Prosím o kontrolu logu Vyřešeno

[jaro3]

Sophos není celý?

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware, windowsDefender
Stáhni zoek:
https://datoid.cz/UeeEYf/zoek1-rar

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe

(posuvník dolu na download)
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat nyní“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Vykonat“ ( vymazat). Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, klikni vlevo na „zprávy“ a pak na „otevři zprávu“ a zkopíruj sem celý obsah té zprávy.

Vlož nový log z HJT + informuj o problémech

[Reklama]

[bill.da]

2024-02-11 16:52:29.448 Sophos Virus Removal Tool version 2.9.0
2024-02-11 16:52:29.448 Copyright (c) 2009-2021 Sophos Limited. All rights reserved.

2024-02-11 16:52:29.448 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2024-02-11 16:52:29.448 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64
2024-02-11 16:52:29.448 Checking for updates...
2024-02-11 16:52:29.464 Update progress: proxy server not available
2024-02-11 16:52:31.089 Update error: failed to read remote metadata (error 4)
[V46381] SU::Handle::readRemoteMetadata + SU::Handle::readRemoteMetadata()
[V75884] SU::Metadata::readRemoteMetadata SU::Metadata::readRemoteMetadata()
[I40394] Downloading customer file from sophos:1:1
[V81533] SU::createCachedPackageSource creating cached package source for sophos:1:1: url=SOPHOS
[V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
[V81533] SU::createCachedPackageSource creating package source to download customer file
[E26245] Error fetching data from http://dci.sophosupd.com/update/d/8a/d8 ... 768996.dat: WinHttpSendRequest (error 12007)
[I26245] No proxy was used.
[I40394] Downloading customer file from sophos:2:1
[V81533] SU::createCachedPackageSource creating cached package source for sophos:2:1: url=SOPHOS
[V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
[V81533] SU::createCachedPackageSource creating package source to download customer file
[E26245] Error fetching data from http://dci.sophosupd.net/update/d/8a/d8 ... 768996.dat: WinHttpSendRequest (error 12007)
[I26245] No proxy was used.
[I40394] Downloading customer file from sophos:3:1
[V81533] SU::createCachedPackageSource creating cached package source for sophos:3:1: url=SOPHOS
[V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
[V81533] SU::createCachedPackageSource creating package source to download customer file
[E75373] Ran out of sophos aliases for this update source
[E35369] Out of update sources
[E99999] Out of sources
2024-02-11 16:52:39.857 Option all = no
2024-02-11 16:52:39.857 Option recurse = yes
2024-02-11 16:52:39.857 Option archive = no
2024-02-11 16:52:39.857 Option service = yes
2024-02-11 16:52:39.857 Option confirm = yes
2024-02-11 16:52:39.857 Option sxl = yes
2024-02-11 16:52:39.857 Option max-data-age = 35
2024-02-11 16:52:39.857 Option vdl-logging = yes
2024-02-11 16:52:39.857 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2024-02-11 16:52:39.857 Machine ID: 16d317b69b594dafb964b977c881e9ec
2024-02-11 16:52:39.872 Component SVRTcli.exe version 2.9.0
2024-02-11 16:52:39.872 Component control.dll version 2.9.0
2024-02-11 16:52:39.872 Component SVRTservice.exe version 2.9.0
2024-02-11 16:52:39.872 Component engine\osdp.dll version 1.44.1.2510
2024-02-11 16:52:39.872 Component engine\veex.dll version 3.81.0.2510
2024-02-11 16:52:39.872 Component engine\savi.dll version 9.0.23.2510
2024-02-11 16:52:39.872 Component rkdisk.dll version 1.5.33.1
2024-02-11 16:52:39.872 Version info: Product version 2.9.0
2024-02-11 16:52:39.872 Version info: Detection engine 3.81.0
2024-02-11 16:52:39.872 Version info: Detection data 5.82
2024-02-11 16:52:39.872 Version info: Build date 16.02.2021
2024-02-11 16:52:39.872 Version info: Data files added 208
2024-02-11 16:52:39.872 Version info: Last successful update (not yet updated)

