VIRY.CZ

Môžem poprosiť o kontrolu so zameraním na keylogger?

adwcleaner nenašiel nič

dakujem

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by igorv (administrator) on DESKTOP-AJTU3EA (TOSHIBA Satellite L650) (29-11-2023 20:24:24)
Running from C:\Users\igorv\Downloads\FRST64 (2).exe
Loaded Profiles: igorv
Platform: Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\81.0.5.0\crashpad_handler.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2309.6.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3684_none_7dfc270e7c9a3a0b\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1004790077-1547760064-1104730356-1001\...\Run: [MicrosoftEdgeAutoLaunch_12DCDEA817FD98234F2AB1F8B100D4B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896784 2023-11-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1004790077-1547760064-1104730356-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-24] (Google LLC -> Google, Inc.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {9ED0EA7C-7BEE-4AC5-9B59-1B5F203764C0} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\Windows\System32\unifiedconsent.dll [278016 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {8F38661E-8A08-4E9A-B6F0-FC0F82A5AE86} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7BBE54AF-0598-427C-A7D6-94FC74A07456} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {883146D8-F3E8-4C80-912F-526F1E967934} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D0F93BB4-699C-4472-8BD7-1B7567CA2C85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {877341FC-C134-4CCB-9D7D-804EC924A76C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-14] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.248 1.1.1.1
Tcpip\..\Interfaces\{9306603b-70c3-40ea-8bd2-405eac491607}: [DhcpNameServer] 192.168.31.248 1.1.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-29]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
Edge Extension: (Edge relevant text changes) - C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-10-12]

Chrome:
=======
CHR HKU\S-1-5-21-1004790077-1547760064-1104730356-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe [718168 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
S2 DSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDTabSysSvc.exe [330136 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe [480144 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 dynabookSettingService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe [24153096 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dhotkey; C:\Windows\System32\drivers\dhotkey.sys [52736 2023-03-22] (Dynabook Inc. -> Dynabook Inc.)
R1 dsrvctldrv; C:\Windows\System32\drivers\dsrvctldrv.sys [30232 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\Windows\System32\drivers\DVALZ_O.SYS [47464 2022-07-17] (Dynabook Inc. -> Dynabook Inc.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-29 20:24 - 2023-11-29 20:25 - 000011036 _____ C:\Users\igorv\Downloads\FRST.txt
2023-11-29 20:04 - 2023-11-29 20:24 - 000000000 ____D C:\FRST
2023-11-29 20:04 - 2023-11-29 20:04 - 002383872 _____ (Farbar) C:\Users\igorv\Downloads\FRST64 (2).exe
2023-11-14 22:06 - 2023-11-14 22:06 - 000000000 ___HD C:\$WinREAgent
2023-11-06 15:58 - 2023-11-06 15:58 - 000000000 ____D C:\Users\igorv\AppData\Roaming\AnyDesk
2023-11-06 09:15 - 2023-11-06 09:15 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-29 20:20 - 2023-07-06 11:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-29 20:15 - 2023-07-06 11:48 - 000000000 ___SD C:\Users\igorv\AppData\Roaming\Microsoft\Credentials
2023-11-29 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-28 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-11-28 23:09 - 2023-07-06 11:33 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-28 23:09 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-25 22:54 - 2023-07-08 21:54 - 000000000 ____D C:\1
2023-11-24 10:05 - 2023-07-06 11:40 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-24 10:05 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-11-24 10:00 - 2023-07-06 11:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-24 10:00 - 2023-07-06 11:32 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-24 10:00 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-11-21 14:07 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-11-21 14:03 - 2023-07-06 11:32 - 000259760 _____ C:\Windows\system32\FNTCACHE.DAT
2023-11-21 14:01 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-21 14:01 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-21 14:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-21 14:01 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-11-14 22:34 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-11-14 22:33 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-11-14 22:32 - 2019-12-07 15:39 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-11-14 22:32 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-11-14 22:22 - 2023-07-06 11:35 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-14 21:32 - 2023-07-09 15:59 - 000000000 ____D C:\Windows\system32\MRT
2023-11-14 21:30 - 2023-07-09 15:59 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-10 15:06 - 2023-07-09 16:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-07 15:12 - 2023-07-06 11:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-11-04 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2023-10-30 19:17 - 2023-07-06 11:33 - 000003630 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-30 19:17 - 2023-07-06 11:33 - 000003506 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by igorv (29-11-2023 20:28:14)
Running from C:\Users\igorv\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) (2023-07-06 10:36:03)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1004790077-1547760064-1104730356-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1004790077-1547760064-1104730356-503 - Limited - Disabled)
Guest (S-1-5-21-1004790077-1547760064-1104730356-501 - Limited - Disabled)
igorv (S-1-5-21-1004790077-1547760064-1104730356-1001 - Administrator - Enabled) => C:\Users\igorv
WDAGUtilityAccount (S-1-5-21-1004790077-1547760064-1104730356-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIDA64 Extreme v6.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.92 - FinalWire Ltd.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 81.0.5.0 - Google LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.93 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)

