Log z Hijackthis

Votasini · Příspěvekod **Votasini** » 14 úno 2025 23:24

Zdravím,

dnes jsem zveřejnil tento příspěvek

"Došla mi na mail výhružná zpráva o ukradených datech a o úhradě v BTC a všechny tyto řeči.. Normálně by mě to nezarazilo, ale mail se jeví, jako by přišel z mého účtu, jde to jen nějak zfalšovat nebo někdo má přístup k mému účtu? Nevíte někdo, co s tím?"

a na doporučení spustil Hijacjthis, zde je můj log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:57:37, on 14/02/2025
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.4355)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
C:\Users\jonas\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\jonas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [RiotClient] C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode
O4 - HKCU\..\Run: [Discord] "C:\Users\jonas\AppData\Local\Discord\Update.exe" --processStart Discord.exe
O4 - HKCU\..\Run: [Spotify] C:\Users\jonas\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_A4C66DDC59B710DBA18B4296900F290C] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\Windows\System32\DriverStore\FileRepository\u0329634.inf_amd64_1e37ba87136b496c\B329655\atiesrxx.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_49759d8 - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\Windows\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\133.0.6943.98\elevation_service.exe
O23 - Service: Google Updater Internal Service (GoogleUpdaterInternalService134.0.6985.0) (GoogleUpdaterInternalService134.0.6985.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe
O23 - Service: Google Updater Service (GoogleUpdaterService134.0.6985.0) (GoogleUpdaterService134.0.6985.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: MBVpnTunnelService - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8265 bytes

Je vše v pořádku? Děkuji,

votasini

Reklama

Příspěvekod **jaro3** » 15 úno 2025 14:47

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome ,Edge , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
https://www.bleepingcomputer.com/download/tfc/
https://www.majorgeeks.com/files/detail ... eaner.html
https://www.majorgeeks.com/mg/get/temp_ ... ner,1.html

Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako) C:\AdwCleaner\Logs, jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/

na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož. A vlož sem.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.

Votasini · Příspěvekod **Votasini** » 15 úno 2025 15:50

Používám pouze Chrome, zde je log z ADWCleaneru:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-15-2025
# Duration: 00:00:11
# OS: Windows 10 (Build 19045.5487)
# Scanned: 32108
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

A zde log z Malwarebytes:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 15/02/2025
Scan Time: 15:48
Log File: e0d4b458-ebab-11ef-9126-7085c2adafe3.json

-Software Information-
Version: 5.2.6.163
Components Version: 1.0.5146
Update Package Version: 1.0.95924
License: Trial

-System Information-
OS: Windows 10 (Build 19045.5487)
CPU: x64
File System: NTFS
User: DESKTOP-5H00PQG\jonas

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 190178
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 0 min, 32 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

Příspěvekod **jaro3** » 15 úno 2025 15:51

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
tutorial:
https://www.adlice.com/docs/roguekiller ... /tutorial/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- - klikni na „Scan“. V novém okně nic neměň a klikni dole na „Start“ ve sloupci „Quick Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Results “ , v dalším okně pak levým t. na „Report“ a vyber : „Text File“ , log nazvi třeba RK a ulož do dokumentů nebo na plochu. Otevři soubor a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Pokud nepůjde uložit log, vyfoť si nákazy z obrazovky a vlož sem.

Votasini · Příspěvekod **Votasini** » 15 úno 2025 16:03

Log z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by jonas (Administrator) on 15/02/2025 at 15:56:40.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/02/2025 at 15:57:47.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log z RK:

Program : RogueKillerSVC
Version : 3.0.2.0
x64 : Yes
Program Date : Feb 14 2025
Location : C:\Program Files\RogueKiller\RogueKillerSvc.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : jonas
User is Admin : Yes
Date : 2025/02/15 15:01:18
Type : Scan
Aborted : No
Scan Mode : Quick
Duration : 10
Found items : 0
Total scanned : 885
removed_count : 0
Signatures Version : 20250110_132930
Truesight Driver : Yes
Updates Count : 0

************************* Warnings *************************

************************* Updates *************************

************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big : No
hosts_file_path : N/A

************************* Filesystem *************************

************************* Web Browsers *************************

************************* Antirootkit *************************

Příspěvekod **jaro3** » 15 úno 2025 16:40

Tak ještě poslední věc.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Votasini · Příspěvekod **Votasini** » 15 úno 2025 17:27

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2025
Ran by jonas (administrator) on DESKTOP-5H00PQG (15-02-2025 17:22:26)
Running from C:\Users\jonas\Downloads\FRST64.exe
Loaded Profiles: jonas
Platform: Microsoft Windows 10 Home Version 22H2 19045.5487 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files\AMD\CNext\CNext\amddvr.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Discord Inc. -> Discord Inc.) C:\Users\jonas\AppData\Local\Discord\app-1.0.9182\Discord.exe <6>
(DriverStore\FileRepository\u0329634.inf_amd64_1e37ba87136b496c\B329655\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0329634.inf_amd64_1e37ba87136b496c\B329655\atieclxx.exe
(explorer.exe ->) (6099D0EF-9374-47ED-BDFE-A82136831235 -> File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0329634.inf_amd64_1e37ba87136b496c\B329655\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4131496 2024-12-20] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [74279960 2025-02-07] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\Run: [Discord] => C:\Users\jonas\AppData\Local\Discord\Update.exe [1516408 2025-02-03] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\Run: [Spotify] => C:\Users\jonas\AppData\Roaming\Spotify\Spotify.exe [36322632 2025-02-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\Run: [MicrosoftEdgeAutoLaunch_A4C66DDC59B710DBA18B4296900F290C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088360 2025-02-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1250371796-2362371667-43556960-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088360 2025-02-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\133.0.6943.98\Installer\chrmstp.exe [2025-02-13] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4960F785-C2CB-42B7-A5E1-DA81DE2F32E4} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{BBB1C39B-8FC8-425B-AA1B-061483C9CDFA} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe [5672544 2025-01-28] (Google LLC -> Google LLC)
Task: {AB0C3195-91E5-4E9D-AD62-EC26F25F744A} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1250371796-2362371667-43556960-1001 => C:\Users\jonas\AppData\Local\Microsoft\OneDrive\25.005.0112.0003\OneDriveLauncher.exe [447032 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3210C6F-D867-4198-B256-3B16256670B9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-05-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {CC2A8118-47D5-44C0-8FE1-BD42B11841A0} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-05-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{615ba733-1909-41ea-af20-ec67f66de578}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{615ba733-1909-41ea-af20-ec67f66de578}: [DhcpDomain] Home

