI.Component.Runtime.ni.dll
2023-02-08 10:56 - 2023-02-08 10:56 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\0fc50c611ddb28b1c099d8243be2780e\CLI.Component.Dashboard.ni.dll
2022-07-02 11:14 - 2022-07-02 11:14 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\2d26931450023a6c35b0be19143c0215\DEM.Graphics.I0706.ni.dll
2022-07-02 11:14 - 2022-07-02 11:14 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\0e81dbc0f820dae174a1fa3fbbbf453c\DEM.Graphics.I0709.ni.dll
2022-07-02 11:14 - 2022-07-02 11:14 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\6d2b6ef60020fd0f81fae442a9d4ab01\DEM.Graphics.I0712.ni.dll
2022-07-02 11:14 - 2022-07-02 11:14 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\74f5fc3369cd79cd66681526bac10717\DEM.Graphics.I0804.ni.dll
2022-07-02 11:16 - 2022-07-02 11:16 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\bddbce063c57aa944caf6fc652175248\DEM.Graphics.I0805.ni.dll
2022-07-02 11:16 - 2022-07-02 11:16 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\e24e2a551468c3476ac50b407091135a\DEM.Graphics.I0812.ni.dll
2022-07-02 11:15 - 2022-07-02 11:15 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\2d29d077c0675a126153f5bcd14af326\DEM.Graphics.I0906.ni.dll
2022-07-02 11:14 - 2022-07-02 11:14 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\4e25ba6269d779ed8dc28cbc9888ddde\DEM.Graphics.I0912.ni.dll
2022-07-02 11:15 - 2022-07-02 11:15 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\da52a944341599c1d7b06b911fb170c0\DEM.Graphics.I1010.ni.dll
2022-07-02 11:13 - 2022-07-02 11:13 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\66201be98652121ddb73497449a02ae3\Localization.Foundation.Private.ni.dll
2023-02-08 10:57 - 2023-02-08 10:57 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\812ca69edc5366ccb566a37b9581fd7d\ResourceManagement.Foundation.Implementation.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\3821182e28d25f555d0dca8dbfe69df3\ResourceManagement.Foundation.Private.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\47112e21f9e7897d6e3146bdab1e08e0\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\5e10d5af027e7f18a2199238911908ab\CLI.Caste.Graphics.Shared.ni.dll
2023-02-08 10:55 - 2023-02-08 10:55 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\3bd1f96427a16b00cef0e590beb06cc4\CLI.Caste.Graphics.Runtime.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 000335360 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\87f58c7363a1ef8ac308b878d9950196\Microsoft.WindowsAPICodePack.ni.dll
2023-02-08 10:54 - 2023-02-08 10:54 - 002546688 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\95fb6202bd7bf8e4c58e1b34c9020cf0\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\igorv\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Windows 11 Wallpaper 18.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "ccleaner_update_helper"
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E2E37EFC-C0D6-45BF-8798-4FE7A7E5C461}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4B0D9E5-2B6D-49F3-94C9-5C9291C4517C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49A65B66-3CAB-455A-9D77-CCE4F27C2BA7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A5F809E2-5668-4BFB-BD8F-FFE48AF64825}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6520AB54-3308-4D72-A69E-6DA3EBCBEAA5}] => (Allow) C:\Users\igorv\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{0A4C4E50-955E-4703-8467-FCD19125D849}] => (Allow) C:\Users\igorv\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A16B1232-C802-43D2-A61D-19B74A7C3F39}] => (Allow) C:\Users\igorv\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D921B843-F4A8-4591-94B0-518EE44EF42D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{9EA0E6CC-8B79-4CA8-BE94-0873FED99104}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A8CC7E57-0438-4208-B9C5-5E6159C13898}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AF26F163-09D8-4743-A91C-C6C1BCD939F5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A0AA3EB9-8AF0-44F0-B726-2C0CA0AF04B1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4BA7DA0F-72D5-4DAF-9B19-DE2BC6B39702}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\KM_TPR.exe () [File not signed]
FirewallRules: [{CD97DFAA-6D04-401D-936A-DF504C28FF73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\KM_TPR.exe () [File not signed]
FirewallRules: [{583C8364-38E5-4D33-B290-EB38C06A4A83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe () [File not signed]
FirewallRules: [{C6CE158E-8CCA-4033-B2B8-DE62F34C21AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe () [File not signed]
FirewallRules: [{E0ECD149-4DE5-4364-B0AB-F1DC290A3864}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ED89D01E-12A3-4217-A683-6160D1A3AEA5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