2024-02-11 16:54:41.560 Could not open C:\hiberfil.sys
2024-02-11 16:54:41.560 Could not open C:\pagefile.sys
2024-02-11 17:00:11.032 Could not open C:\swapfile.sys
2024-02-11 17:00:37.495 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\GameBarElevatedFT_Alias.exe
2024-02-11 17:00:37.511 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python.exe
2024-02-11 17:00:37.511 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python3.exe
2024-02-11 17:00:37.511 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\WindowsPackageManagerServer.exe
2024-02-11 17:00:37.511 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\winget.exe
2024-02-11 17:00:37.511 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.GamingApp_8wekyb3d8bbwe\XboxPcAppAdminServer.exe
2024-02-11 17:00:37.511 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.Paint_8wekyb3d8bbwe\mspaint.exe
2024-02-11 17:00:37.511 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.Paint_8wekyb3d8bbwe\pbrush.exe
2024-02-11 17:00:37.511 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.SkypeApp_kzf8qxf38zg5c\Skype.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.WindowsNotepad_8wekyb3d8bbwe\notepad.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.WindowsTerminal_8wekyb3d8bbwe\wt.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\GameBarElevatedFT_Alias.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MicrosoftWindows.DesktopStickerEditorCentennial.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.DesktopStickerEditorCentennial.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\mspaint.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\notepad.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\pbrush.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\python.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\python3.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\Skype.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\WindowsPackageManagerServer.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\winget.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\wt.exe
2024-02-11 17:00:37.526 Could not open C:\Users\Pane\AppData\Local\Microsoft\WindowsApps\XboxPcAppAdminServer.exe
2024-02-11 17:00:46.622 Could not open C:\Users\Pane\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView\Default\Network\Cookies
2024-02-11 17:00:46.622 Could not open C:\Users\Pane\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView\Default\Network\Cookies-journal
2024-02-11 17:01:52.647 >>> Virus 'Mal/Generic-S' found in file C:\Users\Pane\AppData\Roaming\wmerror\ptMgr.dll
2024-02-11 17:02:01.277 >>> Virus 'Mal/Generic-S' found in file C:\Users\Pane\Downloads\File_Setup-7788_KéyC0de\ptMgr.dll
2024-02-11 17:03:56.735 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2024-02-11 17:03:56.735 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2024-02-11 17:03:59.158 Could not open C:\Windows\System32\config\BBI
2024-02-11 17:15:19.536 >>> Virus 'Mal/Obfus-D' found in file D:\Games\The Sims 4\Game\Bin\RldOrigin_ext.dll
2024-02-11 17:16:58.252 Could not open LOGICAL:0006:00000000
2024-02-11 17:16:58.268 Could not open G:\
2024-02-11 17:16:58.284 Could not open LOGICAL:0007:00000000
2024-02-11 17:16:58.284 Could not open H:\
2024-02-11 17:16:58.299 Could not open LOGICAL:0008:00000000
2024-02-11 17:16:58.315 Could not open I:\
2024-02-11 17:16:58.315 Could not open LOGICAL:0009:00000000
2024-02-11 17:16:58.330 Could not open J:\
2024-02-11 17:16:58.549 Could not open PHYSICAL:0083:0000:0000:0001
2024-02-11 17:16:58.565 Could not open PHYSICAL:0084:0000:0000:0001
2024-02-11 17:16:58.565 Could not open PHYSICAL:0085:0000:0000:0001
2024-02-11 17:16:58.565 Could not open PHYSICAL:0086:0000:0000:0001
2024-02-11 17:16:58.565 The following items will be cleaned up:
2024-02-11 17:16:58.565 Mal/Generic-S
2024-02-11 17:16:58.565 Mal/Obfus-D
2024-02-11 17:20:24.668 Error level 0

2024-02-11 17:20:24.668 Scan completed.
2024-02-11 17:20:24.668

------------------------------------------------------------

2024-02-11 18:20:25.559 Sophos Virus Removal Tool version 2.9.0
2024-02-11 18:20:25.559 Copyright (c) 2009-2021 Sophos Limited. All rights reserved.