Edge:
=======
Edge Profile: C:\Users\jonas\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-14]
Edge Extension: (Google Docs Offline) - C:\Users\jonas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-08]
Edge Extension: (Edge relevant text changes) - C:\Users\jonas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-02-08]

Chrome:
=======
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default [2025-02-15]
CHR Extension: (Kaspersky Protection) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2025-02-07]
CHR Extension: (The FFZ Add-On Pack) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea [2025-02-07]
CHR Extension: (BetterTTV) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2025-02-07]
CHR Extension: (7TV) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2025-02-07]
CHR Extension: (Phantom) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfnaelmomeimhlpmgjnjophhpkkoljpa [2025-02-07]
CHR Extension: (Truffle) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkjeefjfjcfdfifddmkdmcpmaakmelp [2025-02-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-02-12]
CHR Extension: (The FFZ Enhancing Add-On) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjloclnedokpfjlolaebpbaclbdigon [2025-02-07]
CHR Extension: (Google Docs Offline) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-02-07]
CHR Extension: (Steam URL Opener) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiboilmeofgpoiopgjdllegafaaeblon [2025-02-07]
CHR Extension: (Hlídač Shopů) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2025-02-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-10-02] (BattlEye Innovations e.K. -> )
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9483456 2025-02-14] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-02-14] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2025-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15926936 2025-02-14] (Adlice (Julien Ascoet) -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6913000 2025-02-08] (Rockstar Games, Inc. -> Rockstar Games)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [13081856 2024-12-20] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24090.11-0\NisSrv.exe [3199672 2025-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24090.11-0\MsMpEng.exe [141952 2025-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [66864 2018-06-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2025-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2025-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [28298792 2024-12-19] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2025-02-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2025-02-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2025-02-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-02-15 17:22 - 2025-02-15 17:22 - 000011935 _____ C:\Users\jonas\Downloads\FRST.txt
2025-02-15 17:21 - 2025-02-15 17:22 - 000000000 ____D C:\FRST
2025-02-15 17:20 - 2025-02-15 17:20 - 002403840 _____ (Farbar) C:\Users\jonas\Downloads\FRST64.exe
2025-02-15 16:02 - 2025-02-15 16:02 - 000001624 _____ C:\Users\jonas\Desktop\rk.txt
2025-02-15 16:00 - 2025-02-15 16:01 - 000000000 ____D C:\ProgramData\RogueKiller
2025-02-15 16:00 - 2025-02-15 16:00 - 000000899 _____ C:\Users\Public\Desktop\Adlice Protect.lnk
2025-02-15 16:00 - 2025-02-15 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2025-02-15 16:00 - 2025-02-15 16:00 - 000000000 ____D C:\Program Files\RogueKiller
2025-02-15 15:59 - 2025-02-15 15:59 - 051457024 _____ (Adlice Software ) C:\Users\jonas\Downloads\RogueKiller_setup.exe
2025-02-15 15:57 - 2025-02-15 15:57 - 000000871 _____ C:\Users\jonas\Desktop\JRT.txt
2025-02-15 15:55 - 2025-02-15 15:55 - 001790024 _____ (Malwarebytes) C:\Users\jonas\Downloads\JRT.exe
2025-02-15 15:46 - 2025-02-15 15:46 - 000000000 ____D C:\AdwCleaner
2025-02-15 15:45 - 2025-02-15 15:45 - 008790880 _____ (Malwarebytes) C:\Users\jonas\Downloads\AdwCleaner.exe
2025-02-15 15:42 - 2025-02-15 15:42 - 000448512 _____ (OldTimer Tools) C:\Users\jonas\Downloads\TFC.exe
2025-02-14 22:56 - 2025-02-14 22:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\jonas\Downloads\hijackthis.exe
2025-02-14 22:17 - 2025-02-15 17:20 - 000000000 ____D C:\Users\jonas\AppData\Local\Malwarebytes
2025-02-14 22:17 - 2025-02-14 22:17 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-02-14 22:17 - 2025-02-14 22:17 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-02-14 22:16 - 2025-02-14 22:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-02-14 22:16 - 2025-02-14 22:16 - 000000000 ____D C:\Program Files\Malwarebytes
2025-02-14 22:13 - 2025-02-14 22:13 - 002832624 _____ (Malwarebytes) C:\Users\jonas\Downloads\MBSetup.exe
2025-02-12 18:28 - 2025-02-12 18:28 - 000000000 ___HD C:\$WinREAgent
2025-02-11 21:51 - 2025-02-11 21:51 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\InputMethod
2025-02-11 15:23 - 2025-02-11 15:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2025-02-09 15:07 - 2025-02-09 15:07 - 000000000 ____D C:\Users\jonas\AppData\Local\ElevatedDiagnostics
2025-02-09 15:03 - 2025-02-09 15:03 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2025-02-09 14:59 - 2025-02-12 18:38 - 000000000 ____D C:\Windows\system32\compatrel
2025-02-09 14:54 - 2025-02-09 14:54 - 000022205 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-02-09 14:53 - 2025-02-09 14:53 - 000022205 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2025-02-09 14:44 - 2025-02-12 18:28 - 000000000 ____D C:\Windows\system32\MRT
2025-02-09 14:44 - 2025-02-09 15:03 - 000000000 ____D C:\Program Files\RUXIM
2025-02-08 20:12 - 2025-02-08 20:12 - 000003564 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1250371796-2362371667-43556960-1001
2025-02-08 15:41 - 2025-02-08 15:42 - 228619312 _____ (OCCT) C:\Users\jonas\Downloads\OCCT.exe
2025-02-08 15:25 - 2025-02-08 15:31 - 000000000 ____D C:\Users\jonas\AppData\Roaming\CitizenFX
2025-02-08 15:22 - 2025-02-12 11:57 - 000000000 ____D C:\Users\jonas\AppData\Local\DigitalEntitlements
2025-02-08 15:22 - 2025-02-09 23:28 - 000002124 _____ C:\Users\jonas\Desktop\FiveM.lnk
2025-02-08 15:22 - 2025-02-08 15:22 - 005243936 _____ (Cfx.re) C:\Users\jonas\Downloads\FiveM.exe
2025-02-08 15:22 - 2025-02-08 15:22 - 000002132 _____ C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2025-02-08 15:22 - 2025-02-08 15:22 - 000002124 _____ C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM - Cfx.re Development Kit (FxDK).lnk
2025-02-08 15:22 - 2025-02-08 15:22 - 000000000 ____D C:\Users\jonas\AppData\Local\FiveM
2025-02-08 14:05 - 2025-02-08 14:05 - 000000000 ____D C:\Users\jonas\AppData\Local\BattlEye
2025-02-08 13:05 - 2025-02-08 13:05 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2025-02-08 13:04 - 2025-02-08 14:05 - 000000000 ____D C:\Users\jonas\AppData\Local\Rockstar Games
2025-02-08 13:04 - 2025-02-08 14:04 - 000000000 ____D C:\Users\jonas\Documents\Rockstar Games
2025-02-08 13:03 - 2025-02-08 14:03 - 000000000 ____D C:\Program Files\Rockstar Games
2025-02-08 13:03 - 2025-02-08 13:05 - 000000000 ____D C:\ProgramData\Rockstar Games
2025-02-08 13:03 - 2025-02-08 13:03 - 000001924 _____ C:\Users\jonas\Desktop\Rockstar Games Launcher.lnk
2025-02-08 13:03 - 2025-02-08 13:03 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2025-02-08 13:00 - 2025-02-08 13:00 - 000000000 ____D C:\Users\jonas\AppData\LocalLow\Clever Endeavour Games
2025-02-08 12:27 - 2025-02-08 13:26 - 000000222 _____ C:\Users\jonas\Desktop\Grand Theft Auto V.url
2025-02-08 12:27 - 2025-02-08 13:02 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-02-08 12:24 - 2025-02-08 12:26 - 000000000 ____D C:\Users\jonas\AppData\Local\Steam
2025-02-08 12:23 - 2025-02-09 14:47 - 000000000 ____D C:\Program Files (x86)\Steam
2025-02-08 12:23 - 2025-02-08 12:23 - 002380800 _____ C:\Users\jonas\Downloads\SteamSetup.exe
2025-02-08 12:23 - 2025-02-08 12:23 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2025-02-08 12:23 - 2025-02-08 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2025-02-08 12:05 - 2025-02-08 12:05 - 000003390 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1250371796-2362371667-43556960-500