07-02-2023 17:11:12 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/09/2023 02:22:24 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Data (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (02/09/2023 02:22:23 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v WINDOWS (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (02/07/2023 05:30:57 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (02/07/2023 02:14:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: KM_TPR.exe, verzia: 0.0.0.0, časová značka: 0x3df36d52
Názov chybujúceho modulu: KM_TPR.exe, verzia: 0.0.0.0, časová značka: 0x3df36d52
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000e57f
Identifikácia chybujúceho procesu: 0xf3c
Čas spustenia chybujúcej aplikácie: 0x01d93af6084244ed
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\KM_TPR.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\KM_TPR.exe
Identifikácia hlásenia: 7ebc3bcf-36c6-4dd8-8e95-b9b6f5b96a52
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/05/2023 04:44:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Media.Player.exe version 11.2209.30.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 67c

Start Time: 01d9395ef00679e0

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2209.30.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe

Report Id: 1d9d4054-0ed7-4211-a192-a3951cea9cbd

Faulting package full name: Microsoft.ZuneMusic_11.2209.30.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.ZuneMusic

Hang type: Quiesce

Error: (02/04/2023 11:21:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Media.Player.exe version 11.2209.30.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1f24

Start Time: 01d9388265d16fac

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2209.30.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe

Report Id: 4d55042a-5b9d-46dc-94d6-ce792d41a9c5

Faulting package full name: Microsoft.ZuneMusic_11.2209.30.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.ZuneMusic

Hang type: Quiesce

Error: (02/03/2023 09:08:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: RuntimeBroker.exe, verzia: 10.0.19041.746, časová značka: 0x5b78739c
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.19041.2130, časová značka: 0xb5ced1c6
Kód výnimky: 0xc0000374
Odstup chyby: 0x00000000000ff6a9
Identifikácia chybujúceho procesu: 0x142c
Čas spustenia chybujúcej aplikácie: 0x01d9379ddb1dc8d8
Cesta chybujúcej aplikácie: C:\Windows\System32\RuntimeBroker.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: e0f5f30e-7ef4-4401-bfee-d96fbd9593f4
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: runtimebroker07f4358a809ac99a64a67c1

Error: (02/02/2023 06:02:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Data (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)


System errors:
=============
Error: (02/09/2023 10:36:44 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.

Error: (02/09/2023 10:37:11 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:55:07 on ‎9. ‎2. ‎2023 was unexpected.

Error: (02/08/2023 07:35:24 PM) (Source: googledrivefs3758) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (02/07/2023 10:05:45 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (02/07/2023 10:05:35 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (02/07/2023 10:05:04 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (02/07/2023 10:04:59 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (02/07/2023 09:30:59 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby DSDFunctionKeyCtlService bol dosiahnutý časový limit (30000 ms).


Windows Defender:
================
Date: 2023-02-10 19:03:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-09 18:55:15
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-08 17:32:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-06 17:55:44
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-04 18:11:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2023-02-08 19:23:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-12-24 12:45:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-12-07 19:24:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\67.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-11-13 15:35:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-11-05 18:04:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\65.0.4.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-10-16 15:12:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\59.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: INSYDE 1.40 05/17/2010
Motherboard: TOSHIBA Portable PC
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 65%
Total physical RAM: 3958.85 MB
Available physical RAM: 1359.46 MB
Total Virtual: 5491.98 MB
Available Virtual: 2014.39 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:296.96 GB) (Free:252.06 GB) (Model: TOSHIBA MK6465GSX) NTFS
Drive d: (Data) (Fixed) (Total:297.92 GB) (Free:296.62 GB) (Model: TOSHIBA MK6465GSX) NTFS
Drive g: (Google Drive) (Fixed) (Total:204 GB) (Free:202.81 GB) (Model: TOSHIBA MK6465GSX) FAT32

\\?\Volume{18c6abd2-0000-0000-0000-100000000000}\ (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.18 GB) NTFS
\\?\Volume{18c6abd2-0000-0000-0000-a0564a000000}\ () (Fixed) (Total:0.89 GB) (Free:0.3 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 18C6ABD2)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=297 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=915 MB) - (Type=27)
Partition 4: (Not Active) - (Size=297.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: FRSIT log z Windows 10 (2 posty)

