Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu - velmi zvláštní chování PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Pla(hta
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 05 úno 2006 11:57
Kontaktovat uživatele:

Prosím o kontrolu logu - velmi zvláštní chování PC

#1 Příspěvek od Pla(hta »

Dobrý den,

moc bych chtěl poprosit o kontrolu logu. Mé PC se chová opravdu zvláštně.

Před nějakou dobou (cca 3 měsíce) se mi sami z ničeho nic u všeho obrazili dvě modré šipky (je to nějaký druh komprimace) - to by ničemu asi nevadilo ale je zvláštní , že "to samo". Poté mi přesně na silvestra zamrzl PC a již jsem ho nenastartoval. Neúspěšnou opravou jsem strávil cca 8 hodin čistého času (krásný vstup do nového roku) a nakonec jsem musel zvolit reinstalaci se zachováním souborů (neměl jsem kam přezálohovat). Šlo o chybu, která je známa na internetu, že Win10 nabíhají ale nenaběhnou a zběsile černě problikávají (těsně před zobrazením plochy). Žádný z asi 10 veřejně dostupných návodů nepomohl. PC se ale i po reinstalaci občas chová velmi zvláštně. Někdy mi například nefunguje internetové bankovnictví v Mozille a někdy zase v Chromu. PC občas udělá něco (teď si přesně nevybavuji co) že by se to dalo nazvat, že si žije svým životem.
Dnes jsem například instaloval uTorrent klient nejnovější verzi 3.5.5. a po nainstalování se mi spustila sama Mozilla a na liště záložek měla přes prvních pár záložek nějaký text. Navíc po otevření ji nelze používat a nejde ji ani zavřít (pouze klik pravým na startu a vypnout). Zkoušel jsem aktualizaci, opravu, uninstall a install (vše vždy s restartem PC) a stále nefunkční.

Trochu se obávám abych neměl v PC nějakého vira nebo něco podobného. Případně pokud by to šlo vyřešit bez bez formátu disku a nových čistých Win, tak bych byl velmi rád.

Moc předem děkuji za jakékoli rady.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by Komp (administrator) on DESKTOP-G3HVVNN (MSI MS-7971) (17-02-2021 01:30:43)
Running from C:\Users\Komp\Desktop
Loaded Profiles: defaultuser0 & Komp
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_70e7e4392a76adb3\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e1af50d1bed26d14\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e1af50d1bed26d14\IntelCpHeciSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Thesycon Software Solutions GmbH & Co. KG) [File not signed] C:\Program Files\Questyle\Questyle_USB_Audio_Driver\W10_x64\QuestyleAudioCplApp.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-10] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0682F9C3-9BB5-4D3F-89FD-D2CF61E59079} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {183829B5-6A3A-4755-810C-93039E9D18FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {1E680A83-6870-4662-A83D-48C190826036} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4ACF858C-AC0F-493A-8CF9-584CEE9E43AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {4E82C92A-E877-4308-A4C5-7198BFD756CD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6CAEB266-65A8-49B1-BA9C-6363BA51A6EF} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {6E450F7F-726A-4FAC-A1EF-AF26EB78A8DD} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {92BDB1C6-C751-460E-9CDD-B70AE7C2781A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
Task: {9D7796DB-B1E7-4DC4-8798-205ED5034BE7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2021-01-03] (Avast Software s.r.o. -> Avast Software)
Task: {A311DE8B-755D-4CAB-9221-71FB9C53433D} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D7ABB832-42DC-4C94-AA19-62A6C9C64EFB} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DFEFEDC0-692E-42CD-BF09-83A736663232} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {E467F173-E8E8-4B1A-A436-5E26C4C95837} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-G3HVVNN-Komp => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {FAFA8FD2-280B-49E6-8510-76C81D012EE0} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{f8437dc0-d8cf-4153-9b48-b7f3f7bb42e8}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-17]
Edge Extension: (Outlook) - C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-01]
Edge Extension: (Word) - C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-01]
Edge Extension: (Excel) - C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-01]
Edge Extension: (PowerPoint) - C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-01-01]

FireFox:
========
FF DefaultProfile: 9tn15tp0.default
FF ProfilePath: C:\Users\Komp\AppData\Roaming\Mozilla\Firefox\Profiles\9tn15tp0.default [2021-01-01]
FF ProfilePath: C:\Users\Komp\AppData\Roaming\Mozilla\Firefox\Profiles\567nxm6j.default-release-1613520298906 [2021-02-17]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-15] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default [2021-02-17]
CHR Extension: (Prezentace) - C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-02]
CHR Extension: (Dokumenty) - C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-02]
CHR Extension: (Disk Google) - C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-02]
CHR Extension: (YouTube) - C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-02]
CHR Extension: (Tabulky) - C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-02]
CHR Extension: (Chrome Media Router) - C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2020-12-23] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2020-12-23] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2020-12-23] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129232 2020-12-23] (Comodo Security Solutions, Inc. -> COMODO)
R3 questyleaudio; C:\WINDOWS\System32\drivers\questyleaudio.sys [275104 2017-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R3 questyleaudioks; C:\WINDOWS\System32\drivers\questyleaudioks.sys [52384 2017-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-01-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-01-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-17 01:30 - 2021-02-17 01:30 - 000016499 ____C C:\Users\Komp\Desktop\FRST.txt
2021-02-17 01:30 - 2021-02-17 01:30 - 000016499 ____C C:\Users\Komp\Desktop\FRST.txt
2021-02-17 01:27 - 2021-02-17 01:27 - 002297856 ____C (Farbar) C:\Users\Komp\Downloads\FRST64 (1).exe
2021-02-17 01:27 - 2021-02-17 01:27 - 002297856 ____C (Farbar) C:\Users\Komp\Downloads\FRST64 (1).exe
2021-02-17 01:27 - 2021-02-17 01:27 - 002297856 ____C (Farbar) C:\Users\Komp\Desktop\FRST64.exe
2021-02-17 01:27 - 2021-02-17 01:27 - 002297856 ____C (Farbar) C:\Users\Komp\Desktop\FRST64.exe
2021-02-17 01:08 - 2021-02-17 01:08 - 000000907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-17 01:08 - 2021-02-17 01:08 - 000000907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-17 01:08 - 2021-02-17 01:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-17 01:08 - 2021-02-17 01:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-17 01:08 - 2021-02-17 01:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-17 01:05 - 2021-02-17 01:05 - 000000000 ___DC C:\Users\Komp\Desktop\Původní data aplikace Firefox
2021-02-17 01:05 - 2021-02-17 01:05 - 000000000 ___DC C:\Users\Komp\Desktop\Původní data aplikace Firefox
2021-02-17 01:03 - 2021-02-17 01:03 - 002096046 ____C C:\Users\Komp\Desktop\bookmarks.html
2021-02-17 01:03 - 2021-02-17 01:03 - 002096046 ____C C:\Users\Komp\Desktop\bookmarks.html
2021-02-17 01:03 - 2021-02-17 01:03 - 000841674 ____C C:\Users\Komp\Desktop\bookmarks-2021-02-17.json
2021-02-17 01:03 - 2021-02-17 01:03 - 000841674 ____C C:\Users\Komp\Desktop\bookmarks-2021-02-17.json
2021-02-17 01:00 - 2021-02-17 01:01 - 056219280 ____C (Mozilla) C:\Users\Komp\Downloads\Firefox Setup 85.0.2.exe
2021-02-17 01:00 - 2021-02-17 01:01 - 056219280 ____C (Mozilla) C:\Users\Komp\Downloads\Firefox Setup 85.0.2.exe
2021-02-17 00:54 - 2021-02-17 00:54 - 000000000 ____D C:\Users\Komp\AppData\Local\BitTorrentHelper
2021-02-17 00:54 - 2021-02-17 00:54 - 000000000 ____D C:\Users\Komp\AppData\Local\BitTorrentHelper
2021-02-17 00:53 - 2021-02-17 00:54 - 000000000 ___DC C:\Users\Komp\AppData\LocalLow\uTorrent
2021-02-17 00:53 - 2021-02-17 00:54 - 000000000 ___DC C:\Users\Komp\AppData\LocalLow\uTorrent
2021-02-17 00:39 - 2021-02-17 00:39 - 000024413 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E04(0000339601).srt
2021-02-17 00:39 - 2021-02-17 00:39 - 000024413 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E04(0000339601).srt
2021-02-17 00:38 - 2021-02-17 00:38 - 000019936 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E03(0000339290).srt
2021-02-17 00:38 - 2021-02-17 00:38 - 000019936 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E03(0000339290).srt
2021-02-17 00:36 - 2021-02-17 00:37 - 000015629 _____ C:\Users\Komp\Downloads\The.Mandalorian.S02E02.Chapter.10.The.Passenger.2160p.WEB-DL.DDP5.1.Atmos.DV.HEVC-MZABI.[cz].srt
2021-02-17 00:36 - 2021-02-17 00:37 - 000015629 _____ C:\Users\Komp\Downloads\The.Mandalorian.S02E02.Chapter.10.The.Passenger.2160p.WEB-DL.DDP5.1.Atmos.DV.HEVC-MZABI.[cz].srt
2021-02-17 00:35 - 2021-02-17 00:35 - 000024430 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E07(0000340741).srt
2021-02-17 00:35 - 2021-02-17 00:35 - 000024430 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E07(0000340741).srt
2021-02-17 00:35 - 2021-02-17 00:35 - 000020037 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E08(0000341040).srt
2021-02-17 00:35 - 2021-02-17 00:35 - 000020037 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E08(0000341040).srt
2021-02-17 00:35 - 2021-02-17 00:35 - 000017132 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E05(0000340013).srt
2021-02-17 00:35 - 2021-02-17 00:35 - 000017132 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E05(0000340013).srt
2021-02-17 00:35 - 2021-02-17 00:35 - 000014257 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E06(0000340378).srt
2021-02-17 00:35 - 2021-02-17 00:35 - 000014257 _____ C:\Users\Komp\Downloads\The-Mandalorian-S02E06(0000340378).srt
2021-02-17 00:34 - 2021-02-17 00:34 - 000024296 _____ C:\Users\Komp\Downloads\The.Mandalorian.S02E01.Chapter 9.The.Marshal.2160p.WEB-DL.DDP5.1.Atmos.DV.HEVC-MZABI.[cz].srt
2021-02-17 00:34 - 2021-02-17 00:34 - 000024296 _____ C:\Users\Komp\Downloads\The.Mandalorian.S02E01.Chapter 9.The.Marshal.2160p.WEB-DL.DDP5.1.Atmos.DV.HEVC-MZABI.[cz].srt
2021-02-15 23:37 - 2021-02-15 23:37 - 000248575 _____ C:\Users\Komp\Downloads\0001.pdf
2021-02-15 23:37 - 2021-02-15 23:37 - 000248575 _____ C:\Users\Komp\Downloads\0001.pdf
2021-02-14 14:35 - 2021-02-14 14:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-11 22:26 - 2021-02-16 23:35 - 000000000 ___DC C:\Users\Komp\Desktop\The.Mandalorian.S01E08.1080p.WEBRiP.x264-PETRiFiED
2021-02-11 22:26 - 2021-02-16 23:35 - 000000000 ___DC C:\Users\Komp\Desktop\The.Mandalorian.S01E08.1080p.WEBRiP.x264-PETRiFiED
2021-02-11 22:01 - 2021-02-11 22:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 22:00 - 2021-02-11 22:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-11 22:00 - 2021-02-11 22:00 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-11 22:00 - 2021-02-11 22:00 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-11 22:00 - 2021-02-11 22:00 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-09 22:05 - 2021-02-09 22:05 - 000005066 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E02(0000320188).srt
2021-02-09 22:05 - 2021-02-09 22:05 - 000005066 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E02(0000320188).srt
2021-02-09 22:04 - 2021-02-09 22:04 - 000006088 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E02(0000320151)(1).srt
2021-02-09 22:04 - 2021-02-09 22:04 - 000006088 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E02(0000320151)(1).srt
2021-02-09 22:02 - 2021-02-09 22:02 - 000005066 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E02(0000320186).srt
2021-02-09 22:02 - 2021-02-09 22:02 - 000005066 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E02(0000320186).srt
2021-02-09 21:59 - 2021-02-09 21:59 - 000012543 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E03(0000320707).srt
2021-02-09 21:59 - 2021-02-09 21:59 - 000012543 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E03(0000320707).srt
2021-02-09 21:55 - 2021-02-09 21:55 - 000006088 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E02(0000320151).srt
2021-02-09 21:55 - 2021-02-09 21:55 - 000006088 _____ C:\Users\Komp\Downloads\The-Mandalorian-S01E02(0000320151).srt
2021-02-09 20:12 - 2021-02-09 20:12 - 000000000 ____D C:\Users\Komp\AppData\Roaming\calibre
2021-02-09 20:12 - 2021-02-09 20:12 - 000000000 ____D C:\Users\Komp\AppData\Roaming\calibre
2021-02-09 20:12 - 2021-02-09 20:12 - 000000000 ____D C:\Users\Komp\AppData\Local\calibre-parallel
2021-02-09 20:12 - 2021-02-09 20:12 - 000000000 ____D C:\Users\Komp\AppData\Local\calibre-parallel
2021-02-09 20:12 - 2021-02-09 20:12 - 000000000 ____D C:\Users\Komp\AppData\Local\calibre-cache
2021-02-09 20:12 - 2021-02-09 20:12 - 000000000 ____D C:\Users\Komp\AppData\Local\calibre-cache
2021-02-09 20:12 - 2021-02-09 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-02-09 20:12 - 2021-02-09 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-02-09 20:12 - 2021-02-09 20:12 - 000000000 ____D C:\Program Files (x86)\Calibre2
2021-02-09 19:59 - 2021-02-09 19:59 - 115367936 ____C C:\Users\Komp\Downloads\calibre-5.10.1.msi
2021-02-09 19:59 - 2021-02-09 19:59 - 115367936 ____C C:\Users\Komp\Downloads\calibre-5.10.1.msi
2021-02-09 19:40 - 2021-02-09 19:53 - 000000000 ___DC C:\Users\Komp\Desktop\knizky
2021-02-09 19:40 - 2021-02-09 19:53 - 000000000 ___DC C:\Users\Komp\Desktop\knizky
2021-02-08 22:18 - 2021-02-17 01:07 - 000000000 ____D C:\Intel
2021-02-07 21:30 - 2021-02-07 21:30 - 000969609 ____C C:\Users\Komp\Downloads\Kroky vraha - Michaela Klevisova.epub
2021-02-07 21:30 - 2021-02-07 21:30 - 000969609 ____C C:\Users\Komp\Downloads\Kroky vraha - Michaela Klevisova.epub
2021-02-07 21:30 - 2021-02-07 21:30 - 000614930 ____C C:\Users\Komp\Downloads\Dum na samote - Michaela Klevisova.epub
2021-02-07 21:30 - 2021-02-07 21:30 - 000614930 ____C C:\Users\Komp\Downloads\Dum na samote - Michaela Klevisova.epub
2021-02-07 21:27 - 2021-02-07 21:28 - 002738408 ____C C:\Users\Komp\Downloads\osudny-slib-pripady-kim-stoneove-9-_angela-marsonsova_palmknihy.mobi
2021-02-07 21:27 - 2021-02-07 21:28 - 002738408 ____C C:\Users\Komp\Downloads\osudny-slib-pripady-kim-stoneove-9-_angela-marsonsova_palmknihy.mobi
2021-02-07 14:44 - 2021-02-07 14:45 - 000000000 ____D C:\Users\Komp\AppData\Local\TomTom
2021-02-07 14:44 - 2021-02-07 14:45 - 000000000 ____D C:\Users\Komp\AppData\Local\TomTom
2021-02-07 14:44 - 2021-02-07 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2021-02-07 14:44 - 2021-02-07 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2021-02-07 14:43 - 2021-02-07 14:44 - 000000000 ____D C:\Program Files (x86)\MyDrive Connect
2021-02-07 14:43 - 2021-02-07 14:43 - 070399232 _____ (TomTom International B.V.) C:\Users\Komp\Downloads\InstallTomTomMyDriveConnect.exe
2021-02-07 14:43 - 2021-02-07 14:43 - 070399232 _____ (TomTom International B.V.) C:\Users\Komp\Downloads\InstallTomTomMyDriveConnect.exe
2021-02-07 00:31 - 2021-02-07 00:31 - 000000000 ___DC C:\Users\Komp\Desktop\videa
2021-02-07 00:31 - 2021-02-07 00:31 - 000000000 ___DC C:\Users\Komp\Desktop\videa
2021-02-07 00:26 - 2020-06-07 20:40 - 002832852 ____C C:\Users\Komp\Desktop\Aakash Gandhi - Borderless (No Copyright Music) (152kbit_Opus).ogg
2021-02-07 00:26 - 2020-06-07 20:40 - 002832852 ____C C:\Users\Komp\Desktop\Aakash Gandhi - Borderless (No Copyright Music) (152kbit_Opus).ogg
2021-02-06 23:12 - 2021-02-06 23:13 - 000000000 ___DC C:\Users\Komp\Desktop\222
2021-02-06 23:12 - 2021-02-06 23:13 - 000000000 ___DC C:\Users\Komp\Desktop\222
2021-02-06 23:09 - 2021-02-06 23:10 - 000000000 ___DC C:\Users\Komp\Desktop\001
2021-02-06 23:09 - 2021-02-06 23:10 - 000000000 ___DC C:\Users\Komp\Desktop\001
2021-02-06 22:41 - 2021-02-06 22:59 - 000000000 ___DC C:\Users\Komp\Desktop\kulisarny
2021-02-06 22:41 - 2021-02-06 22:59 - 000000000 ___DC C:\Users\Komp\Desktop\kulisarny
2021-02-04 23:32 - 2021-02-04 23:32 - 000000000 ___DC C:\Users\Komp\Desktop\KIKI_VIKI
2021-02-04 23:32 - 2021-02-04 23:32 - 000000000 ___DC C:\Users\Komp\Desktop\KIKI_VIKI
2021-02-04 23:29 - 2021-02-04 23:30 - 000000000 ___DC C:\Users\Komp\Desktop\H_A_M_ALL
2021-02-04 23:29 - 2021-02-04 23:30 - 000000000 ___DC C:\Users\Komp\Desktop\H_A_M_ALL
2021-02-04 23:10 - 2021-02-04 23:36 - 000000000 ___DC C:\Users\Komp\Desktop\Hotovo EDIT
2021-02-04 23:10 - 2021-02-04 23:36 - 000000000 ___DC C:\Users\Komp\Desktop\Hotovo EDIT
2021-02-01 23:11 - 2021-02-04 23:29 - 000000000 ___DC C:\Users\Komp\Desktop\HOTOV_ZALOHOVAT
2021-02-01 23:11 - 2021-02-04 23:29 - 000000000 ___DC C:\Users\Komp\Desktop\HOTOV_ZALOHOVAT
2021-01-29 20:24 - 2021-01-29 20:24 - 001167972 ____C C:\Users\Komp\Downloads\Enoch Suzanne - Pulnocni setkani - Enoch Suzanne.mobi
2021-01-29 20:24 - 2021-01-29 20:24 - 001167972 ____C C:\Users\Komp\Downloads\Enoch Suzanne - Pulnocni setkani - Enoch Suzanne.mobi
2021-01-28 22:31 - 2021-01-28 22:31 - 000000000 ___DC C:\Users\Komp\Desktop\ISLAND videa
2021-01-28 22:31 - 2021-01-28 22:31 - 000000000 ___DC C:\Users\Komp\Desktop\ISLAND videa
2021-01-26 08:01 - 2021-01-26 08:01 - 000359863 _____ C:\Users\Komp\Downloads\document2017-12-19-185605.pdf
2021-01-26 08:01 - 2021-01-26 08:01 - 000359863 _____ C:\Users\Komp\Downloads\document2017-12-19-185605.pdf
2021-01-25 23:56 - 2021-02-04 23:30 - 000000000 ___DC C:\Users\Komp\Desktop\1 FOTO resit
2021-01-25 23:56 - 2021-02-04 23:30 - 000000000 ___DC C:\Users\Komp\Desktop\1 FOTO resit
2021-01-25 23:49 - 2021-02-07 00:26 - 000000000 ___DC C:\Users\Komp\Desktop\FOTO
2021-01-25 23:49 - 2021-02-07 00:26 - 000000000 ___DC C:\Users\Komp\Desktop\FOTO
2021-01-24 00:41 - 2021-01-25 08:06 - 000001019 ____C C:\Users\Komp\Desktop\plnamoc2.txt
2021-01-24 00:41 - 2021-01-25 08:06 - 000001019 ____C C:\Users\Komp\Desktop\plnamoc2.txt
2021-01-24 00:37 - 2021-01-25 08:09 - 000000000 ___DC C:\Users\Komp\Desktop\plnamoc
2021-01-24 00:37 - 2021-01-25 08:09 - 000000000 ___DC C:\Users\Komp\Desktop\plnamoc
2021-01-24 00:37 - 2021-01-25 08:06 - 000001047 ____C C:\Users\Komp\Desktop\plnamoc1.txt
2021-01-24 00:37 - 2021-01-25 08:06 - 000001047 ____C C:\Users\Komp\Desktop\plnamoc1.txt
2021-01-24 00:24 - 2021-01-24 00:24 - 000431150 _____ C:\Users\Komp\Downloads\9940e8e5774d1014a65623f2cb25eabf.pdf
2021-01-24 00:24 - 2021-01-24 00:24 - 000431150 _____ C:\Users\Komp\Downloads\9940e8e5774d1014a65623f2cb25eabf.pdf
2021-01-24 00:24 - 2021-01-24 00:24 - 000404552 _____ C:\Users\Komp\Downloads\evlist_domacnosti.pdf
2021-01-24 00:24 - 2021-01-24 00:24 - 000404552 _____ C:\Users\Komp\Downloads\evlist_domacnosti.pdf
2021-01-24 00:24 - 2021-01-24 00:24 - 000364871 _____ C:\Users\Komp\Downloads\b8010981878d1b44825b0a40551aa4e0.pdf
2021-01-24 00:24 - 2021-01-24 00:24 - 000364871 _____ C:\Users\Komp\Downloads\b8010981878d1b44825b0a40551aa4e0.pdf
2021-01-20 01:59 - 2021-01-20 01:59 - 000000000 ___DC C:\Users\Komp\AppData\LocalLow\Oracle
2021-01-20 01:59 - 2021-01-20 01:59 - 000000000 ___DC C:\Users\Komp\AppData\LocalLow\Oracle
2021-01-18 21:09 - 2021-01-18 21:09 - 001721174 _____ C:\Users\Komp\Downloads\PP_prehlaseni_MARIE_LUKAVSKA.pdf
2021-01-18 21:09 - 2021-01-18 21:09 - 001721174 _____ C:\Users\Komp\Downloads\PP_prehlaseni_MARIE_LUKAVSKA.pdf
2021-01-18 21:09 - 2021-01-18 21:09 - 000599811 _____ C:\Users\Komp\Downloads\PRE_prehlaseni_MARIE_LUKAVSKA.pdf
2021-01-18 21:09 - 2021-01-18 21:09 - 000599811 _____ C:\Users\Komp\Downloads\PRE_prehlaseni_MARIE_LUKAVSKA.pdf
2021-01-18 11:43 - 2021-01-18 11:43 - 001115979 _____ C:\Users\Komp\Downloads\Hana_Marie_Kornerova_Laska_a_zast.epub
2021-01-18 11:43 - 2021-01-18 11:43 - 001115979 _____ C:\Users\Komp\Downloads\Hana_Marie_Kornerova_Laska_a_zast.epub
2021-01-18 11:42 - 2021-01-18 11:42 - 000665879 _____ C:\Users\Komp\Downloads\leopard a orchidej CZ.epub
2021-01-18 11:42 - 2021-01-18 11:42 - 000665879 _____ C:\Users\Komp\Downloads\leopard a orchidej CZ.epub
2021-01-18 01:12 - 2021-01-18 01:12 - 006595803 _____ C:\Users\Komp\Downloads\0002(1).pdf
2021-01-18 01:12 - 2021-01-18 01:12 - 006595803 _____ C:\Users\Komp\Downloads\0002(1).pdf
2021-01-18 01:12 - 2021-01-18 01:12 - 002150961 _____ C:\Users\Komp\Downloads\0001(1).pdf
2021-01-18 01:12 - 2021-01-18 01:12 - 002150961 _____ C:\Users\Komp\Downloads\0001(1).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-17 01:30 - 2020-06-01 22:14 - 000000000 ____D C:\FRST
2021-02-17 01:14 - 2021-01-01 12:20 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-17 01:14 - 2021-01-01 12:03 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-17 01:14 - 2021-01-01 12:03 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-17 01:14 - 2021-01-01 12:00 - 000000000 ____D C:\WINDOWS\INF
2021-02-17 01:13 - 2021-01-03 00:04 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-17 01:13 - 2021-01-03 00:04 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-17 01:09 - 2021-01-01 12:01 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-17 01:09 - 2021-01-01 12:01 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-17 01:08 - 2021-01-01 21:29 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-17 01:08 - 2021-01-01 21:29 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-17 01:08 - 2019-04-16 20:53 - 000000000 ___DC C:\Users\Komp\AppData\LocalLow\Mozilla
2021-02-17 01:08 - 2019-04-16 20:53 - 000000000 ___DC C:\Users\Komp\AppData\LocalLow\Mozilla
2021-02-17 01:07 - 2021-01-01 12:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-17 01:07 - 2020-08-14 23:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-17 01:06 - 2021-01-01 11:58 - 000065536 _____ C:\WINDOWS\system32\config\BBI
2021-02-17 00:52 - 2021-01-03 00:03 - 000000000 ____D C:\Users\Komp\AppData\Roaming\foobar2000
2021-02-17 00:52 - 2021-01-03 00:03 - 000000000 ____D C:\Users\Komp\AppData\Roaming\foobar2000
2021-02-17 00:13 - 2021-01-01 12:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-17 00:00 - 2021-01-03 22:56 - 000002772 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-G3HVVNN-Komp
2021-02-17 00:00 - 2021-01-03 00:01 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-17 00:00 - 2021-01-02 21:14 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-17 00:00 - 2021-01-02 21:14 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-17 00:00 - 2021-01-01 21:33 - 000000000 ____D C:\Users\Komp\AppData\Roaming\vlc
2021-02-17 00:00 - 2021-01-01 21:33 - 000000000 ____D C:\Users\Komp\AppData\Roaming\vlc
2021-02-17 00:00 - 2021-01-01 12:22 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3610397936-3068506167-2246478767-1001
2021-02-17 00:00 - 2021-01-01 12:14 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-02-17 00:00 - 2021-01-01 12:10 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-17 00:00 - 2021-01-01 12:10 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-16 23:35 - 2021-01-03 00:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-02-16 22:49 - 2021-01-01 12:01 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-16 22:49 - 2021-01-01 12:01 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-16 14:06 - 2021-01-03 00:01 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-16 14:06 - 2021-01-03 00:01 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-16 13:56 - 2021-01-02 23:59 - 000000000 ____D C:\Users\Komp\AppData\Local\Adobe
2021-02-16 13:56 - 2021-01-02 23:59 - 000000000 ____D C:\Users\Komp\AppData\Local\Adobe
2021-02-13 23:38 - 2021-01-01 12:10 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-13 23:38 - 2021-01-01 12:10 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-11 22:45 - 2021-01-01 12:11 - 000000000 ____D C:\Users\defaultuser0
2021-02-11 22:45 - 2021-01-01 12:08 - 000258960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-11 22:45 - 2021-01-01 12:01 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-11 22:45 - 2021-01-01 12:01 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-11 22:45 - 2021-01-01 12:01 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-11 22:45 - 2021-01-01 12:01 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-11 22:45 - 2021-01-01 12:01 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-11 22:45 - 2021-01-01 12:01 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-11 22:45 - 2021-01-01 12:01 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-11 22:45 - 2021-01-01 12:01 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-11 22:45 - 2021-01-01 12:01 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 22:45 - 2021-01-01 11:58 - 000000000 ____D C:\WINDOWS\servicing
2021-02-11 22:03 - 2021-01-01 11:58 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-11 21:57 - 2021-01-03 00:05 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-10 09:06 - 2021-01-02 21:14 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-10 09:06 - 2021-01-02 21:14 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-09 21:51 - 2021-01-01 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-09 21:50 - 2021-01-01 12:34 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-09 20:17 - 2020-06-03 19:05 - 000000000 ___DC C:\Users\Komp\Knihovna Calibre
2021-02-09 20:17 - 2020-06-03 19:05 - 000000000 ___DC C:\Users\Komp\Knihovna Calibre
2021-02-09 19:42 - 2021-01-01 12:11 - 000002362 ____C C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-09 19:42 - 2021-01-01 12:11 - 000002362 ____C C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-09 19:42 - 2019-04-16 20:24 - 000000000 __RDC C:\Users\Komp\OneDrive
2021-02-09 19:42 - 2019-04-16 20:24 - 000000000 __RDC C:\Users\Komp\OneDrive
2021-02-09 19:37 - 2021-01-11 09:52 - 000000000 ____D C:\Users\Komp\AppData\Local\CrashDumps
2021-02-09 19:37 - 2021-01-11 09:52 - 000000000 ____D C:\Users\Komp\AppData\Local\CrashDumps
2021-02-07 21:21 - 2019-04-16 20:30 - 000000000 _SHDC C:\Users\Komp\IntelGraphicsProfiles
2021-02-07 21:21 - 2019-04-16 20:30 - 000000000 _SHDC C:\Users\Komp\IntelGraphicsProfiles
2021-02-07 14:44 - 2021-01-09 23:39 - 000000000 ____D C:\Users\Komp\AppData\Local\D3DSCache
2021-02-07 14:44 - 2021-01-09 23:39 - 000000000 ____D C:\Users\Komp\AppData\Local\D3DSCache
2021-02-07 14:44 - 2021-01-03 21:59 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-07 14:44 - 2021-01-03 21:59 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-07 00:31 - 2020-07-16 20:31 - 000000000 ___DC C:\Users\Komp\Downloads\Norah Jones - Take It Away (2019) [Single, 24bit Hi-Res]
2021-02-07 00:31 - 2020-07-16 20:31 - 000000000 ___DC C:\Users\Komp\Downloads\Norah Jones - Take It Away (2019) [Single, 24bit Hi-Res]
2021-02-07 00:29 - 2020-07-16 20:52 - 000000000 ___DC C:\Users\Komp\Downloads\Alanis Morissette - Reckoning (2020) [Hi-Res stereo single]
2021-02-07 00:29 - 2020-07-16 20:52 - 000000000 ___DC C:\Users\Komp\Downloads\Alanis Morissette - Reckoning (2020) [Hi-Res stereo single]
2021-02-06 00:21 - 2020-03-24 20:30 - 000000000 ___DC C:\Users\Komp\Desktop\zPlochy MOBILY
2021-02-06 00:21 - 2020-03-24 20:30 - 000000000 ___DC C:\Users\Komp\Desktop\zPlochy MOBILY
2021-02-04 23:40 - 2021-01-01 03:43 - 000000000 ____D C:\ZALOHA PLOCHY
2021-01-28 22:49 - 2021-01-01 12:19 - 000000000 ____D C:\Users\Komp\AppData\Local\Packages
2021-01-28 22:49 - 2021-01-01 12:19 - 000000000 ____D C:\Users\Komp\AppData\Local\Packages
2021-01-26 00:12 - 2020-03-24 20:28 - 000000000 ___DC C:\Users\Komp\Desktop\zPlochy VIDEA
2021-01-26 00:12 - 2020-03-24 20:28 - 000000000 ___DC C:\Users\Komp\Desktop\zPlochy VIDEA
2021-01-25 23:47 - 2019-06-09 15:47 - 000000000 ___DC C:\Users\Komp\Desktop\FLESKA
2021-01-25 23:47 - 2019-06-09 15:47 - 000000000 ___DC C:\Users\Komp\Desktop\FLESKA
2021-01-20 02:35 - 2021-01-15 23:19 - 000000000 ____D C:\Program Files\Java
2021-01-20 02:35 - 2020-07-21 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-01-20 02:35 - 2020-07-21 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-01-20 02:34 - 2021-01-15 23:19 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by Komp (17-02-2021 01:32:05)
Running from C:\Users\Komp\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2021-01-01 11:19:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3610397936-3068506167-2246478767-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3610397936-3068506167-2246478767-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3610397936-3068506167-2246478767-1000 - Limited - Enabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3610397936-3068506167-2246478767-501 - Limited - Disabled)
Komp (S-1-5-21-3610397936-3068506167-2246478767-1001 - Administrator - Enabled) => C:\Users\Komp
WDAGUtilityAccount (S-1-5-21-3610397936-3068506167-2246478767-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20138 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.14 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
calibre (HKLM-x32\...\{F19FED6E-6A85-40A4-AAF8-DB240114481C}) (Version: 5.10.1 - Kovid Goyal)
COMODO Firewall (HKLM\...\{9D9A22A4-C382-4340-9843-AB8C54FC9D49}) (Version: 12.2.2.7098 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7098 - COMODO Security Solutions Inc.)
Excel (HKU\S-1-5-21-3610397936-3068506167-2246478767-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
foobar2000 v1.6.2 (HKLM-x32\...\foobar2000) (Version: 1.6.2 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Intel(R) Graphics Driver Software (HKLM-x32\...\{2e312ef6-e0d3-4dc4-bce3-1fc8264ddb12}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
IrfanView 4.56 (64-bit) (HKLM\...\IrfanView64) (Version: 4.56 - Irfan Skiljan)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-3610397936-3068506167-2246478767-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
Outlook (HKU\S-1-5-21-3610397936-3068506167-2246478767-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-3610397936-3068506167-2246478767-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Questyle Hi-end USB Audio v4.11.0 (HKLM-x32\...\Software_Questyle_questyleaudio_Setup) (Version: 4.11.0 - Questyle)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
TomTom MyDrive Connect 4.2.11.4200 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.11.4200 - TomTom)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Warblade 1.33 (HKLM-x32\...\{975E691C-D9EF-4CFB-A9C7-AB44F4201B0C}_is1) (Version: - EMV Software AS)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Word (HKU\S-1-5-21-3610397936-3068506167-2246478767-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-29] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-01-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-01-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-01-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-01-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\Komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-01-15 23:24 - 2017-05-03 09:04 - 000236032 _____ (Thesycon Software Solutions GmbH & Co. KG) [File not signed] C:\Program Files\Questyle\Questyle_USB_Audio_Driver\W10_x64\questyleaudioapi.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-01-20] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-01-01 12:01 - 2021-01-01 12:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-3610397936-3068506167-2246478767-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3610397936-3068506167-2246478767-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F1DAC097-BB22-446E-9DA1-B7CB0391FAC3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F6B25F5-2AC8-4F27-92F1-0671B00523BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E158415-6D8D-4FCD-8FA7-E4D623D0772B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B997C2F-D1F5-424F-B990-83510CBE7703}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AFC5AA8-4B69-40E3-8006-31A17293CC10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5C5F9F6-671A-494B-846F-7C7548F36C2E}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [{0DF56400-F272-4166-8502-F9749231F637}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/17/2021 01:08:49 AM) (Source: Firefox) (EventID: 5) (User: )
Description: Event-ID 5