2025-02-08 12:05 - 2025-02-08 12:05 - 000000000 ___RD C:\Users\Administrator\OneDrive
2025-02-08 12:05 - 2025-02-08 12:05 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\AMD
2025-02-08 12:05 - 2025-02-08 12:05 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2025-02-08 12:04 - 2025-02-11 15:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2025-02-08 12:04 - 2025-02-11 15:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2025-02-08 12:04 - 2025-02-08 12:05 - 000002383 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-08 12:04 - 2025-02-08 12:05 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows
2025-02-08 12:04 - 2025-02-08 12:05 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2025-02-08 12:04 - 2025-02-08 12:05 - 000000000 ____D C:\Users\Administrator\AppData\Local\AMD
2025-02-08 12:04 - 2025-02-08 12:05 - 000000000 ____D C:\Users\Administrator
2025-02-08 12:04 - 2025-02-08 12:04 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2025-02-08 12:04 - 2025-02-08 12:04 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates
2025-02-08 12:04 - 2025-02-08 12:04 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Protect
2025-02-08 12:04 - 2025-02-08 12:04 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto
2025-02-08 12:04 - 2025-02-08 12:04 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials
2025-02-08 12:04 - 2025-02-08 12:04 - 000000000 ___RD C:\Users\Administrator\3D Objects
2025-02-08 12:04 - 2025-02-08 12:04 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Vault
2025-02-08 12:04 - 2025-02-08 12:04 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2025-02-08 12:04 - 2025-02-08 12:04 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2025-02-08 11:55 - 2025-02-08 11:55 - 000000000 ____D C:\Users\jonas\Downloads\AB350M Pro4(5.50)ROM
2025-02-08 11:53 - 2025-02-08 11:53 - 007849226 _____ C:\Users\jonas\Downloads\AB350M Pro4(5.50)ROM.zip
2025-02-08 11:53 - 2025-02-08 11:53 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2025-02-08 11:53 - 2025-02-08 11:53 - 000003074 _____ C:\Windows\system32\Tasks\StartDVR
2025-02-08 11:53 - 2025-02-08 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2025-02-08 11:53 - 2025-02-08 11:53 - 000000000 ____D C:\Program Files (x86)\AMD
2025-02-08 11:53 - 2025-02-08 11:53 - 000000000 ____D C:\6749525315573233238
2025-02-08 11:53 - 2018-06-11 20:18 - 000066864 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmafd.sys
2025-02-08 11:52 - 2025-02-08 14:02 - 000000000 ____D C:\ProgramData\Package Cache
2025-02-08 11:52 - 2025-02-08 11:52 - 000000000 ____D C:\Users\jonas\AppData\Local\RadeonInstaller
2025-02-08 11:52 - 2025-02-08 11:52 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2025-02-08 11:52 - 2019-10-01 08:34 - 000045832 _____ (Advanced Micro Devices, Inc) C:\Windows\system32\Drivers\amdgpio2.sys
2025-02-08 11:52 - 2018-06-11 20:19 - 003145576 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 002744176 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 001077104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 001077104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000721776 _____ (AMD) C:\Windows\system32\atieclxx.exe
2025-02-08 11:52 - 2018-06-11 20:19 - 000574312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000487280 _____ C:\Windows\system32\dgtrayicon.exe
2025-02-08 11:52 - 2018-06-11 20:19 - 000485232 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000476016 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000465768 _____ C:\Windows\system32\GameManager64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000423304 _____ C:\Windows\system32\atieah64.exe
2025-02-08 11:52 - 2018-06-11 20:19 - 000402800 _____ C:\Windows\system32\EEURestart.exe
2025-02-08 11:52 - 2018-06-11 20:19 - 000374120 _____ C:\Windows\SysWOW64\GameManager32.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000360304 _____ C:\Windows\system32\clinfo.exe
2025-02-08 11:52 - 2018-06-11 20:19 - 000343408 _____ C:\Windows\SysWOW64\atieah32.exe
2025-02-08 11:52 - 2018-06-11 20:19 - 000243568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000213864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000188776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000183664 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000168304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000165744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000162808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000159600 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000159088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000154056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000143752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000141680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000132976 _____ (AMD) C:\Windows\system32\atimuixx.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000128360 _____ C:\Windows\system32\atidxx64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000122248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000111496 _____ C:\Windows\SysWOW64\atidxx32.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000107376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000077680 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000054120 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2025-02-08 11:52 - 2018-06-11 20:19 - 000051048 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000883568 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000711536 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000562344 _____ C:\Windows\system32\amdmiracast.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000561000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000454504 _____ C:\Windows\system32\amdgfxinfo64.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000391048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000370032 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000196200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000174144 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000140576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000131272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000131272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000125376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000111656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2025-02-08 11:52 - 2018-06-11 20:18 - 000111656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2025-02-08 11:52 - 2018-06-11 17:02 - 000121392 _____ C:\Windows\system32\kapp_ci.sbin
2025-02-08 11:52 - 2018-06-11 17:02 - 000117072 _____ C:\Windows\system32\kapp_si.sbin
2025-02-08 11:52 - 2018-04-25 19:21 - 000031592 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AMDPCIDev.sys
2025-02-08 11:51 - 2025-02-08 11:51 - 000000000 ____D C:\Users\jonas\Downloads\Allin1(v18.10.20_NHDA)
2025-02-08 11:51 - 2025-02-08 11:51 - 000000000 ____D C:\Users\jonas\AppData\Roaming\WinRAR
2025-02-08 11:51 - 2025-02-08 11:51 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-02-08 11:51 - 2025-02-08 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-02-08 11:51 - 2025-02-08 11:51 - 000000000 ____D C:\Program Files\WinRAR
2025-02-08 11:50 - 2025-02-08 11:50 - 003912088 _____ (Alexander Roshal) C:\Users\jonas\Downloads\winrar-x64-701.exe
2025-02-08 11:49 - 2025-02-08 11:51 - 754551141 _____ C:\Users\jonas\Downloads\Allin1(v18.10.20_NHDA).zip
2025-02-08 04:08 - 2025-02-09 20:35 - 000000000 ____D C:\Windows\Panther
2025-02-07 23:05 - 2025-02-07 23:05 - 003598400 _____ (CPUID, Inc. ) C:\Users\jonas\Downloads\cpu-z_2.13-en.exe
2025-02-07 23:05 - 2025-02-07 23:05 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2025-02-07 23:05 - 2025-02-07 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2025-02-07 23:05 - 2025-02-07 23:05 - 000000000 ____D C:\Program Files\CPUID
2025-02-07 22:39 - 2025-02-07 22:39 - 000000258 __RSH C:\ProgramData\ntuser.pol
2025-02-07 22:30 - 2025-02-07 22:30 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\MMC
2025-02-07 22:00 - 2025-02-15 17:21 - 000000000 ____D C:\Users\jonas\AppData\Local\Spotify
2025-02-07 22:00 - 2025-02-15 16:05 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Spotify
2025-02-07 22:00 - 2025-02-07 22:00 - 001452464 _____ (Spotify Ltd) C:\Users\jonas\Downloads\SpotifySetup.exe
2025-02-07 22:00 - 2025-02-07 22:00 - 000001850 _____ C:\Users\jonas\Desktop\Spotify.lnk
2025-02-07 22:00 - 2025-02-07 22:00 - 000001836 _____ C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2025-02-07 21:27 - 2025-02-15 17:05 - 000000000 ____D C:\Users\jonas\AppData\Local\Discord
2025-02-07 21:27 - 2025-02-15 16:06 - 000000000 ____D C:\Users\jonas\AppData\Roaming\discord
2025-02-07 21:27 - 2025-02-13 12:48 - 000002243 _____ C:\Users\jonas\Desktop\Discord.lnk
2025-02-07 21:27 - 2025-02-07 21:27 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2025-02-07 21:27 - 2025-02-07 21:27 - 000000000 ____D C:\Users\jonas\AppData\Local\SquirrelTemp
2025-02-07 21:24 - 2025-02-07 21:26 - 114021752 _____ (Discord Inc.) C:\Users\jonas\Downloads\DiscordSetup.exe
2025-02-07 21:22 - 2025-02-11 15:23 - 000000000 ____D C:\Users\jonas\AppData\Local\PlaceholderTileLogoFolder
2025-02-07 20:57 - 2025-02-07 20:57 - 000000000 ____D C:\Users\jonas\Documents\League of Legends
2025-02-07 20:56 - 2025-02-15 16:07 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2025-02-07 20:56 - 2025-02-14 21:08 - 134222904 _____ C:\Windows\392667600.dat
2025-02-07 20:56 - 2025-02-07 20:56 - 000000000 ____D C:\Users\jonas\AppData\Local\CEF
2025-02-07 20:49 - 2025-02-07 20:49 - 000000000 ____D C:\Program Files\Reference Assemblies
2025-02-07 20:49 - 2025-02-07 20:49 - 000000000 ____D C:\Program Files\MSBuild
2025-02-07 20:49 - 2025-02-07 20:49 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2025-02-07 20:49 - 2025-02-07 20:49 - 000000000 ____D C:\Program Files (x86)\MSBuild
2025-02-07 20:47 - 2025-02-07 20:48 - 000000000 ____D C:\Program Files\Riot Vanguard
2025-02-07 20:46 - 2025-02-15 12:10 - 000000000 ____D C:\Users\jonas\AppData\Roaming\riot-client-ux
2025-02-07 20:46 - 2025-02-08 14:04 - 000001693 _____ C:\Users\Public\Desktop\League of Legends.lnk
2025-02-07 20:46 - 2025-02-07 20:56 - 000001491 _____ C:\Users\Public\Desktop\Riot Client.lnk
2025-02-07 20:46 - 2025-02-07 20:47 - 000000000 ____D C:\Riot Games
2025-02-07 20:46 - 2025-02-07 20:46 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2025-02-07 20:46 - 2025-02-07 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2025-02-07 20:26 - 2025-02-07 20:26 - 000000000 ____D C:\Users\jonas\AppData\Local\OneDrive
2025-02-07 20:24 - 2025-02-07 20:24 - 018582416 _____ (Martin Malik, REALiX s.r.o. ) C:\Users\jonas\Downloads\hwi64_820.exe
2025-02-07 20:24 - 2025-02-07 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO® 64
2025-02-07 20:24 - 2025-02-07 20:24 - 000000000 ____D C:\Program Files\HWiNFO64
2025-02-07 20:23 - 2025-02-08 20:12 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1250371796-2362371667-43556960-1001
2025-02-07 20:23 - 2025-02-07 20:23 - 000000000 ____D C:\Users\jonas\Documents\MAXON
2025-02-07 20:23 - 2025-02-07 20:23 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Maxon
2025-02-07 20:15 - 2025-02-15 12:10 - 000000000 ____D C:\ProgramData\Riot Games
2025-02-07 20:15 - 2025-02-07 20:56 - 000000000 ____D C:\Users\jonas\AppData\Local\Riot Games
2025-02-07 20:14 - 2025-02-07 20:15 - 074510024 _____ (Riot Games, Inc.) C:\Users\jonas\Downloads\Install League of Legends eune.exe
2025-02-07 20:09 - 2025-02-07 20:21 - 000000000 ____D C:\Users\jonas\Downloads\Cinebench2024_win_x86_64
2025-02-07 20:06 - 2025-02-07 20:08 - 1406268406 _____ C:\Users\jonas\Downloads\Cinebench2024_win_x86_64.zip
2025-02-07 19:56 - 2025-02-08 11:52 - 000000000 ____D C:\Users\jonas\AppData\LocalLow\AMD
2025-02-07 19:54 - 2025-02-08 11:53 - 000000000 ____D C:\Users\jonas\AppData\Local\AMD
2025-02-07 19:53 - 2025-02-15 16:04 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2025-02-07 19:53 - 2025-02-08 11:53 - 000000000 ____D C:\Program Files\AMD
2025-02-07 19:53 - 2025-02-08 11:52 - 000000000 ____D C:\Windows\system32\AMD
2025-02-07 19:53 - 2025-02-07 19:53 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2025-02-07 19:53 - 2018-06-11 20:18 - 000109928 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2025-02-07 19:52 - 2025-02-15 11:31 - 000000000 ____D C:\Users\jonas\AppData\Local\D3DSCache
2025-02-07 19:51 - 2025-02-07 19:51 - 000000000 ____D C:\Users\jonas\AppData\Local\Comms
2025-02-07 19:50 - 2025-02-13 12:48 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-02-07 19:50 - 2025-02-13 12:48 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-02-07 19:50 - 2025-02-07 19:50 - 010529664 _____ (Google LLC) C:\Users\jonas\Downloads\ChromeSetup.exe
2025-02-07 19:50 - 2025-02-07 19:50 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2025-02-07 19:50 - 2025-02-07 19:50 - 000000000 ____D C:\Users\jonas\AppData\Local\Google
2025-02-07 19:50 - 2025-02-07 19:50 - 000000000 ____D C:\Program Files\Google
2025-02-07 19:50 - 2025-02-07 19:50 - 000000000 ____D C:\Program Files (x86)\Google
2025-02-07 19:49 - 2025-02-09 13:29 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Spelling
2025-02-07 19:35 - 2025-02-08 20:12 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1250371796-2362371667-43556960-1001
2025-02-07 19:35 - 2025-02-07 19:35 - 000000000 ___RD C:\Users\jonas\OneDrive
2025-02-07 19:34 - 2025-02-07 19:34 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Vault
2025-02-07 19:34 - 2025-02-07 19:34 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2025-02-07 19:33 - 2025-02-12 18:57 - 000000000 ____D C:\Users\jonas\AppData\Local\Packages
2025-02-07 19:33 - 2025-02-12 18:56 - 000000000 ____D C:\ProgramData\Packages
2025-02-07 19:33 - 2025-02-08 12:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ___SD C:\Users\jonas\AppData\Roaming\Microsoft\SystemCertificates
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ___SD C:\Users\jonas\AppData\Roaming\Microsoft\Protect
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ___SD C:\Users\jonas\AppData\Roaming\Microsoft\Crypto
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ___SD C:\Users\jonas\AppData\Roaming\Microsoft\Credentials
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ___RD C:\Users\jonas\3D Objects
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Network
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Adobe
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ____D C:\Users\jonas\AppData\Local\VirtualStore
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ____D C:\Users\jonas\AppData\Local\Publishers
2025-02-07 19:33 - 2025-02-07 19:33 - 000000000 ____D C:\Users\jonas\AppData\Local\ConnectedDevicesPlatform
2025-02-07 19:32 - 2025-02-08 20:12 - 000002379 _____ C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-07 19:32 - 2025-02-07 22:33 - 000000000 ____D C:\Users\jonas
2025-02-07 19:32 - 2025-02-07 19:33 - 000000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows
2025-02-07 19:32 - 2025-02-07 19:32 - 000000020 ___SH C:\Users\jonas\ntuser.ini
2025-02-07 19:15 - 2025-02-15 16:11 - 000840602 _____ C:\Windows\system32\PerfStringBackup.INI
2025-02-07 19:11 - 2025-02-07 19:11 - 000000000 _SHDL C:\Documents and Settings
2025-02-07 19:10 - 2025-02-12 10:50 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-07 19:10 - 2025-02-12 10:50 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-02-07 19:10 - 2025-02-08 11:45 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-02-07 19:10 - 2025-02-08 11:45 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-02-07 19:09 - 2025-02-15 17:19 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-02-07 19:09 - 2025-02-15 16:04 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-07 19:09 - 2025-02-15 16:04 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-02-07 19:09 - 2025-02-12 18:39 - 000269048 _____ C:\Windows\system32\FNTCACHE.DAT
2025-02-07 19:09 - 2025-02-07 22:44 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-02-07 19:09 - 2025-02-07 19:09 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2025-02-07 19:09 - 2025-02-07 19:09 - 000000000 ____D C:\Windows\ServiceProfiles

