Noťas jako zpomalený film

Zpráva

666yorick · #1 Příspěvek od **666yorick** » 09 lis 2024 12:29

Zdravím, notebook jsem koupil před 5 lety, není to žádný zázrak, ale měl primárně sloužit pro kancelářské a studijní účely (Office, Chrome). Před několika týdny se něco stalo a ntb po naběhnutí systému musí dostat ještě několik minut v klidu, aby se dalo vůbec něco otevřít. Pak většinou následuje zdlouhavá "čistící" procedura laickými nástroji jako CCleaner nebo Wise Disk (Registry) Cleaner. Až poté se dá něco začít dělat, ale do ideálního stavu to má skutečně hodně daleko.

Moc prosím některého z místních odborníků o kontrolu logu.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2024
Ran by jiriw (09-11-2024 12:22:00)
Running from C:\Users\jiriw\Downloads
Windows 10 Version 22H2 19045.4894 (X64) (2020-09-28 15:44:41)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3874525921-3796214153-4028669373-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3874525921-3796214153-4028669373-503 - Limited - Disabled)
Guest (S-1-5-21-3874525921-3796214153-4028669373-501 - Limited - Disabled)
jiriw (S-1-5-21-3874525921-3796214153-4028669373-1001 - Administrator - Enabled) => C:\Users\jiriw
wawro (S-1-5-21-3874525921-3796214153-4028669373-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3874525921-3796214153-4028669373-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 24.08 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2408-000001000000}) (Version: 24.08.00.0 - Igor Pavlov)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601091}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2019.0504.1012.18360 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.08.01 - Advanced Micro Devices, Inc.)
AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 24.10.9535.2192 - Gen Digital Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Branding64 (HKLM\...\{7659552A-136F-4615-A9FA-3E3EF2CCA77C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.29 - Piriform)
f.lux (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Flux) (Version: 4.134 - f.lux Software LLC)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.1.0.52543 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 130.0.6723.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.47 - PandoraTV)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 130.0.2849.68 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 130.0.2849.56 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM\...\{90140000-0015-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM\...\{90140000-0016-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM\...\{90140000-00A1-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM\...\{90140000-001A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM\...\{90140000-0018-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM\...\{90140000-001F-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM\...\{90140000-001F-041B-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM\...\{90140000-002C-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM\...\{90140000-0019-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2010 (HKLM\...\{90140000-0043-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM\...\{90140000-006E-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM\...\{90140000-001B-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.25506 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040 (HKLM-x32\...\{5c6cccca-61ec-4667-a8d9-e133a59a5a73}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33816 (HKLM-x32\...\{4373d0b5-4457-4a80-bad9-029de8df097b}) (Version: 14.40.33816.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30040 (HKLM\...\{B3FA5A71-A9C3-42B3-B567-F92C163F3F5B}) (Version: 14.29.30040 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30040 (HKLM\...\{C56D2482-32F7-4CB7-AF41-4CC51EBCB17D}) (Version: 14.29.30040 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33816 (HKLM-x32\...\{0DF1D9F9-6038-4641-AB6D-13DD654758A7}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33816 (HKLM-x32\...\{D7A66DA5-B103-45C1-A0A7-736C08E2F464}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.31246 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0015-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0018-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0019-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001A-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0405-1000-0000000FF1CE}_Office14.SingleImage_{235F521F-C627-4957-A641-C4C161F78531}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.SingleImage_{EE3A99C9-FD8F-4923-9F82-27365DA4B873}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.SingleImage_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-041B-1000-0000000FF1CE}_Office14.SingleImage_{2E7C03CB-FE0A-4B95-BA37-742CD596760C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0405-1000-0000000FF1CE}_Office14.SingleImage_{FF4FCFC2-4935-49E4-B35E-5FCF7343412B}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0405-1000-0000000FF1CE}_Office14.SingleImage_{62E2481E-63BB-4481-A0CE-071D6D663B1B}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0405-1000-0000000FF1CE}_Office14.SingleImage_{BFFA0FE1-0823-4382-9DD3-49DA02375BBA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00A1-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Soldier of Fortune II: Double Helix (HKLM-x32\...\1228964594_is1) (Version: 1.03 - GOG.com)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
Wise Registry Cleaner (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 11.1.6 - Lespeed Technology Co., Ltd.)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Wondershare NativePush_is1) (Version: - )
yEd Graph Editor 3.22 (HKLM\...\3309-7404-0599-8908) (Version: 3.22 - yWorks GmbH)

