prosím o kontrolu logu z NTB, který neskutečně zpomalený. Děkuji.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by Petra (21-11-2023 17:16:40)
Running from C:\Users\Petra\Downloads
Microsoft Windows 8.1 Pro (Update) (X64) (2018-06-18 19:43:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-574031508-3201355849-649366700-500 - Administrator - Disabled)
Guest (S-1-5-21-574031508-3201355849-649366700-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-574031508-3201355849-649366700-1003 - Limited - Enabled)
Petra (S-1-5-21-574031508-3201355849-649366700-1001 - Administrator - Enabled) => C:\Users\Petra
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.006.20380 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Accelerated Video Transcoding (HKLM\...\{F2C2A6B9-B0CB-859D-79E5-60C44A615181}) (Version: 13.30.100.50410 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{49C639FB-E462-3CFD-9F6A-0F9033640CED}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Catalyst Control Center - Branding (HKLM-x32\...\{B820A5C2-0DD4-A49C-BC86-59E3B476D8CC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Desperados III (HKLM-x32\...\Desperados III_is1) (Version: - )
f.lux (HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\Flux) (Version: 4.124 - f.lux Software LLC)
Google Chrome (HKLM\...\{A5573283-D630-3900-8DCE-E463BDDB5E0E}) (Version: 109.0.5414.168 - Google, Inc.)
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 - Název společnosti:)
HP Wireless Button Driver (HKLM-x32\...\{1BDD178E-43DC-4063-B480-BA2BAE03E2A0}) (Version: 1.1.15.1 - HP)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{721F3055-6A35-4F74-A317-740E3F220468}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E3870CAD-2D62-48F8-9D38-5F7B77CDA133}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{4ADC1C4F-BDF6-4BC0-905C-B99A4227D635}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4889 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{F46EF80D-07F0-4E56-B9B3-8EDB759B52D8}) (Version: 5.0.10.2850 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.12 - PandoraTV)
Malwarebytes version 4.6.6.294 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.6.294 - Malwarebytes)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM\...\{7D3F6E2B-7A32-4289-A6E1-0595B89D1386}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{6AB94FE2-DC1A-434E-B8DC-772168A92300}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox ESR (x64 cs) (HKLM\...\Mozilla Firefox 115.4.0 ESR (x64 cs)) (Version: 115.4.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.4.0 - Mozilla)
MSVCRT Redists (HKLM\...\{D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
OEM Application Profile (HKLM-x32\...\{FCCF4B77-432F-EA83-4289-40C1DFA14C85}) (Version: 1.00.0000 - Název společnosti:)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.119 - Realtek Semiconduct Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.104 - REALTEK Semiconductor Corp.)
SafeMyWeb (HKLM-x32\...\{45E3D1BB-B8F9-4F12-B2A1-DF82BE235E73}) (Version: 1.0.0.0 - MarkusDuck)
Skype verze 8.40 (HKLM-x32\...\Skype_is1) (Version: 8.40 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.65 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{FE645EDA-C5B2-4CF3-B9E7-AFABD5710EEF}) (Version: 4.5.335.0 - Synaptics)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.7 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.11.5 - Telegram FZ-LLC)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
ViSoft Viewer (HKLM-x32\...\ViSoft Viewer) (Version: 8.11.2 - ViSoft GmbH)
ViSoft Viewer (HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\ViSoft Viewer) (Version: 8.11.2 - ViSoft GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WhatsApp (HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\WhatsApp) (Version: 2.2228.14 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-574031508-3201355849-649366700-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-04-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-06-18 22:12 - 2017-03-14 15:51 - 001714688 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopy64.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000031744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\4c45551c47c679e3f4cb5123f7b4524a\A4.Foundation.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\e742cab7530cd565fee82927e04e723d\AEM.Actions.CCAA.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\adf6f81c8334d862a8babe0553c9fdde\AEM.Plugin.EEU.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\e7403b92d0cd71848df724651e121bd1\AEM.Plugin.Hotkeys.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\018e8e255ea5c6e61af3af7cc233a676\AEM.Plugin.DPPE.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000275968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\28435fe09b92fae7a7513ef548472eba\AEM.Plugin.Source.Kit.Server.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\26512f591da704acc58d66d82e6cb073\AEM.Plugin.WinMessages.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\8b5df302bef93136ee54a7c016df3d87\AEM.Plugin.REG.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\276768f637f80e3b61d31cda0ce417c9\AEM.Plugin.GD.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\38235a9918d09096227c37b1f5f6dde5\AEM.Server.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\a74ea4173cf5ffc4261025a9ae6a8968\AEM.Server.