2024-02-11 18:20:25.559 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2024-02-11 18:20:25.559 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64
2024-02-11 18:20:25.559 Checking for updates...
2024-02-11 18:20:25.575 Update progress: proxy server not available
2024-02-11 18:20:27.185 Update error: failed to read remote metadata (error 4)
[V46381] SU::Handle::readRemoteMetadata + SU::Handle::readRemoteMetadata()
[V75884] SU::Metadata::readRemoteMetadata SU::Metadata::readRemoteMetadata()
[I40394] Downloading customer file from sophos:1:1
[V81533] SU::createCachedPackageSource creating cached package source for sophos:1:1: url=SOPHOS
[V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
[V81533] SU::createCachedPackageSource creating package source to download customer file
[E26245] Error fetching data from http://dci.sophosupd.com/update/d/8a/d8 ... 768996.dat: WinHttpSendRequest (error 12007)
[I26245] No proxy was used.
[I40394] Downloading customer file from sophos:2:1
[V81533] SU::createCachedPackageSource creating cached package source for sophos:2:1: url=SOPHOS
[V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
[V81533] SU::createCachedPackageSource creating package source to download customer file
[E26245] Error fetching data from http://dci.sophosupd.net/update/d/8a/d8 ... 768996.dat: WinHttpSendRequest (error 12007)
[I26245] No proxy was used.
[I40394] Downloading customer file from sophos:3:1
[V81533] SU::createCachedPackageSource creating cached package source for sophos:3:1: url=SOPHOS
[V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
[V81533] SU::createCachedPackageSource creating package source to download customer file
[E75373] Ran out of sophos aliases for this update source
[E35369] Out of update sources
[E99999] Out of sources
2024-02-11 18:20:36.409 Option all = no
2024-02-11 18:20:36.409 Option recurse = yes
2024-02-11 18:20:36.409 Option archive = no
2024-02-11 18:20:36.409 Option service = yes
2024-02-11 18:20:36.409 Option confirm = yes
2024-02-11 18:20:36.409 Option sxl = yes
2024-02-11 18:20:36.424 Option max-data-age = 35
2024-02-11 18:20:36.424 Option vdl-logging = yes
2024-02-11 18:20:36.424 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2024-02-11 18:20:36.424 Machine ID: 16d317b69b594dafb964b977c881e9ec
2024-02-11 18:20:36.424 Component SVRTcli.exe version 2.9.0
2024-02-11 18:20:36.424 Component control.dll version 2.9.0
2024-02-11 18:20:36.424 Component SVRTservice.exe version 2.9.0
2024-02-11 18:20:36.424 Component engine\osdp.dll version 1.44.1.2510
2024-02-11 18:20:36.424 Component engine\veex.dll version 3.81.0.2510
2024-02-11 18:20:36.424 Component engine\savi.dll version 9.0.23.2510
2024-02-11 18:20:36.424 Component rkdisk.dll version 1.5.33.1
2024-02-11 18:20:36.424 Version info: Product version 2.9.0
2024-02-11 18:20:36.424 Version info: Detection engine 3.81.0
2024-02-11 18:20:36.424 Version info: Detection data 5.82
2024-02-11 18:20:36.424 Version info: Build date 16.02.2021
2024-02-11 18:20:36.424 Version info: Data files added 208
2024-02-11 18:20:36.424 Version info: Last successful update (not yet updated)

[bill.da]

Program : RogueKiller Anti-Malware
Version : 15.14.0.0
x64 : Yes
Program Date : Jan 17 2024
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 11 (10.0.22621) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : Pane
User is Admin : Yes
Date : 2024/02/11 18:32:54
Type : Removal
Aborted : No
Scan Mode : Quick
Duration : 10
Found items : 1
Total scanned : 947
Signatures Version : 20240206_085651
Truesight Driver : Yes
Updates Count : 0

************************* Warnings *************************

************************* Removal *************************
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UTIXDCVF -- [%programdata%\xcfonrchdkar\vueqjgslwynd.exe] -> Deleted
[+] scan_what : 2
[+] vendors : Suspicious.Path
[+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UTIXDCVF
[+] value : [%programdata%\xcfonrchdkar\vueqjgslwynd.exe]
[+] Type : Registry
[+] file_hash : 5DFAA8987F5D0476B835140D8A24FB1D9402E390BBE92B8565DA09581BD895FC
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 0
[+] status : 3
[+] status_str : Deleted
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1

[jaro3]

2024-02-11 17:01:52.647 >>> Virus 'Mal/Generic-S' found in file C:\Users\Pane\AppData\Roaming\wmerror\ptMgr.dll
2024-02-11 17:02:01.277 >>> Virus 'Mal/Generic-S' found in file C:\Users\Pane\Downloads\File_Setup-7788_KéyC0de\ptMgr.dll
2024-02-11 17:15:19.536 >>> Virus 'Mal/Obfus-D' found in file D:\Games\The Sims 4\Game\Bin\RldOrigin_ext.dll

došlo k výmazu?


Ještě to další dodej.

[bill.da]

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Pane on 11.02.2024 at 21:55:45,83.
Microsoft Windows 11 Pro 10.0.22621 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pane\AppData\Local\Temp\Rar$EXa8564.42161\zoek1\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11.02.2024 21:58:23 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\EaseUS deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\IMAP List Mailboxes 65 deleted successfully
C:\PROGRA~3\OEM Links deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\PROGRA~3\WinTrackerSP deleted successfully
C:\PROGRA~3\Wkwhj deleted successfully
C:\Users\Pane\AppData\Local\D3DSCache deleted successfully
C:\Users\Pane\AppData\Local\DBG deleted successfully
C:\Users\Pane\AppData\Local\Deadline_notifications_and_reminders deleted successfully
C:\Users\Pane\AppData\Local\Desktop deleted successfully
C:\Users\Pane\AppData\Local\DevelopmentFiles deleted successfully
C:\Users\Pane\AppData\Local\Documents deleted successfully
C:\Users\Pane\AppData\Local\Endurance_training_notifications_and_reminders deleted successfully
C:\Users\Pane\AppData\Local\ExtreamFanV5 deleted successfully
C:\Users\Pane\AppData\Local\Favorites deleted successfully
C:\Users\Pane\AppData\Local\IObit deleted successfully
C:\Users\Pane\AppData\Local\Literature_reading_notifications_and_reminders deleted successfully
C:\Users\Pane\AppData\Local\PeerDistRepub deleted successfully
C:\Users\Pane\AppData\Local\ProgramData deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Pane\AppData\Roaming\Mozilla\Firefox\Profiles\uvchyerp.default-release\prefs.js:

Added to C:\Users\Pane\AppData\Roaming\Mozilla\Firefox\Profiles\uvchyerp.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\EaseUS not found
C:\PROGRA~3\SystemPropertiesDataExecutionPrevention deleted
C:\windows\SysNative\Tasks\WinTrackerSP HR deleted
C:\windows\SysNative\Tasks\WinTrackerSP LG deleted
C:\Users\Pane\AppData\Roaming\epm_user.ini deleted
C:\PROGRA~3\rc65.dat deleted
C:\PROGRA~3\resource-a.dat deleted
C:\PROGRA~3\resource-b.dat deleted
C:\PROGRA~3\ts65.dat deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM21865.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM24266.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM2530D.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM26136.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM2FD5A.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efe72.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efe74.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efe76.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efe88.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efe8a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efe8c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efe9d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efe9f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efea1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efeb3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efeb5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efeb7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efec8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efeca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efecc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efece.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efee0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efee2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efee4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efef6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efef8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10dc-27e0-131efefa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-954f4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-954f6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95508.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-9550a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-9551b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-9553c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-9553e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95560.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95591.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95593.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95595.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-955a6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-955c7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-955c9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-955cb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-955dd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-955ef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95600.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95622.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95624.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95635.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1648-1134-95637.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-134fe2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-134fe4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-134fe6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-134ff8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-134ffa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-134ffc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-134ffe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135010.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135012.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135014.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135016.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135027.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135029.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-13502b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-13502d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-13503f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135041.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135043.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135045.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135057.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-135059.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-18bc-5bc-13505b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df4d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df4f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df61.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df63.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df65.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df67.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df79.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df7b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df7d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df8e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df90.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df92.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38df94.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38dfa6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38dfa8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38dfaa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38dfac.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38dfbd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38dfbf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38dfc1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38dfc3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1940-1768-38dfd5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f36.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f38.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f3a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f4c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f4e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f5f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f61.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f73.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f75.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f87.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f89.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f9a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2f9c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2fae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2fb0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2fb2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2fc4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2fd5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a2ff6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a3008.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a300a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1d48-21a0-7a300c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede54.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede56.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede58.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede6a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede6c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede6e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede7f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede81.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede83.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede95.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede97.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede99.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ede9b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2edeac.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2edeae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2edeb0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2edeb2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2edec4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2edec6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2edec8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ededa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1e10-1d14-2ededc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e0376.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e0388.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e038a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e038c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e039e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03a0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03a2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03b3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03b5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03b7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03cb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03cd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03cf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03e1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03e3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03e5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03f6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e03f8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e040a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e040c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-20bc-1f18-45e040e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6e24.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6e36.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6e38.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6e69.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6e7a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6e7c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6e8e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6ea0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6eb1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6eb3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6ec5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6ed7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6ed9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6efa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6f0b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6f0d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6f1f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6f31.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6f42.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6f44.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6f56.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2260-1914-a6f58.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c70f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c721.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c723.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c725.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c746.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c748.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c75a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c75c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c75e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c76f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c771.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c773.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c775.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c787.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c789.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c78b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c78d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c79f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c7a1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c7a3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c7a5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-22fc-1218-5f7c7b6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-95273.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-95285.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-95287.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-95289.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-9529b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-9529d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952ae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952b2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952c4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952c6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952d7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952d9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952db.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952ed.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952ef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-952f1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-95303.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-95305.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-95307.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-95318.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2350-160c-9531a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb52.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb54.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb56.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb6a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb6c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb7d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb7f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb81.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb93.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb95.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb97.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bb99.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bbab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bbad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bbbe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bbc0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bbc2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bbc4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bbc6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bbd8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-237c-249c-54bbda.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b807.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b809.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b81b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b81d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b81f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b831.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b833.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b844.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b846.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b848.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b85a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b85c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b85e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b870.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b881.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b883.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b885.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b897.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b8a8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b8aa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b8ac.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2428-27e4-12b8be.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07239.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d0723b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d0723d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d0724f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07251.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07253.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07255.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07266.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07268.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d0726a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d0726c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d0727e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07280.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07282.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07294.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07296.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d07298.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d0729a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d072ab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d072ad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d072af.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-540-2a2c-6d072c1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba07.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba09.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba0b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba1d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba3e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba40.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba42.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba53.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba65.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba67.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba79.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba7b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba7d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba7f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba90.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba92.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9ba94.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9baa6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9bab8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9baba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9bacb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ad4-b7c-9bacd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1cc3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1cd5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1cd7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1cd9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1ceb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1ced.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1cef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d00.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d02.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d04.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d06.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d18.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d1a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d1c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d2e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d30.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d51.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d53.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d64.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d66.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-bd8-1444-b1d7a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11eee1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11eee3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11eef5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11eef7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11eef9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef0a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef0c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef0e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef10.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef22.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef34.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef36.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef38.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef49.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef4b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef4d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef4f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef51.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef63.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef65.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef67.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef69.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-11ef7b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c78-1c3c-19a1ff74.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2a4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2b6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2b8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2ba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2bc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2d0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2d2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2d4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2e5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2e7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2e9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2eb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2fd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e2ff.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e301.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e303.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e314.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e316.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e318.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e31a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f90-1374-1e32c.tmp deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
"C:\Users\Pane\AppData\Roaming\fiwdtat" deleted
"C:\ProgramData\5940a34987c991" deleted
"C:\ProgramData\AAKJKJDGCGDBGDHIJKJECFCFBG" deleted
"C:\DumpStack.log.tmp" not deleted
"C:\Users\Pane\AppData\Roaming\Temp\Task.bat" deleted
"C:\Users\Pane\AppData\Roaming\Temp" deleted

==== Orphaned Tasks deleted from Registry ======================

WinTrackerSP HR deleted
WinTrackerSP LG deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Pane\AppData\Roaming\Mozilla\Firefox\Profiles\uvchyerp.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================


HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

Edge relevant text changes - Pane\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\Pane\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pane\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Pane\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\Pane\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\Pane\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\Pane\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\Pane\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Pane\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Pane\AppData\Local\Microsoft\Edge\User Data\Default\Web Data will be reset at reboot
C:\Users\Pane\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pane\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Pane\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Pane\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Pane\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=58 folders=437 58687501 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pane\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Pane\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted
"C:\Users\Pane\AppData\Local\Microsoft\Edge\User Data\Default\Web Data" not found

==== EOF on 11.02.2024 at 22:16:40,11 ======================

[bill.da]

Informace o kontroly
Název produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončena
Datum kontroly    :  11.02.2024 22:22:08
Typ kontroly    :  Inteligentní kontrola
Čas trvání    :  00:00:23
Zkontrolované objekty    :  1916
Zjištěné objekty    :  0
Vyloučené objekty    :  0
Automatické odesílání    :  Ano
Operační systém    :  Windows 10 x64
Procesor    :  4X Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Režim systému BIOS    :  UEFI
Informace o doméně    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  1292592EF4022ED48FB689

[bill.da]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:27:06, on 11.02.2024
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22621.0001)


Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Pane\Downloads\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_A3FB6F0BFA64DA3B6778F36DA538B004] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
O4 - HKCU\..\Run: [ExtreamFanV5] C:\Users\Pane\AppData\Local\ExtreamFanV5\ExtreamFanV5.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_373ac - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\Windows\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\121.0.6167.161\elevation_service.exe
O23 - Service: Slu ba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Slu ba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UTIXDCVF - Google Inc. - C:\ProgramData\xcfonrchdkar\vueqjgslwynd.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10306 bytes

[bill.da]

nefunguje Windows Update hází chybu a když chci zapnout Windows Defender tak se zapne jenom černá obrazovka. Ale PC JEDE PĚKNĚ SVIŽNĚ JAKO DŘÍV.

[jaro3]

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.


Další zítra.

[bill.da]

Ok , až příjdu z práce po 16 hodině

[jaro3]

OK.