Error: (02/17/2021 01:06:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Un_A.exe verze 1.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 20a4

Čas spuštění: 01d704c0a0448890

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Komp\AppData\Local\Temp\~nsuA.tmp\Un_A.exe

ID hlášení: 4f50d4c6-6752-4ad7-a720-f7ee4484fac7

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (02/17/2021 12:53:55 AM) (Source: Firefox) (EventID: 5) (User: )
Description: Event-ID 5

Error: (02/09/2021 07:37:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.746, časové razítko: 0xca234864
Název chybujícího modulu: Explorer.EXE, verze: 10.0.19041.746, časové razítko: 0xca234864
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001a7fcb
ID chybujícího procesu: 0x1604
Čas spuštění chybující aplikace: 0x01d6ff128a85e108
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\Explorer.EXE
ID zprávy: 11c6b857-6ff6-47c0-b7fa-7f7f22de6a45
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/07/2021 02:44:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (01/12/2021 12:43:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfx_win10_100.9126.exe, verze: 3.11.1.0, časové razítko: 0x5d807032
Název chybujícího modulu: igfx_win10_100.9126.exe, verze: 3.11.1.0, časové razítko: 0x5d807032
Kód výjimky: 0xc000041d
Posun chyby: 0x0001e83c
ID chybujícího procesu: 0x1b8c
Čas spuštění chybující aplikace: 0x01d6e8737155438d
Cesta k chybující aplikaci: C:\ProgramData\Package Cache\{2e312ef6-e0d3-4dc4-bce3-1fc8264ddb12}\igfx_win10_100.9126.exe
Cesta k chybujícímu modulu: C:\ProgramData\Package Cache\{2e312ef6-e0d3-4dc4-bce3-1fc8264ddb12}\igfx_win10_100.9126.exe
ID zprávy: 2187c6d1-8123-474b-829a-1118042eac3a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2021 12:43:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfx_win10_100.9126.exe, verze: 3.11.1.0, časové razítko: 0x5d807032
Název chybujícího modulu: igfx_win10_100.9126.exe, verze: 3.11.1.0, časové razítko: 0x5d807032
Kód výjimky: 0xc0000005
Posun chyby: 0x0001e83c
ID chybujícího procesu: 0x1b8c
Čas spuštění chybující aplikace: 0x01d6e8737155438d
Cesta k chybující aplikaci: C:\ProgramData\Package Cache\{2e312ef6-e0d3-4dc4-bce3-1fc8264ddb12}\igfx_win10_100.9126.exe
Cesta k chybujícímu modulu: C:\ProgramData\Package Cache\{2e312ef6-e0d3-4dc4-bce3-1fc8264ddb12}\igfx_win10_100.9126.exe
ID zprávy: 9cf0196e-a51d-4af2-8ed2-2e97ee9f5337
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2021 12:43:37 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: igfx_win10_100.9126.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 0042E83C


System errors:
=============
Error: (02/17/2021 01:07:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/17/2021 01:07:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) HD Graphics Control Panel Service bylo dosaženo časového limitu (45000 ms).

Error: (02/17/2021 01:00:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/17/2021 01:00:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) HD Graphics Control Panel Service bylo dosaženo časového limitu (45000 ms).

Error: (02/17/2021 12:56:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/17/2021 12:56:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) HD Graphics Control Panel Service bylo dosaženo časového limitu (45000 ms).

Error: (02/14/2021 07:43:29 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (02/11/2021 10:46:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Windows Defender:
================
Date: 2021-01-02 20:13:18
Description:
Prohled�v�n� Antivirov� ochrana v programu Microsoft Defender bylo zastaveno p�ed dokon�en�m.
ID prohled�v�n�: {1EC0C961-E936-4B30-8424-7AB431F19F02}
Typ prohled�v�n�: Antimalwarov� program
Parametry prohled�v�n�: Rychl� prohled�v�n�
U�ivatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-02-17 01:29:22
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-02-17 01:27:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. C.E0 06/27/2018
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz
Percentage of memory in use: 25%
Total physical RAM: 16276.2 MB
Available physical RAM: 12146.21 MB
Total Virtual: 18708.2 MB
Available Virtual: 14878.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.4 GB) (Free:61.17 GB) NTFS

\\?\Volume{1f5800ec-0cb9-47a3-a42c-198252b47ff5}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{65b3ec08-cab3-49d5-ab8b-53c9e0775528}\ () (Fixed) (Total:0.81 GB) (Free:0.39 GB) NTFS
\\?\Volume{3f97b498-645e-40b4-9033-74132fc02343}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu - velmi zvláštní chování PC

#2 Příspěvek od JaRon »

ahoj,
toto nevypada na virovy problem
1. pozri aka je velkost adresara plocha :???: ak presahuje 1GB poupratuj
2. spust s príkazového riadku ako spravca sfc /scannow
3. vycisti PC s CCleanerom vcetne registrov
4. skus preinstalovat ovladac Intel HD grafiky
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Pla(hta
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 05 úno 2006 11:57
Kontaktovat uživatele:

Re: Prosím o kontrolu logu - velmi zvláštní chování PC

#3 Příspěvek od Pla(hta »

Ahoj,

děkuji moc za rady.