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\7b9e8e0089adeb1025c95113f94421aa\APM.Foundation.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000122368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\ebf1eb1d780ca8c57165e6caa4116519\ATICCCom.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\f56c3bcf3df53d968463f52905ca5f27\CCC.Implementation.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000150528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\fa5e2b8b28c667662e6ae01ebd3c19fa\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000124928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\4ed6596e6b0b74206ad4b3108aa00140\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\333eb8b8cf4dd71325e4d6e5d597995f\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\84a92e9c19154665c09ee277c51bea87\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000104448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\bdbc5fe7a2e66003594ebaa8378b9d1d\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000126976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\9539ef627762628b7cd715bfc96dd87e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\bbfdf014e2e7e30981f96f084f9ffcfa\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000072704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\0947e4a3c036ed326062720a7bbc3e2c\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000259584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\52bbf0e15cdf2b21bd75a5417aeb6064\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000351744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\e163906e67fb21d2f6b5895c76de2a23\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000062976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\e3763fab07107413817215c76641237e\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000727040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\81ba4ea165b6ec4bc4598607ba599fa2\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000446464 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\4e19d9e6f8810dff54ec8ca4e7fbea51\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\2fd2d2b52b0bbf49e66e11d6a048d0cc\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000451584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\c459931739b45469bbdcf6d443991abc\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000066560 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\7705edcb2a779693f8606ac51302065d\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000337408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\78da38354ecdbef1345943257fa267b7\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\7d083a3cf17f9ea7b3232869d4323f12\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000094720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4f2f79c#\cb6267291a2a56d6bed379d49ecac5f4\CLI.Aspect.CrossFireX.Graphics.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000269312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\b1ad7b2adf4ad614f1a286a75805d1b9\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 003281408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\f99f706244473fd8d1c20ca0742d2905\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000046592 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\83f21eae64296c6d62c3dc50919bb026\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000050176 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\14aa023268016dfd505e1c29aac8c667\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\403be3c7e2cc7a44396febc1bc04ae32\CLI.Caste.A4.Runtime.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\8afb6bdf8ff25d90a30bd1356d27a118\CLI.Caste.A4.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\ca1cb9daf562861b85549fdd8c1f667d\CLI.Caste.A4.Dashboard.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\116fa4d07cbad393eee04cb36ae3c4aa\CLI.Caste.Fuel.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000304640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\8b8736c051b7c11620514dae37fff7b3\CLI.Caste.Fuel.Runtime.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\7ac809af6cdba2f1b9fb26d92f82437a\CLI.Caste.Fuel.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000038400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\20f15621169612e44fda9970ca75989d\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 001536512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\6fb450b53cc6a0907d858af3bfe508b2\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000574464 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\212f4ed55f63513db7b8305b02406249\CLI.Caste.Graphics.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\e59e3695adf2134e726b3f94848b1e61\CLI.Caste.HydraVision.Runtime.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\12e872a064a1c9719f6aa47b5c75e53c\CLI.Caste.HydraVision.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\e06291e35f9cbb644645bcb56b008e04\CLI.Caste.HydraVision.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\6e62e83148ba7a4496a23586131badd3\CLI.Caste.Platform.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000043520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\d47ef9f02d77f3c58a3148a88473f155\CLI.Caste.Platform.Runtime.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\b31cc5b06917e807e300544dbac90c69\CLI.Caste.Platform.Dashboard.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\a4c06ddd74b8ea669bc060a06872c3ef\CLI.Component.Runtime.Shared.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000881152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\5520efe3a48c51a0d61d102aea666105\CLI.Component.Systemtray.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000168960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\2fa22ab6d25e884c080046c0e3be550a\CLI.Component.Dashboard.ProfileManager2.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\d26b5621937174533ff25a5c6d850084\CLI.Component.Runtime.Shared.Private.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\569937da71de2e1ec1e301e69497f87f\CLI.Component.Runtime.Extension.EEU.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 001605120 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\4fe508b5aa24ec713a6993e9f302a16b\CLI.Component.Dashboard.Shared.Private.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\eca4a56c6018ed2ce07f4480e1612759\CLI.Component.Client.Shared.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\545fa6874327bb71c01cdbbe90878adf\CLI.Component.Dashboard.Shared.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000476672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Component.Eeu\4c03bb6fb16ac509b46e8f63b08a5562\CLI.Component.Eeu.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\1b288834fbf2bdb8aa4264b19091b3a5\CLI.Foundation.Private.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\4e20a2425708b83c35dc55b87e360e7a\CLI.Foundation.XManifest.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000090624 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\b0db6568cf9f0317cf1c1df6c2c7a7ab\CLI.Foundation.CoreAudioAPI.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 001047040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\f4c84da55b13cb3bf2d8c789969ebc56\CLI.Foundation.Client.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000295424 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\2295353758b7318b7cabf4a05367481c\CLI.Foundation.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\9136788c8b727f89e4511edc2e11e76f\DEM.Graphics.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\1f54dcb1af12e4ee0f7a098df2639703\Fuel.Foundation.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000289280 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\37b73b94a0305d654971abc25472c43e\LOG.Foundation.Implementation.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000145920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\0fdc4b92af312bf68871f60f823eb66c\LOG.Foundation.Private.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\de2bd90e237d3e14858f3a3a2c6c13e1\LOG.Foundation.Implementation.Private.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000131584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\709ea8ca39e41a70bc3ad9b261f634c8\LOG.Foundation.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\0a31ced03a6926fa53a4ed6357fa3995\MOM.Foundation.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\e787a217812980a4bad7edec7c6c7e17\MOM.Implementation.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\396ad1d4d693f7dadf9b23476ea7b96c\NEWAEM.Foundation.ni.dll
2015-04-10 03:07 - 2015-04-10 03:07 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000963584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\ef893ca87e6dd59f668c24253e148e1c\ADL.Foundation.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000250368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\1bc9628fba608e2189aae8b2038dc1c7\APM.Server.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000760832 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.79734f7a#\f1e7c563f1c296bb8edf98e6a69ec7fb\CLI.Aspect.PowerXpress.Graphics.Runtime.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000349696 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b3da5a8f#\141d0c6c93e70315c3388a844ab755a1\CLI.Aspect.PowerXpress.Graphics.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000585728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4846ba2#\926ac4fe9eebbbc6f3b4cd1a49978389\CLI.Aspect.PowerXpress.Graphics.Dashboard.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 002521088 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\b4c7799e96eaaae20ddc5b3dddf69d6f\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000133632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\0bc5ca8c807de8114cef82423b2c6eef\CLI.Component.Client.Shared.Private.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000228352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\f823ad859c674623cf55b477eb4b12a9\CLI.Component.Runtime.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\fbb969a16ccd0ee398d20f0b0e74dab6\CLI.Component.Dashboard.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0702\1eed6cf34e86073174c752ea1a150fbf\DEM.Graphics.I0702.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000101376 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\ec159a253ee8d326c74da311cc95a65d\DEM.Graphics.I0709.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0710\969fcbe1c097e00c37400f525643568d\DEM.Graphics.I0710.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\f4bd1126459d33882cb6dba05b8042be\DEM.Graphics.I0712.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000018944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\2173d582624ceda27b7f4bd5e702cfee\DEM.Graphics.I0804.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0901\2c4d66cfd38f1e5e938e0262e7b63c5a\DEM.Graphics.I0901.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\d5d4fbf62ee895e444d6762087cde365\DEM.Graphics.I1010.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 001125888 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\01f1bbb26c4dfd5adb36525fe7307b72\Localization.Foundation.Private.ni.dll