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-02-15 16:11 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2025-02-15 16:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-15 16:04 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2025-02-15 15:44 - 2023-12-04 03:52 - 000000000 ____D C:\Windows\SystemTemp
2025-02-14 22:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-02-14 20:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-14 20:39 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2025-02-12 18:38 - 2023-12-04 03:52 - 000000000 ____D C:\Windows\InboxApps
2025-02-12 18:38 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-02-12 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-02-12 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2025-02-12 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2025-02-12 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2025-02-12 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-02-12 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2025-02-12 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-02-12 18:38 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2025-02-12 18:36 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2025-02-09 14:59 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Portable Devices
2025-02-09 14:59 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2025-02-09 14:59 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2025-02-09 14:59 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2025-02-09 14:59 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\schemas
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2025-02-09 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2025-02-09 13:16 - 2019-12-07 10:51 - 000000000 ____D C:\Windows\OCR
2025-02-08 11:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
2025-02-08 04:08 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2025-02-07 22:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2025-02-07 22:30 - 2023-12-04 03:47 - 000770560 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2025-02-07 22:30 - 2023-12-04 03:47 - 000553984 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2025-02-07 22:30 - 2023-12-04 03:47 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2025-02-07 22:30 - 2023-12-04 03:47 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2025-02-07 22:30 - 2023-12-04 03:47 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\AppIdPolicyEngineApi.dll
2025-02-07 22:30 - 2023-12-04 03:47 - 000207360 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2025-02-07 22:30 - 2023-12-04 03:47 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\AuditPolicyGPInterop.dll
2025-02-07 22:30 - 2023-12-04 03:47 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2025-02-07 22:30 - 2023-12-04 03:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2025-02-07 22:30 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2025-02-07 22:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\security
2025-02-07 22:30 - 2019-12-07 10:10 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2025-02-07 22:30 - 2019-12-07 10:10 - 000147439 _____ C:\Windows\system32\gpedit.msc
2025-02-07 22:30 - 2019-12-07 10:10 - 000120458 _____ C:\Windows\system32\secpol.msc
2025-02-07 22:30 - 2019-12-07 10:10 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2025-02-07 22:30 - 2019-12-07 10:10 - 000043566 _____ C:\Windows\system32\rsop.msc
2025-02-07 22:30 - 2019-12-07 10:10 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2025-02-07 21:53 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2025-02-07 19:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2025-02-07 19:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2025-02-07 19:13 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2025-02-07 19:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\spool