[bill.da]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.02.2024
Ran by Pane (12-02-2024 15:41:30)
Running from C:\Users\Pane\Desktop
Microsoft Windows 11 Pro Version 22H2 22621.3085 (X64) (2023-11-15 19:53:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2421127328-4240907721-822245617-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2421127328-4240907721-822245617-503 - Limited - Disabled)
Guest (S-1-5-21-2421127328-4240907721-822245617-501 - Limited - Disabled)
Pane (S-1-5-21-2421127328-4240907721-822245617-1001 - Administrator - Enabled) => C:\Users\Pane
WDAGUtilityAccount (S-1-5-21-2421127328-4240907721-822245617-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIMP (HKLM\...\AIMP) (Version: 5.11.2436 - Artem Izmaylov)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Mobile Device Support (HKLM\...\{FA3D0F2D-BA1C-4462-B6B3-3048CFF464C7}) (Version: 17.0.0.28 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.5.2 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.02 - Canon Inc.)
Canon MG3600 series On-screen Manual (HKLM-x32\...\Canon MG3600 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Catalyst Control Center - Branding (HKLM-x32\...\{015E85A7-3D30-495C-9908-63E04F7B42C9}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.161 - Google LLC)
iTunes (HKLM\...\{045CC211-B431-4FE7-9AD0-276EADC3A22B}) (Version: 12.13.1.3 - Apple Inc.)
Java 8 Update 401 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180401F0}) (Version: 8.0.4010.10 - Oracle Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft Office pro studenty a domácnosti 2021 - cs-cz (HKLM\...\HomeStudent2021Retail - cs-cz) (Version: 16.0.14326.20454 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 (HKLM\...\{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 (HKLM\...\{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 121.0 (x64 cs)) (Version: 121.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 119.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20454 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20454 - Microsoft Corporation) Hidden
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Registrace uživatele zařízení Canon MG3600 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3600 series) (Version: - ‭Canon Inc.)
Seznam.cz (HKU\S-1-5-21-2421127328-4240907721-822245617-1001\...\46cca9ada5672707c5e2463a2c66478e) (Version: 1.0 - Google\Chrome)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.02 - Ghisler Software GmbH)
Uninstaller (HKU\S-1-5-21-2421127328-4240907721-822245617-1001\...\Uninstaller) (Version: - Uninstaller)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-28] ()
Media Player -> C:\Program Files\WindowsApps\YellowElephantProductions.MediaPlayerS_1.318.164.0_x64__p3e1zgp7z7szg [2024-02-10] (Yellow Elephant Productions)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-10] (Microsoft Corporation)
PDF X -> C:\Program Files\WindowsApps\6760NGPDFLab.PDFX_1.3.63.0_x64__sbe4t8mqwq93a [2024-02-04] (NG PDF Lab) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-02] (Microsoft Studios) [MS Ad]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2421127328-4240907721-822245617-1001_Classes\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\localserver32 -> "C:\Users\Pane\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2421127328-4240907721-822245617-1001_Classes\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\localserver32 -> "C:\Users\Pane\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2421127328-4240907721-822245617-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2421127328-4240907721-822245617-1001_Classes\CLSID\{3A308EFE-656D-46BB-9963-0A41C0D6BCA2}\localserver32 -> "C:\Users\Pane\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2421127328-4240907721-822245617-1001_Classes\CLSID\{F37369D9-1C22-40A0-A997-0B4D5F7B6637}\localserver32 -> "C:\Users\Pane\AppData\Local\Microsoft\OneDrive\23.221.1024.0002\FileCoAuth.exe" => No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2023-11-24] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2023-11-24] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-10-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Pane\Desktop\Seznam.cz.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ogjjnehhciojhibklaoobihjmnoibhhj
ShortcutWithArgument: C:\Users\Pane\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ogjjnehhciojhibklaoobihjmnoibhhj\Seznam.cz.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ogjjnehhciojhibklaoobihjmnoibhhj
ShortcutWithArgument: C:\Users\Pane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Seznam.cz.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ogjjnehhciojhibklaoobihjmnoibhhj

==================== Loaded Modules (Whitelisted) =============

0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () [Access Denied] C:\PROGRA~2\HOSTSG~1\UPDATE~1\IMQWSZ~1.DLL
2015-10-09 11:47 - 2015-10-09 11:47 - 000017408 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\d62061e427543b4b47e9b5d02a954a5f\A4.Foundation.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\8dcec90438cc7e3969993cc7941c5433\AEM.Actions.CCAA.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\7136c8b52314236a79c694bd116139d8\AEM.Plugin.EEU.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\20529c47677ac80cec97641dc9f8ba2a\AEM.Plugin.Hotkeys.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000315904 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\ed36326141435fa4f72467dd8fe8965f\AEM.Plugin.Source.Kit.Server.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\40fba2cd62344a76888474edc74553a1\AEM.Plugin.WinMessages.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\6193f1a79b711b6cbbcb83f5b412910d\AEM.Plugin.REG.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\f307d335d3f3dfb002d449ac891ff4bd\AEM.Plugin.GD.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\89833ca7b150450de92c4c35df5231e0\AEM.Server.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\e4ea0c1db1d110e6e600b91b1d493c0c\AEM.Server.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\ed6dee670c8acd01b6e43340878a7450\APM.Foundation.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\5420715a938ddea92a6baf2757a8a380\ATICCCom.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000203776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\3bd631634206e123199cf7ef67d6e47a\CCC.Implementation.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\78766c13236bd84d1a5496894b8a9d2f\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\965e68723abc17aca48402a772599393\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\21233094d79c2af4c9b633d7fd44d826\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.398e7f7a#\40a6caeea6d03f92ff06fbc3a59128e3\CLI.Aspect.A4.A4.Shared.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\25bc02e9f9c9ef43546636e6685128f6\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\f4c0dcbb4c6cc574c29c9639aab4cd07\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\c3237f972647eeff79c67a3778eef6ab\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\27733ead8b24cb0e0ddd94bd5341d3b7\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\8cadcd5dc6436be4e749712376941c92\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000364544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\92e3ff0f21784f1ae440596c26f8938e\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\66d9dfc3c22139665a12a211c4155132\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000677888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\f09877c8559547b78b619aa7c61fdc88\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000320512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.87ad5c75#\40c62fd40f02feb19908901603d0ab49\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000745984 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\448d4d49c4602e8752dfbb90d4a9ee84\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\a5315febe5cabe371fa6d4f2942ca36f\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\40bae221156609811ad044680c5b388d\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\e664dd8df5020f5112502827f010ece9\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\330211511a2684f5c34c596128232100\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\ea673f433df6e49a193e8e5cc814938e\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\dfaf1a160190a5da83827a2b8aa3c0c7\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\7d8c73022dadf4b2fad00b8c1f469b0f\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\79545b1a4e940d70269572945aaf807e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\853e84d1c12bc8f45016b6743ae6da80\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\bee92cdce842a2af00cd0a4a46eb094f\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e76f4137#\20b724e643cfa037e2db556384afb5d9\CLI.Aspect.A4.A4.Dashboard.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\57c62288bd8335aba25b46f70a405e05\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 003313664 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\f5ec6986b7e3a1d9c0123c19cb0a22fc\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\ae0700ca410cdce602e5c3bb05386b67\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\b36a8ddd57092d6e2a5eeaee6e1f752d\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000063488 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f38af62f#\3bfb7dd3a8ac8a8e05a2e69c85453195\CLI.Aspect.A4.A4.Runtime.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\724b23ce87591a9fb20253b34c2fd1e5\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\dd8c0b7577ddaba32de11e14323a8214\CLI.Caste.A4.Runtime.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\6e209924bc35f04a12dc889b3641d5db\CLI.Caste.A4.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\0b97e04bc8714c55a8cf65744c0eb4d0\CLI.Caste.A4.Dashboard.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\b4413a5821d99005d2a121748e553593\CLI.Caste.Fuel.Shared.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\a6341e08012fc06f7c39de5f815fccd2\CLI.Caste.Fuel.Runtime.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\29ad56d3f406e823026c578b50dccfa6\CLI.Caste.Fuel.Dashboard.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\bb5ce65364bbc5ae0786e1a3b942d45d\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 001556480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\a74e0b9c695d671ca38126e8e109d3b0\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\33726e8e21ac807b94d80dd34ae36309\CLI.Caste.Graphics.Dashboard.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\edfc02f4284f0f37bccf730f3e11690e\CLI.Caste.HydraVision.Runtime.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\e79c111bca419fea1808522c208da400\CLI.Caste.HydraVision.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\f8ce9a8710bddc7638b4723464b3ebe5\CLI.Caste.HydraVision.Dashboard.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\efa251ad11c6d28f1e8c62a6c186cbfb\CLI.Caste.Platform.Shared.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\dbe0456f0584a7908d75d10a178868d4\CLI.Caste.Platform.Runtime.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\575317f6bca0d18879fe114594988ccb\CLI.Caste.Platform.Dashboard.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\1ca41bd41f8748a8850058bbbe64427b\CLI.Component.Runtime.Shared.ni.dll