2018-07-16 08:44 - 2018-07-16 08:44 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\23b4c80b27261cf8c059dd280e59a415\ResourceManagement.Foundation.Implementation.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\521825a7fe528b631d756cab161fc52b\ResourceManagement.Foundation.Private.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000090112 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\3fd6f4cb5d458f468f7358671775b62b\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 002780160 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\bf2dd973654f94c9f4614e6d8e667d6e\CLI.Caste.Graphics.Shared.ni.dll
2018-07-16 08:37 - 2018-07-16 08:37 - 003133952 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\b7f7b0b299be1a112fa4628fe37c0474\CLI.Caste.Graphics.Runtime.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000027136 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\94538d1cad006b18d7d70c885f09deeb\DEM.Foundation.ni.dll
2018-07-16 08:36 - 2018-07-16 08:36 - 000117248 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\1301dcd976e4088c2640d941479573d2\DEM.Graphics.I0601.ni.dll
2020-05-19 14:15 - 2020-05-19 14:15 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2018-06-18 20:48 - 2013-04-01 22:19 - 000574464 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Windows\system32\Rtlihvs.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Petra\Downloads\Ninite Firefox Installer.exe:MBAM.Zone.Identifier [26]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-574031508-3201355849-649366700-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__180921
SearchScopes: HKU\S-1-5-21-574031508-3201355849-649366700-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__180921&q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2019-01-06 15:15 - 000000831 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\UCRT\;C:\Program Files\Intel\UCRT\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-574031508-3201355849-649366700-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petra\Downloads\DSC00462.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: fpCsEvtSvc => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "AVerQuick.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\StartupApproved\Run: => "Skype for Desktop"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E6DDC156-8172-4C47-8C18-8235B8C89E11}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{5C05277F-AD16-40DB-A6AC-F6A390D711D4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{BB6FEDAB-51FC-4141-BA61-B6209C4A1D23}] => (Allow) C:\Users\Petra\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{8598FBBF-B1A2-4DA5-A4DD-DD9699C4680C}] => (Allow) C:\Users\Petra\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{7ADE3211-EAC5-4624-9933-B103EB40D938}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50487629-C73C-4FB1-9B12-4BF1019997ED}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06243D9A-1FC4-4944-882E-DE7A83D00FF8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C9772D2D-EF05-44B0-8B5E-0B92D309093B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{10CF1576-3E59-4AFA-91B8-DD569E3E2361}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DA05FBB3-A810-4969-84D1-4B57ECD0659D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9EACBD19-3758-4747-AE35-359BAF275951}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2C4C343B-1D2F-4F2D-8196-8747474805C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{57298130-1724-4A74-ACA4-34D8E115336B}C:\users\petra\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\petra\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{4784E7A1-BBC0-4E46-A550-0877C25C099A}C:\users\petra\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\petra\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{9CCD188A-7991-448E-8C11-FA8570397CC0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DAFDF298-1BC3-4DD2-8B7C-A5547D2D5970}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{928A9C08-EED7-4E54-8953-7ED66DA66414}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BA4A41A5-AF4B-4B17-8E2F-5B61D8BFE44D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0CEB0A9E-E48E-436B-8673-6E08AB21EA94}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{43686C08-EFA1-497E-BFE5-687BBD37A1E4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D3F61185-49FF-481A-849A-457814C378A5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Restore Points =========================
31-10-2023 19:48:10 Naplánovaný kontrolní bod
09-11-2023 09:28:50 Removed SlimDX Redistributable (June 2010)
09-11-2023 09:29:21 Removed Google SketchUp 8
20-11-2023 00:06:42 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/20/2023 12:07:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).
Error: (11/19/2023 10:30:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).
Error: (11/19/2023 10:07:50 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName Unable to get the image full name for the process( ID=3432), GLE=31.
Error: (11/17/2023 09:29:51 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName Unable to get the image full name for the process( ID=4760), GLE=31.
Error: (11/16/2023 08:43:20 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName Unable to get the image full name for the process( ID=9648), GLE=31.
Error: (11/09/2023 09:29:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcroRd32.exe, verze: 23.6.20360.0, časové razítko: 0x652445bb
Název chybujícího modulu: PPKLite.api_unloaded, verze: 23.6.20360.0, časové razítko: 0x652444f3
Kód výjimky: 0xc0000005
Posun chyby: 0x00300bf1
ID chybujícího procesu: 0x1988
Čas spuštění chybující aplikace: 0x01da134b6c9bf736
Cesta k chybující aplikaci: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Cesta k chybujícímu modulu: PPKLite.api
ID zprávy: b6aee4f4-7f3e-11ee-82b1-3464a9bf0b0b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/09/2023 09:32:13 AM) (Source: VCS WBF Policy Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/09/2023 06:17:30 AM) (Source: Validity USDK) (EventID: 40) (User: )
Description: Event-ID 40
System errors:
=============
Error: (11/21/2023 05:21:30 PM) (Source: DCOM) (EventID: 10010) (User: HP450)
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/21/2023 05:19:30 PM) (Source: DCOM) (EventID: 10010) (User: HP450)
Description: Server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/13/2023 08:35:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (11/12/2023 10:03:06 PM) (Source: DCOM) (EventID: 10010) (User: HP450)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/12/2023 10:02:35 PM) (Source: DCOM) (EventID: 10010) (User: HP450)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/09/2023 06:56:40 PM) (Source: DCOM) (EventID: 10010) (User: HP450)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/09/2023 06:56:09 PM) (Source: DCOM) (EventID: 10010) (User: HP450)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/09/2023 06:13:24 PM) (Source: DCOM) (EventID: 10010) (User: HP450)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2023-11-09 15:57:07.938
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: BrowserModifier:Win32/Istuni
Závažnost: Vysoké
Kategorie: Program měnící nastavení prohlížeče
Cesta: file:_C:\Windows\Installer\1e02cac4.msi
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\rundll32.exe
Verze podpisu: AV: 1.401.329.0, AS: 1.401.329.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.23100.2009, NIS: 2.1.14600.4
Event[0]:
Date: 2023-11-09 15:37:16.962
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x80070643
Popis chyby
ři instalaci došlo k závažné chybě. Date: 2023-11-09 09:31:23.286
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.155.266.0;1.155.266.0
Verze modulu: 1.1.9700.0
==================== Memory info ===========================
BIOS: Hewlett-Packard M74 Ver. 01.48 05/22/2018
Motherboard: Hewlett-Packard 2248
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 61%
Total physical RAM: 3872.11 MB
Available physical RAM: 1508.36 MB
Total Virtual: 14112.11 MB
Available Virtual: 9660.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:230.53 GB) (Free:38.77 GB) (Model: CT250MX500SSD1) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.08 GB) (Model: TOSHIBA MQ01ABD100) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.17 GB) (Free:140.8 GB) (Model: TOSHIBA MQ01ABD100) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.98 GB) (Model: CT250MX500SSD1) FAT32
\\?\Volume{84c763a7-732f-11e8-824c-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: A57AB7A0)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=FAT32)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A5703559)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by Petra (administrator) on HP450 (Hewlett-Packard HP ProBook 450 G2) (21-11-2023 17:15:39)
Running from C:\Users\Petra\Downloads\FRST64.exe
Loaded Profiles: Petra
Platform: Microsoft Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\Petra\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Intel CASE -> Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Petra\AppData\Roaming\Telegram Desktop\Telegram.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <21>
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (Intel CASE -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel CASE -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [268712 2016-03-23] (Hewlett-Packard Company -> HP)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-04-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH -> Geek Software GmbH)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\Run: [f.lux] => C:\Users\Petra\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (No File) <==== ATTENTION
HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-02-21] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-574031508-3201355849-649366700-1001\...\Run: [AdobeBridge] => [X]
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-11-06] (Google LLC -> Google LLC)
Startup: C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2018-06-18]
ShortcutTarget: Telegram.lnk -> C:\Users\Petra\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {A757CA0C-9004-4828-B892-44606DB17751} - System32\Tasks\{0E5EA3BA-72EA-41C5-8C24-E3AE69AC4155} => C:\Windows\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\uTorrent\uninstall.exe"
Task: {CD75F90B-8BF2-46B0-BA8B-240D9311E48D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {F550089D-5FFC-45DA-BF5E-065759DD596B} - System32\Tasks\AdobeAAMUpdater-1.0-HP450-Petra => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6D2E9F3D-2B28-4D52-8D3E-99C2A9DB57DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-18] (Google Inc -> Google Inc.)
Task: {653C8654-FC66-4999-BC23-0EE019AC93BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-18] (Google Inc -> Google Inc.)
Task: {C61470E8-78C3-42CC-9F43-C3878F1C6E4C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-10-17] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{3183FE9C-015F-4660-870B-67FE890DB753}: [DhcpNameServer] 192.168.0.1 0.0.0.0
FireFox:
========
FF DefaultProfile: 3ab1bz41.default
FF ProfilePath: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\3ab1bz41.default [2023-11-21]
FF user.js: detected! => C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\3ab1bz41.default\user.js [2019-07-11]
FF Homepage: Mozilla\Firefox\Profiles\3ab1bz41.default -> google.cz
FF NewTab: Mozilla\Firefox\Profiles\3ab1bz41.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__180921
FF Notifications: Mozilla\Firefox\Profiles\3ab1bz41.default -> hxxps://web.whatsapp.com
FF Extension: (Language: English (GB)) - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\3ab1bz41.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2023-08-21]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\3ab1bz41.default\Extensions\marcoagpinto@mail.telepac.pt.xpi [2023-11-02]
FF Extension: (uBlock Origin) - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\3ab1bz41.default\Extensions\uBlock0@raymondhill.net.xpi [2023-11-06]
FF HKLM\...\Firefox\Extensions: [{90ca575e-4c80-47b5-8a3b-ad862f38a292}] - C:\Program Files (x86)\SafeMyWeb\ff\safe_my_web-1.0.1-fx.xpi
FF Extension: (Safe my Web) - C:\Program Files (x86)\SafeMyWeb\ff\safe_my_web-1.0.1-fx.xpi [2019-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{90ca575e-4c80-47b5-8a3b-ad862f38a292}] - C:\Program Files (x86)\SafeMyWeb\ff\safe_my_web-1.0.1-fx.xpi
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default [2023-11-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S4 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [13824 2015-04-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] (Intel CASE -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-09] (Malwarebytes Inc. -> Malwarebytes)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109776 2020-07-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [82944 2016-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [X] <==== ATTENTION
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [804992 2013-06-05] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222800 2023-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [200104 2023-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188016 2023-11-09] (Malwarebytes Inc. -> Malwarebytes)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [413912 2015-12-22] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [30544 2015-08-12] (Hewlett-Packard Company -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-11-21 17:15 - 2023-11-21 17:16 - 000016719 _____ C:\Users\Petra\Downloads\FRST.txt
2023-11-21 17:14 - 2023-11-21 17:15 - 000000000 ____D C:\FRST
2023-11-21 17:13 - 2023-11-21 17:13 - 002383872 _____ (Farbar) C:\Users\Petra\Downloads\FRST64.exe
2023-11-13 21:14 - 2023-11-13 21:14 - 000000000 ____D C:\Users\Petra\Desktop\Původní data aplikace Firefox
