kontrola od Rudy

[5manager5]

Môžem poprosiť o kontrolu so zameraním na keylogger?

adwcleaner nenašiel nič

dakujem

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by igorv (administrator) on DESKTOP-AJTU3EA (TOSHIBA Satellite L650) (29-11-2023 20:24:24)
Running from C:\Users\igorv\Downloads\FRST64 (2).exe
Loaded Profiles: igorv
Platform: Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\81.0.5.0\crashpad_handler.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2309.6.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3684_none_7dfc270e7c9a3a0b\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1004790077-1547760064-1104730356-1001\...\Run: [MicrosoftEdgeAutoLaunch_12DCDEA817FD98234F2AB1F8B100D4B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896784 2023-11-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1004790077-1547760064-1104730356-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-24] (Google LLC -> Google, Inc.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {9ED0EA7C-7BEE-4AC5-9B59-1B5F203764C0} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\Windows\System32\unifiedconsent.dll [278016 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8F38661E-8A08-4E9A-B6F0-FC0F82A5AE86} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7BBE54AF-0598-427C-A7D6-94FC74A07456} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {883146D8-F3E8-4C80-912F-526F1E967934} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D0F93BB4-699C-4472-8BD7-1B7567CA2C85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {877341FC-C134-4CCB-9D7D-804EC924A76C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-14] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.248 1.1.1.1
Tcpip\..\Interfaces\{9306603b-70c3-40ea-8bd2-405eac491607}: [DhcpNameServer] 192.168.31.248 1.1.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-29]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
Edge Extension: (Edge relevant text changes) - C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-10-12]

Chrome:
=======
CHR HKU\S-1-5-21-1004790077-1547760064-1104730356-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe [718168 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
S2 DSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDTabSysSvc.exe [330136 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe [480144 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 dynabookSettingService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe [24153096 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dhotkey; C:\Windows\System32\drivers\dhotkey.sys [52736 2023-03-22] (Dynabook Inc. -> Dynabook Inc.)
R1 dsrvctldrv; C:\Windows\System32\drivers\dsrvctldrv.sys [30232 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\Windows\System32\drivers\DVALZ_O.SYS [47464 2022-07-17] (Dynabook Inc. -> Dynabook Inc.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-29 20:24 - 2023-11-29 20:25 - 000011036 _____ C:\Users\igorv\Downloads\FRST.txt
2023-11-29 20:04 - 2023-11-29 20:24 - 000000000 ____D C:\FRST
2023-11-29 20:04 - 2023-11-29 20:04 - 002383872 _____ (Farbar) C:\Users\igorv\Downloads\FRST64 (2).exe
2023-11-14 22:06 - 2023-11-14 22:06 - 000000000 ___HD C:\$WinREAgent
2023-11-06 15:58 - 2023-11-06 15:58 - 000000000 ____D C:\Users\igorv\AppData\Roaming\AnyDesk
2023-11-06 09:15 - 2023-11-06 09:15 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-29 20:20 - 2023-07-06 11:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-29 20:15 - 2023-07-06 11:48 - 000000000 ___SD C:\Users\igorv\AppData\Roaming\Microsoft\Credentials
2023-11-29 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-28 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-11-28 23:09 - 2023-07-06 11:33 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-28 23:09 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-25 22:54 - 2023-07-08 21:54 - 000000000 ____D C:\1
2023-11-24 10:05 - 2023-07-06 11:40 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-24 10:05 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-11-24 10:00 - 2023-07-06 11:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-24 10:00 - 2023-07-06 11:32 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-24 10:00 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-11-21 14:07 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-11-21 14:03 - 2023-07-06 11:32 - 000259760 _____ C:\Windows\system32\FNTCACHE.DAT
2023-11-21 14:01 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-21 14:01 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-21 14:01 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-11-14 22:34 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-11-14 22:33 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-11-14 22:32 - 2019-12-07 15:39 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-11-14 22:32 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-11-14 22:22 - 2023-07-06 11:35 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-14 21:32 - 2023-07-09 15:59 - 000000000 ____D C:\Windows\system32\MRT
2023-11-14 21:30 - 2023-07-09 15:59 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-10 15:06 - 2023-07-09 16:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-07 15:12 - 2023-07-06 11:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-11-04 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2023-10-30 19:17 - 2023-07-06 11:33 - 000003630 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-30 19:17 - 2023-07-06 11:33 - 000003506 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[5manager5]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by igorv (29-11-2023 20:28:14)
Running from C:\Users\igorv\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) (2023-07-06 10:36:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1004790077-1547760064-1104730356-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1004790077-1547760064-1104730356-503 - Limited - Disabled)
Guest (S-1-5-21-1004790077-1547760064-1104730356-501 - Limited - Disabled)
igorv (S-1-5-21-1004790077-1547760064-1104730356-1001 - Administrator - Enabled) => C:\Users\igorv
WDAGUtilityAccount (S-1-5-21-1004790077-1547760064-1104730356-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIDA64 Extreme v6.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.92 - FinalWire Ltd.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 81.0.5.0 - Google LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.93 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)

Packages:
=========
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1018.300_x64__8wekyb3d8bbwe [2023-10-29] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-09-03 11:43 - 2023-09-03 11:43 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\481ffab5232d1254e92b4e2c4e470c3e\A4.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\148c0b3431bb9eb8273207336081bfbe\AEM.Actions.CCAA.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\f1aa81cf97759f5d1d59fdfb7feaa8f9\AEM.Plugin.EEU.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\70f28493778d0e67698d628ea2376c7d\AEM.Plugin.Hotkeys.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\9f9687c706d22a70fb676264dd5537d7\AEM.Plugin.DPPE.Shared.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000315904 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\97ff049e800c754353d5b00a9b1cfc0f\AEM.Plugin.Source.Kit.Server.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\88737cd3439e6057b1ff9b5f1391c801\AEM.Plugin.WinMessages.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\433707a9d103ea4e53f5ef91a9277dfa\AEM.Plugin.REG.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\d3cfaedfbc789efad9981d6e03aeb43f\AEM.Plugin.GD.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\78dcc26b1eb2c71c3bb7811d002813b3\AEM.Server.Shared.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\39b1a2067dd59827c558f60f025d4e50\AEM.Server.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\ce91c2f062d7a2c5bfaecf569c1620f3\APM.Foundation.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\09a83f5026ac06a6d254117b19ee3b13\ATICCCom.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000203776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\e21ff9b83c6fc12617acab083cc2427b\CCC.Implementation.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\74819a52f620014692fb35c7f7787efe\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\e52f7c5a049d625afee950f00df092c5\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\b73b6d9a2470a21f03607799afe546b0\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\794c62afbd28d58d01605fdbed27a264\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2023-09-03 11:45 - 2023-09-03 11:45 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\beb1a4d88548e6332719b5a85b3ab6fb\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\9f691579579636d4ce36d3e80c8ff402\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\599c6ff42b8e6b823d9ef3d54d11868f\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\c2c8e6fdddc1ea71823310a67d045af5\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\f3f86b1537fd14618a789c833ca7a3c9\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\dd11a2ee1d66235180667750810df359\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\90d0b53f65741eab59303489cc2db276\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000364544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\16318c6925b33de6a1338d7c1bf1bad3\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\73e470460b2ef3e336a30798a3a738bf\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000677888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\6f5fae9759ba0e96767e2f1dbf7c7b3b\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000745984 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\de9e275c73d871c02188488ad0b28779\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\a7a0be71294c91b9bc7d4986fa8f90dd\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\bf40c069731935f46d124ce7327be077\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\5481889ae3e4ea891c40d718630f3571\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\6e2f7051afedb7fa2d93a85e95082fa4\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\3cdbc26e44a99fb54d3259d7d83c3adf\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\f7b5ea3eb14b4a5dbe55edc4e1474329\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\873924d0500d226cb383241446d97544\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\0c93a0ff5217dcaa78b1ba21acd5ec20\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\5b8b8621387c962ca46b8d5129e22897\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\eb456f0115c339383aafab61976657b4\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\b86c1d1fc903e85bd73724dc2a6bcfa3\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 003313664 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\d64b6cdd350315abed8e3e587ba9e0af\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\f0b5880da65a47a25cbc8be6937f5464\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2023-09-03 11:45 - 2023-09-03 11:45 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\5fc67e564cca847b093cce50e8d03674\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2023-09-03 11:45 - 2023-09-03 11:45 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\0355c46469110a7e16364c53a6f923d2\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\575983ebb8f8f465130664e5f547346f\CLI.Caste.A4.Runtime.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\1f232c46f6ebeaebeef3dc31b361ff65\CLI.Caste.A4.Shared.ni.dll
2023-10-28 11:43 - 2023-10-28 11:43 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\fe669f5f096682457447308b1b871f78\CLI.Caste.A4.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\37c4836a2cb1cc039594fefd65566430\CLI.Caste.Fuel.Shared.ni.dll
2023-09-03 12:05 - 2023-09-03 12:05 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\eeb1507a8234cc5a1b55a1dd16698ebe\CLI.Caste.Fuel.Runtime.ni.dll
2023-10-28 11:43 - 2023-10-28 11:43 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\469e91e0e8b2efb9cdcd28d855e11c72\CLI.Caste.Fuel.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\9d2d84387295d1ea0c9ed1aba20f06b0\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 001556480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\1a11830ccb1c725b8b7b06549e952149\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\daf11e9b601ac5557172562ce249ff6b\CLI.Caste.Graphics.Dashboard.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\39ab0e32960148069bc89c0362c80e3d\CLI.Caste.HydraVision.Runtime.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\d8876fe3fe13050f5bbb6201c4c123dc\CLI.Caste.HydraVision.Shared.ni.dll
2023-10-28 11:43 - 2023-10-28 11:43 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\e79974662f270088eebe4dd9ee79db5b\CLI.Caste.HydraVision.Dashboard.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\94608adb60c21e19633ce2596ce44e61\CLI.Caste.Platform.Shared.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\a4255fe3ad4485d225da85d8611025ac\CLI.Caste.Platform.Runtime.ni.dll
2023-10-28 11:43 - 2023-10-28 11:43 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\f9972a6c8d988ada9863722ae76aa12a\CLI.Caste.Platform.Dashboard.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\fdbe7c1dbbee2f2ca8c812da5455ffe5\CLI.Component.Runtime.Shared.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\1f3dfd2848fced58908b67834c1fd49c\CLI.Component.Systemtray.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\f39e8f09372995516af50fa875adff03\CLI.Component.Dashboard.ProfileManager2.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\32f935aa27a3335dfbcafd328225655e\CLI.Component.Runtime.Shared.Private.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\8631c248d557ed68eb0093ba23d73762\CLI.Component.Runtime.Extension.EEU.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\d77a07957556a3d9b623bda60aedec2b\CLI.Component.Dashboard.Shared.Private.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\04f954006faaffcfabdfcf7985e50759\CLI.Component.Client.Shared.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\5f2a362b97f3c1d083ebc8cb5a51da3f\CLI.Component.Dashboard.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\183079995032e8cbcedda1b9f46ff5b9\CLI.Foundation.Private.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\69cd35b7f248c256bfa07db79865ccd2\CLI.Foundation.XManifest.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\e669b554abf8ac526294f5b38062b74f\CLI.Foundation.CoreAudioAPI.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 001080320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\ca6f57cd1ed98aa43941d424ca9ad84d\CLI.Foundation.Client.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\bb150fb8254c7702a3ce1d702b9ee027\CLI.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\7452095f8ae4958faa06a27a798e888b\DEM.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\5366429cee88f11debbc72f3d9d0ba44\DEM.Graphics.I0601.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\fd515db4fe1d24647e3e73e4924a78e2\DEM.Graphics.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\2b0838ff37a991812a212f5c7fbaa965\Fuel.Foundation.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000297472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\ba74ec66405c721ea90669b2c60ccb6c\LOG.Foundation.Implementation.