2024-01-28 12:51 - 2024-01-28 12:51 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\2875a529c1a6e8aefce2163c58990d7d\CLI.Component.Systemtray.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\aeec0ea55774ecd2c0d8dfb1d89d3ac5\CLI.Component.Dashboard.ProfileManager2.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\460a4bedc0bd318ed4e13a39d21f6153\CLI.Component.Runtime.Shared.Private.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\7d16f6630c52117f8911ff8306911a42\CLI.Component.Runtime.Extension.EEU.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\2a7b5e0aa8a18a9ac437165ddfdf26a6\CLI.Component.Dashboard.Shared.Private.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\68147db9b1f328c1cbf7220b3e6367d9\CLI.Component.Client.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\f035e7256189e5b7dd3ea3ff58c1dc86\CLI.Component.Dashboard.Shared.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\df52ecdfe86b6d5434ad1c8572f8fa4c\CLI.Foundation.Private.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\7236a8b983f94356802f0d1652ca44ab\CLI.Foundation.XManifest.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\6e63baa841cb6c1cda36a6f4b44862dc\CLI.Foundation.CoreAudioAPI.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 001080320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\27695a883db3f74a0e41213f8a4b3842\CLI.Foundation.Client.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\9bb5e289f521f6ff34e72dd705a01a33\CLI.Foundation.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\7452095f8ae4958faa06a27a798e888b\DEM.Foundation.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\5366429cee88f11debbc72f3d9d0ba44\DEM.Graphics.I0601.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\360b984befcf5c2533837b430b022dce\DEM.Graphics.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\24372953d1b1693525b9889212a7fb80\Fuel.Foundation.ni.dll
2024-01-28 12:51 - 2024-01-28 12:51 - 000297472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\98466ef1bc7734c36654a09a21de1489\LOG.Foundation.Implementation.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\d20595995b08322cb2a683975d564d94\LOG.Foundation.Private.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\16ef2cb73e9e287bfc7d5acfa24ae7f4\LOG.Foundation.Implementation.Private.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\7fb1adee1c368c8e099b0f9e88b824cc\LOG.Foundation.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\894697090282aad5ce87f3e84bce43b9\MOM.Foundation.ni.dll
2024-01-28 12:51 - 2024-01-28 12:51 - 000402432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\e4bbb8dec53b54d81b66d39c4090bbd2\MOM.Implementation.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\f468dab0c0c18f04948b81b92ac4e7e0\NEWAEM.Foundation.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\20b39ec0ad272460aae0b0372a36e0b4\ADL.Foundation.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\8c9c25307fb072c092be13c43c00f24c\APM.Server.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\4b94593bb39713299d003933c4d85883\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\6342bc2ea6bfd54260f826a9f9ed4499\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\99b5d49905ac360c2d47810185066d27\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 008028160 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\2c87fc1a96ebb5130d8f2259352dbaa6\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 001160192 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\1fc0318a5f3f828f77375b8bb02d2c93\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\4b9426bccf67025c7903e472b8eb8a09\CLI.Component.Client.Shared.Private.ni.dll
2024-01-28 12:51 - 2024-01-28 12:51 - 000235008 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\1ec10b518780ba49076bb2da6c99e7e8\CLI.Component.Runtime.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\a09485ce62cae611f254423000f67744\CLI.Component.Dashboard.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000016896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\a37bd43e6b961332d069d4163329e877\DEM.Graphics.I0703.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\8a2485e5b161b1422e82ec86c0316a55\DEM.Graphics.I0706.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\c721ba5b66a059d9a82d5b07f3162ab8\DEM.Graphics.I0709.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\b17d04bcda14f6455cc104ee9783c9c5\DEM.Graphics.I0712.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\16dde392ebdd22bd55aa93f66bc22843\DEM.Graphics.I0804.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\f4c2a9208b4b95ec74656407206fa260\DEM.Graphics.I0805.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\d8148a0e5542279acc32f7c685e64748\DEM.Graphics.I0812.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\d15cdcd4953024ffa327fba2b4acc841\DEM.Graphics.I0906.ni.dll
2023-11-25 17:12 - 2023-11-25 17:12 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\0ca62694d5afc8dad4740afd4f565792\DEM.Graphics.I0912.ni.dll
2023-11-25 18:01 - 2023-11-25 18:01 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\476d401f42da64616ccb8b009a9231ec\DEM.Graphics.I1010.ni.dll
2023-11-25 17:11 - 2023-11-25 17:11 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\44838f4a02ab4b7f103bfa7e94006a9c\Localization.Foundation.Private.ni.dll
2024-01-28 12:51 - 2024-01-28 12:51 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\3cdcd7981e83032e6bdbe474c20131a6\ResourceManagement.Foundation.Implementation.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\74e094d1ee6df341d3fa31d9e5984ba2\ResourceManagement.Foundation.Private.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\2a162814fd391bcba0bda8f8ff40a2f3\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 002846208 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\67a12dbbd2f198d305ee5fbdc7677ccb\CLI.Caste.Graphics.Shared.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 003269632 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\e68c5a6b635414c1224122df77f14c1e\CLI.Caste.Graphics.Runtime.ni.dll
2023-11-28 16:37 - 2015-01-09 08:45 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2023-11-28 16:37 - 2015-01-09 08:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2023-11-28 16:36 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2024-01-28 12:50 - 2024-01-28 12:50 - 000335360 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\751da2dc7b72ea55a55c84945f1c51ff\Microsoft.WindowsAPICodePack.ni.dll
2024-01-28 12:50 - 2024-01-28 12:50 - 002582016 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\00ca1a75043e97ab14f507de7cf4e8bb\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-16] (Microsoft