#3 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2415662125-1334251306-1017844622-1001_Classes\CLSID\{32696747-d167-38ad-6e20-2fec78940514}\localserver32 -> "C:\Program Files\Microsoft PC Manager\MSPCManager.exe" -ToastActivated => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{6520AB54-3308-4D72-A69E-6DA3EBCBEAA5}] => (Allow) C:\Users\igorv\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{0A4C4E50-955E-4703-8467-FCD19125D849}] => (Allow) C:\Users\igorv\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A16B1232-C802-43D2-A61D-19B74A7C3F39}] => (Allow) C:\Users\igorv\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D921B843-F4A8-4591-94B0-518EE44EF42D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
Task: {8A04D2FF-1A11-428D-B9FA-AA379E4A25A1} - System32\Tasks\GoogleUpdateTaskMachineUA{A5FF526E-0839-42BD-8196-FCE1D6C6D732} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {ACA11C1B-FC37-4AD6-83E9-E1D06F6B018B} - System32\Tasks\GoogleUpdateTaskMachineCore{8F5C90FE-E2FF-4C5D-B1F6-73990ACFA8C9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)

EmptyTemp:
End
Uložte do C:\Users\igorv\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

5manager5
Návštěvník
Návštěvník
Příspěvky: 267
Registrován: 10 led 2009 21:21

Re: FRSIT log z Windows 10 (2 posty)

#4 Příspěvek od 5manager5 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
Ran by igorv (11-02-2023 15:58:45) Run:1
Running from C:\Users\igorv\Downloads
Loaded Profiles: igorv
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2415662125-1334251306-1017844622-1001_Classes\CLSID\{32696747-d167-38ad-6e20-2fec78940514}\localserver32 -> "C:\Program Files\Microsoft PC Manager\MSPCManager.exe" -ToastActivated => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{6520AB54-3308-4D72-A69E-6DA3EBCBEAA5}] => (Allow) C:\Users\igorv\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{0A4C4E50-955E-4703-8467-FCD19125D849}] => (Allow) C:\Users\igorv\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A16B1232-C802-43D2-A61D-19B74A7C3F39}] => (Allow) C:\Users\igorv\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D921B843-F4A8-4591-94B0-518EE44EF42D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
Task: {8A04D2FF-1A11-428D-B9FA-AA379E4A25A1} - System32\Tasks\GoogleUpdateTaskMachineUA{A5FF526E-0839-42BD-8196-FCE1D6C6D732} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {ACA11C1B-FC37-4AD6-83E9-E1D06F6B018B} - System32\Tasks\GoogleUpdateTaskMachineCore{8F5C90FE-E2FF-4C5D-B1F6-73990ACFA8C9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001_Classes\CLSID\{32696747-d167-38ad-6e20-2fec78940514} => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6520AB54-3308-4D72-A69E-6DA3EBCBEAA5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A4C4E50-955E-4703-8467-FCD19125D849}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A16B1232-C802-43D2-A61D-19B74A7C3F39}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D921B843-F4A8-4591-94B0-518EE44EF42D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A04D2FF-1A11-428D-B9FA-AA379E4A25A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A04D2FF-1A11-428D-B9FA-AA379E4A25A1}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{A5FF526E-0839-42BD-8196-FCE1D6C6D732} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{A5FF526E-0839-42BD-8196-FCE1D6C6D732}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ACA11C1B-FC37-4AD6-83E9-E1D06F6B018B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACA11C1B-FC37-4AD6-83E9-E1D06F6B018B}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{8F5C90FE-E2FF-4C5D-B1F6-73990ACFA8C9} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{8F5C90FE-E2FF-4C5D-B1F6-73990ACFA8C9}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 64690571 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 44993415 B
Windows/system/drivers => 254646325 B
Edge => 0 B
Chrome => 6047414 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7414 B
NetworkService => 483242 B
igorv => 26462407 B

RecycleBin => 0 B
EmptyTemp: => 380.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:59:46 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: FRSIT log z Windows 10 (2 posty)

#5 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

5manager5
Návštěvník
Návštěvník
Příspěvky: 267
Registrován: 10 led 2009 21:21

Re: FRSIT log z Windows 10 (2 posty)

#6 Příspěvek od 5manager5 »

ano, všetko je ok a dakujem :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: FRSIT log z Windows 10 (2 posty)

#7 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno