Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2024
Ran by Rudolf (administrator) on RUDOLF (MSI MS-7758) (21-11-2024 08:38:33)
Running from C:\Users\Rudolf\Desktop\FRST64.exe
Loaded Profiles: Rudolf
Platform: Microsoft Windows 11 Pro Version 24H2 26100.2314 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Users\Rudolf\AppData\Roaming\utorrent\updates\3.6.0_47162\utorrentie.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.51\msedgewebview2.exe <7>
(C:\Users\Rudolf\AppData\Roaming\utorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Rudolf\AppData\Roaming\utorrent\helper\helper.exe
(C:\Users\Rudolf\AppData\Roaming\utorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Rudolf\AppData\Roaming\utorrent\updates\3.6.0_47162\utorrentie.exe <2>
(DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atieclxx.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Limited) C:\Users\Rudolf\AppData\Roaming\utorrent\uTorrent.exe
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe <6>
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24101.35.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1185688 2023-11-30] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-08-19] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [MicrosoftEdgeAutoLaunch_5F787EB8F6C2739B29BBA49ECA2958CD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911248 2024-11-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919312 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4412512 2024-11-12] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [22365592 2024-10-28] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\RunOnce: [StartRSX] => C:\Program Files\AMD\CNext\CNext\LauncherRSXRuntime.exe [71384 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.85\Installer\chrmstp.exe [2024-11-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {5EA933FF-AB1D-457F-80C0-797BE1F81394} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {1964F134-CE2A-4EDC-A6D0-3F80BCF88534} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe [3262168 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {7A034DBC-3566-4238-991C-B75C08A62EC8} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {2E2FE82B-18D9-4EF3-A922-D822B618AE98} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {BC50A4FD-060E-4BB9-A0AA-DEB034DCA866} - System32\Tasks\CLToast => "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -UpdateSchedule (No File)
Task: {D1DEABF4-5DB0-4AA4-9444-9AAA2D896AE0} - System32\Tasks\CLToastRun => "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -UpdateScheduleRun (No File)
Task: {4F79FE6A-FA8D-4273-8780-E06BA56AACD7} - System32\Tasks\FanControl => FanControl.exe (No File) <==== ATTENTION
Task: {D0277FA8-C99F-434A-9741-F633346040C9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{20DCF27E-BA7B-41F1-91A5-038A09C12CF5} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {3D5AFD41-625C-4EF2-BF12-B96B0D90C339} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-08-19] (Adobe Inc. -> Adobe Inc.)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {2515065A-BC8F-4C56-9CB5-B23979918539} - System32\Tasks\Microsoft\Windows\UPnP\Microsoft UPnP Manager1 => C:\Intel\e.vbs [279 2017-07-04] () [File not signed]
Task: {242C6E84-CB11-4D77-AD3F-BE0E57F31319} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {596B9844-5213-4449-AA3A-82FD1D8F4B85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A631C10-651D-489D-8EBE-72178632E984} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {242A8E91-D9B9-4C63-8204-AD206742D6F8} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {112812BA-A756-4819-821C-CF21413DF697} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209176 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DDD3949-141C-40C4-9B99-9E46ED5DA18E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3168977616-3566821354-2173195585-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209176 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB5ABA1C-676F-4E06-BDFC-20E632E2BCAA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {AB9382CF-BF73-4994-A36B-8EAED9BEDA23} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {FC37401D-36C8-44AC-9499-AA4C5ACDF819} - System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{0320c474-f793-40bf-88c8-45e59b26ce1a}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip\..\Interfaces\{0320c474-f793-40bf-88c8-45e59b26ce1a}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{0320c474-f793-40bf-88c8-45e59b26ce1a}: [DhcpDomain] home
Tcpip\..\Interfaces\{39a14baa-0ebe-11ef-83d7-806e6f6e6963}: [NameServer] 1.1.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-21]
Edge DownloadDir: Default -> E:\Downloads
Edge HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
Edge StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... oogle.com/"
Edge Extension: (Video Player) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bobjnignhcpkfnjcgegmdjijonimcmke [2024-07-31]
Edge Extension: (Send to Kindle pro Google Chrome™) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-05-10]
Edge Extension: (Ruffle - Flash Emulator) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\donbcfbmhbcapadipfkeojnmajbakjdc [2024-11-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-22]
Edge Extension: (No Name) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2024-10-22]
Edge Extension: (Dark Reader) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2024-10-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-10]
Edge Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2024-11-20]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-11-19]
Edge Extension: (Blokátor reklam AdGuard) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2024-10-24]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default [2024-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-11]
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-11-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-11-14]
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\System Profile [2024-11-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 dg; C:\Intel\dg.exe [1205932892 2017-07-04] () [File not signed] <==== ATTENTION
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2024-06-03] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [381416 2024-04-23] (Epic Games Inc. -> Epic Games, Inc.)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncHelper.exe [3525136 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11712920 2024-10-28] (Logitech Inc -> Logitech, Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe [11177064 2024-10-24] (Logitech Inc -> Logitech, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.186.0915.0004\OneDriveUpdaterService.exe [3869200 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 aehd; C:\WINDOWS\system32\DRIVERS\aehd.sys [403080 2024-06-25] (Google LLC -> Google LLC)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys [113880 2024-05-10] (Advanced Micro Devices -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\amdkmdag.sys [106596128 2024-09-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2023-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [226560 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\hw_cdcacm.sys [127360 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140744 2024-10-24] (Microsoft Windows -> Microsoft Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-10-28] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2024-10-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-10-28] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray.sys [89192 2024-10-24] (Logitech Inc -> Logitech, Inc.)
R3 MpKslb995faa3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B0E2663F-820E-4A5A-A445-C858E2D93A6B}\MpKslDrv.sys [267552 2024-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-07-09] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-21 08:38 - 2024-11-21 08:39 - 000021735 _____ C:\Users\Rudolf\Desktop\FRST.txt
2024-11-21 08:38 - 2024-11-21 08:38 - 002402816 _____ (Farbar) C:\Users\Rudolf\Desktop\FRST64.exe
2024-11-21 06:49 - 2024-11-21 06:49 - 000000000 ____D C:\Users\Rudolf\AppData\LocalLow\AMD
2024-11-21 06:45 - 2024-11-21 06:45 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2024-11-21 06:45 - 2024-11-21 06:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2024-11-21 06:45 - 2024-11-21 06:45 - 000003102 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-11-21 06:45 - 2024-11-21 06:45 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-11-21 06:45 - 2024-11-21 06:45 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2024-11-21 06:45 - 2024-11-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2024-11-21 06:45 - 2024-11-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2024-11-21 06:44 - 2024-11-21 06:44 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-21 06:44 - 2024-11-21 06:44 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2024-11-21 06:44 - 2024-11-21 06:44 - 000003502 _____ C:\WINDOWS\system32\Tasks\AMDInstallUEP
2024-11-21 06:44 - 2024-09-04 08:44 - 002100128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 001617824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 001617824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000978336 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000856864 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000856864 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000737696 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000737696 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000682400 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000610720 _____ C:\WINDOWS\system32\GameManager64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000537504 _____ C:\WINDOWS\system32\atieah64.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000504088 _____ C:\WINDOWS\system32\EEURestart.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000473480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000464288 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000406408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000267168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000229280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000211128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000207776 _____ C:\WINDOWS\system32\mantle64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000196512 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000186656 _____ C:\WINDOWS\system32\mantleaxl64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000184608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000174944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000165792 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000149280 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000148896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000142624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000075176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2024-11-21 06:44 - 2024-09-04 08:43 - 000139168 _____ C:\WINDOWS\system32\amdxc64.dll
2024-11-21 06:44 - 2024-09-04 08:43 - 000118560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2024-11-21 06:44 - 2024-09-04 08:43 - 000115104 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 001736464 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 001412064 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000167552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000157536 _____ C:\WINDOWS\system32\atidxx64.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000138616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000131136 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2024-11-21 06:44 - 2024-09-04 07:57 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2024-11-21 06:44 - 2024-09-04 07:57 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2024-11-21 06:44 - 2024-09-04 07:57 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2024-11-21 06:44 - 2024-09-04 07:57 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2024-11-21 06:44 - 2024-09-04 07:56 - 109624080 _____ C:\WINDOWS\system32\amdxc64.so
2024-11-21 06:44 - 2024-08-19 23:13 - 002976160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2024-11-21 06:43 - 2024-09-04 08:43 - 004374408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 004179848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 002245408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 001355520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 001074664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000944008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000771488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000570248 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000434056 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000232672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000187968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000572312 _____ C:\WINDOWS\system32\amdmiracast.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000177984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000167528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000152504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000138624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 088606496 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000801672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000678816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000545568 _____ C:\WINDOWS\system32\dgtrayicon.exe
2024-11-21 06:12 - 2024-09-04 08:43 - 000471456 _____ C:\WINDOWS\system32\amdlogum.exe
2024-11-21 06:12 - 2024-09-04 08:43 - 000103304 _____ C:\WINDOWS\system32\clinfo.exe
2024-11-21 06:12 - 2024-09-04 08:43 - 000051616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000048520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2024-11-21 06:12 - 2024-09-04 08:42 - 019434400 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2024-11-21 06:12 - 2024-09-04 08:42 - 000177056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2024-11-21 06:12 - 2024-09-04 08:42 - 000145800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2024-11-21 06:12 - 2023-05-24 12:42 - 000061888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2024-11-21 06:11 - 2024-09-04 08:44 - 000682400 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-11-21 06:11 - 2024-09-04 08:44 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-11-21 06:11 - 2024-09-04 08:43 - 105410432 _____ C:\WINDOWS\system32\amd_comgr.dll
2024-11-21 05:31 - 2024-09-04 08:43 - 000116944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2024-11-21 05:29 - 2024-09-04 08:43 - 000525088 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-11-21 05:29 - 2024-09-04 08:43 - 000390936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-11-21 05:10 - 2024-11-21 06:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-11-21 05:01 - 2024-11-21 05:01 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMDSoftwareInstaller
2024-11-21 01:29 - 2024-11-21 01:29 - 000001803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio X.lnk
2024-11-21 01:06 - 2024-11-21 01:06 - 000011426 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2024-11-20 19:42 - 2024-11-21 08:36 - 000000000 ____D C:\Users\Rudolf\AppData\Local\BitTorrentHelper
2024-11-20 19:41 - 2024-11-21 08:38 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\utorrent
2024-11-20 19:41 - 2024-11-20 19:41 - 000000890 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2024-11-20 19:41 - 2024-11-20 19:41 - 000000000 ____D C:\Users\Rudolf\AppData\LocalLow\uTorrent.WebView2
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\AlibabaProtect
2024-11-14 17:58 - 2024-11-14 17:58 - 000000000 ____D C:\Users\Rudolf\Tapety
2024-11-13 03:53 - 2024-11-13 03:53 - 000000000 ____D C:\Users\Rudolf\Capture one katalog
2024-11-13 03:24 - 2024-11-13 03:24 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Topaz Labs LLC
2024-11-13 03:24 - 2024-11-13 03:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs LLC
2024-11-13 03:22 - 2024-11-13 03:22 - 000000000 ____D C:\Program Files\Common Files\OFX
2024-11-13 03:20 - 2024-11-13 03:24 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Topaz Labs LLC
2024-11-13 03:15 - 2024-11-13 03:15 - 000001101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO PhotoLab 8.lnk
2024-11-13 02:25 - 2024-11-13 02:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Photo AI
2024-11-13 01:53 - 2024-11-13 01:53 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KMPlayer 64X
2024-11-12 13:16 - 2024-11-13 21:41 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\vlc
2024-11-12 13:16 - 2024-11-12 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2024-11-05 02:36 - 2024-11-05 02:36 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ZJMedia
2024-11-05 02:06 - 2024-11-05 02:24 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-11-05 02:04 - 2024-11-05 02:04 - 000002882 _____ C:\WINDOWS\system32\Tasks\WindowsUpdateService
2024-11-05 02:01 - 2024-11-05 02:38 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Easeware
2024-11-05 02:01 - 2024-11-05 02:01 - 000000422 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2024-11-01 14:37 - 2024-11-01 14:54 - 000000000 ____D C:\Users\Rudolf\Luminar presets
2024-10-29 22:27 - 2024-10-29 22:27 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Red Dead Redemption
2024-10-29 22:26 - 2024-10-29 22:26 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\.1911
2024-10-29 20:23 - 2024-10-29 20:23 - 000000272 _____ C:\WINDOWS\system32\lc.dat
2024-10-28 17:15 - 2024-10-28 17:15 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2024-10-28 17:15 - 2024-10-28 17:15 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2024-10-28 17:15 - 2024-10-28 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-10-25 08:47 - 2024-10-25 08:47 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Capture_One
2024-10-25 03:36 - 2024-10-25 03:36 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\WinRAR
2024-10-25 03:36 - 2024-10-25 03:36 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-10-25 03:36 - 2024-10-25 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-10-25 00:47 - 2024-11-05 02:27 - 000002776 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-25 00:47 - 2024-10-25 00:47 - 000002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-25 00:47 - 2024-10-25 00:47 - 000000000 ___RD C:\Users\Default\OneDrive
2024-10-25 00:21 - 2024-10-28 17:15 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\lghub
2024-10-25 00:00 - 2024-10-25 00:00 - 000000000 ____D C:\Users\Default\AppData\Local\Logi
2024-10-24 23:59 - 2024-10-25 00:08 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Logi
2024-10-24 23:59 - 2024-10-24 23:59 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\com.logitech
2024-10-24 23:59 - 2024-10-24 23:59 - 000000000 ____D C:\Users\Rudolf\AppData\Local\flutter_webview_windows
2024-10-24 23:20 - 2024-11-21 06:39 - 000000000 ____D C:\Users\Rudolf\AppData\Local\LGHUB
2024-10-24 23:20 - 2024-10-24 23:20 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\LGHUB_BKP
2024-10-24 23:17 - 2024-10-28 17:16 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\G HUB
2024-10-24 21:30 - 2024-10-24 21:30 - 000026650 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-10-24 21:30 - 2024-10-24 21:30 - 000026650 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-10-24 21:05 - 2024-10-24 21:05 - 000032080 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2024-10-23 10:49 - 2024-11-21 05:17 - 000002780 _____ C:\WINDOWS\system32\Tasks\FanControl
2024-10-23 10:45 - 2024-10-23 10:45 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ToastNotificationManagerCompat
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-21 08:39 - 2017-07-04 08:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-21 08:38 - 2024-09-13 05:21 - 000000000 ____D C:\Users\Rudolf\AppData\Local\D3DSCache
2024-11-21 08:22 - 2024-05-10 11:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-21 06:45 - 2024-05-10 11:26 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMD
2024-11-21 06:45 - 2024-05-10 11:24 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Packages
2024-11-21 06:44 - 2024-05-10 11:20 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-21 06:41 - 2024-05-10 11:32 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMD_Common
2024-11-21 06:39 - 2024-05-10 11:14 - 000034018 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2024-11-21 06:39 - 2024-05-10 11:13 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-21 06:39 - 2024-05-10 11:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-21 06:38 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2024-11-21 06:29 - 2024-08-23 13:02 - 000000000 ____D C:\Users\Rudolf\AppData\Local\New Technology Studio
2024-11-21 06:02 - 2024-05-10 11:26 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-11-21 06:00 - 2024-08-19 05:24 - 000002602 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2024-11-21 05:25 - 2024-05-10 15:07 - 000000000 ____D C:\Users\Rudolf\AppData\Local\CrashDumps
2024-11-21 04:39 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-11-21 04:37 - 2024-05-10 17:42 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Adobe
2024-11-21 04:26 - 2024-05-10 11:23 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows
2024-11-21 03:38 - 2024-10-12 14:31 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Zoner
2024-11-21 01:16 - 2024-08-04 04:42 - 000000000 ___RD C:\Users\Rudolf\Desktop\卐
2024-11-20 22:36 - 2024-05-21 13:55 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Upscayl
2024-11-20 22:36 - 2024-05-10 18:47 - 000001907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Upscayl.lnk
2024-11-20 22:28 - 2024-08-18 01:25 - 000000000 ____D C:\Users\Rudolf\AppData\Local\HeliconFocus
2024-11-20 17:22 - 2024-05-11 17:05 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-19 14:12 - 2024-05-10 11:14 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-14 23:16 - 2024-05-11 07:20 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Webshare
2024-11-13 07:30 - 2024-05-10 11:13 - 000382168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-13 07:29 - 2024-07-17 03:50 - 000000000 ____D C:\Users\Default\.dotnet
2024-11-13 07:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-13 07:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-13 07:28 - 2024-05-10 11:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-13 07:27 - 2024-05-10 11:52 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-13 03:19 - 2024-05-11 00:10 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\DxO
2024-11-13 03:19 - 2024-05-11 00:09 - 000000000 ____D C:\Users\Rudolf\AppData\Local\DxO
2024-11-13 01:24 - 2024-09-13 21:00 - 000000000 ____D C:\Users\Rudolf\.android
2024-11-13 01:20 - 2024-08-19 01:59 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Corel
2024-11-13 01:10 - 2024-05-10 11:17 - 003335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-12 12:17 - 2024-05-10 11:14 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{4BF37730-1569-4B42-ABDF-C3881A875338}
2024-11-12 12:17 - 2024-05-10 11:14 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{F44E9754-C219-4C65-915D-DA28B6C650AA}
2024-11-05 12:09 - 2024-05-19 08:28 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ElevatedDiagnostics
2024-11-05 02:55 - 2024-05-10 23:15 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\AIMP
2024-11-05 02:27 - 2024-07-28 09:58 - 000003130 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3168977616-3566821354-2173195585-1000
2024-11-04 22:11 - 2024-09-25 07:45 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\CyberLink
2024-11-04 22:11 - 2024-09-12 20:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.23
2024-10-30 14:00 - 2024-05-10 11:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-10-29 20:18 - 2024-09-12 20:41 - 000002698 _____ C:\WINDOWS\system32\Tasks\CLToast
2024-10-29 20:18 - 2024-09-12 20:41 - 000002524 _____ C:\WINDOWS\system32\Tasks\CLToastRun
2024-10-25 08:48 - 2024-08-18 01:25 - 000000000 ____D C:\Users\Rudolf\AppData\Local\CaptureOne
2024-10-25 01:07 - 2024-05-10 11:25 - 000000000 ___RD C:\Users\Rudolf\OneDrive
2024-10-24 23:59 - 2024-05-11 00:10 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Sentry
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
==================== Files in the root of some directories ========
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH () C:\Program Files (x86)\Symantec
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Rudolf (21-11-2024 08:40:25)
Running from C:\Users\Rudolf\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.2314 (X64) (2024-05-10 10:16:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3168977616-3566821354-2173195585-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3168977616-3566821354-2173195585-503 - Limited - Disabled)
Guest (S-1-5-21-3168977616-3566821354-2173195585-501 - Limited - Disabled)
Rudolf (S-1-5-21-3168977616-3566821354-2173195585-1000 - Administrator - Enabled) => C:\Users\Rudolf
WDAGUtilityAccount (S-1-5-21-3168977616-3566821354-2173195585-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\uTorrent) (Version: 3.6.0.47162 - BitTorrent Limited)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_13_1) (Version: 13.1 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_11) (Version: 25.11.0.706 - Adobe Inc.)
AIMP (HKLM\...\AIMP) (Version: 5.30.2549 - Artem Izmaylov)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.9.1 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
DxO PhotoLab 8 (HKLM\...\{3C8E7BE1-2701-4F4C-9C29-FE915871B16B}) (Version: 8.1.0 - DxO)
DxO PhotoLab 8 plug-in for Adobe Lightroom (HKLM-x32\...\{6BB56707-C0A0-4BA1-9A8F-89D66FB940E4}) (Version: 1.8.0 - DxO Labs)
DxO PureRAW 3 (HKLM\...\{2FEAD6AE-13AD-495B-BC50-C4A75475386E}) (Version: 3.9.0 - DxO)
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{FE291DB1-9625-4EAB-8C54-03F2B912BAA9}) (Version: 2.6.2 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.85 - Google LLC)
Helicon Focus 8.1.0.0 (HKLM\...\Helicon Focus 8_is1) (Version: - Helicon Soft Ltd.)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2024.10.23.15 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.8.641856 - Logitech)
Luminar Neo 1.20.1.13681 (HKLM\...\Luminar Neo_is1) (Version: 1.20.1.13681 - LR)
Mafia: Definitive Edition (HKLM-x32\...\1993581340_is1) (Version: 1.0.3 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.51 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.186.0915.0004 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{d98165f5-8b37-4100-8852-a0664374ff8a}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24123 (HKLM-x32\...\{03AC7A79-F8AF-38FC-9DA0-98DAB4F4B1CD}) (Version: 14.0.24123 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24123 (HKLM-x32\...\{06AE3BCC-7612-39D3-9F3B-B6601D877D02}) (Version: 14.0.24123 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.4.13.231129 - XPPen Technology)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Sid Meier's Civilization V (HKLM-x32\...\Sid Meier's Civilization V_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Topaz Photo AI (HKLM\...\{E5B82950-1E9E-4B14-B8C8-9D9DFB4434F6}) (Version: 3.3.2 - Topaz Labs LLC)
Topaz Video AI 5.3.6 (HKLM\...\Topaz Video AI_is1) (Version: 5.3.6 - Topaz Labs LLC)
Upscayl 2.11.5 (HKLM\...\2e801529-9c6a-5917-960e-278558728760) (Version: 2.11.5 - Nayam Amarshe)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Wargaming.net Game Center) (Version: 24.6.1.7231 - Wargaming.net)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
Windows Subsystem for Linux (HKLM\...\{57CD6412-C4AC-431F-8753-46A620EF3A4E}) (Version: 2.2.4.0 - Microsoft Corporation) Hidden
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\2387829014) (Version: - Wargaming.net)
Zoner Photo Studio X version 19.2409.2.582 (HKLM-x32\...\{0311A37E-1930-4CE3-9CE4-C6DE25589E1B}_is1) (Version: 19.2409.2.582 - )
Packages:
=========
@{MicrosoftWindows.LKG.Search_1000.26100.1591.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.LKG.Search/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.Search_cw5n1h2txyewy [2024-10-01] ()
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-11-21] (Advanced Micro Devices Inc.)
Aquile Reader -> C:\Program Files\WindowsApps\21676OptimiliaStudios.AquileReader_1.1.46.0_x64__k42naep6bwmrc [2024-11-03] (Optimilia Studios)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2024.4.17.0_x64__t5j2fzbtdg37r [2024-11-19] (DTS, Inc.)
Real HEIC to JPG Converter -> C:\Program Files\WindowsApps\36059XiaoyaStudio.RealHEICConverter_2.2.26.0_x86__ngh7ertwt50re [2024-10-17] (Xiaoya Lab)
WinRAR -> C:\Program Files\WinRAR [2017-07-04] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3168977616-3566821354-2173195585-1000_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d}\localserver32 -> C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe (Skylum Software USA, Inc. -> Skylum)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-05-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-05-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-11-20 19:41 - 2024-10-07 23:35 - 004309504 _____ (Rainberry, Inc.) [File not signed] C:\Users\Rudolf\AppData\Roaming\utorrent\bt_datachannel.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 001224704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\LIBEAY32.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\SSLEAY32.dll
2024-09-15 01:17 - 2023-07-28 14:48 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 001064960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 004814336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 004965376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000930304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000264704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 004464640 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000149504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:4FB9487F [124]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-11-14 22:51 - 2024-11-14 22:51 - 000009149 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 download.bleepingcomputer.com
127.0.0.1 www.bleepingcomputer.com
127.0.0.1 bleepingcomputer.com
127.0.0.1 www.fullindir.cafe
127.0.0.1 fullindir.cafe
127.0.0.1 www.fullprogramlarindir.net
127.0.0.1 fullprogramlarindir.net
127.0.0.1 www.buyurindir.net
127.0.0.1 buyurindir.net
127.0.0.1 www.warezturkey.org
127.0.0.1 warezturkey.org
127.0.0.1 www.warezturkey.net
127.0.0.1 warezturkey.net
127.0.0.1 www.tnctr.com
127.0.0.1 tnctr.com
127.0.0.1 tb.rg-adguard.net
127.0.0.1 rufus.ie
127.0.0.1 www.rufus.ie
127.0.0.1 download.sysinternals.com
127.0.0.1 data-cdn.mbamupdates.com
127.0.0.1 download.cnet.com
127.0.0.1 cnet.com
127.0.0.1 www.cnet.com
127.0.0.1 prod.downloadnow.com
127.0.0.1 www.pandasecurity.com
127.0.0.1 pandasecurity.com
127.0.0.1 www.adaware.com
127.0.0.1 adaware.com
127.0.0.1 sdl.adaware.com
127.0.0.1 www.nano-av.com
There are 294 more lines.
2024-06-25 09:05 - 2024-06-30 12:25 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.25.160.1 Rudolf.mshome.net # 2029 6 5 29 11 25 17 943
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Intel;C:\Intel\m;C:\Intel\logs;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Rudolf\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files\apache-maven-3.9.8;C:\Program Files\Java\jdk-22\bin;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Users\Rudolf\.dotnet\tools;
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rudolf\Tapety\pc.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Síťové připojení Bluetooth 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
Ethernet: Killer E2200 Gigabit Ethernet Controller -> e2xw10x64.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "DxO PureRAW 4.lnk"
HKLM\...\StartupApproved\Run: => "PowerDVD23Agent"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "AMDNoiseSuppression"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5F787EB8F6C2739B29BBA49ECA2958CD"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Docker Desktop"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "MouseServer"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Uninstall 24.132.0701.0002"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Delete Cached Update Binary"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer_PowerDVD23"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Uninstall 24.181.0908.0001"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E0451588-78CA-4216-A24E-8D39D7686018}D:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\games\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [File not signed]
FirewallRules: [UDP Query User{075F983C-D128-41A1-9843-FA0296939205}D:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\games\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [File not signed]
FirewallRules: [TCP Query User{91B0FAD6-852C-4504-A4A7-87232A6D1165}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C2F6B157-7D73-490E-8877-2F6EF6A9A524}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FF14EBC5-1716-4098-8370-E7F874BD19D8}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{ADF6AB33-2043-4722-BDF2-E783A7D5A4A4}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C27D1F65-5BDA-459B-A6A4-86A8A478E2C1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D4A0928-6908-4D13-B6D1-9B166BF6846B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1FD4532D-748D-4C66-8663-999BF093489B}] => (Block) %ProgramFiles%\CCleaner\CCleaner.exe => No File
FirewallRules: [{2EEE1F94-2776-4E24-9A9F-84954A9605A7}] => (Block) %ProgramFiles%\CCleaner\CCUpdate.exe => No File
FirewallRules: [{14C808AF-7640-4DB2-B8E5-C53A80169290}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe => No File
FirewallRules: [TCP Query User{D779995D-4A6A-41D8-9CC6-A9F064E535BA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{8BBEFA30-B59C-4A1E-A296-33D0CC17E8C8}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{42E883F8-3B12-4EFB-9FDA-5AEF0EA7EDB7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{653A8E20-DF08-40A6-80F5-CDAD54CFA2F6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E9F56B11-FF58-40A5-AAFD-A2CBE77A2E1D}D:\games\world of tanks\win64\worldoftanks.exe] => (Allow) D:\games\world of tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{A6405166-FAA9-45E4-A443-019D6D7BCA1E}D:\games\world of tanks\win64\worldoftanks.exe] => (Allow) D:\games\world of tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{3E9793F1-E297-408B-8FAF-BC75A074A2C3}] => (Block) C:\Program Files\DxO\DxO PhotoLab 8\DxO.PhotoLab.exe (DxO Labs S.A.S. -> DxO)
FirewallRules: [{FE921112-AEDD-4CF9-8958-446ACE4725C8}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{555B8B4D-41B9-4FD5-9EDE-E842ADAFC1BC}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{CCF33B2E-9DD7-4074-90B2-0C9508281AAC}] => (Allow) C:\Intel\i2.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{8523B717-811C-4F58-BF67-1B974F00159F}] => (Allow) C:\Intel\i3.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{EA5051CD-1B81-4F43-863F-475D538F72C1}] => (Allow) C:\Intel\i3.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{C4796187-E41D-44BF-977A-C8EC84F05101}] => (Allow) C:\Intel\i1.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{15AADC5E-0236-46C4-BABD-27B5DEDBC969}] => (Allow) C:\Intel\i4.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{C3B2F324-2C51-4961-848F-7E3F03C008A9}] => (Allow) C:\Intel\i2.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{1C949C00-D39B-476C-8D0F-B01CACBD930F}] => (Allow) C:\Intel\i1.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{30CEEE60-E841-4F37-A132-99F1F034D982}] => (Allow) C:\Intel\i4.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{32CC6484-5D29-4EC6-A84F-2EA326595FD6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{08EF186D-ADC0-4365-B22E-429AB91CB441}] => (Allow) C:\Users\Rudolf\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{B8E2AE48-CF5E-4D19-8C9C-97565B891665}] => (Allow) C:\Users\Rudolf\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{07246EAE-2583-4D39-A3FF-DA8A76FD5CD0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.51\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
21-11-2024 04:38:33 Odebráno: Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
21-11-2024 04:53:56 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
21-11-2024 04:54:17 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523
21-11-2024 05:07:23 AMDCleanupUtility Restore Point
21-11-2024 06:26:43 Radeon Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/21/2024 06:05:16 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:44:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:32:39 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.26100.2314 programu LockApp.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (11/21/2024 05:29:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:21:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro E:\Downloads\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:12:26 AM) (Source: Application Error) (EventID: 1000) (User: RUDOLF)
Description: Název chybující aplikace: svchost.exe_cbdhsvc, verze: 10.0.26100.1150, časové razítko: 0xfdace0d9
Název chybujícího modulu: cbdhsvc.dll, verze: 10.0.26100.1882, časové razítko: 0x1dc437d0
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001409b
ID chybujícího procesu: 0x190c
Čas spuštění chybující aplikace: 0x1db3bcb725330e7
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\cbdhsvc.dll
ID sestavy: 1faab2f9-61fa-40a8-a29c-891ac9da65c3
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (11/21/2024 04:54:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro E:\Downloads\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 04:47:02 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.26100.2314 programu LockApp.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
System errors:
=============
Error: (11/21/2024 06:41:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/21/2024 06:41:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (11/21/2024 06:41:25 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (11/21/2024 06:39:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby dg bylo dosaženo časového limitu (45000 ms).
Error: (11/21/2024 06:39:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba l1vhlwf neuspěla při spuštění v důsledku následující chyby:
Funkce hypervisoru není pro uživatele k dispozici.
Error: (11/21/2024 06:38:54 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.
Error: (11/21/2024 06:38:47 AM) (Source: DCOM) (EventID: 10010) (User: RUDOLF)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/21/2024 06:38:47 AM) (Source: DCOM) (EventID: 10010) (User: RUDOLF)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2024-11-05 01:54:50
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen!MTB
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Downloads\HDD Regenerator 2024 v20.24.0.0 Patch-Keygen.rar; webfile:_E:\Downloads\HDD Regenerator 2024 v20.24.0.0 Patch-Keygen.rar|https://vip.18.dl.webshare.cz/9164/6oOj ... 6885436437
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: RUDOLF\Rudolf
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.421.89.0, AS: 1.421.89.0, NIS: 1.421.89.0
Verze modulu: AM: 1.1.24090.11, NIS: 1.1.24090.11
Date: 2024-11-04 14:24:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {97A272AD-4238-4982-BBBC-9FEBA9BFCE66}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-04 13:19:33
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe možnost upravit %userprofile%\Videos.
Čas detekce: 2024-11-04T12:19:33.440Z
Uživatel: RUDOLF\Rudolf
Cesta: %userprofile%\Videos
Název procesu: C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
Verze bezpečnostních informací: 1.421.79.0
Verze modulu: 1.1.24090.11
Verze produktu: 4.18.24090.11
Date: 2024-11-03 15:46:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7CACF5DB-46CC-4911-B091-E516F498E079}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-03 15:34:49
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe možnost upravit %userprofile%\Videos.
Čas detekce: 2024-11-03T14:34:49.515Z
Uživatel: RUDOLF\Rudolf
Cesta: %userprofile%\Videos
Název procesu: C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
Verze bezpečnostních informací: 1.421.67.0
Verze modulu: 1.1.24090.11
Verze produktu: 4.18.24090.11
Event[0]
Date: 2024-11-21 06:02:25
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-11-21 05:13:07
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-11-21 05:10:31
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-07-09 11:07:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2024-05-18 07:38:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===============
Date: 2024-07-09 11:21:32
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V2.13 03/07/2014
Motherboard: MSI Z77A-G43 (MS-7758)
Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 44%
Total physical RAM: 24524.43 MB
Available physical RAM: 13602.81 MB
Total Virtual: 60524.43 MB
Available Virtual: 52150.11 MB
==================== Drives ================================
Drive c: ( 卐) (Fixed) (Total:446.41 GB) (Free:163.98 GB) (Model: Patriot Burst) NTFS
Drive d: ( 卐 卐) (Fixed) (Total:447.01 GB) (Free:134.86 GB) (Model: Patriot Burst) NTFS
Drive e: ( 卐 ϟϟ) (Fixed) (Total:465.63 GB) (Free:100.6 GB) (Model: SAMSUNG HM500JI) NTFS
\\?\Volume{a06bb8ff-0755-470b-b60f-d19c09384502}\ () (Fixed) (Total:0.1 GB) (Free:0.09 GB) NTFS
\\?\Volume{8f434d70-975e-488a-9249-8324ca309b8d}\ () (Fixed) (Total:0.61 GB) (Free:0.1 GB) NTFS
\\?\Volume{51bc0659-ada4-4247-b3f1-8c5c79625ba8}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 0610802F)
Partition: GPT.
==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 56DA8679)
Partition: GPT.
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 098B4315)
Partition: GPT.
==========================================================
Disk: 3 (Size: 223.6 GB) (Disk ID: C87DD721)
Partition: GPT.
==========================================================
Disk: 4 (Size: 298.1 GB) (Disk ID: 97646C29)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nejde spustit AMD soft. připojit se na některé stránky, nákaza jistá...
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Nejde spustit AMD soft. připojit se na některé stránky, nákaza jistá...
Ahoj,
dokážeš si vzpomenout, co jsi v době nákazy dělal? Pravděpodobně k ní došlo 14.11. ve večerních hodinách. Nějaký crack/nová instalace něčeho?
Použij fixlist viz níže. Po restartu nám prosím pošli fixlog.txt
dokážeš si vzpomenout, co jsi v době nákazy dělal? Pravděpodobně k ní došlo 14.11. ve večerních hodinách. Nějaký crack/nová instalace něčeho?
Použij fixlist viz níže. Po restartu nám prosím pošli fixlog.txt
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
Task: {2E2FE82B-18D9-4EF3-A922-D822B618AE98} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {BC50A4FD-060E-4BB9-A0AA-DEB034DCA866} - System32\Tasks\CLToast => "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -UpdateSchedule (No File)
Task: {D1DEABF4-5DB0-4AA4-9444-9AAA2D896AE0} - System32\Tasks\CLToastRun => "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -UpdateScheduleRun (No File)
Task: {4F79FE6A-FA8D-4273-8780-E06BA56AACD7} - System32\Tasks\FanControl => FanControl.exe (No File) <==== ATTENTION
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {2515065A-BC8F-4C56-9CB5-B23979918539} - System32\Tasks\Microsoft\Windows\UPnP\Microsoft UPnP Manager1 => C:\Intel\e.vbs [279 2017-07-04] () [File not signed]
S2 dg; C:\Intel\dg.exe [1205932892 2017-07-04] () [File not signed] <==== ATTENTION
Dir: C:\Intel
C:\Intel
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\AlibabaProtect
FirewallRules: [{1FD4532D-748D-4C66-8663-999BF093489B}] => (Block) %ProgramFiles%\CCleaner\CCleaner.exe => No File
FirewallRules: [{2EEE1F94-2776-4E24-9A9F-84954A9605A7}] => (Block) %ProgramFiles%\CCleaner\CCUpdate.exe => No File
FirewallRules: [{14C808AF-7640-4DB2-B8E5-C53A80169290}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe => No File
FirewallRules: [{CCF33B2E-9DD7-4074-90B2-0C9508281AAC}] => (Allow) C:\Intel\i2.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{8523B717-811C-4F58-BF67-1B974F00159F}] => (Allow) C:\Intel\i3.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{EA5051CD-1B81-4F43-863F-475D538F72C1}] => (Allow) C:\Intel\i3.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{C4796187-E41D-44BF-977A-C8EC84F05101}] => (Allow) C:\Intel\i1.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{15AADC5E-0236-46C4-BABD-27B5DEDBC969}] => (Allow) C:\Intel\i4.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{C3B2F324-2C51-4961-848F-7E3F03C008A9}] => (Allow) C:\Intel\i2.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{1C949C00-D39B-476C-8D0F-B01CACBD930F}] => (Allow) C:\Intel\i1.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{30CEEE60-E841-4F37-A132-99F1F034D982}] => (Allow) C:\Intel\i4.exe (CR Proxy LLC) [File not signed]
EmptyTemp:
EndPokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Nejde spustit AMD soft. připojit se na některé stránky, nákaza jistá...
Bohužel si nevzpomenu, testuji dost programů, které pak mažu, z aktuálně nainstalovaných nebylo 14.11. nic. Po startu win se ukázala hláška - Soubor skriptu C:/Windows/Download/Rdis.vbs nebyl nalezen - okno s tím má název Windows Script Host. Moc děkuji za pomoc.
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Rudolf (21-11-2024 09:47:01) Run:1
Running from C:\Users\Rudolf\Desktop
Loaded Profiles: Rudolf
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Task: {2E2FE82B-18D9-4EF3-A922-D822B618AE98} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {BC50A4FD-060E-4BB9-A0AA-DEB034DCA866} - System32\Tasks\CLToast => "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -UpdateSchedule (No File)
Task: {D1DEABF4-5DB0-4AA4-9444-9AAA2D896AE0} - System32\Tasks\CLToastRun => "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -UpdateScheduleRun (No File)
Task: {4F79FE6A-FA8D-4273-8780-E06BA56AACD7} - System32\Tasks\FanControl => FanControl.exe (No File) <==== ATTENTION
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {2515065A-BC8F-4C56-9CB5-B23979918539} - System32\Tasks\Microsoft\Windows\UPnP\Microsoft UPnP Manager1 => C:\Intel\e.vbs [279 2017-07-04] () [File not signed]
S2 dg; C:\Intel\dg.exe [1205932892 2017-07-04] () [File not signed] <==== ATTENTION
Dir: C:\Intel
C:\Intel
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\AlibabaProtect
FirewallRules: [{1FD4532D-748D-4C66-8663-999BF093489B}] => (Block) %ProgramFiles%\CCleaner\CCleaner.exe => No File
FirewallRules: [{2EEE1F94-2776-4E24-9A9F-84954A9605A7}] => (Block) %ProgramFiles%\CCleaner\CCUpdate.exe => No File
FirewallRules: [{14C808AF-7640-4DB2-B8E5-C53A80169290}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe => No File
FirewallRules: [{CCF33B2E-9DD7-4074-90B2-0C9508281AAC}] => (Allow) C:\Intel\i2.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{8523B717-811C-4F58-BF67-1B974F00159F}] => (Allow) C:\Intel\i3.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{EA5051CD-1B81-4F43-863F-475D538F72C1}] => (Allow) C:\Intel\i3.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{C4796187-E41D-44BF-977A-C8EC84F05101}] => (Allow) C:\Intel\i1.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{15AADC5E-0236-46C4-BABD-27B5DEDBC969}] => (Allow) C:\Intel\i4.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{C3B2F324-2C51-4961-848F-7E3F03C008A9}] => (Allow) C:\Intel\i2.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{1C949C00-D39B-476C-8D0F-B01CACBD930F}] => (Allow) C:\Intel\i1.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{30CEEE60-E841-4F37-A132-99F1F034D982}] => (Allow) C:\Intel\i4.exe (CR Proxy LLC) [File not signed]
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2E2FE82B-18D9-4EF3-A922-D822B618AE98}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E2FE82B-18D9-4EF3-A922-D822B618AE98}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleaner Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC50A4FD-060E-4BB9-A0AA-DEB034DCA866}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC50A4FD-060E-4BB9-A0AA-DEB034DCA866}" => removed successfully
C:\WINDOWS\System32\Tasks\CLToast => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLToast" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D1DEABF4-5DB0-4AA4-9444-9AAA2D896AE0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1DEABF4-5DB0-4AA4-9444-9AAA2D896AE0}" => removed successfully
C:\WINDOWS\System32\Tasks\CLToastRun => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLToastRun" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F79FE6A-FA8D-4273-8780-E06BA56AACD7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F79FE6A-FA8D-4273-8780-E06BA56AACD7}" => removed successfully
C:\WINDOWS\System32\Tasks\FanControl => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FanControl" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2515065A-BC8F-4C56-9CB5-B23979918539}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2515065A-BC8F-4C56-9CB5-B23979918539}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UPnP\Microsoft UPnP Manager1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\Microsoft UPnP Manager1" => removed successfully
HKLM\System\CurrentControlSet\Services\dg => removed successfully
dg => service removed successfully
Dir: C:\Intel => Error: No automatic fix found for this entry.
"C:\Intel" Folder move:
C:\Intel => moved successfully
C:\ProgramData\Symantec => moved successfully
C:\ProgramData\Sophos => moved successfully
C:\ProgramData\SMADAV => moved successfully
C:\ProgramData\ReasonLabs => moved successfully
C:\ProgramData\Norton Security => moved successfully
C:\ProgramData\Net Protector 202A => moved successfully
C:\ProgramData\McAfee.com => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\ProgramData\Kaspersky Lab => moved successfully
C:\ProgramData\IOBit => moved successfully
C:\ProgramData\HP Sure Sense => moved successfully
C:\ProgramData\HitmanPro.Alert => moved successfully
C:\ProgramData\ESET => moved successfully
C:\ProgramData\CryptoTab Browser => moved successfully
C:\ProgramData\Bitdefender => moved successfully
C:\ProgramData\Awesome Miner => moved successfully
C:\ProgramData\AVG => moved successfully
C:\ProgramData\Avast Software => moved successfully
C:\ProgramData\AlibabaProtect => moved successfully
C:\Program Files\Symantec => moved successfully
C:\Program Files\Sophos => moved successfully
C:\Program Files\SMADAV => moved successfully
C:\Program Files\ReasonLabs => moved successfully
C:\Program Files\Norton Security => moved successfully
C:\Program Files\Net Protector 202A => moved successfully
C:\Program Files\McAfee.com => moved successfully
C:\Program Files\McAfee => moved successfully
C:\Program Files\Malwarebytes => moved successfully
C:\Program Files\Kaspersky Lab => moved successfully
C:\Program Files\IOBit => moved successfully
C:\Program Files\HP Sure Sense => moved successfully
C:\Program Files\HitmanPro.Alert => moved successfully
C:\Program Files\ESET => moved successfully
C:\Program Files\CryptoTab Browser => moved successfully
C:\Program Files\Bitdefender => moved successfully
C:\Program Files\Awesome Miner => moved successfully
C:\Program Files\AVG => moved successfully
C:\Program Files\Avast Software => moved successfully
C:\Program Files\AlibabaProtect => moved successfully
C:\Program Files (x86)\Symantec => moved successfully
C:\Program Files (x86)\Sophos => moved successfully
C:\Program Files (x86)\SMADAV => moved successfully
C:\Program Files (x86)\ReasonLabs => moved successfully
C:\Program Files (x86)\Norton Security => moved successfully
C:\Program Files (x86)\Net Protector 202A => moved successfully
C:\Program Files (x86)\McAfee.com => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
C:\Program Files (x86)\Malwarebytes => moved successfully
C:\Program Files (x86)\Kaspersky Lab => moved successfully
C:\Program Files (x86)\IOBit => moved successfully
C:\Program Files (x86)\HP Sure Sense => moved successfully
C:\Program Files (x86)\HitmanPro.Alert => moved successfully
C:\Program Files (x86)\ESET => moved successfully
C:\Program Files (x86)\CryptoTab Browser => moved successfully
C:\Program Files (x86)\Bitdefender => moved successfully
C:\Program Files (x86)\Awesome Miner => moved successfully
C:\Program Files (x86)\AVG => moved successfully
C:\Program Files (x86)\Avast Software => moved successfully
C:\Program Files (x86)\AlibabaProtect => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1FD4532D-748D-4C66-8663-999BF093489B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2EEE1F94-2776-4E24-9A9F-84954A9605A7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14C808AF-7640-4DB2-B8E5-C53A80169290}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCF33B2E-9DD7-4074-90B2-0C9508281AAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8523B717-811C-4F58-BF67-1B974F00159F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA5051CD-1B81-4F43-863F-475D538F72C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4796187-E41D-44BF-977A-C8EC84F05101}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15AADC5E-0236-46C4-BABD-27B5DEDBC969}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3B2F324-2C51-4961-848F-7E3F03C008A9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1C949C00-D39B-476C-8D0F-B01CACBD930F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30CEEE60-E841-4F37-A132-99F1F034D982}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10551952 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 283594116 B
Windows/system/drivers => 805191 B
Edge => 0 B
Chrome => 371899886 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 36685214 B
systemprofile32 => 36685214 B
LocalService => 37347706 B
NetworkService => 37347706 B
Rudolf => 106075771 B
RecycleBin => 0 B
EmptyTemp: => 879.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:47:29 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Rudolf (21-11-2024 09:47:01) Run:1
Running from C:\Users\Rudolf\Desktop
Loaded Profiles: Rudolf
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Task: {2E2FE82B-18D9-4EF3-A922-D822B618AE98} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {BC50A4FD-060E-4BB9-A0AA-DEB034DCA866} - System32\Tasks\CLToast => "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -UpdateSchedule (No File)
Task: {D1DEABF4-5DB0-4AA4-9444-9AAA2D896AE0} - System32\Tasks\CLToastRun => "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -UpdateScheduleRun (No File)
Task: {4F79FE6A-FA8D-4273-8780-E06BA56AACD7} - System32\Tasks\FanControl => FanControl.exe (No File) <==== ATTENTION
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {2515065A-BC8F-4C56-9CB5-B23979918539} - System32\Tasks\Microsoft\Windows\UPnP\Microsoft UPnP Manager1 => C:\Intel\e.vbs [279 2017-07-04] () [File not signed]
S2 dg; C:\Intel\dg.exe [1205932892 2017-07-04] () [File not signed] <==== ATTENTION
Dir: C:\Intel
C:\Intel
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\ProgramData\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files\AlibabaProtect
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Symantec
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Sophos
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\SMADAV
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\ReasonLabs
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Norton Security
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Net Protector 202A
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\McAfee.com
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\McAfee
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Malwarebytes
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Kaspersky Lab
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\IOBit
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\HP Sure Sense
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\HitmanPro.Alert
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\ESET
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\CryptoTab Browser
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Bitdefender
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Awesome Miner
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\AVG
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\Avast Software
2024-11-14 22:50 - 2024-11-14 22:50 - 000000002 __RSH C:\Program Files (x86)\AlibabaProtect
FirewallRules: [{1FD4532D-748D-4C66-8663-999BF093489B}] => (Block) %ProgramFiles%\CCleaner\CCleaner.exe => No File
FirewallRules: [{2EEE1F94-2776-4E24-9A9F-84954A9605A7}] => (Block) %ProgramFiles%\CCleaner\CCUpdate.exe => No File
FirewallRules: [{14C808AF-7640-4DB2-B8E5-C53A80169290}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe => No File
FirewallRules: [{CCF33B2E-9DD7-4074-90B2-0C9508281AAC}] => (Allow) C:\Intel\i2.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{8523B717-811C-4F58-BF67-1B974F00159F}] => (Allow) C:\Intel\i3.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{EA5051CD-1B81-4F43-863F-475D538F72C1}] => (Allow) C:\Intel\i3.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{C4796187-E41D-44BF-977A-C8EC84F05101}] => (Allow) C:\Intel\i1.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{15AADC5E-0236-46C4-BABD-27B5DEDBC969}] => (Allow) C:\Intel\i4.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{C3B2F324-2C51-4961-848F-7E3F03C008A9}] => (Allow) C:\Intel\i2.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{1C949C00-D39B-476C-8D0F-B01CACBD930F}] => (Allow) C:\Intel\i1.exe (CR Proxy LLC) [File not signed]
FirewallRules: [{30CEEE60-E841-4F37-A132-99F1F034D982}] => (Allow) C:\Intel\i4.exe (CR Proxy LLC) [File not signed]
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2E2FE82B-18D9-4EF3-A922-D822B618AE98}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E2FE82B-18D9-4EF3-A922-D822B618AE98}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleaner Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC50A4FD-060E-4BB9-A0AA-DEB034DCA866}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC50A4FD-060E-4BB9-A0AA-DEB034DCA866}" => removed successfully
C:\WINDOWS\System32\Tasks\CLToast => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLToast" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D1DEABF4-5DB0-4AA4-9444-9AAA2D896AE0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1DEABF4-5DB0-4AA4-9444-9AAA2D896AE0}" => removed successfully
C:\WINDOWS\System32\Tasks\CLToastRun => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLToastRun" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F79FE6A-FA8D-4273-8780-E06BA56AACD7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F79FE6A-FA8D-4273-8780-E06BA56AACD7}" => removed successfully
C:\WINDOWS\System32\Tasks\FanControl => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FanControl" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2515065A-BC8F-4C56-9CB5-B23979918539}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2515065A-BC8F-4C56-9CB5-B23979918539}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UPnP\Microsoft UPnP Manager1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\Microsoft UPnP Manager1" => removed successfully
HKLM\System\CurrentControlSet\Services\dg => removed successfully
dg => service removed successfully
Dir: C:\Intel => Error: No automatic fix found for this entry.
"C:\Intel" Folder move:
C:\Intel => moved successfully
C:\ProgramData\Symantec => moved successfully
C:\ProgramData\Sophos => moved successfully
C:\ProgramData\SMADAV => moved successfully
C:\ProgramData\ReasonLabs => moved successfully
C:\ProgramData\Norton Security => moved successfully
C:\ProgramData\Net Protector 202A => moved successfully
C:\ProgramData\McAfee.com => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\ProgramData\Kaspersky Lab => moved successfully
C:\ProgramData\IOBit => moved successfully
C:\ProgramData\HP Sure Sense => moved successfully
C:\ProgramData\HitmanPro.Alert => moved successfully
C:\ProgramData\ESET => moved successfully
C:\ProgramData\CryptoTab Browser => moved successfully
C:\ProgramData\Bitdefender => moved successfully
C:\ProgramData\Awesome Miner => moved successfully
C:\ProgramData\AVG => moved successfully
C:\ProgramData\Avast Software => moved successfully
C:\ProgramData\AlibabaProtect => moved successfully
C:\Program Files\Symantec => moved successfully
C:\Program Files\Sophos => moved successfully
C:\Program Files\SMADAV => moved successfully
C:\Program Files\ReasonLabs => moved successfully
C:\Program Files\Norton Security => moved successfully
C:\Program Files\Net Protector 202A => moved successfully
C:\Program Files\McAfee.com => moved successfully
C:\Program Files\McAfee => moved successfully
C:\Program Files\Malwarebytes => moved successfully
C:\Program Files\Kaspersky Lab => moved successfully
C:\Program Files\IOBit => moved successfully
C:\Program Files\HP Sure Sense => moved successfully
C:\Program Files\HitmanPro.Alert => moved successfully
C:\Program Files\ESET => moved successfully
C:\Program Files\CryptoTab Browser => moved successfully
C:\Program Files\Bitdefender => moved successfully
C:\Program Files\Awesome Miner => moved successfully
C:\Program Files\AVG => moved successfully
C:\Program Files\Avast Software => moved successfully
C:\Program Files\AlibabaProtect => moved successfully
C:\Program Files (x86)\Symantec => moved successfully
C:\Program Files (x86)\Sophos => moved successfully
C:\Program Files (x86)\SMADAV => moved successfully
C:\Program Files (x86)\ReasonLabs => moved successfully
C:\Program Files (x86)\Norton Security => moved successfully
C:\Program Files (x86)\Net Protector 202A => moved successfully
C:\Program Files (x86)\McAfee.com => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
C:\Program Files (x86)\Malwarebytes => moved successfully
C:\Program Files (x86)\Kaspersky Lab => moved successfully
C:\Program Files (x86)\IOBit => moved successfully
C:\Program Files (x86)\HP Sure Sense => moved successfully
C:\Program Files (x86)\HitmanPro.Alert => moved successfully
C:\Program Files (x86)\ESET => moved successfully
C:\Program Files (x86)\CryptoTab Browser => moved successfully
C:\Program Files (x86)\Bitdefender => moved successfully
C:\Program Files (x86)\Awesome Miner => moved successfully
C:\Program Files (x86)\AVG => moved successfully
C:\Program Files (x86)\Avast Software => moved successfully
C:\Program Files (x86)\AlibabaProtect => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1FD4532D-748D-4C66-8663-999BF093489B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2EEE1F94-2776-4E24-9A9F-84954A9605A7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14C808AF-7640-4DB2-B8E5-C53A80169290}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCF33B2E-9DD7-4074-90B2-0C9508281AAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8523B717-811C-4F58-BF67-1B974F00159F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA5051CD-1B81-4F43-863F-475D538F72C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4796187-E41D-44BF-977A-C8EC84F05101}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15AADC5E-0236-46C4-BABD-27B5DEDBC969}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3B2F324-2C51-4961-848F-7E3F03C008A9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1C949C00-D39B-476C-8D0F-B01CACBD930F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30CEEE60-E841-4F37-A132-99F1F034D982}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10551952 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 283594116 B
Windows/system/drivers => 805191 B
Edge => 0 B
Chrome => 371899886 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 36685214 B
systemprofile32 => 36685214 B
LocalService => 37347706 B
NetworkService => 37347706 B
Rudolf => 106075771 B
RecycleBin => 0 B
EmptyTemp: => 879.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:47:29 ====
Re: Nejde spustit AMD soft. připojit se na některé stránky, nákaza jistá...
Máš můj respekt - takhle si hrát na produkčním stroji. Na svém produkčním stroji si žádný exáč bez předchozího ověření nespustím. Pro účel testování používám virtuálky, případně některá virtualizovaná prostředí jsou dnes už i zdarma (jen výsledek tvého testu bude veřejně dostupný - např. app.any.run, virustotal.com). Stroj, na kterém se dá virtualizovat se už dnes dá pořídit za pár šupů. Troufám si tvrdit, že jsi fungoval jako proxy pro malicious provoz a bůh ví, co dál... klasikou jsou dneska info-stealery, kdy si útočník nechá poslat tvoje uložená hesla z prohlížečů. Doporučuju jejich změnu a používat MFA.
Vytvoř ještě jeden fixlist, čímž se zbavíme té chybové hlášky (bez restartu, jen pošli fixlog):
Proskenujme systém ještě pomocí dalších toolů https://download.eset.com/com/eset/tool ... canner.exe
Pak pošli ještě aktuální FRST logy a dej vědět, jestli se něco zlepšilo.
Vytvoř ještě jeden fixlist, čímž se zbavíme té chybové hlášky (bez restartu, jen pošli fixlog):
Kód: Vybrat vše
Task: {FC37401D-36C8-44AC-9499-AA4C5ACDF819} - System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs (No File)
CMD: dir C:\Windows\DownloadPak pošli ještě aktuální FRST logy a dej vědět, jestli se něco zlepšilo.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Nejde spustit AMD soft. připojit se na některé stránky, nákaza jistá...
Spíš jsem idiot a odstrašující příklad 
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Rudolf (21-11-2024 10:19:24) Run:2
Running from C:\Users\Rudolf\Desktop
Loaded Profiles: Rudolf
Boot Mode: Normal
==============================================
fixlist content:
*****************
Task: {FC37401D-36C8-44AC-9499-AA4C5ACDF819} - System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs (No File)
CMD: dir C:\Windows\Download
*****************
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC37401D-36C8-44AC-9499-AA4C5ACDF819}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC37401D-36C8-44AC-9499-AA4C5ACDF819}" => removed successfully
C:\WINDOWS\System32\Tasks\WindowsUpdateService => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsUpdateService" => removed successfully
========= dir C:\Windows\Download =========
Volume in drive C is 卐
Volume Serial Number is 92C1-69C8
Directory of C:\Windows\Download
04.07.2017 08:05 <DIR> .
04.07.2017 08:05 <DIR> ..
0 File(s) 0 bytes
2 Dir(s) 172 461 527 040 bytes free
========= End of CMD: =========
==== End of Fixlog 10:19:25 ====
vysledek eset
21.11.2024 11:59:26
Zkontrolováno souborů: 1003524
Detekováno souborů: 15
Vyléčeno souborů: 15
Celkový čas kontroly 01:23:28
Stav kontroly: Dokončeno
C:\FRST\Quarantine\C\Intel\i1.exe varianta Win32/Injector.MH trojský kůň vyléčen smazáním
C:\FRST\Quarantine\C\Intel\i2.exe varianta Win32/Injector.MH trojský kůň vyléčen smazáním
C:\FRST\Quarantine\C\Intel\i3.exe varianta Win32/Injector.MH trojský kůň vyléčen smazáním
C:\FRST\Quarantine\C\Intel\i4.exe varianta Win32/Injector.MH trojský kůň vyléčen smazáním
C:\Program Files\Corel\CorelDRAW Graphics Suite\25\xfpsp2023-mod.exe varianta Win32/Keygen.ACS potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files\Helicon Software\Helicon Focus 8\HeliconFocus.exe varianta Win64/HackTool.Loader.B potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files\Topaz Labs LLC\Topaz Photo AI\topaz.photo.ai.3.3.0-patch.exe varianta Win32/HackTool.Patcher.AD potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files (x86)\Civilization V\steam_api.dll varianta Win32/HackTool.Crack.CS potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files (x86)\HDD Regenerator\Patch.exe varianta Win32/HackTool.Patcher.AD potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files (x86)\imobie DroidKit\patch.exe varianta Win32/Packed.Themida.HLC trojský kůň vyléčen smazáním
C:\Windows\System32\drivers\etc\hosts Win32/Qhost trojský kůň vyléčen smazáním
D:\Games\Red Dead Redemption 2\EMP.dll varianta Win64/HackTool.Crack.Q potenciálně zneužitelná aplikace vyléčen smazáním
D:\Games\Wolfenstein The New Order\Crack\steam_api64.dll varianta Win64/HackTool.Crack.F potenciálně zneužitelná aplikace vyléčen smazáním
D:\Games\Wolfenstein The New Order\steam_api64.dll varianta Win64/HackTool.Crack.F potenciálně zneužitelná aplikace vyléčen smazáním
E:\PhotoShop\Adobe Photoshop Elements 2024.11\PSE 2024\Set-up.exe Win32/HackTool.Crack.OH potenciálně zneužitelná aplikace vyléčen smazáním
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2024
Ran by Rudolf (administrator) on RUDOLF (MSI MS-7758) (21-11-2024 12:10:08)
Running from C:\Users\Rudolf\Desktop\FRST64.exe
Loaded Profiles: Rudolf
Platform: Microsoft Windows 11 Pro Version 24H2 26100.2314 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22>
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (THINKSMART s.r.o. -> THINKSMART s.r.o.) C:\Program Files\Webshare klient\Webshare klient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24101.35.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1185688 2023-11-30] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-08-19] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [MicrosoftEdgeAutoLaunch_5F787EB8F6C2739B29BBA49ECA2958CD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911248 2024-11-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919312 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4412512 2024-11-12] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [22365592 2024-10-28] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.85\Installer\chrmstp.exe [2024-11-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00F3BAD3-B5CE-439A-8352-172F5B41F3C9} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {FDDED592-5192-44C9-89F1-32EEB4229024} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {D0277FA8-C99F-434A-9741-F633346040C9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{20DCF27E-BA7B-41F1-91A5-038A09C12CF5} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {3D5AFD41-625C-4EF2-BF12-B96B0D90C339} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-08-19] (Adobe Inc. -> Adobe Inc.)
Task: {242C6E84-CB11-4D77-AD3F-BE0E57F31319} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {596B9844-5213-4449-AA3A-82FD1D8F4B85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A631C10-651D-489D-8EBE-72178632E984} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {242A8E91-D9B9-4C63-8204-AD206742D6F8} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {112812BA-A756-4819-821C-CF21413DF697} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209176 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DDD3949-141C-40C4-9B99-9E46ED5DA18E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3168977616-3566821354-2173195585-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209176 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB5ABA1C-676F-4E06-BDFC-20E632E2BCAA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {AB9382CF-BF73-4994-A36B-8EAED9BEDA23} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{0320c474-f793-40bf-88c8-45e59b26ce1a}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip\..\Interfaces\{0320c474-f793-40bf-88c8-45e59b26ce1a}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{0320c474-f793-40bf-88c8-45e59b26ce1a}: [DhcpDomain] home
Tcpip\..\Interfaces\{39a14baa-0ebe-11ef-83d7-806e6f6e6963}: [NameServer] 1.1.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-21]
Edge DownloadDir: Default -> E:\Downloads
Edge HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
Edge StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... oogle.com/"
Edge Extension: (Video Player) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bobjnignhcpkfnjcgegmdjijonimcmke [2024-07-31]
Edge Extension: (Send to Kindle pro Google Chrome™) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-05-10]
Edge Extension: (Ruffle - Flash Emulator) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\donbcfbmhbcapadipfkeojnmajbakjdc [2024-11-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-22]
Edge Extension: (No Name) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2024-10-22]
Edge Extension: (Dark Reader) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2024-10-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-10]
Edge Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2024-11-20]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-11-19]
Edge Extension: (Blokátor reklam AdGuard) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2024-10-24]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default [2024-11-21]
CHR HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... google.com"
CHR Extension: (Blokátor reklam AdGuard (MV3 Beta)) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjcbfpjihpedihablmalmbbhjpklbdf [2024-11-21]
CHR Extension: (Send to Kindle pro Google Chrome™) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-11-21]
CHR Extension: (Dark Reader) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-21]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-11-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-11]
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-11-14]
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\System Profile [2024-11-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2024-06-03] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [381416 2024-04-23] (Epic Games Inc. -> Epic Games, Inc.)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncHelper.exe [3525136 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11712920 2024-10-28] (Logitech Inc -> Logitech, Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe [11177064 2024-10-24] (Logitech Inc -> Logitech, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.186.0915.0004\OneDriveUpdaterService.exe [3869200 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 aehd; C:\WINDOWS\system32\DRIVERS\aehd.sys [403080 2024-06-25] (Google LLC -> Google LLC)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys [113880 2024-05-10] (Advanced Micro Devices -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\amdkmdag.sys [106596128 2024-09-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2023-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [226560 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\hw_cdcacm.sys [127360 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140744 2024-10-24] (Microsoft Windows -> Microsoft Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-10-28] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2024-10-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-10-28] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray.sys [89192 2024-10-24] (Logitech Inc -> Logitech, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-07-09] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-21 12:10 - 2024-11-21 12:10 - 000020293 _____ C:\Users\Rudolf\Desktop\FRST.txt
2024-11-21 11:59 - 2024-11-21 11:59 - 000003972 _____ C:\Users\Rudolf\Desktop\eset.txt
2024-11-21 10:22 - 2024-11-21 12:01 - 000000772 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-11-21 10:22 - 2024-11-21 10:22 - 000000674 _____ C:\Users\Rudolf\Desktop\ESET Online Scanner.lnk
2024-11-21 10:22 - 2024-11-21 10:22 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ESET
2024-11-21 09:55 - 2024-11-21 09:55 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-21 09:55 - 2024-11-21 09:55 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2024-11-21 09:47 - 2024-11-21 10:19 - 000001337 _____ C:\Users\Rudolf\Desktop\Fixlog.txt
2024-11-21 08:38 - 2024-11-21 08:38 - 002402816 _____ (Farbar) C:\Users\Rudolf\Desktop\FRST64.exe
2024-11-21 06:49 - 2024-11-21 06:49 - 000000000 ____D C:\Users\Rudolf\AppData\LocalLow\AMD
2024-11-21 06:45 - 2024-11-21 09:48 - 000003102 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-11-21 06:45 - 2024-11-21 09:48 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-11-21 06:45 - 2024-11-21 06:45 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2024-11-21 06:45 - 2024-11-21 06:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2024-11-21 06:45 - 2024-11-21 06:45 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2024-11-21 06:45 - 2024-11-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2024-11-21 06:45 - 2024-11-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2024-11-21 06:44 - 2024-09-04 08:44 - 002100128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 001617824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 001617824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000978336 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000856864 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000856864 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000737696 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000737696 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000682400 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000610720 _____ C:\WINDOWS\system32\GameManager64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000537504 _____ C:\WINDOWS\system32\atieah64.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000504088 _____ C:\WINDOWS\system32\EEURestart.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000473480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000464288 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000406408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000267168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000229280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000211128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000207776 _____ C:\WINDOWS\system32\mantle64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000196512 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000186656 _____ C:\WINDOWS\system32\mantleaxl64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000184608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000174944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000165792 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000149280 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000148896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000142624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000075176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2024-11-21 06:44 - 2024-09-04 08:43 - 000139168 _____ C:\WINDOWS\system32\amdxc64.dll
2024-11-21 06:44 - 2024-09-04 08:43 - 000118560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2024-11-21 06:44 - 2024-09-04 08:43 - 000115104 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 001736464 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 001412064 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000167552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000157536 _____ C:\WINDOWS\system32\atidxx64.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000138616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000131136 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2024-11-21 06:44 - 2024-09-04 07:57 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2024-11-21 06:44 - 2024-09-04 07:57 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2024-11-21 06:44 - 2024-09-04 07:57 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2024-11-21 06:44 - 2024-09-04 07:57 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2024-11-21 06:44 - 2024-09-04 07:56 - 109624080 _____ C:\WINDOWS\system32\amdxc64.so
2024-11-21 06:44 - 2024-08-19 23:13 - 002976160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2024-11-21 06:43 - 2024-09-04 08:43 - 004374408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 004179848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 002245408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 001355520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 001074664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000944008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000771488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000570248 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000434056 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000232672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000187968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000572312 _____ C:\WINDOWS\system32\amdmiracast.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000177984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000167528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000152504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000138624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 088606496 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000801672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000678816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000545568 _____ C:\WINDOWS\system32\dgtrayicon.exe
2024-11-21 06:12 - 2024-09-04 08:43 - 000471456 _____ C:\WINDOWS\system32\amdlogum.exe
2024-11-21 06:12 - 2024-09-04 08:43 - 000103304 _____ C:\WINDOWS\system32\clinfo.exe
2024-11-21 06:12 - 2024-09-04 08:43 - 000051616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000048520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2024-11-21 06:12 - 2024-09-04 08:42 - 019434400 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2024-11-21 06:12 - 2024-09-04 08:42 - 000177056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2024-11-21 06:12 - 2024-09-04 08:42 - 000145800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2024-11-21 06:12 - 2023-05-24 12:42 - 000061888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2024-11-21 06:11 - 2024-09-04 08:44 - 000682400 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-11-21 06:11 - 2024-09-04 08:44 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-11-21 06:11 - 2024-09-04 08:43 - 105410432 _____ C:\WINDOWS\system32\amd_comgr.dll
2024-11-21 05:31 - 2024-09-04 08:43 - 000116944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2024-11-21 05:29 - 2024-09-04 08:43 - 000525088 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-11-21 05:29 - 2024-09-04 08:43 - 000390936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-11-21 05:10 - 2024-11-21 06:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-11-21 05:01 - 2024-11-21 05:01 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMDSoftwareInstaller
2024-11-21 01:29 - 2024-11-21 01:29 - 000001803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio X.lnk
2024-11-21 01:06 - 2024-10-29 20:15 - 000000744 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2024-11-20 19:42 - 2024-11-21 09:57 - 000000000 ____D C:\Users\Rudolf\AppData\Local\BitTorrentHelper
2024-11-14 17:58 - 2024-11-14 17:58 - 000000000 ____D C:\Users\Rudolf\Tapety
2024-11-13 03:53 - 2024-11-13 03:53 - 000000000 ____D C:\Users\Rudolf\Capture one katalog
2024-11-13 03:24 - 2024-11-13 03:24 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Topaz Labs LLC
2024-11-13 03:24 - 2024-11-13 03:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs LLC
2024-11-13 03:22 - 2024-11-13 03:22 - 000000000 ____D C:\Program Files\Common Files\OFX
2024-11-13 03:20 - 2024-11-13 03:24 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Topaz Labs LLC
2024-11-13 03:15 - 2024-11-13 03:15 - 000001101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO PhotoLab 8.lnk
2024-11-13 02:25 - 2024-11-13 02:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Photo AI
2024-11-13 01:53 - 2024-11-13 01:53 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KMPlayer 64X
2024-11-12 13:16 - 2024-11-13 21:41 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\vlc
2024-11-12 13:16 - 2024-11-12 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2024-11-05 02:36 - 2024-11-05 02:36 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ZJMedia
2024-11-05 02:01 - 2024-11-05 02:38 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Easeware
2024-11-05 02:01 - 2024-11-05 02:01 - 000000422 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2024-11-01 14:37 - 2024-11-01 14:54 - 000000000 ____D C:\Users\Rudolf\Luminar presets
2024-10-29 22:27 - 2024-10-29 22:27 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Red Dead Redemption
2024-10-29 22:26 - 2024-10-29 22:26 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\.1911
2024-10-29 20:23 - 2024-10-29 20:23 - 000000272 _____ C:\WINDOWS\system32\lc.dat
2024-10-28 17:15 - 2024-10-28 17:15 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2024-10-28 17:15 - 2024-10-28 17:15 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2024-10-28 17:15 - 2024-10-28 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-10-25 08:47 - 2024-10-25 08:47 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Capture_One
2024-10-25 03:36 - 2024-10-25 03:36 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\WinRAR
2024-10-25 03:36 - 2024-10-25 03:36 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-10-25 03:36 - 2024-10-25 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-10-25 00:47 - 2024-11-05 02:27 - 000002776 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-25 00:47 - 2024-10-25 00:47 - 000002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-25 00:47 - 2024-10-25 00:47 - 000000000 ___RD C:\Users\Default\OneDrive
2024-10-25 00:21 - 2024-10-28 17:15 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\lghub
2024-10-25 00:00 - 2024-10-25 00:00 - 000000000 ____D C:\Users\Default\AppData\Local\Logi
2024-10-24 23:59 - 2024-10-25 00:08 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Logi
2024-10-24 23:59 - 2024-10-24 23:59 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\com.logitech
2024-10-24 23:59 - 2024-10-24 23:59 - 000000000 ____D C:\Users\Rudolf\AppData\Local\flutter_webview_windows
2024-10-24 23:20 - 2024-11-21 06:39 - 000000000 ____D C:\Users\Rudolf\AppData\Local\LGHUB
2024-10-24 23:20 - 2024-10-24 23:20 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\LGHUB_BKP
2024-10-24 23:17 - 2024-10-28 17:16 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\G HUB
2024-10-24 21:30 - 2024-10-24 21:30 - 000026650 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-10-24 21:30 - 2024-10-24 21:30 - 000026650 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-10-24 21:05 - 2024-10-24 21:05 - 000032080 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2024-10-23 10:45 - 2024-10-23 10:45 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ToastNotificationManagerCompat
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-21 12:10 - 2017-07-04 08:05 - 000000000 ____D C:\FRST
2024-11-21 12:07 - 2024-10-12 14:31 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Zoner
2024-11-21 12:06 - 2017-07-04 08:05 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-21 12:03 - 2024-09-13 05:21 - 000000000 ____D C:\Users\Rudolf\AppData\Local\D3DSCache
2024-11-21 11:48 - 2024-05-11 07:20 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Webshare
2024-11-21 11:48 - 2017-07-04 08:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-21 11:29 - 2024-05-10 17:42 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-11-21 11:29 - 2017-07-04 08:05 - 000000000 ____D C:\ProgramData\Adobe
2024-11-21 10:41 - 2017-07-04 08:05 - 000000000 ____D C:\Program Files (x86)\imobie DroidKit
2024-11-21 10:41 - 2017-07-04 08:05 - 000000000 ____D C:\Program Files (x86)\HDD Regenerator
2024-11-21 10:40 - 2017-07-04 08:05 - 000000000 ____D C:\Program Files (x86)\Civilization V
2024-11-21 09:58 - 2017-07-04 08:05 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-11-21 09:55 - 2024-05-10 11:20 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-21 09:55 - 2017-07-04 08:05 - 000000000 ____D C:\WINDOWS\INF
2024-11-21 09:48 - 2024-05-10 11:14 - 000034164 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2024-11-21 09:48 - 2024-05-10 11:13 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-21 09:48 - 2024-05-10 11:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-21 09:48 - 2017-07-04 08:05 - 000000000 ____D C:\Program Files\AMD
2024-11-21 09:47 - 2024-08-04 09:44 - 000000000 ____D C:\Users\Rudolf\AppData\LocalLow\Temp
2024-11-21 09:47 - 2024-05-10 11:26 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-11-21 09:47 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2024-11-21 08:22 - 2024-05-10 11:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-21 06:45 - 2024-05-10 11:26 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMD
2024-11-21 06:45 - 2024-05-10 11:24 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Packages
2024-11-21 06:41 - 2024-05-10 11:32 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMD_Common
2024-11-21 06:29 - 2024-08-23 13:02 - 000000000 ____D C:\Users\Rudolf\AppData\Local\New Technology Studio
2024-11-21 06:00 - 2024-08-19 05:24 - 000002602 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2024-11-21 05:25 - 2024-05-10 15:07 - 000000000 ____D C:\Users\Rudolf\AppData\Local\CrashDumps
2024-11-21 04:39 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-11-21 04:37 - 2024-05-10 17:42 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Adobe
2024-11-21 04:26 - 2024-05-10 11:23 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows
2024-11-21 01:16 - 2024-08-04 04:42 - 000000000 ___RD C:\Users\Rudolf\Desktop\卐
2024-11-20 22:36 - 2024-05-21 13:55 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Upscayl
2024-11-20 22:36 - 2024-05-10 18:47 - 000001907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Upscayl.lnk
2024-11-20 22:28 - 2024-08-18 01:25 - 000000000 ____D C:\Users\Rudolf\AppData\Local\HeliconFocus
2024-11-20 17:22 - 2024-05-11 17:05 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-19 14:12 - 2024-05-10 11:14 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-13 07:30 - 2024-05-10 11:13 - 000382168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-13 07:29 - 2024-07-17 03:50 - 000000000 ____D C:\Users\Default\.dotnet
2024-11-13 07:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-13 07:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-13 07:28 - 2024-05-10 11:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-13 07:27 - 2024-05-10 11:52 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-13 03:19 - 2024-05-11 00:10 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\DxO
2024-11-13 03:19 - 2024-05-11 00:09 - 000000000 ____D C:\Users\Rudolf\AppData\Local\DxO
2024-11-13 01:24 - 2024-09-13 21:00 - 000000000 ____D C:\Users\Rudolf\.android
2024-11-13 01:20 - 2024-08-19 01:59 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Corel
2024-11-13 01:10 - 2024-05-10 11:17 - 003335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-12 12:17 - 2024-05-10 11:14 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{4BF37730-1569-4B42-ABDF-C3881A875338}
2024-11-12 12:17 - 2024-05-10 11:14 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{F44E9754-C219-4C65-915D-DA28B6C650AA}
2024-11-05 12:09 - 2024-05-19 08:28 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ElevatedDiagnostics
2024-11-05 02:55 - 2024-05-10 23:15 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\AIMP
2024-11-05 02:27 - 2024-07-28 09:58 - 000003130 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3168977616-3566821354-2173195585-1000
2024-11-04 22:11 - 2024-09-25 07:45 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\CyberLink
2024-11-04 22:11 - 2024-09-12 20:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.23
2024-10-30 14:00 - 2024-05-10 11:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-10-25 08:48 - 2024-08-18 01:25 - 000000000 ____D C:\Users\Rudolf\AppData\Local\CaptureOne
2024-10-25 01:07 - 2024-05-10 11:25 - 000000000 ___RD C:\Users\Rudolf\OneDrive
2024-10-24 23:59 - 2024-05-11 00:10 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Sentry
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Rudolf (21-11-2024 12:11:33)
Running from C:\Users\Rudolf\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.2314 (X64) (2024-05-10 10:16:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3168977616-3566821354-2173195585-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3168977616-3566821354-2173195585-503 - Limited - Disabled)
Guest (S-1-5-21-3168977616-3566821354-2173195585-501 - Limited - Disabled)
Rudolf (S-1-5-21-3168977616-3566821354-2173195585-1000 - Administrator - Enabled) => C:\Users\Rudolf
WDAGUtilityAccount (S-1-5-21-3168977616-3566821354-2173195585-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_13_1) (Version: 13.1 - Adobe Inc.)
AIMP (HKLM\...\AIMP) (Version: 5.30.2549 - Artem Izmaylov)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.9.1 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
DxO PhotoLab 8 (HKLM\...\{3C8E7BE1-2701-4F4C-9C29-FE915871B16B}) (Version: 8.1.0 - DxO)
DxO PhotoLab 8 plug-in for Adobe Lightroom (HKLM-x32\...\{6BB56707-C0A0-4BA1-9A8F-89D66FB940E4}) (Version: 1.8.0 - DxO Labs)
DxO PureRAW 3 (HKLM\...\{2FEAD6AE-13AD-495B-BC50-C4A75475386E}) (Version: 3.9.0 - DxO)
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{FE291DB1-9625-4EAB-8C54-03F2B912BAA9}) (Version: 2.6.2 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.85 - Google LLC)
Helicon Focus 8.1.0.0 (HKLM\...\Helicon Focus 8_is1) (Version: - Helicon Soft Ltd.)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2024.10.23.15 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.8.641856 - Logitech)
Luminar Neo 1.20.1.13681 (HKLM\...\Luminar Neo_is1) (Version: 1.20.1.13681 - LR)
Mafia: Definitive Edition (HKLM-x32\...\1993581340_is1) (Version: 1.0.3 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.51 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.186.0915.0004 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{d98165f5-8b37-4100-8852-a0664374ff8a}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24123 (HKLM-x32\...\{03AC7A79-F8AF-38FC-9DA0-98DAB4F4B1CD}) (Version: 14.0.24123 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24123 (HKLM-x32\...\{06AE3BCC-7612-39D3-9F3B-B6601D877D02}) (Version: 14.0.24123 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.4.13.231129 - XPPen Technology)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Sid Meier's Civilization V (HKLM-x32\...\Sid Meier's Civilization V_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Topaz Photo AI (HKLM\...\{E5B82950-1E9E-4B14-B8C8-9D9DFB4434F6}) (Version: 3.3.2 - Topaz Labs LLC)
Topaz Video AI 5.3.6 (HKLM\...\Topaz Video AI_is1) (Version: 5.3.6 - Topaz Labs LLC)
Upscayl 2.11.5 (HKLM\...\2e801529-9c6a-5917-960e-278558728760) (Version: 2.11.5 - Nayam Amarshe)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Wargaming.net Game Center) (Version: 24.6.1.7231 - Wargaming.net)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
Windows Subsystem for Linux (HKLM\...\{57CD6412-C4AC-431F-8753-46A620EF3A4E}) (Version: 2.2.4.0 - Microsoft Corporation) Hidden
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\2387829014) (Version: - Wargaming.net)
Zoner Photo Studio X version 19.2409.2.582 (HKLM-x32\...\{0311A37E-1930-4CE3-9CE4-C6DE25589E1B}_is1) (Version: 19.2409.2.582 - )
Packages:
=========
@{MicrosoftWindows.LKG.Search_1000.26100.1591.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.LKG.Search/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.Search_cw5n1h2txyewy [2024-10-01] ()
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-11-21] (Advanced Micro Devices Inc.)
Aquile Reader -> C:\Program Files\WindowsApps\21676OptimiliaStudios.AquileReader_1.1.46.0_x64__k42naep6bwmrc [2024-11-03] (Optimilia Studios)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2024.4.17.0_x64__t5j2fzbtdg37r [2024-11-19] (DTS, Inc.)
Real HEIC to JPG Converter -> C:\Program Files\WindowsApps\36059XiaoyaStudio.RealHEICConverter_2.2.26.0_x86__ngh7ertwt50re [2024-10-17] (Xiaoya Lab)
WinRAR -> C:\Program Files\WinRAR [2017-07-04] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3168977616-3566821354-2173195585-1000_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d}\localserver32 -> C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe (Skylum Software USA, Inc. -> Skylum)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-05-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-05-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-11-21 11:18 - 2020-06-08 04:54 - 000488162 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\iocp100.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000210432 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\jpegtcl920.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000212992 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\pngtcl1635.dll
2024-11-21 11:18 - 2021-01-07 21:21 - 000988642 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\sqlite3883.dll
2024-11-21 11:18 - 2021-01-06 18:46 - 000270233 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tclreg13.dll
2024-11-21 11:18 - 2015-06-08 18:11 - 000550912 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tdom083.dll
2024-11-21 11:18 - 2015-06-06 06:17 - 000092160 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\thread272.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000313856 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tifftcl397.dll
2024-11-21 11:18 - 2015-07-08 14:07 - 000116736 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkdnd28.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000031744 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimg1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026624 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgbmp1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000025600 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimggif1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026624 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgico1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000024064 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgjpeg1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000024576 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgpcx1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000025600 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgpixmap1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000024064 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgpng1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026112 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgppm1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000022016 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgps1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000029184 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgsgi1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026624 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgsun1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026112 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgtga1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000057344 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgtiff1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000018432 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgwindow1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000020480 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgxbm1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000024064 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgxpm1411.dll
2024-11-21 11:18 - 2015-06-08 18:11 - 001534976 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tls165.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000089600 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\zlibtcl1211.dll
2024-11-21 11:18 - 2020-08-18 11:56 - 000683520 _____ (Ashok P. Nadkarni) [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\twapi_base64.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 001224704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\LIBEAY32.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\SSLEAY32.dll
2024-09-15 01:17 - 2023-07-28 14:48 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 001064960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 004814336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 004965376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000930304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000264704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 004464640 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000149504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:4FB9487F [124]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
2024-06-25 09:05 - 2024-06-30 12:25 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.25.160.1 Rudolf.mshome.net # 2029 6 5 29 11 25 17 943
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Intel;C:\Intel\m;C:\Intel\logs;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Rudolf\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files\apache-maven-3.9.8;C:\Program Files\Java\jdk-22\bin;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Users\Rudolf\.dotnet\tools;
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rudolf\Tapety\pc.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Síťové připojení Bluetooth 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
Ethernet: Killer E2200 Gigabit Ethernet Controller -> e2xw10x64.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "DxO PureRAW 4.lnk"
HKLM\...\StartupApproved\Run: => "PowerDVD23Agent"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "AMDNoiseSuppression"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5F787EB8F6C2739B29BBA49ECA2958CD"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Docker Desktop"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "MouseServer"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Uninstall 24.132.0701.0002"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Delete Cached Update Binary"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer_PowerDVD23"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Uninstall 24.181.0908.0001"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E0451588-78CA-4216-A24E-8D39D7686018}D:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\games\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [File not signed]
FirewallRules: [UDP Query User{075F983C-D128-41A1-9843-FA0296939205}D:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\games\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [File not signed]
FirewallRules: [TCP Query User{91B0FAD6-852C-4504-A4A7-87232A6D1165}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C2F6B157-7D73-490E-8877-2F6EF6A9A524}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FF14EBC5-1716-4098-8370-E7F874BD19D8}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{ADF6AB33-2043-4722-BDF2-E783A7D5A4A4}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C27D1F65-5BDA-459B-A6A4-86A8A478E2C1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D4A0928-6908-4D13-B6D1-9B166BF6846B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{D779995D-4A6A-41D8-9CC6-A9F064E535BA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{8BBEFA30-B59C-4A1E-A296-33D0CC17E8C8}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{42E883F8-3B12-4EFB-9FDA-5AEF0EA7EDB7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{653A8E20-DF08-40A6-80F5-CDAD54CFA2F6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E9F56B11-FF58-40A5-AAFD-A2CBE77A2E1D}D:\games\world of tanks\win64\worldoftanks.exe] => (Allow) D:\games\world of tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{A6405166-FAA9-45E4-A443-019D6D7BCA1E}D:\games\world of tanks\win64\worldoftanks.exe] => (Allow) D:\games\world of tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{3E9793F1-E297-408B-8FAF-BC75A074A2C3}] => (Block) C:\Program Files\DxO\DxO PhotoLab 8\DxO.PhotoLab.exe (DxO Labs S.A.S. -> DxO)
FirewallRules: [{FE921112-AEDD-4CF9-8958-446ACE4725C8}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{555B8B4D-41B9-4FD5-9EDE-E842ADAFC1BC}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{32CC6484-5D29-4EC6-A84F-2EA326595FD6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{07246EAE-2583-4D39-A3FF-DA8A76FD5CD0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.51\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
21-11-2024 06:26:43 Radeon Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/21/2024 11:29:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 09:47:22 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač..
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (11/21/2024 09:47:02 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen..To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {e7c120bf-830b-4dff-a6ce-997502f4b199}
Error: (11/21/2024 06:05:16 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:44:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:32:39 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.26100.2314 programu LockApp.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (11/21/2024 05:29:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:21:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro E:\Downloads\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (11/21/2024 10:58:42 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (11/21/2024 10:24:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/21/2024 10:24:18 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Rudolf\AppData\Local\Temp\ehdrv.sys
Error: (11/21/2024 10:24:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/21/2024 10:24:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Rudolf\AppData\Local\Temp\ehdrv.sys
Error: (11/21/2024 10:24:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/21/2024 10:24:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Rudolf\AppData\Local\Temp\ehdrv.sys
Error: (11/21/2024 10:24:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
================
Date: 2024-11-05 01:54:50
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen!MTB
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Downloads\HDD Regenerator 2024 v20.24.0.0 Patch-Keygen.rar; webfile:_E:\Downloads\HDD Regenerator 2024 v20.24.0.0 Patch-Keygen.rar|https://vip.18.dl.webshare.cz/9164/6oOj ... 6885436437
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: RUDOLF\Rudolf
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.421.89.0, AS: 1.421.89.0, NIS: 1.421.89.0
Verze modulu: AM: 1.1.24090.11, NIS: 1.1.24090.11
Date: 2024-11-04 14:24:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {97A272AD-4238-4982-BBBC-9FEBA9BFCE66}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-04 13:19:33
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe možnost upravit %userprofile%\Videos.
Čas detekce: 2024-11-04T12:19:33.440Z
Uživatel: RUDOLF\Rudolf
Cesta: %userprofile%\Videos
Název procesu: C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
Verze bezpečnostních informací: 1.421.79.0
Verze modulu: 1.1.24090.11
Verze produktu: 4.18.24090.11
Date: 2024-11-03 15:46:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7CACF5DB-46CC-4911-B091-E516F498E079}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-03 15:34:49
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe možnost upravit %userprofile%\Videos.
Čas detekce: 2024-11-03T14:34:49.515Z
Uživatel: RUDOLF\Rudolf
Cesta: %userprofile%\Videos
Název procesu: C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
Verze bezpečnostních informací: 1.421.67.0
Verze modulu: 1.1.24090.11
Verze produktu: 4.18.24090.11
Event[0]
Date: 2024-11-21 06:02:25
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-11-21 05:13:07
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-11-21 05:10:31
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-07-09 11:07:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2024-05-18 07:38:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===============
Date: 2024-07-09 11:21:32
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V2.13 03/07/2014
Motherboard: MSI Z77A-G43 (MS-7758)
Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 29%
Total physical RAM: 24524.43 MB
Available physical RAM: 17294.06 MB
Total Virtual: 60524.43 MB
Available Virtual: 50936.9 MB
==================== Drives ================================
Drive c: ( 卐) (Fixed) (Total:446.41 GB) (Free:172.68 GB) (Model: Patriot Burst) NTFS
Drive d: ( 卐 卐) (Fixed) (Total:447.01 GB) (Free:204.83 GB) (Model: Patriot Burst) NTFS
Drive e: ( 卐 ϟϟ) (Fixed) (Total:465.63 GB) (Free:128.51 GB) (Model: SAMSUNG HM500JI) NTFS
\\?\Volume{a06bb8ff-0755-470b-b60f-d19c09384502}\ () (Fixed) (Total:0.1 GB) (Free:0.09 GB) NTFS
\\?\Volume{8f434d70-975e-488a-9249-8324ca309b8d}\ () (Fixed) (Total:0.61 GB) (Free:0.1 GB) NTFS
\\?\Volume{51bc0659-ada4-4247-b3f1-8c5c79625ba8}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 0610802F)
Partition: GPT.
==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 56DA8679)
Partition: GPT.
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 098B4315)
Partition: GPT.
==========================================================
Disk: 3 (Size: 223.6 GB) (Disk ID: C87DD721)
Partition: GPT.
==========================================================
Disk: 4 (Size: 298.1 GB) (Disk ID: 97646C29)
==================== End of Addition.txt =======================
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Rudolf (21-11-2024 10:19:24) Run:2
Running from C:\Users\Rudolf\Desktop
Loaded Profiles: Rudolf
Boot Mode: Normal
==============================================
fixlist content:
*****************
Task: {FC37401D-36C8-44AC-9499-AA4C5ACDF819} - System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs (No File)
CMD: dir C:\Windows\Download
*****************
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC37401D-36C8-44AC-9499-AA4C5ACDF819}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC37401D-36C8-44AC-9499-AA4C5ACDF819}" => removed successfully
C:\WINDOWS\System32\Tasks\WindowsUpdateService => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsUpdateService" => removed successfully
========= dir C:\Windows\Download =========
Volume in drive C is 卐
Volume Serial Number is 92C1-69C8
Directory of C:\Windows\Download
04.07.2017 08:05 <DIR> .
04.07.2017 08:05 <DIR> ..
0 File(s) 0 bytes
2 Dir(s) 172 461 527 040 bytes free
========= End of CMD: =========
==== End of Fixlog 10:19:25 ====
vysledek eset
21.11.2024 11:59:26
Zkontrolováno souborů: 1003524
Detekováno souborů: 15
Vyléčeno souborů: 15
Celkový čas kontroly 01:23:28
Stav kontroly: Dokončeno
C:\FRST\Quarantine\C\Intel\i1.exe varianta Win32/Injector.MH trojský kůň vyléčen smazáním
C:\FRST\Quarantine\C\Intel\i2.exe varianta Win32/Injector.MH trojský kůň vyléčen smazáním
C:\FRST\Quarantine\C\Intel\i3.exe varianta Win32/Injector.MH trojský kůň vyléčen smazáním
C:\FRST\Quarantine\C\Intel\i4.exe varianta Win32/Injector.MH trojský kůň vyléčen smazáním
C:\Program Files\Corel\CorelDRAW Graphics Suite\25\xfpsp2023-mod.exe varianta Win32/Keygen.ACS potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files\Helicon Software\Helicon Focus 8\HeliconFocus.exe varianta Win64/HackTool.Loader.B potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files\Topaz Labs LLC\Topaz Photo AI\topaz.photo.ai.3.3.0-patch.exe varianta Win32/HackTool.Patcher.AD potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files (x86)\Civilization V\steam_api.dll varianta Win32/HackTool.Crack.CS potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files (x86)\HDD Regenerator\Patch.exe varianta Win32/HackTool.Patcher.AD potenciálně zneužitelná aplikace vyléčen smazáním
C:\Program Files (x86)\imobie DroidKit\patch.exe varianta Win32/Packed.Themida.HLC trojský kůň vyléčen smazáním
C:\Windows\System32\drivers\etc\hosts Win32/Qhost trojský kůň vyléčen smazáním
D:\Games\Red Dead Redemption 2\EMP.dll varianta Win64/HackTool.Crack.Q potenciálně zneužitelná aplikace vyléčen smazáním
D:\Games\Wolfenstein The New Order\Crack\steam_api64.dll varianta Win64/HackTool.Crack.F potenciálně zneužitelná aplikace vyléčen smazáním
D:\Games\Wolfenstein The New Order\steam_api64.dll varianta Win64/HackTool.Crack.F potenciálně zneužitelná aplikace vyléčen smazáním
E:\PhotoShop\Adobe Photoshop Elements 2024.11\PSE 2024\Set-up.exe Win32/HackTool.Crack.OH potenciálně zneužitelná aplikace vyléčen smazáním
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2024
Ran by Rudolf (administrator) on RUDOLF (MSI MS-7758) (21-11-2024 12:10:08)
Running from C:\Users\Rudolf\Desktop\FRST64.exe
Loaded Profiles: Rudolf
Platform: Microsoft Windows 11 Pro Version 24H2 26100.2314 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22>
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (THINKSMART s.r.o. -> THINKSMART s.r.o.) C:\Program Files\Webshare klient\Webshare klient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24101.35.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1185688 2023-11-30] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-08-19] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [MicrosoftEdgeAutoLaunch_5F787EB8F6C2739B29BBA49ECA2958CD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911248 2024-11-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919312 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4412512 2024-11-12] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [22365592 2024-10-28] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.85\Installer\chrmstp.exe [2024-11-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00F3BAD3-B5CE-439A-8352-172F5B41F3C9} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {FDDED592-5192-44C9-89F1-32EEB4229024} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {D0277FA8-C99F-434A-9741-F633346040C9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{20DCF27E-BA7B-41F1-91A5-038A09C12CF5} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {3D5AFD41-625C-4EF2-BF12-B96B0D90C339} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-08-19] (Adobe Inc. -> Adobe Inc.)
Task: {242C6E84-CB11-4D77-AD3F-BE0E57F31319} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {596B9844-5213-4449-AA3A-82FD1D8F4B85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A631C10-651D-489D-8EBE-72178632E984} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {242A8E91-D9B9-4C63-8204-AD206742D6F8} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {112812BA-A756-4819-821C-CF21413DF697} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209176 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DDD3949-141C-40C4-9B99-9E46ED5DA18E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3168977616-3566821354-2173195585-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209176 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB5ABA1C-676F-4E06-BDFC-20E632E2BCAA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {AB9382CF-BF73-4994-A36B-8EAED9BEDA23} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{0320c474-f793-40bf-88c8-45e59b26ce1a}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip\..\Interfaces\{0320c474-f793-40bf-88c8-45e59b26ce1a}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{0320c474-f793-40bf-88c8-45e59b26ce1a}: [DhcpDomain] home
Tcpip\..\Interfaces\{39a14baa-0ebe-11ef-83d7-806e6f6e6963}: [NameServer] 1.1.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-21]
Edge DownloadDir: Default -> E:\Downloads
Edge HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
Edge StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... oogle.com/"
Edge Extension: (Video Player) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bobjnignhcpkfnjcgegmdjijonimcmke [2024-07-31]
Edge Extension: (Send to Kindle pro Google Chrome™) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-05-10]
Edge Extension: (Ruffle - Flash Emulator) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\donbcfbmhbcapadipfkeojnmajbakjdc [2024-11-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-22]
Edge Extension: (No Name) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2024-10-22]
Edge Extension: (Dark Reader) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2024-10-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-10]
Edge Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2024-11-20]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-11-19]
Edge Extension: (Blokátor reklam AdGuard) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2024-10-24]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default [2024-11-21]
CHR HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... google.com"
CHR Extension: (Blokátor reklam AdGuard (MV3 Beta)) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjcbfpjihpedihablmalmbbhjpklbdf [2024-11-21]
CHR Extension: (Send to Kindle pro Google Chrome™) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-11-21]
CHR Extension: (Dark Reader) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-21]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-11-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-11]
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-11-14]
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\System Profile [2024-11-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2024-06-03] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [381416 2024-04-23] (Epic Games Inc. -> Epic Games, Inc.)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncHelper.exe [3525136 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11712920 2024-10-28] (Logitech Inc -> Logitech, Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe [11177064 2024-10-24] (Logitech Inc -> Logitech, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.186.0915.0004\OneDriveUpdaterService.exe [3869200 2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 aehd; C:\WINDOWS\system32\DRIVERS\aehd.sys [403080 2024-06-25] (Google LLC -> Google LLC)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys [113880 2024-05-10] (Advanced Micro Devices -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\amdkmdag.sys [106596128 2024-09-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2023-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [226560 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\hw_cdcacm.sys [127360 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140744 2024-10-24] (Microsoft Windows -> Microsoft Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-10-28] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2024-10-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-10-28] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray.sys [89192 2024-10-24] (Logitech Inc -> Logitech, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-07-09] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-21 12:10 - 2024-11-21 12:10 - 000020293 _____ C:\Users\Rudolf\Desktop\FRST.txt
2024-11-21 11:59 - 2024-11-21 11:59 - 000003972 _____ C:\Users\Rudolf\Desktop\eset.txt
2024-11-21 10:22 - 2024-11-21 12:01 - 000000772 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-11-21 10:22 - 2024-11-21 10:22 - 000000674 _____ C:\Users\Rudolf\Desktop\ESET Online Scanner.lnk
2024-11-21 10:22 - 2024-11-21 10:22 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ESET
2024-11-21 09:55 - 2024-11-21 09:55 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-21 09:55 - 2024-11-21 09:55 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2024-11-21 09:47 - 2024-11-21 10:19 - 000001337 _____ C:\Users\Rudolf\Desktop\Fixlog.txt
2024-11-21 08:38 - 2024-11-21 08:38 - 002402816 _____ (Farbar) C:\Users\Rudolf\Desktop\FRST64.exe
2024-11-21 06:49 - 2024-11-21 06:49 - 000000000 ____D C:\Users\Rudolf\AppData\LocalLow\AMD
2024-11-21 06:45 - 2024-11-21 09:48 - 000003102 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-11-21 06:45 - 2024-11-21 09:48 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-11-21 06:45 - 2024-11-21 06:45 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2024-11-21 06:45 - 2024-11-21 06:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2024-11-21 06:45 - 2024-11-21 06:45 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2024-11-21 06:45 - 2024-11-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2024-11-21 06:45 - 2024-11-21 06:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2024-11-21 06:44 - 2024-09-04 08:44 - 002100128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 001617824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 001617824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000978336 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000856864 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000856864 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000737696 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000737696 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000682400 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000610720 _____ C:\WINDOWS\system32\GameManager64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000537504 _____ C:\WINDOWS\system32\atieah64.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000504088 _____ C:\WINDOWS\system32\EEURestart.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000473480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000464288 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000406408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2024-11-21 06:44 - 2024-09-04 08:44 - 000267168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000229280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000211128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000207776 _____ C:\WINDOWS\system32\mantle64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000196512 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000186656 _____ C:\WINDOWS\system32\mantleaxl64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000184608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000174944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000165792 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000149280 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000148896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000142624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2024-11-21 06:44 - 2024-09-04 08:44 - 000075176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2024-11-21 06:44 - 2024-09-04 08:43 - 000139168 _____ C:\WINDOWS\system32\amdxc64.dll
2024-11-21 06:44 - 2024-09-04 08:43 - 000118560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2024-11-21 06:44 - 2024-09-04 08:43 - 000115104 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 001736464 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 001412064 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000167552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000157536 _____ C:\WINDOWS\system32\atidxx64.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000138616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2024-11-21 06:44 - 2024-09-04 08:42 - 000131136 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2024-11-21 06:44 - 2024-09-04 07:57 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2024-11-21 06:44 - 2024-09-04 07:57 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2024-11-21 06:44 - 2024-09-04 07:57 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2024-11-21 06:44 - 2024-09-04 07:57 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2024-11-21 06:44 - 2024-09-04 07:56 - 109624080 _____ C:\WINDOWS\system32\amdxc64.so
2024-11-21 06:44 - 2024-08-19 23:13 - 002976160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2024-11-21 06:43 - 2024-09-04 08:43 - 004374408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 004179848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 002245408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 001355520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 001074664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000944008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000771488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000570248 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000434056 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000232672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2024-11-21 06:43 - 2024-09-04 08:43 - 000187968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000572312 _____ C:\WINDOWS\system32\amdmiracast.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000177984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000167528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000152504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2024-11-21 06:43 - 2024-09-04 08:42 - 000138624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 088606496 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000801672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000678816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000545568 _____ C:\WINDOWS\system32\dgtrayicon.exe
2024-11-21 06:12 - 2024-09-04 08:43 - 000471456 _____ C:\WINDOWS\system32\amdlogum.exe
2024-11-21 06:12 - 2024-09-04 08:43 - 000103304 _____ C:\WINDOWS\system32\clinfo.exe
2024-11-21 06:12 - 2024-09-04 08:43 - 000051616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2024-11-21 06:12 - 2024-09-04 08:43 - 000048520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2024-11-21 06:12 - 2024-09-04 08:42 - 019434400 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2024-11-21 06:12 - 2024-09-04 08:42 - 000177056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2024-11-21 06:12 - 2024-09-04 08:42 - 000145800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2024-11-21 06:12 - 2023-05-24 12:42 - 000061888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2024-11-21 06:11 - 2024-09-04 08:44 - 000682400 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-11-21 06:11 - 2024-09-04 08:44 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-11-21 06:11 - 2024-09-04 08:43 - 105410432 _____ C:\WINDOWS\system32\amd_comgr.dll
2024-11-21 05:31 - 2024-09-04 08:43 - 000116944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2024-11-21 05:29 - 2024-09-04 08:43 - 000525088 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-11-21 05:29 - 2024-09-04 08:43 - 000390936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-11-21 05:10 - 2024-11-21 06:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-11-21 05:01 - 2024-11-21 05:01 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMDSoftwareInstaller
2024-11-21 01:29 - 2024-11-21 01:29 - 000001803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio X.lnk
2024-11-21 01:06 - 2024-10-29 20:15 - 000000744 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2024-11-20 19:42 - 2024-11-21 09:57 - 000000000 ____D C:\Users\Rudolf\AppData\Local\BitTorrentHelper
2024-11-14 17:58 - 2024-11-14 17:58 - 000000000 ____D C:\Users\Rudolf\Tapety
2024-11-13 03:53 - 2024-11-13 03:53 - 000000000 ____D C:\Users\Rudolf\Capture one katalog
2024-11-13 03:24 - 2024-11-13 03:24 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Topaz Labs LLC
2024-11-13 03:24 - 2024-11-13 03:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs LLC
2024-11-13 03:22 - 2024-11-13 03:22 - 000000000 ____D C:\Program Files\Common Files\OFX
2024-11-13 03:20 - 2024-11-13 03:24 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Topaz Labs LLC
2024-11-13 03:15 - 2024-11-13 03:15 - 000001101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO PhotoLab 8.lnk
2024-11-13 02:25 - 2024-11-13 02:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Photo AI
2024-11-13 01:53 - 2024-11-13 01:53 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KMPlayer 64X
2024-11-12 13:16 - 2024-11-13 21:41 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\vlc
2024-11-12 13:16 - 2024-11-12 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2024-11-05 02:36 - 2024-11-05 02:36 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ZJMedia
2024-11-05 02:01 - 2024-11-05 02:38 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Easeware
2024-11-05 02:01 - 2024-11-05 02:01 - 000000422 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2024-11-01 14:37 - 2024-11-01 14:54 - 000000000 ____D C:\Users\Rudolf\Luminar presets
2024-10-29 22:27 - 2024-10-29 22:27 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Red Dead Redemption
2024-10-29 22:26 - 2024-10-29 22:26 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\.1911
2024-10-29 20:23 - 2024-10-29 20:23 - 000000272 _____ C:\WINDOWS\system32\lc.dat
2024-10-28 17:15 - 2024-10-28 17:15 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2024-10-28 17:15 - 2024-10-28 17:15 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2024-10-28 17:15 - 2024-10-28 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-10-25 08:47 - 2024-10-25 08:47 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Capture_One
2024-10-25 03:36 - 2024-10-25 03:36 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\WinRAR
2024-10-25 03:36 - 2024-10-25 03:36 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-10-25 03:36 - 2024-10-25 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-10-25 00:47 - 2024-11-05 02:27 - 000002776 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-25 00:47 - 2024-10-25 00:47 - 000002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-25 00:47 - 2024-10-25 00:47 - 000000000 ___RD C:\Users\Default\OneDrive
2024-10-25 00:21 - 2024-10-28 17:15 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\lghub
2024-10-25 00:00 - 2024-10-25 00:00 - 000000000 ____D C:\Users\Default\AppData\Local\Logi
2024-10-24 23:59 - 2024-10-25 00:08 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Logi
2024-10-24 23:59 - 2024-10-24 23:59 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\com.logitech
2024-10-24 23:59 - 2024-10-24 23:59 - 000000000 ____D C:\Users\Rudolf\AppData\Local\flutter_webview_windows
2024-10-24 23:20 - 2024-11-21 06:39 - 000000000 ____D C:\Users\Rudolf\AppData\Local\LGHUB
2024-10-24 23:20 - 2024-10-24 23:20 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\LGHUB_BKP
2024-10-24 23:17 - 2024-10-28 17:16 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\G HUB
2024-10-24 21:30 - 2024-10-24 21:30 - 000026650 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-10-24 21:30 - 2024-10-24 21:30 - 000026650 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-10-24 21:05 - 2024-10-24 21:05 - 000032080 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2024-10-23 10:45 - 2024-10-23 10:45 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ToastNotificationManagerCompat
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-21 12:10 - 2017-07-04 08:05 - 000000000 ____D C:\FRST
2024-11-21 12:07 - 2024-10-12 14:31 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Zoner
2024-11-21 12:06 - 2017-07-04 08:05 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-21 12:03 - 2024-09-13 05:21 - 000000000 ____D C:\Users\Rudolf\AppData\Local\D3DSCache
2024-11-21 11:48 - 2024-05-11 07:20 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Webshare
2024-11-21 11:48 - 2017-07-04 08:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-21 11:29 - 2024-05-10 17:42 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-11-21 11:29 - 2017-07-04 08:05 - 000000000 ____D C:\ProgramData\Adobe
2024-11-21 10:41 - 2017-07-04 08:05 - 000000000 ____D C:\Program Files (x86)\imobie DroidKit
2024-11-21 10:41 - 2017-07-04 08:05 - 000000000 ____D C:\Program Files (x86)\HDD Regenerator
2024-11-21 10:40 - 2017-07-04 08:05 - 000000000 ____D C:\Program Files (x86)\Civilization V
2024-11-21 09:58 - 2017-07-04 08:05 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-11-21 09:55 - 2024-05-10 11:20 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-21 09:55 - 2017-07-04 08:05 - 000000000 ____D C:\WINDOWS\INF
2024-11-21 09:48 - 2024-05-10 11:14 - 000034164 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2024-11-21 09:48 - 2024-05-10 11:13 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-21 09:48 - 2024-05-10 11:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-21 09:48 - 2017-07-04 08:05 - 000000000 ____D C:\Program Files\AMD
2024-11-21 09:47 - 2024-08-04 09:44 - 000000000 ____D C:\Users\Rudolf\AppData\LocalLow\Temp
2024-11-21 09:47 - 2024-05-10 11:26 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-11-21 09:47 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2024-11-21 08:22 - 2024-05-10 11:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-21 06:45 - 2024-05-10 11:26 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMD
2024-11-21 06:45 - 2024-05-10 11:24 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Packages
2024-11-21 06:41 - 2024-05-10 11:32 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMD_Common
2024-11-21 06:29 - 2024-08-23 13:02 - 000000000 ____D C:\Users\Rudolf\AppData\Local\New Technology Studio
2024-11-21 06:00 - 2024-08-19 05:24 - 000002602 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2024-11-21 05:25 - 2024-05-10 15:07 - 000000000 ____D C:\Users\Rudolf\AppData\Local\CrashDumps
2024-11-21 04:39 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-11-21 04:37 - 2024-05-10 17:42 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Adobe
2024-11-21 04:26 - 2024-05-10 11:23 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows
2024-11-21 01:16 - 2024-08-04 04:42 - 000000000 ___RD C:\Users\Rudolf\Desktop\卐
2024-11-20 22:36 - 2024-05-21 13:55 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Upscayl
2024-11-20 22:36 - 2024-05-10 18:47 - 000001907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Upscayl.lnk
2024-11-20 22:28 - 2024-08-18 01:25 - 000000000 ____D C:\Users\Rudolf\AppData\Local\HeliconFocus
2024-11-20 17:22 - 2024-05-11 17:05 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-19 14:12 - 2024-05-10 11:14 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-13 07:30 - 2024-05-10 11:13 - 000382168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-13 07:29 - 2024-07-17 03:50 - 000000000 ____D C:\Users\Default\.dotnet
2024-11-13 07:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-13 07:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-13 07:28 - 2024-05-10 11:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-13 07:27 - 2024-05-10 11:52 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-13 03:19 - 2024-05-11 00:10 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\DxO
2024-11-13 03:19 - 2024-05-11 00:09 - 000000000 ____D C:\Users\Rudolf\AppData\Local\DxO
2024-11-13 01:24 - 2024-09-13 21:00 - 000000000 ____D C:\Users\Rudolf\.android
2024-11-13 01:20 - 2024-08-19 01:59 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Corel
2024-11-13 01:10 - 2024-05-10 11:17 - 003335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-12 12:17 - 2024-05-10 11:14 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{4BF37730-1569-4B42-ABDF-C3881A875338}
2024-11-12 12:17 - 2024-05-10 11:14 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{F44E9754-C219-4C65-915D-DA28B6C650AA}
2024-11-05 12:09 - 2024-05-19 08:28 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ElevatedDiagnostics
2024-11-05 02:55 - 2024-05-10 23:15 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\AIMP
2024-11-05 02:27 - 2024-07-28 09:58 - 000003130 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3168977616-3566821354-2173195585-1000
2024-11-04 22:11 - 2024-09-25 07:45 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\CyberLink
2024-11-04 22:11 - 2024-09-12 20:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.23
2024-10-30 14:00 - 2024-05-10 11:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-10-25 08:48 - 2024-08-18 01:25 - 000000000 ____D C:\Users\Rudolf\AppData\Local\CaptureOne
2024-10-25 01:07 - 2024-05-10 11:25 - 000000000 ___RD C:\Users\Rudolf\OneDrive
2024-10-24 23:59 - 2024-05-11 00:10 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Sentry
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-10-24 21:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Rudolf (21-11-2024 12:11:33)
Running from C:\Users\Rudolf\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.2314 (X64) (2024-05-10 10:16:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3168977616-3566821354-2173195585-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3168977616-3566821354-2173195585-503 - Limited - Disabled)
Guest (S-1-5-21-3168977616-3566821354-2173195585-501 - Limited - Disabled)
Rudolf (S-1-5-21-3168977616-3566821354-2173195585-1000 - Administrator - Enabled) => C:\Users\Rudolf
WDAGUtilityAccount (S-1-5-21-3168977616-3566821354-2173195585-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_13_1) (Version: 13.1 - Adobe Inc.)
AIMP (HKLM\...\AIMP) (Version: 5.30.2549 - Artem Izmaylov)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.9.1 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
DxO PhotoLab 8 (HKLM\...\{3C8E7BE1-2701-4F4C-9C29-FE915871B16B}) (Version: 8.1.0 - DxO)
DxO PhotoLab 8 plug-in for Adobe Lightroom (HKLM-x32\...\{6BB56707-C0A0-4BA1-9A8F-89D66FB940E4}) (Version: 1.8.0 - DxO Labs)
DxO PureRAW 3 (HKLM\...\{2FEAD6AE-13AD-495B-BC50-C4A75475386E}) (Version: 3.9.0 - DxO)
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{FE291DB1-9625-4EAB-8C54-03F2B912BAA9}) (Version: 2.6.2 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.85 - Google LLC)
Helicon Focus 8.1.0.0 (HKLM\...\Helicon Focus 8_is1) (Version: - Helicon Soft Ltd.)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2024.10.23.15 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.8.641856 - Logitech)
Luminar Neo 1.20.1.13681 (HKLM\...\Luminar Neo_is1) (Version: 1.20.1.13681 - LR)
Mafia: Definitive Edition (HKLM-x32\...\1993581340_is1) (Version: 1.0.3 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.51 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.186.0915.0004 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{d98165f5-8b37-4100-8852-a0664374ff8a}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24123 (HKLM-x32\...\{03AC7A79-F8AF-38FC-9DA0-98DAB4F4B1CD}) (Version: 14.0.24123 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24123 (HKLM-x32\...\{06AE3BCC-7612-39D3-9F3B-B6601D877D02}) (Version: 14.0.24123 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.4.13.231129 - XPPen Technology)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Sid Meier's Civilization V (HKLM-x32\...\Sid Meier's Civilization V_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Topaz Photo AI (HKLM\...\{E5B82950-1E9E-4B14-B8C8-9D9DFB4434F6}) (Version: 3.3.2 - Topaz Labs LLC)
Topaz Video AI 5.3.6 (HKLM\...\Topaz Video AI_is1) (Version: 5.3.6 - Topaz Labs LLC)
Upscayl 2.11.5 (HKLM\...\2e801529-9c6a-5917-960e-278558728760) (Version: 2.11.5 - Nayam Amarshe)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\Wargaming.net Game Center) (Version: 24.6.1.7231 - Wargaming.net)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
Windows Subsystem for Linux (HKLM\...\{57CD6412-C4AC-431F-8753-46A620EF3A4E}) (Version: 2.2.4.0 - Microsoft Corporation) Hidden
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\2387829014) (Version: - Wargaming.net)
Zoner Photo Studio X version 19.2409.2.582 (HKLM-x32\...\{0311A37E-1930-4CE3-9CE4-C6DE25589E1B}_is1) (Version: 19.2409.2.582 - )
Packages:
=========
@{MicrosoftWindows.LKG.Search_1000.26100.1591.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.LKG.Search/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.Search_cw5n1h2txyewy [2024-10-01] ()
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-11-21] (Advanced Micro Devices Inc.)
Aquile Reader -> C:\Program Files\WindowsApps\21676OptimiliaStudios.AquileReader_1.1.46.0_x64__k42naep6bwmrc [2024-11-03] (Optimilia Studios)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2024.4.17.0_x64__t5j2fzbtdg37r [2024-11-19] (DTS, Inc.)
Real HEIC to JPG Converter -> C:\Program Files\WindowsApps\36059XiaoyaStudio.RealHEICConverter_2.2.26.0_x86__ngh7ertwt50re [2024-10-17] (Xiaoya Lab)
WinRAR -> C:\Program Files\WinRAR [2017-07-04] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3168977616-3566821354-2173195585-1000_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d}\localserver32 -> C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe (Skylum Software USA, Inc. -> Skylum)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-05-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-05-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.186.0915.0004\FileSyncShell64.dll [2024-10-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-08-19] (Adobe Inc. -> )
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-11-21 11:18 - 2020-06-08 04:54 - 000488162 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\iocp100.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000210432 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\jpegtcl920.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000212992 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\pngtcl1635.dll
2024-11-21 11:18 - 2021-01-07 21:21 - 000988642 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\sqlite3883.dll
2024-11-21 11:18 - 2021-01-06 18:46 - 000270233 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tclreg13.dll
2024-11-21 11:18 - 2015-06-08 18:11 - 000550912 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tdom083.dll
2024-11-21 11:18 - 2015-06-06 06:17 - 000092160 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\thread272.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000313856 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tifftcl397.dll
2024-11-21 11:18 - 2015-07-08 14:07 - 000116736 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkdnd28.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000031744 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimg1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026624 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgbmp1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000025600 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimggif1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026624 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgico1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000024064 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgjpeg1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000024576 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgpcx1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000025600 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgpixmap1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000024064 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgpng1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026112 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgppm1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000022016 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgps1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000029184 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgsgi1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026624 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgsun1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000026112 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgtga1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000057344 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgtiff1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000018432 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgwindow1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000020480 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgxbm1411.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000024064 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tkimgxpm1411.dll
2024-11-21 11:18 - 2015-06-08 18:11 - 001534976 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\tls165.dll
2024-11-21 11:18 - 2020-05-04 10:37 - 000089600 _____ () [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\zlibtcl1211.dll
2024-11-21 11:18 - 2020-08-18 11:56 - 000683520 _____ (Ashok P. Nadkarni) [File not signed] C:\Users\Rudolf\AppData\Local\Temp\TCL00001bb4\twapi_base64.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 001224704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\LIBEAY32.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\SSLEAY32.dll
2024-09-15 01:17 - 2023-07-28 14:48 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 001064960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 004814336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 004965376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000930304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000264704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 004464640 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2024-09-15 01:17 - 2023-09-27 17:19 - 000149504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:4FB9487F [124]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
2024-06-25 09:05 - 2024-06-30 12:25 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.25.160.1 Rudolf.mshome.net # 2029 6 5 29 11 25 17 943
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Intel;C:\Intel\m;C:\Intel\logs;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Rudolf\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files\apache-maven-3.9.8;C:\Program Files\Java\jdk-22\bin;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Users\Rudolf\.dotnet\tools;
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rudolf\Tapety\pc.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Síťové připojení Bluetooth 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
Ethernet: Killer E2200 Gigabit Ethernet Controller -> e2xw10x64.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "DxO PureRAW 4.lnk"
HKLM\...\StartupApproved\Run: => "PowerDVD23Agent"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "AMDNoiseSuppression"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5F787EB8F6C2739B29BBA49ECA2958CD"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Docker Desktop"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "MouseServer"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Uninstall 24.132.0701.0002"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Delete Cached Update Binary"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer_PowerDVD23"
HKU\S-1-5-21-3168977616-3566821354-2173195585-1000\...\StartupApproved\Run: => "Uninstall 24.181.0908.0001"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E0451588-78CA-4216-A24E-8D39D7686018}D:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\games\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [File not signed]
FirewallRules: [UDP Query User{075F983C-D128-41A1-9843-FA0296939205}D:\games\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\games\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [File not signed]
FirewallRules: [TCP Query User{91B0FAD6-852C-4504-A4A7-87232A6D1165}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C2F6B157-7D73-490E-8877-2F6EF6A9A524}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FF14EBC5-1716-4098-8370-E7F874BD19D8}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{ADF6AB33-2043-4722-BDF2-E783A7D5A4A4}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C27D1F65-5BDA-459B-A6A4-86A8A478E2C1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D4A0928-6908-4D13-B6D1-9B166BF6846B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{D779995D-4A6A-41D8-9CC6-A9F064E535BA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{8BBEFA30-B59C-4A1E-A296-33D0CC17E8C8}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{42E883F8-3B12-4EFB-9FDA-5AEF0EA7EDB7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{653A8E20-DF08-40A6-80F5-CDAD54CFA2F6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E9F56B11-FF58-40A5-AAFD-A2CBE77A2E1D}D:\games\world of tanks\win64\worldoftanks.exe] => (Allow) D:\games\world of tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{A6405166-FAA9-45E4-A443-019D6D7BCA1E}D:\games\world of tanks\win64\worldoftanks.exe] => (Allow) D:\games\world of tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{3E9793F1-E297-408B-8FAF-BC75A074A2C3}] => (Block) C:\Program Files\DxO\DxO PhotoLab 8\DxO.PhotoLab.exe (DxO Labs S.A.S. -> DxO)
FirewallRules: [{FE921112-AEDD-4CF9-8958-446ACE4725C8}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{555B8B4D-41B9-4FD5-9EDE-E842ADAFC1BC}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{32CC6484-5D29-4EC6-A84F-2EA326595FD6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{07246EAE-2583-4D39-A3FF-DA8A76FD5CD0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.51\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
21-11-2024 06:26:43 Radeon Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/21/2024 11:29:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 09:47:22 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač..
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (11/21/2024 09:47:02 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen..To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {e7c120bf-830b-4dff-a6ce-997502f4b199}
Error: (11/21/2024 06:05:16 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:44:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:32:39 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.26100.2314 programu LockApp.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (11/21/2024 05:29:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/21/2024 05:21:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro E:\Downloads\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (11/21/2024 10:58:42 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (11/21/2024 10:24:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/21/2024 10:24:18 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Rudolf\AppData\Local\Temp\ehdrv.sys
Error: (11/21/2024 10:24:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/21/2024 10:24:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Rudolf\AppData\Local\Temp\ehdrv.sys
Error: (11/21/2024 10:24:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/21/2024 10:24:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Rudolf\AppData\Local\Temp\ehdrv.sys
Error: (11/21/2024 10:24:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
================
Date: 2024-11-05 01:54:50
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen!MTB
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Downloads\HDD Regenerator 2024 v20.24.0.0 Patch-Keygen.rar; webfile:_E:\Downloads\HDD Regenerator 2024 v20.24.0.0 Patch-Keygen.rar|https://vip.18.dl.webshare.cz/9164/6oOj ... 6885436437
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: RUDOLF\Rudolf
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.421.89.0, AS: 1.421.89.0, NIS: 1.421.89.0
Verze modulu: AM: 1.1.24090.11, NIS: 1.1.24090.11
Date: 2024-11-04 14:24:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {97A272AD-4238-4982-BBBC-9FEBA9BFCE66}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-04 13:19:33
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe možnost upravit %userprofile%\Videos.
Čas detekce: 2024-11-04T12:19:33.440Z
Uživatel: RUDOLF\Rudolf
Cesta: %userprofile%\Videos
Název procesu: C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
Verze bezpečnostních informací: 1.421.79.0
Verze modulu: 1.1.24090.11
Verze produktu: 4.18.24090.11
Date: 2024-11-03 15:46:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7CACF5DB-46CC-4911-B091-E516F498E079}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-03 15:34:49
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe možnost upravit %userprofile%\Videos.
Čas detekce: 2024-11-03T14:34:49.515Z
Uživatel: RUDOLF\Rudolf
Cesta: %userprofile%\Videos
Název procesu: C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
Verze bezpečnostních informací: 1.421.67.0
Verze modulu: 1.1.24090.11
Verze produktu: 4.18.24090.11
Event[0]
Date: 2024-11-21 06:02:25
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-11-21 05:13:07
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-11-21 05:10:31
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2024-07-09 11:07:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2024-05-18 07:38:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===============
Date: 2024-07-09 11:21:32
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V2.13 03/07/2014
Motherboard: MSI Z77A-G43 (MS-7758)
Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 29%
Total physical RAM: 24524.43 MB
Available physical RAM: 17294.06 MB
Total Virtual: 60524.43 MB
Available Virtual: 50936.9 MB
==================== Drives ================================
Drive c: ( 卐) (Fixed) (Total:446.41 GB) (Free:172.68 GB) (Model: Patriot Burst) NTFS
Drive d: ( 卐 卐) (Fixed) (Total:447.01 GB) (Free:204.83 GB) (Model: Patriot Burst) NTFS
Drive e: ( 卐 ϟϟ) (Fixed) (Total:465.63 GB) (Free:128.51 GB) (Model: SAMSUNG HM500JI) NTFS
\\?\Volume{a06bb8ff-0755-470b-b60f-d19c09384502}\ () (Fixed) (Total:0.1 GB) (Free:0.09 GB) NTFS
\\?\Volume{8f434d70-975e-488a-9249-8324ca309b8d}\ () (Fixed) (Total:0.61 GB) (Free:0.1 GB) NTFS
\\?\Volume{51bc0659-ada4-4247-b3f1-8c5c79625ba8}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 0610802F)
Partition: GPT.
==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 56DA8679)
Partition: GPT.
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 098B4315)
Partition: GPT.
==========================================================
Disk: 3 (Size: 223.6 GB) (Disk ID: C87DD721)
Partition: GPT.
==========================================================
Disk: 4 (Size: 298.1 GB) (Disk ID: 97646C29)
==================== End of Addition.txt =======================
Re: Nejde spustit AMD soft. připojit se na některé stránky, nákaza jistá...
Moc děkuji za pomoc, nakonec jsem přeinstaloval wokna, takže můžete vlákno uzavřít. Ještě jednou díky.
Re: Nejde spustit AMD soft. připojit se na některé stránky, nákaza jistá...
Přehlédl jsem už jen ADS na C:\ProgramData\Temp a pak už by byl PC čistý, ale i tohle je řešení. Nezapomeň na preventivní změnu hesel, která jsi měl uložená v prohlížečích. Před dalším dvojklikem na pochybný exáč více rozmyslu.
Není zač a pěkný víkend.
Není zač a pěkný víkend.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?