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Votasini · Příspěvekod **Votasini** » 15 úno 2025 17:27

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2025
Ran by jonas (15-02-2025 17:23:46)
Running from C:\Users\jonas\Downloads
Microsoft Windows 10 Home Version 22H2 19045.5487 (X64) (2025-02-07 18:11:41)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1250371796-2362371667-43556960-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1250371796-2362371667-43556960-503 - Limited - Disabled)
Guest (S-1-5-21-1250371796-2362371667-43556960-501 - Limited - Disabled)
jonas (S-1-5-21-1250371796-2362371667-43556960-1001 - Administrator - Enabled) => C:\Users\jonas
WDAGUtilityAccount (S-1-5-21-1250371796-2362371667-43556960-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adlice Protect version 16.0.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 16.0.3.0 - Adlice Software)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.12 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 2.13 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.13 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\Discord) (Version: 1.0.9181 - Discord Inc.)
FiveM (HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 133.0.6943.98 - Google LLC)
HWiNFO® 64 (HKLM\...\HWiNFO® 64_is1) (Version: 8.20 - Martin Malik, REALiX s.r.o.)
League of Legends (HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 5.2.6.163 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.6.163 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 133.0.3065.59 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.59 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\OneDriveSetup.exe) (Version: 25.005.0112.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1250371796-2362371667-43556960-500\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Riot Client (HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.100.2300_S01_ETU2 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.21 - Rockstar Games)
Spotify (HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\Spotify) (Version: 1.2.57.463.g4f748c64 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)