Packages:
=========
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1018.300_x64__8wekyb3d8bbwe [2023-10-29] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-24] (Google LLC -> Google, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-09-03 11:43 - 2023-09-03 11:43 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\481ffab5232d1254e92b4e2c4e470c3e\A4.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\148c0b3431bb9eb8273207336081bfbe\AEM.Actions.CCAA.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\f1aa81cf97759f5d1d59fdfb7feaa8f9\AEM.Plugin.EEU.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\70f28493778d0e67698d628ea2376c7d\AEM.Plugin.Hotkeys.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\9f9687c706d22a70fb676264dd5537d7\AEM.Plugin.DPPE.Shared.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000315904 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\97ff049e800c754353d5b00a9b1cfc0f\AEM.Plugin.Source.Kit.Server.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\88737cd3439e6057b1ff9b5f1391c801\AEM.Plugin.WinMessages.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\433707a9d103ea4e53f5ef91a9277dfa\AEM.Plugin.REG.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\d3cfaedfbc789efad9981d6e03aeb43f\AEM.Plugin.GD.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\78dcc26b1eb2c71c3bb7811d002813b3\AEM.Server.Shared.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\39b1a2067dd59827c558f60f025d4e50\AEM.Server.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\ce91c2f062d7a2c5bfaecf569c1620f3\APM.Foundation.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\09a83f5026ac06a6d254117b19ee3b13\ATICCCom.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000203776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\e21ff9b83c6fc12617acab083cc2427b\CCC.Implementation.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\74819a52f620014692fb35c7f7787efe\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\e52f7c5a049d625afee950f00df092c5\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\b73b6d9a2470a21f03607799afe546b0\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\794c62afbd28d58d01605fdbed27a264\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2023-09-03 11:45 - 2023-09-03 11:45 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\beb1a4d88548e6332719b5a85b3ab6fb\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\9f691579579636d4ce36d3e80c8ff402\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\599c6ff42b8e6b823d9ef3d54d11868f\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\c2c8e6fdddc1ea71823310a67d045af5\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\f3f86b1537fd14618a789c833ca7a3c9\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\dd11a2ee1d66235180667750810df359\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\90d0b53f65741eab59303489cc2db276\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000364544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\16318c6925b33de6a1338d7c1bf1bad3\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\73e470460b2ef3e336a30798a3a738bf\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000677888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\6f5fae9759ba0e96767e2f1dbf7c7b3b\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000745984 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\de9e275c73d871c02188488ad0b28779\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\a7a0be71294c91b9bc7d4986fa8f90dd\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\bf40c069731935f46d124ce7327be077\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\5481889ae3e4ea891c40d718630f3571\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\6e2f7051afedb7fa2d93a85e95082fa4\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\3cdbc26e44a99fb54d3259d7d83c3adf\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\f7b5ea3eb14b4a5dbe55edc4e1474329\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\873924d0500d226cb383241446d97544\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\0c93a0ff5217dcaa78b1ba21acd5ec20\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\5b8b8621387c962ca46b8d5129e22897\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\eb456f0115c339383aafab61976657b4\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\b86c1d1fc903e85bd73724dc2a6bcfa3\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 003313664 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\d64b6cdd350315abed8e3e587ba9e0af\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\f0b5880da65a47a25cbc8be6937f5464\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2023-09-03 11:45 - 2023-09-03 11:45 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\5fc67e564cca847b093cce50e8d03674\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2023-09-03 11:45 - 2023-09-03 11:45 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\0355c46469110a7e16364c53a6f923d2\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\575983ebb8f8f465130664e5f547346f\CLI.Caste.A4.Runtime.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\1f232c46f6ebeaebeef3dc31b361ff65\CLI.Caste.A4.Shared.ni.dll