2023-11-13 21:13 - 2023-11-21 16:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-11-13 21:13 - 2023-11-21 16:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-13 21:13 - 2023-11-13 21:24 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-11-13 21:13 - 2023-11-13 21:13 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-11-13 21:13 - 2023-11-13 21:13 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-13 21:13 - 2023-11-13 21:13 - 000000936 _____ C:\Users\Public\Desktop\Firefox.lnk
2023-11-13 21:12 - 2023-11-13 21:13 - 000425304 _____ (Secure By Design Inc.) C:\Users\Petra\Downloads\Ninite Firefox Installer.exe
2023-11-13 21:07 - 2023-11-13 21:07 - 000004590 _____ C:\Users\Petra\Desktop\mozilla local machine.reg
2023-11-13 21:07 - 2023-11-13 21:07 - 000001030 _____ C:\Users\Petra\Desktop\mozilla local machine plugin.reg
2023-11-13 21:07 - 2023-11-13 21:07 - 000000334 _____ C:\Users\Petra\Desktop\mozilla local machine org.reg
2023-11-13 21:06 - 2023-11-13 21:06 - 000009378 _____ C:\Users\Petra\Desktop\mozilla current user.reg
2023-11-13 20:54 - 2023-11-13 20:54 - 001419724 _____ C:\Users\Petra\Desktop\bookmarks.html
2023-11-13 20:54 - 2023-11-13 20:54 - 000390646 _____ C:\Users\Petra\Desktop\bookmarks-2023-11-13.json
2023-11-09 22:41 - 2023-11-09 22:42 - 000000000 ____D C:\Users\Petra\Downloads\Dary
2023-11-09 21:26 - 2023-10-20 12:12 - 000487891 ____N C:\Users\Petra\Desktop\epoukaz_SV432ZRJ23.pdf
2023-11-09 15:57 - 2023-11-09 15:57 - 000188016 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-11-09 15:56 - 2023-11-20 20:43 - 000000000 ____D C:\Users\Petra\AppData\Local\Malwarebytes
2023-11-09 15:56 - 2023-11-09 15:56 - 000000000 ____D C:\Users\Petra\AppData\Local\mbam
2023-11-09 15:55 - 2023-11-09 15:55 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-09 15:55 - 2023-11-09 15:55 - 000001964 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-11-09 15:54 - 2023-11-09 15:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-09 15:54 - 2023-11-09 15:54 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-06 22:27 - 2023-11-06 22:27 - 000052408 _____ C:\Users\Petra\Desktop\SKM_C3320i231106133600.pdf
2023-11-06 10:05 - 2023-11-06 10:05 - 000000000 _____ C:\Users\Petra\AppData\Local\{2E6F4CB1-8F49-4047-A708-A336E930E488}
2023-11-05 05:37 - 2023-11-05 05:37 - 000000000 _____ C:\Users\Petra\AppData\Local\{6B6C3828-4A0C-4E75-B9E9-581516E560B7}
2023-11-03 19:28 - 2023-11-03 19:28 - 000000000 _____ C:\Users\Petra\AppData\Local\{DD803FDF-BEDF-4BB6-8B2B-E7447161F3A0}
2023-10-28 05:14 - 2023-10-28 05:14 - 000000000 _____ C:\Users\Petra\AppData\Local\{F8AF5848-2DD9-49C6-89FE-3706D4983FBC}
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-11-21 16:51 - 2018-06-26 20:10 - 000000000 ____D C:\Users\Petra\AppData\Local\Adobe
2023-11-21 16:51 - 2018-06-18 22:12 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-21 16:48 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2023-11-16 14:15 - 2018-06-18 20:55 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-574031508-3201355849-649366700-1001
2023-11-16 12:12 - 2022-10-15 20:03 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-11-14 13:29 - 2018-06-18 22:12 - 000003744 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-11-14 13:29 - 2018-06-18 22:12 - 000003616 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-11-13 21:26 - 2022-05-15 20:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-13 21:23 - 2018-06-18 22:39 - 000000000 ____D C:\Users\Petra\AppData\Roaming\TeraCopy