Packages:
=========
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne [2025-02-07] (File-New-Project) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-14] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-05-29] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-14] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-04-24 22:06 - 2018-04-24 22:06 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 22:06 - 2018-04-24 22:06 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-05-29 17:02 - 2018-05-29 17:02 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000109568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 069968896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 22:06 - 2018-04-24 22:06 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\jonas\Downloads\AdwCleaner.exe:MBAM.Zone.Identifier [214]
AlternateDataStreams: C:\Users\jonas\Downloads\hijackthis.exe:MBAM.Zone.Identifier [125]
AlternateDataStreams: C:\Users\jonas\Downloads\TFC.exe:MBAM.Zone.Identifier [238]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1250371796-2362371667-43556960-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1250371796-2362371667-43556960-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\DesktopSpotlight\Assets\Images\image_2.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A4C66DDC59B710DBA18B4296900F290C"
HKU\S-1-5-21-1250371796-2362371667-43556960-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{1201E451-950C-4A06-B61B-055B4523F35E}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{E3F8BC0A-8952-4942-B9A4-D4C05718CEA2}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{1B093E66-1E3E-4E8B-B85D-24F088BCF46F}C:\users\jonas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{EA252F82-542D-4BDB-AD11-9AE0188FF27C}C:\users\jonas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9BA0252E-2933-48BB-A53E-4C38C16AB8A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1289EA29-1768-4B15-A544-F4CDB1F9D34B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{43D036ED-415A-4353-80D2-80BEF928A7B5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E9BC3253-52A6-40E3-9390-B87106BF531E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4DA70B22-280F-407A-B48C-56D4589D08F9}] => (Allow) E:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{F433875B-7874-4114-A11C-3500F6FC12D6}] => (Allow) E:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{700C4DC0-F625-4ADE-959E-1159E20AF78E}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{F8B5CD14-1C0B-450A-BE0E-546A0B8402AD}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{8B8D95D1-5A98-4974-A66E-940CB6C09D11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3801225D-C9D7-4D14-A95F-048FFD9156EC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A247EBD-C59F-42B0-9ABC-D4FF41A817C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{520B5D9D-A87C-4E56-8666-1FBA16E8C860}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{640CE01F-1CA9-4A2E-8362-976BBEFA0556}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9B243685-12CA-4340-A861-EEFCC5CFDB53}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.59\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7F1EED3E-9E68-49C7-8F45-9BD94C391B68}C:\users\jonas\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jonas\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (Cfx.re) [File not signed]
FirewallRules: [UDP Query User{BC0322FF-9D07-4FA4-B771-996096866824}C:\users\jonas\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jonas\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (Cfx.re) [File not signed]

==================== Restore Points =========================

11-02-2025 16:33:37 Scheduled Checkpoint
12-02-2025 18:28:33 Windows Modules Installer
15-02-2025 15:56:40 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/15/2025 05:21:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 133.0.6943.98 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 281c

Start Time: 01db7fbb12b5463d

Termination Time: 6

Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report Id: 1bc52680-c00d-4830-bf63-e601359ef3fd

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread

Error: (02/14/2025 09:43:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program League of Legends.exe version 15.3.656.4086 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 13f4