2023-10-28 11:43 - 2023-10-28 11:43 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\fe669f5f096682457447308b1b871f78\CLI.Caste.A4.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\37c4836a2cb1cc039594fefd65566430\CLI.Caste.Fuel.Shared.ni.dll
2023-09-03 12:05 - 2023-09-03 12:05 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\eeb1507a8234cc5a1b55a1dd16698ebe\CLI.Caste.Fuel.Runtime.ni.dll
2023-10-28 11:43 - 2023-10-28 11:43 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\469e91e0e8b2efb9cdcd28d855e11c72\CLI.Caste.Fuel.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\9d2d84387295d1ea0c9ed1aba20f06b0\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 001556480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\1a11830ccb1c725b8b7b06549e952149\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\daf11e9b601ac5557172562ce249ff6b\CLI.Caste.Graphics.Dashboard.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\39ab0e32960148069bc89c0362c80e3d\CLI.Caste.HydraVision.Runtime.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\d8876fe3fe13050f5bbb6201c4c123dc\CLI.Caste.HydraVision.Shared.ni.dll
2023-10-28 11:43 - 2023-10-28 11:43 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\e79974662f270088eebe4dd9ee79db5b\CLI.Caste.HydraVision.Dashboard.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\94608adb60c21e19633ce2596ce44e61\CLI.Caste.Platform.Shared.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\a4255fe3ad4485d225da85d8611025ac\CLI.Caste.Platform.Runtime.ni.dll
2023-10-28 11:43 - 2023-10-28 11:43 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\f9972a6c8d988ada9863722ae76aa12a\CLI.Caste.Platform.Dashboard.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\fdbe7c1dbbee2f2ca8c812da5455ffe5\CLI.Component.Runtime.Shared.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\1f3dfd2848fced58908b67834c1fd49c\CLI.Component.Systemtray.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\f39e8f09372995516af50fa875adff03\CLI.Component.Dashboard.ProfileManager2.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\32f935aa27a3335dfbcafd328225655e\CLI.Component.Runtime.Shared.Private.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\8631c248d557ed68eb0093ba23d73762\CLI.Component.Runtime.Extension.EEU.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\d77a07957556a3d9b623bda60aedec2b\CLI.Component.Dashboard.Shared.Private.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\04f954006faaffcfabdfcf7985e50759\CLI.Component.Client.Shared.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\5f2a362b97f3c1d083ebc8cb5a51da3f\CLI.Component.Dashboard.Shared.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\183079995032e8cbcedda1b9f46ff5b9\CLI.Foundation.Private.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\69cd35b7f248c256bfa07db79865ccd2\CLI.Foundation.XManifest.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\e669b554abf8ac526294f5b38062b74f\CLI.Foundation.CoreAudioAPI.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 001080320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\ca6f57cd1ed98aa43941d424ca9ad84d\CLI.Foundation.Client.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\bb150fb8254c7702a3ce1d702b9ee027\CLI.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\7452095f8ae4958faa06a27a798e888b\DEM.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\5366429cee88f11debbc72f3d9d0ba44\DEM.Graphics.I0601.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\fd515db4fe1d24647e3e73e4924a78e2\DEM.Graphics.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\2b0838ff37a991812a212f5c7fbaa965\Fuel.Foundation.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000297472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\ba74ec66405c721ea90669b2c60ccb6c\LOG.Foundation.Implementation.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\6dda88337122d5425acb5599842adb77\LOG.Foundation.Private.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\539eaaeb20f83855c030870b76eda7de\LOG.Foundation.Implementation.Private.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\e72e3134ec5e2d3d99d28ab87cf38a9a\LOG.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\641553296904fee8092e40b7d91ad9c5\MOM.Foundation.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000402432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\c62f6f049d0d34ee0d24ac877abbae96\MOM.Implementation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\bb7e855917ce8469a0a1891ab2ba975c\NEWAEM.Foundation.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\e580a5ccc646df4dc2eaa6e81e139fe6\ADL.Foundation.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\e907c129e0636143bca779f3049192e1\APM.Server.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\8172c3594beff61d53e738a7b71703cc\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\c927d74e9d664effd3fb993ee9d6602c\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\b7db85121993b31e3937f245840e63d4\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 008028160 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\7ea5f35a10c4635247ce717272cee867\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 001160192 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\6b7c6212edc3195d41aba84c7830309e\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\39f3ef970e2d00b8bb2865dda147fe3a\CLI.Component.Client.Shared.Private.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000235008 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\d84b454d53526566d8f0e4ad0fbe65e1\CLI.Component.Runtime.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\67bc8fff449fa94976c39be26c5ce967\CLI.Component.Dashboard.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\8a2485e5b161b1422e82ec86c0316a55\DEM.Graphics.I0706.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\c721ba5b66a059d9a82d5b07f3162ab8\DEM.Graphics.I0709.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\b17d04bcda14f6455cc104ee9783c9c5\DEM.Graphics.I0712.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\16dde392ebdd22bd55aa93f66bc22843\DEM.Graphics.I0804.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\f4c2a9208b4b95ec74656407206fa260\DEM.Graphics.I0805.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\d8148a0e5542279acc32f7c685e64748\DEM.Graphics.I0812.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\d15cdcd4953024ffa327fba2b4acc841\DEM.Graphics.I0906.ni.dll
2023-09-03 11:44 - 2023-09-03 11:44 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\0ca62694d5afc8dad4740afd4f565792\DEM.Graphics.I0912.ni.dll
2023-09-03 12:06 - 2023-09-03 12:06 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\476d401f42da64616ccb8b009a9231ec\DEM.Graphics.I1010.ni.dll
2023-09-03 11:43 - 2023-09-03 11:43 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\6682ab50c98f3f1dc1ff64845f8f9ba1\Localization.Foundation.Private.ni.dll
2023-11-15 14:03 - 2023-11-15 14:03 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\eb0c7188342b00921b2fecfee2b1e629\ResourceManagement.Foundation.Implementation.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\ee600ecb40f828fc86b041fc6cb11d07\ResourceManagement.Foundation.Private.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\710b3d0df4860447f5487af3df745bed\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\7acaffd7089ff7c1e86a44fcc2b53548\CLI.Caste.Graphics.Shared.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 003267584 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\431a4c0a70df6c335d475497bb3456b7\CLI.Caste.Graphics.Runtime.ni.dll
2023-11-15 14:01 - 2023-11-15 14:01 - 000335360 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\6b543036388ea8365f269b7850503400\Microsoft.WindowsAPICodePack.ni.dll
2023-11-15 14:02 - 2023-11-15 14:02 - 002582016 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\9a84d0b56645252138633d0530985e45\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1004790077-1547760064-1104730356-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.31.248 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A76EF311-ABA3-4489-9757-8B39037489FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02A8B2B5-A375-4AED-9D4A-BC60C50DB8F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F3ED212-531F-40D5-A446-F476DCCA6EA8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2BD24D38-8285-4833-BE8C-02EE83FBE490}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DA99FCC-9E19-4534-AEAE-5C85F33631C0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

14-11-2023 22:08:31 Inštalátor modulov systému Windows
23-11-2023 12:50:34 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (11/23/2023 09:30:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (11/21/2023 02:00:26 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 12:54:02 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 12:52:34 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 11:36:29 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 10:59:54 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 10:59:39 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (11/21/2023 10:54:33 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

System errors:
=============
Error: (11/23/2023 09:42:21 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Delivery Optimization sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (11/23/2023 09:30:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.YourPhone_1.23092.158.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca did not register with DCOM within the required timeout.

Error: (11/23/2023 09:30:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.People_10.2202.33.0_x64__8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXk8n013897y2z89d7v08qtryawtj0p3jg.mca did not register with DCOM within the required timeout.

Error: (11/23/2023 09:30:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.YourPhone_1.23092.158.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca did not register with DCOM within the required timeout.

Error: (11/23/2023 11:14:45 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (11/22/2023 10:30:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.

Error: (11/20/2023 10:46:20 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-AJTU3EA)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.3570.0_neutral__8wekyb3d8bbwe!MicrosoftEdge as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/13/2023 11:09:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJTU3EA)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.3570.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

Windows Defender:
================
Date: 2023-11-29 15:24:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-11-28 18:10:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-11-27 16:49:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-11-26 15:37:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-11-25 15:36:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2023-11-23 21:42:05
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.401.1056.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23100.2009
Error code: 0x80240022
Error description: Program nemôže skontrolovať aktualizácie definícií.

Date: 2023-11-23 21:42:05
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.401.1056.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23100.2009
Error code: 0x80240022
Error description: Program nemôže skontrolovať aktualizácie definícií.

Date: 2023-10-05 13:25:17
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007041d
Error description: The service did not respond to the start or control request in a timely fashion.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the device.

Date: 2023-09-12 16:15:24
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: Vyskytol sa neočakávaný problém. Nainštalujte všetky dostupné aktualizácie a potom znova skúste spustiť program. Informácie o inštalácii programov nájdete v Pomoci a technickej podpore.
Security intelligence Version: 1.397.829.0;1.397.829.0
Engine Version: 1.1.23080.2005

CodeIntegrity:
===============
Date: 2023-09-13 16:28:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-08-24 22:56:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\79.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-08-03 19:18:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\78.0.1.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-07-15 13:17:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\77.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: INSYDE 1.40 05/17/2010
Motherboard: TOSHIBA Portable PC
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 74%
Total physical RAM: 3958.85 MB
Available physical RAM: 1028.26 MB
Total Virtual: 6137.38 MB
Available Virtual: 2398.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.32 GB) (Free:187.39 GB) (Model: Samsung SSD 870 EVO 250GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:19 GB) (Free:17.85 GB) (Model: Samsung SSD 870 EVO 250GB) FAT32

\\?\Volume{73d0d787-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{73d0d787-0000-0000-0000-e0173a000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 73D0D787)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=523 MB) - (Type=27)

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-29-2023
# Duration: 00:00:09
# OS: Windows 10 (Build 19045.3693)
# Scanned: 32093
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:

EmptyTemp:
End

Uložte do C:\Users\igorv\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Pokud nebude keylogger v dočasných adresářích, v PC není.

je to ok?

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by igorv (29-11-2023 22:02:51) Run:1
Running from C:\Users\igorv\Downloads
Loaded Profiles: igorv
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

EmptyTemp:
End
*****************

Processes closed successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22281386 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1414871 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 48052 B
igorv => 24098416 B

RecycleBin => 0 B
EmptyTemp: => 47.1 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:03:01 ====

Je. Těch dočasných souborů nebylo mnoho. Keylogger pravděpodobně mezi nimi nebyl. Nebo máte nějaké příznak jeho přítomnosti?

nie, bude to asi ok

ale ina vec sa stala rano, vyskočila BSOD...ako pozriem čo to bolo? ale vyskočila pri prechode do spanku notebooku, tipujem, že nič važne ale pre istotu

OK. Otevřte adresář c:\windows\minidump a pokud jsou v něm nějaké soubory, zabalte je do raru a přiložte k vašemu příštímu postu.

sú tam 2 súbory, skúšam ich zabaliť winrarom, no píše, že prístup bol zamietnutý

Zkuste soubory někam zkopírovat a pak zabalit. Případně použijte nouz. režim.

zkopíroval som ich na plochu či do zložky, nejde to...ako to urobím v núdzovom režime?

Nastartujete do nouz. režimu a pak najdezte znovu ty soubory a provedete totéž.

a ako sa do neho dostanem? pri nabehovaní systému stlačiť F8?

Bože můj, ve neznáte ani vlastní oper systém! https://support.microsoft.com/cs-cz/win ... e0e6a5e4dc .

VIRY.CZ

kontrola od Rudy

kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy

Re: kontrola od Rudy