2023-11-13 20:40 - 2023-07-19 20:48 - 000560640 ___SH C:\Users\Petra\Desktop\Thumbs.db
2023-11-12 20:17 - 2018-06-18 22:43 - 000000000 ____D C:\Users\Petra\AppData\Roaming\Telegram Desktop
2023-11-12 20:17 - 2018-06-18 21:19 - 000000000 __SHD C:\Users\Petra\IntelGraphicsProfiles
2023-11-09 23:17 - 2018-06-18 20:48 - 001748688 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-09 23:17 - 2013-08-22 23:08 - 000740822 _____ C:\Windows\system32\perfh005.dat
2023-11-09 23:17 - 2013-08-22 23:08 - 000151908 _____ C:\Windows\system32\perfc005.dat
2023-11-09 22:46 - 2021-03-19 16:15 - 000000000 ____D C:\Users\Petra\Desktop\flashka - roztřídit
2023-11-09 22:42 - 2023-04-06 21:04 - 000000000 ____D C:\Users\Petra\Downloads\Telegram Desktop
2023-11-09 22:41 - 2023-08-31 20:53 - 000348160 ___SH C:\Users\Petra\Downloads\Thumbs.db
2023-11-09 22:34 - 2018-06-18 22:45 - 000000000 ____D C:\KMPlayer
2023-11-09 22:04 - 2023-03-05 23:19 - 000000000 ____D C:\Users\Petra\Desktop\Kuchyně materiály
2023-11-09 21:29 - 2018-07-23 08:35 - 000000000 ____D C:\Users\Petra\AppData\Local\CrashDumps
2023-11-09 15:37 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2023-11-09 09:32 - 2018-07-31 11:51 - 000000000 ____D C:\Users\Petra\AppData\Local\AVAST Software
2023-11-09 09:32 - 2018-06-18 22:17 - 000000000 ____D C:\ProgramData\AVAST Software
2023-11-09 09:32 - 2018-06-18 21:21 - 000000000 ____D C:\ProgramData\Synaptics
2023-11-09 09:32 - 2018-06-18 20:43 - 000000000 ____D C:\Users\Petra
2023-11-09 09:32 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-09 09:28 - 2022-08-29 21:42 - 000000000 ____D C:\Program Files (x86)\Room Arranger
2023-11-08 08:50 - 2019-02-27 22:15 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-11-06 22:18 - 2018-06-26 20:15 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-11-06 22:07 - 2018-06-18 22:12 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-06 22:07 - 2018-06-18 22:12 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-11-03 19:51 - 2020-05-19 14:19 - 000003496 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-HP450-Petra
2023-11-03 19:51 - 2020-01-26 22:51 - 000003082 _____ C:\Windows\system32\Tasks\{0E5EA3BA-72EA-41C5-8C24-E3AE69AC4155}
2023-10-22 23:02 - 2022-11-23 23:10 - 000000000 ____D C:\Users\Petra\Desktop\Dia-endo
==================== Files in the root of some directories ========
2020-07-12 17:23 - 2020-07-12 17:23 - 000000218 _____ () C:\Users\Petra\AppData\Local\recently-used.xbel
2023-11-06 10:05 - 2023-11-06 10:05 - 000000000 _____ () C:\Users\Petra\AppData\Local\{2E6F4CB1-8F49-4047-A708-A336E930E488}
2023-11-05 05:37 - 2023-11-05 05:37 - 000000000 _____ () C:\Users\Petra\AppData\Local\{6B6C3828-4A0C-4E75-B9E9-581516E560B7}
2023-05-12 05:00 - 2023-05-12 05:00 - 000000000 _____ () C:\Users\Petra\AppData\Local\{9B78119B-534B-473B-9352-9272E91DBA6C}
2023-11-03 19:28 - 2023-11-03 19:28 - 000000000 _____ () C:\Users\Petra\AppData\Local\{DD803FDF-BEDF-4BB6-8B2B-E7447161F3A0}
2023-10-28 05:14 - 2023-10-28 05:14 - 000000000 _____ () C:\Users\Petra\AppData\Local\{F8AF5848-2DD9-49C6-89FE-3706D4983FBC}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-11-21 17:11
==================== End of FRST.txt ========================
Přispějete na provoz fóra?