Start Time: 01db7f20a4d2e409

Termination Time: 29

Application Path: C:\Riot Games\League of Legends\Game\League of Legends.exe

Report Id: cda8107b-5557-4948-b67e-0916c7150e46

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (02/14/2025 08:35:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on HDD (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/10/2025 11:17:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_Shell32.dll, version: 10.0.19041.4648, time stamp: 0xfe51b7ac
Faulting module name: SysFxUI.dll, version: 10.0.19041.5072, time stamp: 0xc22e10ec
Exception code: 0xc0000005
Fault offset: 0x00000000000080c7
Faulting process id: 0x794
Faulting application start time: 0x01db7ba5040f9197
Faulting application path: C:\Windows\system32\rundll32.exe
Faulting module path: C:\Windows\System32\SysFxUI.dll
Report Id: 405d73cf-c0cd-4ec9-96b8-30df37482ae7
Faulting package full name:
Faulting package-relative application ID:

Error: (02/08/2025 02:10:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffe208bc7c0
Faulting process id: 0x754
Faulting application start time: 0x01db7a2a190416f0
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: 8734047f-8413-4a96-acb7-302d7a3beab0
Faulting package full name:
Faulting package-relative application ID:

Error: (02/07/2025 10:33:05 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL - Access is denied.

Error: (02/07/2025 10:33:05 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL - Access is denied.

Error: (02/07/2025 08:26:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.3758 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 7c4

Start Time: 01db799627b6ae55

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 1bbe3726-a310-400a-90c7-516b0b53b934

Faulting package full name: Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ShellFeedsUI

Hang type: Quiesce

System errors:
=============
Error: (02/15/2025 04:06:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The System Guard Runtime Monitor Broker service terminated with the following error:
%%3489660935

Error: (02/15/2025 04:04:44 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 3 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/15/2025 04:04:44 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 2 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/15/2025 04:04:44 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 1 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/15/2025 04:04:44 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/15/2025 03:46:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The System Guard Runtime Monitor Broker service terminated with the following error:
%%3489660935

Error: (02/15/2025 03:44:17 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 3 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (02/15/2025 03:44:17 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 2 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Windows Defender:
================
Date: 2025-02-14 11:56:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-02-13 13:40:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-02-11 15:36:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-02-10 16:57:27
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-02-09 15:57:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2025-02-15 15:43:50
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.421.1890.0;1.421.1890.0
Engine Version: 1.1.24090.11

CodeIntegrity:
===============
Date: 2025-02-15 17:20:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-02-15 17:20:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P5.50 12/20/2018
Motherboard: ASRock AB350M Pro4
Processor: AMD Ryzen 3 1200 Quad-Core Processor
Percentage of memory in use: 22%
Total physical RAM: 16316.98 MB
Available physical RAM: 12607.55 MB
Total Virtual: 22460.98 MB
Available Virtual: 17357.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.18 GB) (Free:354.14 GB) (Model: WDC WDS500G2B0B-00YS70) NTFS
Drive d: (HDD) (Fixed) (Total:931.5 GB) (Free:381.32 GB) (Model: ST1000DM010-2EP102) NTFS
Drive e: (F7) (Fixed) (Total:223.57 GB) (Free:109.19 GB) (Model: Patriot Burst) NTFS

\\?\Volume{f10482ee-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{f10482ee-0000-0000-0000-804e74000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: D0FFF5BA)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: F10482EE)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=546 MB) - (Type=27)

==================== End of Addition.txt =======================

Příspěvekod **jaro3** » 15 úno 2025 18:39

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
C:\6749525315573233238

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Votasini · Příspěvekod **Votasini** » 16 úno 2025 09:10

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-02-2025
Ran by jonas (16-02-2025 09:07:50) Run:1
Running from C:\Users\jonas\Downloads
Loaded Profiles: jonas & Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
C:\6749525315573233238

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

"C:\Windows\system32\GroupPolicy\Machine" Folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully

"C:\6749525315573233238" Folder move:

C:\6749525315573233238 => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27591455 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 450344452 B
Windows/system/drivers => 13665 B
Edge => 0 B
Chrome => 621950708 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 28218 B
NetworkService => 40036 B
jonas => 6405876 B
Administrator => 6422282 B

RecycleBin => 279040 B
EmptyTemp: => 1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 09:08:12 ====

Příspěvekod **jaro3** » 16 úno 2025 14:30

Čisto. Pokud je vše OK:

Stáhni si zde DelFix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Votasini · Příspěvekod **Votasini** » 16 úno 2025 15:02

# DelFix v1.010 - Logfile created 16/02/2025 at 15:01:34
# Updated 26/04/2015 by Xplode
# Username : jonas - DESKTOP-5H00PQG
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\jonas\Desktop\JRT.txt
Deleted : C:\Users\jonas\Downloads\Addition.txt
Deleted : C:\Users\jonas\Downloads\AdwCleaner.exe
Deleted : C:\Users\jonas\Downloads\Fixlog.txt
Deleted : C:\Users\jonas\Downloads\FRST.txt
Deleted : C:\Users\jonas\Downloads\FRST64.exe
Deleted : C:\Users\jonas\Downloads\JRT.exe
Deleted : C:\Users\jonas\Downloads\hijackthis.exe
Deleted : C:\Users\jonas\Downloads\hijackthis.log
Deleted : C:\Users\jonas\Downloads\RogueKiller_setup.exe
Deleted : C:\Users\jonas\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #3 [Scheduled Checkpoint | 02/11/2025 15:33:37]
Deleted : RP #4 [Windows Modules Installer | 02/12/2025 17:28:33]
Deleted : RP #5 [JRT Pre-Junkware Removal | 02/15/2025 14:56:40]
Deleted : RP #7 [Restore Point Created by FRST | 02/16/2025 08:07:51]

New restore point created !

########## - EOF - ##########

Log z Hijackthis Vyřešeno

Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Re: Log z Hijackthis

Kdo je online