Chrome apps:
============
Outlook (PWA) (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\a33183f59f01fcba2574c18bffd46f9d) (Version: 1.0 - Google\Chrome)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-10-26] ()
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [0000-00-00] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [0000-00-00] (Synaptics Incorporated)
Wifi Analyzer and Scanner -> C:\Program Files\WindowsApps\28877WebProvider.WifiAnalyzerandScanner_1.2.1.0_x64__gdrx0g078t8zg [0000-00-00] (WebProvider)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\jiriw\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\jiriw\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.25506\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-08-11] (Igor Pavlov)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-08-11] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-08-11] (Igor Pavlov)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-07-23 18:07 - 2024-07-23 18:07 - 002157568 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2024-05-19 10:49 - 2024-05-19 10:49 - 000500224 _____ () C:\Windows\ShellExperiences\TileControl.dll
2024-05-19 11:11 - 2024-05-19 11:11 - 000096256 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2024-05-19 11:02 - 2024-05-19 11:02 - 000433152 _____ () C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll
2024-10-17 19:01 - 2024-10-17 19:01 - 000456192 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\Search.Core.dll
2024-07-23 18:07 - 2024-07-23 18:07 - 002390528 _____ (Microsoft Corporation) C:\Windows\ShellComponents\WindowsInternal.ComposableShell.Experiences.Switcher.dll
2024-07-23 18:08 - 2024-07-23 18:08 - 000419328 _____ (Microsoft Corporation) C:\Windows\System32\AboveLockAppHost.dll
2024-05-19 11:12 - 2024-05-19 11:12 - 000274432 _____ (Microsoft Corporation) C:\Windows\System32\AccountAccessor.dll
2023-11-21 20:25 - 2023-11-21 20:25 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\AcLayers.DLL
2024-05-19 11:00 - 2024-05-19 11:00 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\System32\Actioncenter.dll
2024-07-23 18:06 - 2024-07-23 18:06 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\activationmanager.dll
2023-12-15 12:35 - 2023-12-15 12:35 - 000644608 _____ (Microsoft Corporation) C:\Windows\System32\ActXPrxy.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\AEPIC.dll
2024-05-19 11:12 - 2024-05-19 11:12 - 000072192 _____ (Microsoft Corporation) C:\Windows\System32\APHostClient.dll
2024-05-19 11:12 - 2024-05-19 11:12 - 000351232 _____ (Microsoft Corporation) c:\windows\system32\aphostservice.dll
2024-05-19 10:52 - 2024-05-19 10:52 - 000208896 _____ (Microsoft Corporation) C:\Windows\System32\AppExtension.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\apphelp.dll
2024-05-19 10:57 - 2024-05-19 10:57 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\System32\ApplicationFrame.dll
2024-05-19 10:48 - 2024-05-19 10:48 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppListBackupLauncher.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\System32\AppointmentActivation.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2023-11-21 20:11 - 2023-11-21 20:11 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\atlthunk.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BatMeter.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000067584 _____ (Microsoft Corporation) C:\Windows\System32\BitsProxy.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000202240 _____ (Microsoft Corporation) C:\Windows\System32\BluetoothApis.dll
2024-05-19 10:58 - 2024-05-19 10:58 - 000266752 _____ (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2024-05-19 10:55 - 2024-05-19 10:55 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2024-07-20 20:38 - 2024-07-20 20:38 - 000251904 _____ (Microsoft Corporation) C:\Windows\System32\CapabilityAccessManagerClient.dll
2024-09-14 08:54 - 2024-09-14 08:54 - 001028096 _____ (Microsoft Corporation) c:\windows\system32\cbdhsvc.dll
2024-09-14 08:59 - 2024-09-14 08:59 - 005040640 _____ (Microsoft Corporation) c:\windows\system32\cdp.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 001765376 _____ (Microsoft Corporation) C:\Windows\System32\cdprt.dll
2024-07-23 18:06 - 2024-07-23 18:06 - 000501760 _____ (Microsoft Corporation) c:\windows\system32\cdpusersvc.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000256000 _____ (Microsoft Corporation) C:\Windows\System32\CEMAPI.dll
2024-05-19 10:58 - 2024-05-19 10:58 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\cflapi.dll
2023-11-21 20:15 - 2023-11-21 20:15 - 000115200 _____ (Microsoft Corporation) C:\Windows\System32\cldapi.dll
2024-05-19 10:52 - 2024-05-19 10:52 - 000224768 _____ (Microsoft Corporation) C:\Windows\System32\ClipboardServer.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\System32\COMDLG32.dll
2024-09-14 08:50 - 2024-09-14 08:50 - 001592320 _____ (Microsoft Corporation) C:\Windows\System32\ConstraintIndex.Search.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000245760 _____ (Microsoft Corporation) C:\Windows\System32\container.dll
2024-05-19 11:02 - 2024-05-19 11:02 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\credui.dll
2024-09-14 08:47 - 2024-09-14 08:47 - 000468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2023-11-21 20:12 - 2023-11-21 20:12 - 000377856 _____ (Microsoft Corporation) C:\Windows\System32\CryptoWinRT.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\CRYPTUI.dll
2023-11-21 20:18 - 2023-11-21 20:18 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\cscapi.dll
2023-11-21 20:12 - 2023-11-21 20:12 - 004517376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcompiler_47.dll
2024-05-19 10:49 - 2024-05-19 10:49 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataexchange.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000706048 _____ (Microsoft Corporation) C:\Windows\System32\daxexec.dll
2024-05-19 10:58 - 2024-05-19 10:58 - 000194560 _____ (Microsoft Corporation) c:\windows\system32\dbgcore.DLL
2023-11-21 20:15 - 2023-11-21 20:15 - 001866240 _____ (Microsoft Corporation) c:\windows\system32\dbghelp.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DCIMAN32.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\ddraw.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\desktopshellext.dll
2024-02-15 21:44 - 2024-02-15 21:44 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\System32\DEVRTL.dll
2023-11-21 20:15 - 2023-11-21 20:15 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\dhcpcsvc.DLL
2023-11-21 20:15 - 2023-11-21 20:15 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\dhcpcsvc6.DLL
2024-05-19 10:55 - 2024-05-19 10:55 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2024-05-19 11:11 - 2024-05-19 11:11 - 000329728 _____ (Microsoft Corporation) C:\Windows\System32\dlnashext.dll
2024-09-14 08:50 - 2024-09-14 08:50 - 000112128 _____ (Microsoft Corporation) c:\windows\system32\DMCfgUtils.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmprocessxmlfiltered.dll
2023-11-21 20:12 - 2023-11-21 20:12 - 000111104 _____ (Microsoft Corporation) c:\windows\system32\dmxmlhelputils.dll
2023-11-21 20:15 - 2023-11-21 20:15 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\System32\DPAPI.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 001730048 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DUI70.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DUser.dll
2024-05-19 11:07 - 2024-05-19 11:07 - 000050688 _____ (Microsoft Corporation) C:\Windows\System32\dusmapi.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 002569216 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2024-05-19 11:08 - 2024-05-19 11:08 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxp.dll
2024-10-17 18:58 - 2024-10-17 18:58 - 026269696 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\edgehtml.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\edgeIso.dll
2024-10-17 18:58 - 2024-10-17 18:58 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\EdgeManager.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\edputil.dll
2024-05-19 11:02 - 2024-05-19 11:02 - 000887808 _____ (Microsoft Corporation) C:\Windows\System32\efswrt.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000209920 _____ (Microsoft Corporation) C:\Windows\System32\EhStorShell.dll
2023-11-21 20:17 - 2023-11-21 20:17 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\elscore.dll
2024-03-14 11:22 - 2024-03-14 11:22 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2024-09-14 08:48 - 2024-09-14 08:48 - 003314688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ESENT.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000193536 _____ (Microsoft Corporation) C:\Windows\System32\EthernetMediaManager.dll
2023-11-21 20:11 - 2023-11-21 20:11 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\execmodelproxy.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 002424832 _____ (Microsoft Corporation) C:\WINDOWS\system32\explorerframe.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000473088 _____ (Microsoft Corporation) C:\Windows\System32\fcon.dll
2024-04-15 21:45 - 2024-04-15 21:45 - 000592384 _____ (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\fontgroupsoverride.dll
2024-07-20 20:37 - 2024-07-20 20:37 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\System32\framedynos.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000205312 _____ (Microsoft Corporation) C:\Windows\System32\fwbase.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000300544 _____ (Microsoft Corporation) C:\Windows\System32\FWPolicyIOMgr.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\System32\fwpuclnt.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\gamestreamingext.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\globinputhost.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\System32\hcproviders.dll
2023-11-21 20:17 - 2023-11-21 20:17 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\HID.DLL
2024-05-19 11:11 - 2024-05-19 11:11 - 000849408 _____ (Microsoft Corporation) C:\Windows\System32\HolographicExtensions.dll
2024-09-14 08:54 - 2024-09-14 08:54 - 007770112 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\chakra.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\CHARTV.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\System32\IDStore.dll
2024-10-17 18:58 - 2024-10-17 18:58 - 007737344 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2024-10-17 18:58 - 2024-10-17 18:58 - 000957440 _____ (Microsoft Corporation) C:\Windows\System32\ieproxy.dll
2023-11-21 20:24 - 2023-11-21 20:24 - 000519168 _____ (Microsoft Corporation) C:\Windows\System32\imapi2.dll
2024-05-19 11:12 - 2024-05-19 11:12 - 000060928 _____ (Microsoft Corporation) c:\windows\system32\InprocLogger.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 000537600 _____ (Microsoft Corporation) C:\Windows\System32\InputSwitch.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000181248 _____ (Microsoft Corporation) C:\Windows\System32\LanguageComponentsInstaller.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\LINKINFO.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockcontroller.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\LPK.DLL
2024-05-19 11:12 - 2024-05-19 11:12 - 000177664 _____ (Microsoft Corporation) C:\Windows\System32\MCCSEngineShared.dll
2019-12-07 15:43 - 2019-12-06 17:35 - 000031744 _____ (Microsoft Corporation) c:\windows\system32\MCCSPal.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 001077760 _____ (Microsoft Corporation) c:\windows\system32\MessagingDataModel2.DLL
2023-11-21 20:28 - 2023-11-21 20:28 - 000581120 _____ (Microsoft Corporation) C:\Windows\System32\mfh264enc.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000297984 _____ (Microsoft Corporation) C:\Windows\System32\Microsoft.Bluetooth.Proxy.dll
2024-05-19 10:47 - 2024-05-19 10:47 - 000501248 _____ (Microsoft Corporation) c:\windows\system32\microsoft.bluetooth.userservice.dll
2024-09-14 08:47 - 2024-09-14 08:47 - 000576000 _____ (Microsoft Corporation) C:\Windows\System32\MicrosoftAccountWAMExtension.dll
2023-11-21 20:10 - 2023-11-21 20:10 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\midimap.dll
2023-11-21 20:18 - 2023-11-21 20:18 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\MLANG.dll
2023-11-21 20:13 - 2023-11-21 20:13 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\System32\MobileNetworking.dll
2024-05-19 10:49 - 2024-05-19 10:49 - 000488448 _____ (Microsoft Corporation) C:\Windows\System32\modernexecserver.dll
2023-11-21 20:10 - 2023-11-21 20:10 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2024-05-19 11:02 - 2024-05-19 11:02 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsCtfMonitor.dll
2024-05-19 10:49 - 2024-05-19 10:49 - 003423744 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\MsftEdit.dll
2024-09-14 08:54 - 2024-09-14 08:54 - 003353088 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\MSIMG32.dll
2019-12-07 10:09 - 2019-12-07 10:09 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimtf.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\msIso.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mskeyprotcli.dll
2023-11-21 20:12 - 2023-11-21 20:12 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\mskeyprotect.dll
2024-07-23 18:11 - 2024-07-23 18:11 - 000938496 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 002980352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2023-11-21 20:18 - 2023-11-21 20:18 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSUTB.dll
2023-11-21 20:17 - 2023-11-21 20:17 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\napinsp.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2024-05-19 11:01 - 2024-05-19 11:01 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\System32\netprofm.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkExplorer.dll
2024-05-19 11:12 - 2024-05-19 11:12 - 000128000 _____ (Microsoft Corporation) c:\windows\system32\NetworkHelper.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000427520 _____ (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.dll
2024-05-19 11:02 - 2024-05-19 11:02 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\System32\newdev.dll
2024-07-20 20:38 - 2024-07-20 20:38 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcksp.dll
2024-05-19 11:02 - 2024-05-19 11:02 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\NInput.dll
2024-03-14 11:23 - 2024-03-14 11:23 - 000097280 _____ (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2024-04-15 21:46 - 2024-04-15 21:46 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\System32\nlmproxy.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\System32\Normaliz.dll
2024-05-19 10:57 - 2024-05-19 10:57 - 001229824 _____ (Microsoft Corporation) C:\Windows\System32\NotificationController.dll
2024-05-19 10:57 - 2024-05-19 10:57 - 000391680 _____ (Microsoft Corporation) C:\Windows\System32\NotificationControllerPS.dll
2024-05-19 10:54 - 2024-05-19 10:54 - 000046080 _____ (Microsoft Corporation) C:\Windows\System32\NotificationPlatformComponent.dll
2024-04-15 21:46 - 2024-04-15 21:46 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\System32\npmproxy.dll
2024-05-19 10:54 - 2024-05-19 10:54 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\System32\npsm.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000489472 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\ntshrui.dll
2023-11-21 20:18 - 2023-11-21 20:18 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\OLEACC.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\ondemandconnroutehelper.dll
2024-07-23 18:06 - 2024-07-23 18:06 - 000502272 _____ (Microsoft Corporation) C:\Windows\System32\OneCoreCommonProxyStub.dll
2024-05-19 11:02 - 2024-05-19 11:02 - 002191360 _____ (Microsoft Corporation) C:\WINDOWS\System32\OpcServices.DLL
2024-05-19 10:52 - 2024-05-19 10:52 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateChangeHandler.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\pcacli.dll
2024-07-20 20:38 - 2024-07-20 20:38 - 000060416 _____ (Microsoft Corporation) C:\Windows\System32\PCShellCommonProxyStub.dll
2024-07-23 18:08 - 2024-07-23 18:08 - 000323584 _____ (Microsoft Corporation) C:\Windows\System32\pdh.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\System32\perfos.dll
2024-05-19 10:54 - 2024-05-19 10:54 - 000365056 _____ (Microsoft Corporation) C:\Windows\System32\PhoneUtil.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000196096 _____ (Microsoft Corporation) c:\windows\system32\pimindexmaintenance.dll
2023-11-21 20:13 - 2023-11-21 20:13 - 000063488 _____ (Microsoft Corporation) c:\windows\system32\PimIndexMaintenanceClient.DLL
2024-05-19 10:55 - 2024-05-19 10:55 - 000986112 _____ (Microsoft Corporation) C:\Windows\System32\PIMSTORE.dll
2023-11-21 20:10 - 2023-11-21 20:10 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\System32\PlaySndSrv.dll
2024-05-19 11:01 - 2024-05-19 11:01 - 002176512 _____ (Microsoft Corporation) C:\WINDOWS\System32\pnidui.dll
2023-11-21 20:26 - 2023-11-21 20:26 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpnsp.dll
2024-09-14 08:55 - 2024-09-14 08:55 - 000648704 _____ (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2024-09-14 08:55 - 2024-09-14 08:55 - 000186880 _____ (Microsoft Corporation) C:\Windows\System32\PortableDeviceTypes.dll
2023-11-21 20:13 - 2023-11-21 20:13 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\System32\POSyncServices.dll
2023-11-21 20:18 - 2023-11-21 20:18 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnfldr.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\query.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000582144 _____ (Microsoft Corporation) C:\Windows\System32\QuietHours.dll
2023-11-21 20:18 - 2023-11-21 20:18 - 000017408 _____ (Microsoft Corporation) C:\Windows\System32\rasadhlp.dll
2024-05-19 11:02 - 2024-05-19 11:02 - 001016320 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\RASAPI32.dll
2023-11-21 20:18 - 2023-11-21 20:18 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\rasman.dll
2023-11-21 20:18 - 2023-11-21 20:18 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\REGAPI.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000512512 _____ (Microsoft Corporation) C:\Windows\System32\RTMediaFrame.dll
2023-11-21 20:15 - 2023-11-21 20:15 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\System32\SAMCLI.DLL
2024-09-14 08:50 - 2024-09-14 08:50 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\System32\SAMLIB.dll
2024-05-19 11:02 - 2024-05-19 11:02 - 000229376 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2023-11-21 20:18 - 2023-11-21 20:18 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\Secur32.dll
2024-05-19 10:57 - 2024-05-19 10:57 - 000961536 _____ (Microsoft Corporation) C:\Windows\System32\SecurityHealthSSO.dll
2024-05-19 10:48 - 2024-05-19 10:48 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\SettingsEnvironment.Desktop.dll
2024-07-23 18:06 - 2024-07-23 18:06 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 001128960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2024-05-19 10:49 - 2024-05-19 10:49 - 001117696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2024-07-23 18:08 - 2024-07-23 18:08 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHDOCVW.dll
2024-09-14 08:46 - 2024-09-14 08:46 - 000927744 _____ (Microsoft Corporation) C:\Windows\System32\ShellCommonCommonProxyStub.dll
2024-05-19 10:49 - 2024-05-19 10:49 - 000176128 _____ (Microsoft Corporation) C:\Windows\System32\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShutdownUX.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.DLL
2023-11-21 20:16 - 2023-11-21 20:16 - 000146944 _____ (Microsoft Corporation) C:\Windows\System32\SLC.dll
2024-09-14 08:47 - 2024-09-14 08:47 - 000313344 _____ (Microsoft Corporation) C:\Windows\System32\smartscreenps.dll
2024-07-20 20:38 - 2024-07-20 20:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\SndVolSSO.DLL
2024-10-17 18:56 - 2024-10-17 18:56 - 005190656 _____ (Microsoft Corporation) C:\WINDOWS\System32\Speech_OneCore\Common\sapi_onecore.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000130048 _____ (Microsoft Corporation) C:\Windows\System32\sppc.dll
2024-05-19 11:02 - 2024-05-19 11:02 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\System32\srchadmin.dll
2024-07-23 18:07 - 2024-07-23 18:07 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\srpapi.dll
2024-07-23 18:06 - 2024-07-23 18:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2024-07-23 18:10 - 2024-07-23 18:10 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\System32\SyncCenter.dll
2024-05-19 11:12 - 2024-05-19 11:12 - 000616960 _____ (Microsoft Corporation) C:\Windows\System32\SyncController.dll
2019-12-07 10:09 - 2019-12-07 10:09 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Syncreg.dll
2024-05-19 11:12 - 2024-05-19 11:12 - 000388608 _____ (Microsoft Corporation) c:\windows\system32\SYNCUTIL.dll
2023-11-21 20:13 - 2023-11-21 20:13 - 000030208 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerClient.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 001543168 _____ (Microsoft Corporation) C:\Windows\System32\TaskFlowDataEngine.dll
2024-09-14 08:50 - 2024-09-14 08:50 - 001128960 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\tdh.dll
2024-05-19 10:48 - 2024-05-19 10:48 - 000208896 _____ (Microsoft Corporation) C:\Windows\System32\TetheringStation.dll
2023-11-21 20:12 - 2023-11-21 20:12 - 000067584 _____ (Microsoft Corporation) C:\Windows\System32\threadpoolwinrt.dll
2024-05-19 10:54 - 2024-05-19 10:54 - 000606720 _____ (Microsoft Corporation) C:\Windows\System32\TileDataRepository.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 003308032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TQUERY.DLL
2024-05-19 11:02 - 2024-05-19 11:02 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\TWINAPI.dll
2024-05-19 10:52 - 2024-05-19 10:52 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\System32\twinui.appcore.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 006343680 _____ (Microsoft Corporation) C:\Windows\System32\TwinUI.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 006969856 _____ (Microsoft Corporation) C:\Windows\System32\twinui.pcshell.dll
2024-05-19 10:52 - 2024-05-19 10:52 - 000637952 _____ (Microsoft Corporation) C:\Windows\System32\UiaManager.dll
2023-11-21 20:11 - 2023-11-21 20:11 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\System32\UIAnimation.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 003062784 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\UIAutomationCore.DLL
2019-12-07 10:10 - 2019-12-07 10:10 - 004080640 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2024-10-17 18:58 - 2024-10-17 18:58 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\System32\UnifiedConsent.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 001192448 _____ (Microsoft Corporation) c:\windows\system32\unistore.dll
2024-09-14 08:51 - 2024-09-14 08:51 - 001950208 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000044544 _____ (Microsoft Corporation) C:\Windows\System32\UserDataLanguageUtil.dll
2023-11-21 20:13 - 2023-11-21 20:13 - 000064512 _____ (Microsoft Corporation) c:\windows\system32\UserDataPlatformHelperUtil.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 001554944 _____ (Microsoft Corporation) c:\windows\system32\userdataservice.dll
2024-04-15 21:45 - 2024-04-15 21:45 - 000122880 _____ (Microsoft Corporation) C:\Windows\System32\UserDataTimeUtil.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000046592 _____ (Microsoft Corporation) C:\Windows\System32\UserDataTypeHelperUtil.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 000323584 _____ (Microsoft Corporation) C:\Windows\System32\usermgrproxy.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\USP10.dll
2024-07-20 20:40 - 2024-07-20 20:40 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000321536 _____ (Microsoft Corporation) C:\Windows\System32\vaultcli.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbem\wbemdisp.dll
2024-07-20 20:37 - 2024-07-20 20:37 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbem\wbemprox.dll
2024-07-20 20:37 - 2024-07-20 20:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbem\wmiutils.dll
2024-05-19 10:48 - 2024-05-19 10:48 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\wbemcomn.dll
2024-05-19 10:48 - 2024-05-19 10:48 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2023-11-21 20:15 - 2023-11-21 20:15 - 000595456 _____ (Microsoft Corporation) c:\windows\system32\webio.dll
2024-10-17 18:58 - 2024-10-17 18:58 - 001234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2024-05-19 11:08 - 2024-05-19 11:08 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\System32\werconcpl.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\winbio.dll
2024-09-14 08:50 - 2024-09-14 08:50 - 000437248 _____ (Microsoft Corporation) C:\Windows\System32\wincorlib.DLL
2024-05-19 10:55 - 2024-05-19 10:55 - 001681920 _____ (Microsoft Corporation) C:\Windows\System32\windowmanagement.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000122880 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2024-07-23 18:08 - 2024-07-23 18:08 - 000494080 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.LockScreen.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 002500096 _____ (Microsoft Corporation) C:\Windows\System32\Windows.CloudStore.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000861696 _____ (Microsoft Corporation) C:\Windows\System32\Windows.CloudStore.Schema.Shell.dll
2024-09-14 08:51 - 2024-09-14 08:51 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.cortana.Desktop.dll
2024-07-23 18:07 - 2024-07-23 18:07 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.cortana.onecore.dll
2024-07-23 18:07 - 2024-07-23 18:07 - 000135168 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Cortana.ProxyStub.dll
2024-07-23 18:07 - 2024-07-23 18:07 - 000536064 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Activities.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000218624 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Radios.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000199680 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Energy.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 000384512 _____ (Microsoft Corporation) C:\Windows\System32\Windows.FileExplorer.Common.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 001712128 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2023-11-21 20:11 - 2023-11-21 20:11 - 000062976 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.Fontgroups.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 000791040 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2024-09-14 08:46 - 2024-09-14 08:46 - 001065472 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Signals.dll
2024-09-14 08:46 - 2024-09-14 08:46 - 000258048 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.System.UserProfile.dll
2024-07-23 18:06 - 2024-07-23 18:06 - 000737280 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2023-11-21 20:12 - 2023-11-21 20:12 - 000215552 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.HostName.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 000975872 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2024-07-23 18:06 - 2024-07-23 18:06 - 001146368 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll
2024-07-23 18:07 - 2024-07-23 18:07 - 000326656 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Shell.BlueLightReduction.dll
2024-05-19 10:54 - 2024-05-19 10:54 - 000099840 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll
2024-07-23 18:06 - 2024-07-23 18:06 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2024-05-19 10:52 - 2024-05-19 10:52 - 000756736 _____ (Microsoft Corporation) C:\Windows\System32\Windows.System.Launcher.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 001040896 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Core.TextInput.dll
2024-05-19 11:00 - 2024-05-19 11:00 - 001256448 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2024-05-19 10:54 - 2024-05-19 10:54 - 001824256 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Input.Inking.dll
2024-05-19 11:12 - 2024-05-19 11:12 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\System32\Windows.UI.Shell.dll
2024-05-19 10:52 - 2024-05-19 10:52 - 004025344 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\Windows.UI.Xaml.Controls.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 017531904 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2024-05-19 10:52 - 2024-05-19 10:52 - 000775168 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Web.dll
2024-05-19 10:53 - 2024-05-19 10:53 - 001514496 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Web.Http.dll
2024-10-17 18:57 - 2024-10-17 18:57 - 003025408 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsudk.shellcommon.dll
2024-09-14 08:51 - 2024-09-14 08:51 - 005045760 _____ (Microsoft Corporation) C:\Windows\System32\WININET.dll
2023-11-21 20:16 - 2023-11-21 20:16 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\System32\winrnr.dll
2023-11-21 20:12 - 2023-11-21 20:12 - 000184832 _____ (Microsoft Corporation) C:\Windows\System32\WinRtTracing.dll
2024-07-23 18:06 - 2024-07-23 18:06 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\WINSPOOL.DRV
2019-12-07 10:08 - 2019-12-07 10:08 - 000822272 _____ (Microsoft Corporation) c:\windows\system32\WinSync.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000755712 _____ (Microsoft Corporation) C:\Windows\System32\WlanMediaManager.dll
2023-11-21 20:10 - 2023-11-21 20:10 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2024-05-19 10:52 - 2024-05-19 10:52 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\System32\wlidprov.dll
2023-11-21 20:09 - 2023-11-21 20:09 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMICLNT.dll
2024-05-19 11:09 - 2024-05-19 11:09 - 000230400 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersShell.dll
2024-09-14 08:56 - 2024-09-14 08:56 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshserviceobj.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 001401344 _____ (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000368640 _____ (Microsoft Corporation) C:\Windows\System32\wpnclient.dll
2024-07-23 18:07 - 2024-07-23 18:07 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\System32\wpncore.dll
2024-05-19 10:55 - 2024-05-19 10:55 - 000086016 _____ (Microsoft Corporation) c:\windows\system32\wpnuserservice.dll
2023-11-21 20:26 - 2023-11-21 20:26 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\System32\wscinterop.dll
2023-11-21 20:26 - 2023-11-21 20:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\System32\wscui.cpl
2023-11-21 20:14 - 2023-11-21 20:14 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\WSOCK32.dll
2024-05-19 10:58 - 2024-05-19 10:58 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\wuceffects.dll
2024-07-23 18:07 - 2024-07-23 18:07 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\zipfldr.dll
2024-10-17 19:01 - 2024-10-17 19:01 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\BingConfigurationClient.dll
2024-10-17 19:01 - 2024-10-17 19:01 - 008026112 _____ (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApi.dll
2024-10-17 18:56 - 2024-10-17 18:56 - 008470528 _____ (Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartUI.dll
2024-07-23 18:11 - 2024-07-23 18:11 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppListBackup.dll
2024-09-14 08:56 - 2024-09-14 08:56 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp.dll
2024-09-14 08:56 - 2024-09-14 08:56 - 001951744 _____ (Microsoft Corporation) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LayoutData.dll
2024-09-14 08:56 - 2024-09-14 08:56 - 012953600 _____ (Microsoft Corporation) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInput.dll
2024-07-23 17:34 - 2024-07-02 04:58 - 001709568 _____ (Microsoft Corporation) C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.4597_none_91a78020cc854124\gdiplus.dll
2023-10-18 13:12 - 2023-10-18 13:12 - 002260480 _____ (The ICU Project) C:\Windows\System32\icu.dll
2020-10-28 15:10 - 2020-10-28 15:10 - 000025088 _____ (The ICU Project) C:\WINDOWS\SYSTEM32\icuin.dll
2020-10-28 15:10 - 2020-10-28 15:10 - 000029696 _____ (The ICU Project) C:\WINDOWS\SYSTEM32\icuuc.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2024-11-04 19:59 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jiriw\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hc-ocelari-trinec-glitter-logo-extraliga-red-white-checkered-background-hockey-besthqwallpapers.com-1366x768.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtlS5Wake"
HKLM\...\StartupApproved\Run: => "Eraser"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Automount"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_365FAC3D1AA0D79EDC394B4C7015522A"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{40FF78BF-D6AA-4A2D-846C-E8B0304D7578}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{85A6C60E-1C61-4500-9FE9-365DCDB619C4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC7F17ED-6778-4B1D-99A3-BD4FFA84BA1D}] => (Allow) C:\Users\jiriw\Downloads\4ukeyforandroid.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{7FA9C714-F13D-488A-883C-90D550C3F343}] => (Allow) C:\Users\jiriw\Downloads\4ukeyforandroid.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{247D2EE0-BB8B-4025-9012-11DB9041CA9F}] => (Allow) C:\Users\jiriw\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [TCP Query User{DE237D69-AB97-407B-B5EC-A77B996EBBFF}C:\users\jiriw\downloads\anydesk.exe] => (Allow) C:\users\jiriw\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{25236B61-6F9D-4F95-B5D1-6C386E3DB9D5}C:\users\jiriw\downloads\anydesk.exe] => (Allow) C:\users\jiriw\downloads\anydesk.exe => No File
FirewallRules: [{32227D81-C0F4-4582-B031-368C59EF49E7}] => (Allow) LPort=5354
FirewallRules: [{6E161AF1-0A1B-4363-A0B7-BE7417A0F569}] => (Allow) LPort=5354
FirewallRules: [{5DD33789-FC37-45D3-891C-9D158D2187CD}] => (Allow) LPort=5354
FirewallRules: [{E80EC9A4-2DE0-4E14-A839-EAB0CE03BEB9}] => (Allow) LPort=5354
FirewallRules: [{7EBB1DD2-2825-419F-944A-C96CBEE1D73E}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{81BE0869-F7D8-4AA0-AA83-871AF3590628}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{55E91A5B-9F49-4F59-BDDF-5CCAA3D981F9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4788A415-6015-4120-86F5-9095D4842C45}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24277.3507.3205.5228_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80A2F626-5F28-494B-9878-4416EA26B886}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24277.3507.3205.5228_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9792FEF-1518-425A-969A-081C97712D07}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:464.95 GB) (Free:374.96 GB) (81%)
Could not list restore points
Check "winmgmt" service or repair WMI.

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Could not start eventlog service, could not read events.

N zev slu§by nenˇ platně.

Dalçˇ n povŘdu zˇsk te pýˇkazem NET HELPMSG 2185.

==================== Memory info ===========================

BIOS: Insyde F.51 05/31/2019
Motherboard: HP 8330
Processor: AMD A4-9120 RADEON R3, 4 COMPUTE CORES 2C+2G
Percentage of memory in use: 78%
Total physical RAM: 3981.68 MB
Available physical RAM: 857.35 MB
Total Virtual: 5581.68 MB
Available Virtual: 2257.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:464.95 GB) (Free:374.95 GB) NTFS

\\?\Volume{56d3a4a0-ec1e-4adf-86f5-3a5e91a9a165}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{fa4718fc-9e9e-4baf-b212-d72bebd5d17b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

#2 Příspěvek od **JaRon** » 09 lis 2024 13:26

Ahoj,
vloz este frst.txt kolega sa Ti potom na to pozrie

666yorick · #3 Příspěvek od **666yorick** » 09 lis 2024 14:37

JaRon píše: 09 lis 2024 13:26 Ahoj,
vloz este frst.txt kolega sa Ti potom na to pozrie

Ahoj, pokouším se, ale pří vkládání souboru mi naskakuje chybová hláška "Neplatná přípona souboru".

#4 Příspěvek od **Rudy** » 09 lis 2024 16:44

Zdravím!
Co takhle zkusit copy/paste? Zkopírujte sou z *.txt souboru a vložte ho sem.

666yorick · #5 Příspěvek od **666yorick** » 09 lis 2024 16:57

Asi úplně přesně nerozumím...to jsem přece udělal při zakládaní vlákna...? Nebo je vyžadován jiný typ logu?

#6 Příspěvek od **Rudy** » 09 lis 2024 17:59

Uděláte log FRST+Addition: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . Z obou souborů (frst.txt a addition txt) zkopírujete text se do fóra. Žádné ukládání souborů (nefunguje to zcela záměrně kromě archivů). Ze souboru text označíte a sem do pole odpovědi zkopírujete. Pak odešle. To je vše.Já pak logy zkontroluji a napíšim skript (fixlist.txt) který uložíte dom stejného adresáře, v němž máte uložen samotný FRST, FRST spustíte a kliknete na "fix". Proběhne mazání a vy do dalšího postu stejným způsobem zkopírujete text ze souboru fixlog.txt, který by se po skončení akce a restartu PC měl otevřít automaticky. Už je vám to jasné?

666yorick · #7 Příspěvek od **666yorick** » 09 lis 2024 18:16

Ano, teď už jsem to snad udělal správně. Děkuji Vám za osvětlení postupu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2024
Ran by jiriw (administrator) on LAPTOP-P4MHDA7I (HP HP Laptop 15-bw0xx) (09-11-2024 14:16:00)
Running from C:\Users\jiriw\Downloads\FRST64.exe
Loaded Profiles: jiriw
Platform: Microsoft Windows 10 Home Version 22H2 19045.4894 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\jiriw\AppData\Local\Microsoft\OneDrive\24.161.0811.0001\Microsoft.SharePoint.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\afwServ.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\SysInfoCap.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4950_none_7dd913727cb4d87c\TiWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [464200 2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jiriw\AppData\Local\Microsoft\Teams\Update.exe [2591816 2024-01-02] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [f.lux] => C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-02-22] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [MicrosoftEdgeAutoLaunch_365FAC3D1AA0D79EDC394B4C7015522A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3856464 2024-11-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\RunOnce: [Uninstall 19.232.1124.0010\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiriw\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64" [0 2024-11-09] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\RunOnce: [Uninstall 19.232.1124.0010] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jiriw\AppData\Local\Microsoft\OneDrive\19.232.1124.0010" [0 2024-11-09] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\130.0.6723.117\Installer\chrmstp.exe [2024-11-09] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3D065143-F2CD-4F2F-B517-283E9B6EBBA1} - no filepath. <==== ATTENTION
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - no filepath. <==== ATTENTION
Task: {4BAED784-1281-455F-9D3C-94BF6892E0C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {B2B12353-F819-46C2-81E6-D30533C9199D} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-05-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {7E758E8F-4B79-42FA-A724-32ACF9A6841F} - System32\Tasks\AVG\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5242696 2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {63721584-A458-4D38-AB19-5FEAD6455286} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [8224072 2024-10-08] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {20EDD5EB-6950-4601-9C12-1034EDE051C6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2024-01-25] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {1383683A-D871-4511-A559-EF5B15044F72} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {8CA4513C-AE0D-4DBC-8A55-68F047777FB4} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "99565d3c-3833-4296-afef-6e05b91ece96" --version "6.29.11342" --silent
Task: {10531612-8C1B-498F-AB40-1376AD5BE0D5} - System32\Tasks\CCleanerSkipUAC - jiriw => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {824A9CD0-CFC0-41BB-99B5-570FFE359CEF} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{A3BB9258-914F-4230-B195-763EB8E16389} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {718DF5A7-352B-4006-995A-8DD575483DAB} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {FFF7F9BE-0CF6-4310-B5A5-578F60D4584B} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-05-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {A7BC175F-E82C-48D9-80EA-AF284D95F186} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {2189A8D4-CBD8-4518-87A4-F24B7DB69C1B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [66952 2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {496A68B9-8971-460F-86CC-F1FCCD719485} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [11088792 2024-08-23] (Lespeed Technology Co., Ltd -> WiseCleaner.com) -> C:\Program Files (x86)\Wise\Wise Disk Cleaner\\$UAC

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3ca99e4d-a49c-44cf-b72a-5903f8d042a7}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3ca99e4d-a49c-44cf-b72a-5903f8d042a7}\262716E636: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{3ca99e4d-a49c-44cf-b72a-5903f8d042a7}\F423D294E6475627E65647D2132383: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4bc9a890-9a67-4c78-a7b6-a4fdefa5438d}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default [2024-11-09]
CHR Notifications: Default -> hxxps://cs.gov-civil-braga.pt; hxxps://nxejt.steambeard.top; hxxps://www.lidl.cz
CHR Extension: (Dokumenty Google offline) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-09]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-11-09]
CHR Extension: (Citace PRO) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2024-07-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Profile: C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\System Profile [2024-11-04]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [811848 2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [2415432 2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1258312 2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7286088 2024-10-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2024-01-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2022-10-25] (Wondershare Technology Group Co.,Ltd -> )
S4 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2363000 2021-09-24] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\AppHelperCap.exe [927840 2024-08-18] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\DiagsCap.exe [926200 2024-08-18] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\NetworkCap.exe [922216 2024-08-18] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_98792a9ca78941b9\x64\SysInfoCap.exe [927336 2024-08-18] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 NativePushService; C:\Users\jiriw\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [20536 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [233016 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [381496 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [294960 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [84536 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [27744 2024-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [28752 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [273976 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [550456 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [97848 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [69176 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [951352 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [1202232 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [203832 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [307256 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
U1 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-09 14:16 - 2024-11-09 14:18 - 000020524 _____ C:\Users\jiriw\Downloads\FRST.txt
2024-11-09 12:49 - 2024-11-09 12:49 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3874525921-3796214153-4028669373-1001
2024-11-09 12:49 - 2024-11-09 12:49 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3874525921-3796214153-4028669373-1001
2024-11-09 12:14 - 2024-11-09 12:14 - 000000000 ___HD C:\AVG sandbox
2024-11-09 12:12 - 2024-11-09 12:12 - 000000000 ____D C:\Users\jiriw\Downloads\FRST-OlderVersion
2024-11-04 19:50 - 2024-11-09 12:12 - 002400768 _____ (Farbar) C:\Users\jiriw\Downloads\FRST64.exe
2024-11-01 17:43 - 2024-11-01 17:43 - 000000000 ___HD C:\$WinREAgent
2024-10-31 09:39 - 2024-10-31 11:56 - 009663561 _____ C:\Users\jiriw\Downloads\Prezentace ZHN Daniela Musilová OO2S_REVIZE.pptx
2024-10-26 14:53 - 2024-10-26 14:53 - 000000000 ____D C:\Users\jiriw\AppData\LocalLow\Foxit
2024-10-26 14:49 - 2024-10-26 14:49 - 000000000 ____D C:\Users\Public\Foxit Software
2024-10-26 14:49 - 2024-10-26 14:49 - 000000000 ____D C:\ProgramData\Foxit Software
2024-10-26 14:48 - 2024-10-26 14:53 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Foxit Software
2024-10-26 14:48 - 2024-10-26 14:48 - 000001492 _____ C:\Users\Public\Desktop\Foxit PDF Reader.lnk
2024-10-26 14:48 - 2024-10-26 14:48 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Foxit AgentInformation
2024-10-26 14:48 - 2024-10-26 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2024-10-26 14:48 - 2024-10-26 14:48 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2024-10-26 14:47 - 2024-10-26 14:47 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2024-10-26 14:13 - 2024-10-26 14:14 - 001790024 _____ (Malwarebytes) C:\Users\jiriw\Desktop\JRT.exe
2024-10-26 14:03 - 2024-10-26 14:03 - 000000081 _____ C:\folders.txt
2024-10-26 14:03 - 2024-10-26 13:02 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2024-10-26 13:03 - 2024-10-26 13:54 - 000000000 ____D C:\zoek_backup
2024-10-26 13:01 - 2024-10-26 13:01 - 001302005 _____ C:\Users\jiriw\Desktop\zoek.rar
2024-10-26 12:17 - 2024-10-26 12:10 - 000315720 _____ (Gen Digital Inc.) C:\WINDOWS\system32\avgBoot.exe
2024-10-16 17:19 - 2024-10-16 17:19 - 000001754 _____ C:\Users\Public\Desktop\Soldier of Fortune II - Double Helix.lnk
2024-10-16 17:19 - 2024-10-16 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soldier of Fortune II - Double Helix [GOG.com]
2024-10-16 17:10 - 2024-10-16 17:10 - 000000000 ____D C:\Users\jiriw\Downloads\Soldier.of.Fortune.II.Double.Helix.Gold.Edition.v1.0.3
2024-10-16 16:42 - 2024-10-16 17:08 - 1192783260 _____ C:\Users\jiriw\Downloads\Soldier.of.Fortune.II.Double.Helix.Gold.Edition.v1.0.3.zip
2024-10-15 22:03 - 2024-10-15 22:03 - 000178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2024-10-15 21:46 - 2024-10-15 21:46 - 000000000 ____D C:\Program Files (x86)\THQ
2024-10-15 21:07 - 2024-10-15 21:07 - 000000632 _____ C:\WINDOWS\Sof2.INI
2024-10-15 16:42 - 2024-10-15 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos Interactive
2024-10-15 16:37 - 2024-10-15 16:37 - 000000000 ____D C:\Users\jiriw\AppData\Local\Disc_Soft_FZE_LLC
2024-10-15 16:32 - 2024-10-26 15:08 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Disc-Soft
2024-10-15 16:27 - 2024-10-26 15:08 - 000000000 ____D C:\ProgramData\Disc-Soft
2024-10-15 16:16 - 2024-10-15 16:16 - 000000000 ___HD C:\$AV_AVG

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-09 14:17 - 2021-05-16 14:03 - 000000000 ____D C:\FRST
2024-11-09 14:14 - 2020-09-28 16:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-09 13:59 - 2020-03-15 20:32 - 000000000 ____D C:\Users\jiriw\AppData\Local\D3DSCache
2024-11-09 13:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-09 13:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-09 13:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-11-09 13:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-09 13:00 - 2020-03-15 21:49 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Microsoft\Word
2024-11-09 12:50 - 2021-04-22 15:22 - 000000000 ____D C:\Program Files\CCleaner
2024-11-09 12:49 - 2020-09-28 16:21 - 000002372 _____ C:\Users\jiriw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-09 12:45 - 2022-01-02 22:55 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-11-09 12:45 - 2020-10-28 23:54 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-09 12:39 - 2024-05-19 09:03 - 000006305 _____ C:\Users\jiriw\AppData\Roaming\Types.lst
2024-11-09 12:39 - 2023-07-30 10:06 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Wise Disk Cleaner
2024-11-09 12:36 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-11-09 12:15 - 2020-10-28 23:54 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-09 12:15 - 2020-10-28 23:54 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-09 12:11 - 2020-05-01 15:48 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-04 20:16 - 2020-09-28 16:33 - 001851388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-04 20:16 - 2019-12-07 15:41 - 000755602 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-04 20:16 - 2019-12-07 15:41 - 000164076 _____ C:\WINDOWS\system32\perfc005.dat
2024-11-04 20:10 - 2024-01-25 18:10 - 000000000 ____D C:\ProgramData\AVG
2024-11-04 20:09 - 2022-10-07 10:32 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-11-04 20:09 - 2020-09-28 16:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-04 20:09 - 2020-09-28 16:15 - 000008192 ___SH C:\DumpStack.log.tmp
2024-11-04 20:07 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-11-04 20:07 - 2019-10-31 07:12 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2024-11-04 20:00 - 2020-03-30 12:27 - 000000000 ____D C:\Users\jiriw\AppData\LocalLow\Temp
2024-11-01 20:18 - 2024-01-31 09:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2024-11-01 20:18 - 2022-10-07 10:32 - 000002954 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-11-01 20:18 - 2022-04-03 11:51 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - jiriw
2024-11-01 20:18 - 2021-04-22 15:22 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-10-31 11:56 - 2020-03-25 09:56 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Microsoft\PowerPoint
2024-10-31 10:54 - 2020-03-15 20:36 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Microsoft\InputMethod
2024-10-31 09:44 - 2020-03-15 22:21 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Microsoft\Excel
2024-10-26 20:24 - 2020-09-28 16:21 - 000000000 ____D C:\Users\jiriw
2024-10-26 16:52 - 2020-09-28 16:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2024-10-26 14:53 - 2021-01-19 20:08 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-10-26 14:53 - 2020-03-15 22:30 - 000000000 ____D C:\ProgramData\Adobe
2024-10-26 14:50 - 2021-11-23 21:17 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-10-26 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2024-10-26 13:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2024-10-26 13:54 - 2020-03-25 10:13 - 000000000 ____D C:\Program Files (x86)\Wise
2024-10-26 12:17 - 2024-01-25 18:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2024-10-26 12:17 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-10-26 12:10 - 2024-01-25 18:14 - 001202232 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSP.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000951352 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000550456 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000381496 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000307256 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000294960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000273976 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000233016 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000097848 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000028752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2024-10-26 12:10 - 2024-01-25 18:14 - 000020536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2024-10-26 12:05 - 2019-12-07 10:03 - 099876864 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2024-10-26 12:05 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\DEFAULT.bak
2024-10-26 12:05 - 2019-12-07 10:03 - 000081920 _____ C:\WINDOWS\system32\config\SAM.bak
2024-10-26 12:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-10-26 12:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-10-26 12:02 - 2019-12-07 15:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-10-26 12:02 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-10-26 12:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-10-26 12:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-10-26 12:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-26 12:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-10-26 12:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-10-26 12:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-10-26 12:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-10-26 12:00 - 2020-10-23 07:12 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2024-10-26 12:00 - 2020-09-28 16:21 - 008175616 _____ C:\Users\jiriw\NTUSER.bak
2024-10-24 14:33 - 2020-03-15 20:27 - 000000000 ____D C:\Users\jiriw\AppData\Local\Packages
2024-10-19 18:10 - 2020-03-15 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2024-10-19 18:10 - 2020-03-15 20:59 - 000000000 ____D C:\Program Files\7-Zip
2024-10-19 18:07 - 2020-03-22 20:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-10-19 17:49 - 2020-03-22 20:31 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-10-19 17:46 - 2023-10-18 11:14 - 000000000 ____D C:\Program Files\RUXIM
2024-10-15 21:31 - 2020-03-17 16:42 - 000000000 ____D C:\KMPlayer
2024-10-15 15:10 - 2020-09-28 16:43 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories ========

2020-05-16 18:43 - 2020-05-16 18:43 - 000000080 _____ () C:\Users\jiriw\AppData\Roaming\debug.log
2024-05-19 09:03 - 2024-11-09 12:39 - 000006305 _____ () C:\Users\jiriw\AppData\Roaming\Types.lst
2021-07-21 18:26 - 2021-07-21 18:26 - 000004375 _____ () C:\Users\jiriw\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2024
Ran by jiriw (09-11-2024 14:25:23)
Running from C:\Users\jiriw\Downloads
Microsoft Windows 10 Home Version 22H2 19045.4894 (X64) (2020-09-28 15:44:41)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3874525921-3796214153-4028669373-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3874525921-3796214153-4028669373-503 - Limited - Disabled)
Guest (S-1-5-21-3874525921-3796214153-4028669373-501 - Limited - Disabled)
jiriw (S-1-5-21-3874525921-3796214153-4028669373-1001 - Administrator - Enabled) => C:\Users\jiriw
wawro (S-1-5-21-3874525921-3796214153-4028669373-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3874525921-3796214153-4028669373-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 24.08 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2408-000001000000}) (Version: 24.08.00.0 - Igor Pavlov)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601091}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2019.0504.1012.18360 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.08.01 - Advanced Micro Devices, Inc.)
AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 24.10.9535.2192 - Gen Digital Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Branding64 (HKLM\...\{7659552A-136F-4615-A9FA-3E3EF2CCA77C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.29 - Piriform)
f.lux (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Flux) (Version: 4.134 - f.lux Software LLC)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.1.0.52543 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 130.0.6723.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.47 - PandoraTV)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 130.0.2849.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 130.0.2849.56 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM\...\{90140000-0015-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM\...\{90140000-0016-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM\...\{90140000-00A1-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM\...\{90140000-001A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM\...\{90140000-0018-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM\...\{90140000-001F-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM\...\{90140000-001F-041B-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM\...\{90140000-002C-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM\...\{90140000-0019-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2010 (HKLM\...\{90140000-0043-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM\...\{90140000-006E-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM\...\{90140000-001B-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\OneDriveSetup.exe) (Version: 24.161.0811.0001 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.25702 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040 (HKLM-x32\...\{5c6cccca-61ec-4667-a8d9-e133a59a5a73}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33816 (HKLM-x32\...\{4373d0b5-4457-4a80-bad9-029de8df097b}) (Version: 14.40.33816.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30040 (HKLM\...\{B3FA5A71-A9C3-42B3-B567-F92C163F3F5B}) (Version: 14.29.30040 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30040 (HKLM\...\{C56D2482-32F7-4CB7-AF41-4CC51EBCB17D}) (Version: 14.29.30040 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33816 (HKLM-x32\...\{0DF1D9F9-6038-4641-AB6D-13DD654758A7}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33816 (HKLM-x32\...\{D7A66DA5-B103-45C1-A0A7-736C08E2F464}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.31246 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0015-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0018-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0019-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001A-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0405-1000-0000000FF1CE}_Office14.SingleImage_{235F521F-C627-4957-A641-C4C161F78531}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.SingleImage_{EE3A99C9-FD8F-4923-9F82-27365DA4B873}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.SingleImage_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-041B-1000-0000000FF1CE}_Office14.SingleImage_{2E7C03CB-FE0A-4B95-BA37-742CD596760C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0405-1000-0000000FF1CE}_Office14.SingleImage_{FF4FCFC2-4935-49E4-B35E-5FCF7343412B}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0405-1000-0000000FF1CE}_Office14.SingleImage_{62E2481E-63BB-4481-A0CE-071D6D663B1B}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0405-1000-0000000FF1CE}_Office14.SingleImage_{BFFA0FE1-0823-4382-9DD3-49DA02375BBA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00A1-0405-1000-0000000FF1CE}_Office14.SingleImage_{0D84952B-2B1D-459C-9173-D3B033D58C2F}) (Version: - Microsoft) Hidden
Soldier of Fortune II: Double Helix (HKLM-x32\...\1228964594_is1) (Version: 1.03 - GOG.com)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
Wise Registry Cleaner (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 11.1.6 - Lespeed Technology Co., Ltd.)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Wondershare NativePush_is1) (Version: - )
yEd Graph Editor 3.22 (HKLM\...\3309-7404-0599-8908) (Version: 3.22 - yWorks GmbH)

Chrome apps:
============
Outlook (PWA) (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\a33183f59f01fcba2574c18bffd46f9d) (Version: 1.0 - Google\Chrome)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-10-26] ()
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-19] (Microsoft Corporation)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-10-31] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-22] (Microsoft Corporation) [MS Ad]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-15] (Synaptics Incorporated)
Wifi Analyzer and Scanner -> C:\Program Files\WindowsApps\28877WebProvider.WifiAnalyzerandScanner_1.2.1.0_x64__gdrx0g078t8zg [2022-12-10] (WebProvider)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\jiriw\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\jiriw\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.25702\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-08-11] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-08-11] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-08-11] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-26] (AVG Technologies USA, LLC -> Gen Digital Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2024-11-04 19:59 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jiriw\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hc-ocelari-trinec-glitter-logo-extraliga-red-white-checkered-background-hockey-besthqwallpapers.com-1366x768.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: Realtek RTL8723DE 802.11b/g/n PCIe Adapter -> rtwlane.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtlS5Wake"
HKLM\...\StartupApproved\Run: => "Eraser"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Automount"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_365FAC3D1AA0D79EDC394B4C7015522A"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{40FF78BF-D6AA-4A2D-846C-E8B0304D7578}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{85A6C60E-1C61-4500-9FE9-365DCDB619C4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC7F17ED-6778-4B1D-99A3-BD4FFA84BA1D}] => (Allow) C:\Users\jiriw\Downloads\4ukeyforandroid.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{7FA9C714-F13D-488A-883C-90D550C3F343}] => (Allow) C:\Users\jiriw\Downloads\4ukeyforandroid.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{247D2EE0-BB8B-4025-9012-11DB9041CA9F}] => (Allow) C:\Users\jiriw\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [TCP Query User{DE237D69-AB97-407B-B5EC-A77B996EBBFF}C:\users\jiriw\downloads\anydesk.exe] => (Allow) C:\users\jiriw\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{25236B61-6F9D-4F95-B5D1-6C386E3DB9D5}C:\users\jiriw\downloads\anydesk.exe] => (Allow) C:\users\jiriw\downloads\anydesk.exe => No File
FirewallRules: [{32227D81-C0F4-4582-B031-368C59EF49E7}] => (Allow) LPort=5354
FirewallRules: [{6E161AF1-0A1B-4363-A0B7-BE7417A0F569}] => (Allow) LPort=5354
FirewallRules: [{5DD33789-FC37-45D3-891C-9D158D2187CD}] => (Allow) LPort=5354
FirewallRules: [{E80EC9A4-2DE0-4E14-A839-EAB0CE03BEB9}] => (Allow) LPort=5354
FirewallRules: [{7EBB1DD2-2825-419F-944A-C96CBEE1D73E}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{81BE0869-F7D8-4AA0-AA83-871AF3590628}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{55E91A5B-9F49-4F59-BDDF-5CCAA3D981F9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4788A415-6015-4120-86F5-9095D4842C45}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24277.3507.3205.5228_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80A2F626-5F28-494B-9878-4416EA26B886}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24277.3507.3205.5228_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9792FEF-1518-425A-969A-081C97712D07}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

26-10-2024 14:15:45 JRT Pre-Junkware Removal
26-10-2024 14:51:30 Removed Adobe Reader XI (11.0.23) - Czech.
26-10-2024 15:09:01 Removed Eraser 6.2.0.2992
26-10-2024 15:10:57 Removed Kontrola stavu osobního počítače s Windows
04-11-2024 21:38:12 Instalační služba modulů systému Windows
09-11-2024 12:29:49 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/09/2024 12:07:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.19041.4957 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3230

Čas spuštění: 01db3297561f8631

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

ID hlášení: bdac97a5-9732-49b1-84ef-ed485e35343f

Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.19041.4957_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (11/09/2024 12:06:58 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-P4MHDA7I$ přes https://AMD-KeyId-90e007e175574201a7a8d ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(35235ms)
Fáze: GetCACaps
Operace nebyla v požadované době dokončena. 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)

Error: (11/06/2024 04:07:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program svchost.exe verze 10.0.19041.4355 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: c34

Čas spuštění: 01db2eed0cf06be3

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\svchost.exe

ID hlášení: 969b8b23-8d7c-488e-a129-f16ee305054f

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (11/04/2024 09:29:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (7972,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\jiriw\AppData\Local\Microsoft\Windows\WebCache\V0100009.log došlo k chybě -1811 (0xfffff8ed).