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\6dda88337122d5425acb5599842adb77\LOG.Foundation.Private.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\539eaaeb20f83855c030870b76eda7de\LOG.Foundation.Implementation.Private.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\e72e3134ec5e2d3d99d28ab87cf38a9a\LOG.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\641553296904fee8092e40b7d91ad9c5\MOM.Foundation.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000402432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\c62f6f049d0d34ee0d24ac877abbae96\MOM.Implementation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\bb7e855917ce8469a0a1891ab2ba975c\NEWAEM.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\e580a5ccc646df4dc2eaa6e81e139fe6\ADL.Foundation.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\e907c129e0636143bca779f3049192e1\APM.Server.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\8172c3594beff61d53e738a7b71703cc\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\c927d74e9d664effd3fb993ee9d6602c\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\b7db85121993b31e3937f245840e63d4\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 008028160 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\7ea5f35a10c4635247ce717272cee867\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 001160192 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\6b7c6212edc3195d41aba84c7830309e\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\39f3ef970e2d00b8bb2865dda147fe3a\CLI.Component.Client.Shared.Private.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000235008 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\d84b454d53526566d8f0e4ad0fbe65e1\CLI.Component.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\67bc8fff449fa94976c39be26c5ce967\CLI.Component.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\8a2485e5b161b1422e82ec86c0316a55\DEM.Graphics.I0706.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\c721ba5b66a059d9a82d5b07f3162ab8\DEM.Graphics.I0709.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\b17d04bcda14f6455cc104ee9783c9c5\DEM.Graphics.I0712.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\16dde392ebdd22bd55aa93f66bc22843\DEM.Graphics.I0804.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\f4c2a9208b4b95ec74656407206fa260\DEM.Graphics.I0805.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\d8148a0e5542279acc32f7c685e64748\DEM.Graphics.I0812.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\d15cdcd4953024ffa327fba2b4acc841\DEM.Graphics.I0906.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\0ca62694d5afc8dad4740afd4f565792\DEM.Graphics.I0912.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\476d401f42da64616ccb8b009a9231ec\DEM.Graphics.I1010.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\6682ab50c98f3f1dc1ff64845f8f9ba1\Localization.Foundation.Private.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\eb0c7188342b00921b2fecfee2b1e629\ResourceManagement.Foundation.Implementation.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\ee600ecb40f828fc86b041fc6cb11d07\ResourceManagement.Foundation.Private.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\710b3d0df4860447f5487af3df745bed\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\7acaffd7089ff7c1e86a44fcc2b53548\CLI.Caste.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 003267584 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\431a4c0a70df6c335d475497bb3456b7\CLI.Caste.Graphics.Runtime.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000335360 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\6b543036388ea8365f269b7850503400\Microsoft.WindowsAPICodePack.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 002582016 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\9a84d0b56645252138633d0530985e45\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1004790077-1547760064-1104730356-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.31.248 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A76EF311-ABA3-4489-9757-8B39037489FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02A8B2B5-A375-4AED-9D4A-BC60C50DB8F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F3ED212-531F-40D5-A446-F476DCCA6EA8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2BD24D38-8285-4833-BE8C-02EE83FBE490}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DA99FCC-9E19-4534-AEAE-5C85F33631C0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