Error: (11/04/2024 08:11:09 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-P4MHDA7I$ přes https://AMD-KeyId-90e007e175574201a7a8d ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(10672ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (11/04/2024 08:07:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (11/04/2024 08:07:03 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (11/04/2024 07:33:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WaaSMedicSvc, verze: 10.0.19041.4355, časové razítko: 0x9ce47784
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5007, časové razítko: 0x688f8c4b
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff3c9
ID chybujícího procesu: 0x1464
Čas spuštění chybující aplikace: 0x01db2c7579ffa086
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0c8ca48f-1d3a-4765-b259-054d0ddddaad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (11/09/2024 01:52:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070bc9): 2024-10 Kumulativní aktualizace pro Windows 10 Version 22H2 pro systémy typu x64 (KB5044273).

Error: (11/09/2024 12:05:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).

Error: (11/09/2024 12:05:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).

Error: (11/06/2024 04:07:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).

Error: (11/06/2024 04:06:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).

Error: (11/04/2024 08:12:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/04/2024 08:12:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (11/04/2024 08:07:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll

Windows Defender:
================
Date: 2022-10-20 12:09:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {80AB8985-8BA1-444F-BD3D-C7FFCDED48B5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-20 11:49:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E599AE96-86D3-4E93-8043-8A23D8C584E4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-20 11:32:40
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AD9C556A-BC9F-4455-8920-0B6547BE151D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-20 11:20:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1D55CCB9-7889-4B02-BECA-0715D9933CF2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-20 11:13:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {430F12EB-6EE5-40AF-9B13-2AF2E69712C6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-10-20 16:01:45
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\Users\jiriw\Downloads\avast_free_antivirus_setup_online.exe
Sha256: 2bdbbfb71596547b3295bb1199bd811d12eed1ac90e73745e879f6720cbc21cb
Aktuální verze bezpečnostních informací: AV: 1.377.531.0, AS: 1.377.531.0
Aktuální verze modulu: 1.1.19700.3
Kód chyby: 0x80071112

Date: 2022-10-15 10:45:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.377.118.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2022-10-07 11:54:18
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.375.1308.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19600.3
Kód chyby: 0x80246007
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2022-10-01 21:18:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.375.1308.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19600.3
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2022-10-01 21:18:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.375.1308.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19600.3
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

CodeIntegrity:
===============
Date: 2024-11-04 19:33:59
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.

Date: 2024-11-04 19:33:39
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2024-10-26 13:10:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.51 05/31/2019
Motherboard: HP 8330
Processor: AMD A4-9120 RADEON R3, 4 COMPUTE CORES 2C+2G
Percentage of memory in use: 78%
Total physical RAM: 3981.68 MB
Available physical RAM: 855.34 MB
Total Virtual: 5581.68 MB
Available Virtual: 1821.05 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:464.95 GB) (Free:366.44 GB) (Model: WDC WD5000LPCX-60VHAT1) NTFS

\\?\Volume{56d3a4a0-ec1e-4adf-86f5-3a5e91a9a165}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{fa4718fc-9e9e-4baf-b212-d72bebd5d17b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 496556BD)

Partition: GPT.

==================== End of Addition.txt =======================

#8 Příspěvek od **Rudy** » 09 lis 2024 19:02

Teď je to OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Otevřte poznámkový blok a zkopírujte do něj:
Task: {3D065143-F2CD-4F2F-B517-283E9B6EBBA1} - no filepath. <==== ATTENTION
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - no filepath. <==== ATTENTION
U1 avgbdisk; no ImagePath
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\jiriw\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> no filepath
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{247D2EE0-BB8B-4025-9012-11DB9041CA9F}] => (Allow) C:\Users\jiriw\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [TCP Query User{DE237D69-AB97-407B-B5EC-A77B996EBBFF}C:\users\jiriw\downloads\anydesk.exe] => (Allow) C:\users\jiriw\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{25236B61-6F9D-4F95-B5D1-6C386E3DB9D5}C:\users\jiriw\downloads\anydesk.exe] => (Allow) C:\users\jiriw\downloads\anydesk.exe => No File

EmptyTemp:

End

Uložte do C:\Users\jiriw\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

666yorick · #9 Příspěvek od **666yorick** » 09 lis 2024 19:37

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-11-2024
Ran by jiriw (09-11-2024 19:10:20) Run:2
Running from C:\Users\jiriw\Downloads
Loaded Profiles: jiriw
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {3D065143-F2CD-4F2F-B517-283E9B6EBBA1} - no filepath. <==== ATTENTION
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - no filepath. <==== ATTENTION
U1 avgbdisk; no ImagePath
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\jiriw\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> no filepath
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{247D2EE0-BB8B-4025-9012-11DB9041CA9F}] => (Allow) C:\Users\jiriw\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [TCP Query User{DE237D69-AB97-407B-B5EC-A77B996EBBFF}C:\users\jiriw\downloads\anydesk.exe] => (Allow) C:\users\jiriw\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{25236B61-6F9D-4F95-B5D1-6C386E3DB9D5}C:\users\jiriw\downloads\anydesk.exe] => (Allow) C:\users\jiriw\downloads\anydesk.exe => No File

EmptyTemp:
*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D065143-F2CD-4F2F-B517-283E9B6EBBA1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D065143-F2CD-4F2F-B517-283E9B6EBBA1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5100A477-348F-48CA-A0F9-BA0C7018AC24}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5100A477-348F-48CA-A0F9-BA0C7018AC24}" => removed successfully
HKLM\System\CurrentControlSet\Services\avgbdisk => could not remove, key could be protected
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000} => removed successfully
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{247D2EE0-BB8B-4025-9012-11DB9041CA9F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DE237D69-AB97-407B-B5EC-A77B996EBBFF}C:\users\jiriw\downloads\anydesk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{25236B61-6F9D-4F95-B5D1-6C386E3DB9D5}C:\users\jiriw\downloads\anydesk.exe" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 0 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 136 B
Edge => 0 B
Chrome => 146238091 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
jiriw => 37733512 B

RecycleBin => 70557 B
EmptyTemp: => 176.3 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-11-2024 19:34:35)

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\avgbdisk => could not remove, key could be protected

==== End of Fixlog 19:34:35 ====

#10 Příspěvek od **Rudy** » 09 lis 2024 19:45

Bylo smazáno. Zrychlil se chod PC?

666yorick · #11 Příspěvek od **666yorick** » 09 lis 2024 20:11

Rudy píše: 09 lis 2024 19:45 Bylo smazáno. Zrychlil se chod PC?

Řekl bych, že dost výrazně. Děkuji Vám mnohokráte, jste machr.

Ještě otázka závěrem: Jestliže by se v budoucnu příčiny zpomalení opakovaly, lze opakovaně využít stejný fixlist?

#12 Příspěvek od **Rudy** » 09 lis 2024 20:53

Tp jsem rád. Takhle to ale, bohužel nefunguje. Fixlist byl napsán pro tento případ. Příště to může zpomalovat něco úplně jiného. Fixlist můžete napsat jen tehdy, pokud se vyznáte v systému. V opačném případě si snadno můžete systém znefunkčnit. Pro běžné čištění PC od zbytečností pro laiky je CCleaner: https://www.ccleaner.com/cs-cz/ccleaner ... gLh1fD_BwE . Bohužel ale nevyčistí systém tak důkladně, jako předepsaným skriptem.

666yorick · #13 Příspěvek od **666yorick** » 09 lis 2024 21:01

Rudy píše: 09 lis 2024 20:53 Tp jsem rád. Takhle to ale, bohužel nefunguje. Fixlist byl napsán pro tento případ. Příště to může zpomalovat něco úplně jiného. Fixlist můžete napsat jen tehdy, pokud se vyznáte v systému. V opačném případě si snadno můžete systém znefunkčnit. Pro běžné čištění PC od zbytečností pro laiky je CCleaner: https://www.ccleaner.com/cs-cz/ccleaner ... gLh1fD_BwE . Bohužel ale nevyčistí systém tak důkladně, jako předepsaným skriptem.

Tušil jsem, že to tak snadné nebude, ale zeptat jsem se musel. Ještě jednou děkuji za pomoc a za bleskové řešení.

#14 Příspěvek od **Rudy** » 09 lis 2024 21:43

Rádo se stalo!

VIRY.CZ

Noťas jako zpomalený film

Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film

Re: Noťas jako zpomalený film