14-11-2023 22:08:31 Inštalátor modulov systému Windows
23-11-2023 12:50:34 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/23/2023 09:30:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (11/21/2023 02:00:26 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 12:54:02 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 12:52:34 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 11:36:29 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 10:59:54 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 10:59:39 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 10:54:33 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed


System errors:
=============
Error: (11/23/2023 09:42:21 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Delivery Optimization sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (11/23/2023 09:30:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.YourPhone_1.23092.158.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca did not register with DCOM within the required timeout.

Error: (11/23/2023 09:30:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.People_10.2202.33.0_x64__8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXk8n013897y2z89d7v08qtryawtj0p3jg.mca did not register with DCOM within the required timeout.

Error: (11/23/2023 09:30:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.YourPhone_1.23092.158.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca did not register with DCOM within the required timeout.

Error: (11/23/2023 11:14:45 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (11/22/2023 10:30:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.

Error: (11/20/2023 10:46:20 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-AJTU3EA)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.3570.0_neutral__8wekyb3d8bbwe!MicrosoftEdge as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/13/2023 11:09:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.3570.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2023-11-29 15:24:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-11-28 18:10:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-11-27 16:49:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-11-26 15:37:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-11-25 15:36:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2023-11-23 21:42:05
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.401.1056.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23100.2009
Error code: 0x80240022
Error description: Program nemôže skontrolovať aktualizácie definícií.

Date: 2023-11-23 21:42:05
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.401.1056.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23100.2009
Error code: 0x80240022
Error description: Program nemôže skontrolovať aktualizácie definícií.

Date: 2023-10-05 13:25:17
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007041d
Error description: The service did not respond to the start or control request in a timely fashion.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the device.

Date: 2023-09-12 16:15:24
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: Vyskytol sa neočakávaný problém. Nainštalujte všetky dostupné aktualizácie a potom znova skúste spustiť program. Informácie o inštalácii programov nájdete v Pomoci a technickej podpore.
Security intelligence Version: 1.397.829.0;1.397.829.0
Engine Version: 1.1.23080.2005

CodeIntegrity:
===============
Date: 2023-09-13 16:28:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-08-24 22:56:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\79.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-08-03 19:18:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\78.0.1.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-07-15 13:17:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\77.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: INSYDE 1.40 05/17/2010
Motherboard: TOSHIBA Portable PC
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 74%
Total physical RAM: 3958.85 MB
Available physical RAM: 1028.26 MB
Total Virtual: 6137.38 MB
Available Virtual: 2398.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.32 GB) (Free:187.39 GB) (Model: Samsung SSD 870 EVO 250GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:19 GB) (Free:17.85 GB) (Model: Samsung SSD 870 EVO 250GB) FAT32

\\?\Volume{73d0d787-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{73d0d787-0000-0000-0000-e0173a000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 73D0D787)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=523 MB) - (Type=27)

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[5manager5]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-29-2023
# Duration: 00:00:09
# OS: Windows 10 (Build 19045.3693)
# Scanned: 32093
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:

EmptyTemp:
End

Uložte do C:\Users\igorv\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Pokud nebude keylogger v dočasných adresářích, v PC není.

[5manager5]

je to ok?

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by igorv (29-11-2023 22:02:51) Run:1
Running from C:\Users\igorv\Downloads
Loaded Profiles: igorv
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

EmptyTemp:
End
*****************

Processes closed successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22281386 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1414871 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 48052 B
igorv => 24098416 B

RecycleBin => 0 B
EmptyTemp: => 47.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:03:01 ====

[Rudy]

Je. Těch dočasných souborů nebylo mnoho. Keylogger pravděpodobně mezi nimi nebyl. Nebo máte nějaké příznak jeho přítomnosti?

[5manager5]

nie, bude to asi ok

ale ina vec sa stala rano, vyskočila BSOD...ako pozriem čo to bolo? ale vyskočila pri prechode do spanku notebooku, tipujem, že nič važne ale pre istotu

[Rudy]

OK. Otevřte adresář c:\windows\minidump a pokud jsou v něm nějaké soubory, zabalte je do raru a přiložte k vašemu příštímu postu.

[5manager5]

sú tam 2 súbory, skúšam ich zabaliť winrarom, no píše, že prístup bol zamietnutý

[Rudy]

Zkuste soubory někam zkopírovat a pak zabalit. Případně použijte nouz. režim.

[5manager5]

zkopíroval som ich na plochu či do zložky, nejde to...ako to urobím v núdzovom režime?

[Rudy]

Nastartujete do nouz. režimu a pak najdezte znovu ty soubory a provedete totéž.

[5manager5]

a ako sa do neho dostanem? pri nabehovaní systému stlačiť F8?

[Rudy]

Bože můj, ve neznáte ani vlastní oper systém! https://support.microsoft.com/cs-cz/win ... e0e6a5e4dc .