Plochu využívám opravdu hodně (aktuální velikost souborů na ploše je 292 GB) - celková velikost SSD je 500 GB. Vše jsem přesunul na C:/zPlochy/...

Po přesunu souborů je velikost složky "Plocha" 92,7 MB.

Mimochodem teď jsem si všimnul, že se mi sama na ploše vytvořila skožka s názcem "Původní data aplikace Firefox" - to mi taky nepřijde jako normální chování. Složka je na ploše na pozici 1/1 a posunula všechny ostatní zástupce a složky. Velikost je 90 MB 1200 souborů - na ploše jsem toto zatím ponechal.

Scan now:
C:\WINDOWS\system32>sfc /scannow
Beginning system scan. This process will take some time.
Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection did not find any integrity violations.


CCleaner:
Vše vyčištěno jen tento registr to ani na podesáte neodstraní trvale:
ActiveX/COM Issue LocalServer32\C:\WINDOWS\SysWOW64\Speech_OneCore\Common\SpeechRuntime.exe -ToastNotifier HKCR\CLSID\{265b1075-d22b-41eb-bc97-87568f3e6dab}


Ovladače grafiky:
To byl jeden z těch problémů co jsem nedávno měl. Neustíále se restartovalo a doinstalovávalo. Po cca desátem restartu jsem usoudil, že se to zacyklilo a vypnul jsem instalaci ovladačů.

Teď mi nejnovější ovladače ze stránek intel hlásily "máte novější verzi, chcete přeinstalovat" - tak jsem přeinstaloval. Tentokrát se to nezacyklilo, takže ovladače mám přeinstalované.

Chyba Mozilly přetrvává.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu - velmi zvláštní chování PC

#4 Příspěvek od JaRon »

Skus vycistit prehliadace
https://forum.viry.cz/viewtopic.php?f=1 ... e#p1538050
Oba kroky
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Pla(hta
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 05 úno 2006 11:57
Kontaktovat uživatele:

Re: Prosím o kontrolu logu - velmi zvláštní chování PC

#5 Příspěvek od Pla(hta »

Ahoj,

1)Zoek.exe


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Komp on 17.02.2021 at 22:22:36,89.
Microsoft Windows 10 Home 10.0.19042 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Komp\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.02.2021 22:25:31 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\MSI deleted successfully
C:\PROGRA~3\Shared Space deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\defaultuser0\AppData\LocalLow deleted successfully
C:\Users\Komp\AppData\Local\calibre-cache deleted successfully
C:\Users\Komp\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Komp\AppData\Roaming\Mozilla\Firefox\Profiles\567nxm6j.default-release-1613520298906\prefs.js:

Added to C:\Users\Komp\AppData\Roaming\Mozilla\Firefox\Profiles\567nxm6j.default-release-1613520298906\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\MSI not found
C:\Users\Komp\AppData\Roaming\calibre deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM28689.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2E141.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c8211.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c8213.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c8224.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c8226.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c8248.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c824a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c824c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c825d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c826f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c8271.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c8282.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c841b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c84f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c8519.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c853a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c854c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c855d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c859e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11dc-438-32c85af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4425.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4427.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4439.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b444a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b445c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b445e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4470.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4481.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4483.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4495.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4497.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b44a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b44ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b44bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b44dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b44ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b44f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4503.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ec-1f0c-b4514.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d2e8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d2eae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d2ed0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d2f10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d2f31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d2f43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d2f64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d2f86.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d2fe5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d3016.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d3057.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d3097.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d30d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d30f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d310b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d314b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d316c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d318e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18b4-10f4-6d31af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-96340.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-96342.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-96353.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-96355.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-96367.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-96369.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-9637b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-9637d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-9637f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-96390.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-96392.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-963a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-963a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-963b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-963ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-963bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-963cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-963cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18f4-8c0-963e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa83d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa84f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa851.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa862.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa864.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa876.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa878.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa889.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa88b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa89d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa89f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa8b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa8b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa8c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa8c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa8c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa8ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa8dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b90-e40-1fa8de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acbc9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acbda.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acbdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acbee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acbf0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc73.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c50-ccc-acc99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a62b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a63d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a63f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a650.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a652.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a664.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a666.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a678.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a67a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a68b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a68d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a69f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a6a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a6a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a6b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a6b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a6c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a6ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ec8-1a8c-22a6dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fd5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fd5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fd6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fd70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fd82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fd84.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fd95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fd97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fd99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fdab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fdbd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fdbf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fdc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fdd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fde4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fde6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fde8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fdea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f08-1b9c-31fdec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-55073fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-550740f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-5507421.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-5507442.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-5507454.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-5507531.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-5507542.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-5507554.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-5507575.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-55075d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-55075e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-5507608.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-5507629.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-550764a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-550769a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-55076ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-550770c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-550773d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f38-16ec-550775e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a551.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a581.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a5c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a5c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a5d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a616.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a657.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a668.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a67a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a69b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a6bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a6ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a6ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a730.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a741.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a753.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a765.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a786.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f40-125c-532a797.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e071.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e083.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e095.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e0a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e0a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e0ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e0cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e552.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e60f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e6ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e78a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e79c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e7fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e81d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e88c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e89e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e8bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e8f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2310-1390-3f7e911.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3acba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3accb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3accd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3accf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ace1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ace3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ace5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3acf6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3acf8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3acfa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ad0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ad0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ad10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ad22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ad24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ad26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ad37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ad39.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-510-514-3ad3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-37829f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3782a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3782b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3782c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3782d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3782d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3782f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-37830b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-37831d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-37832e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-378350.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-378361.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-378382.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-378394.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3783a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3783b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3783b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3783cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52c-18c-3783dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e89785.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e89796.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e89798.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e897ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e89810.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e89812.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e89824.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a24-1fcc-1e89826.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae01e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae07e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae0dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae10e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae14f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae1af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae1ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae201.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae212.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae224.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae274.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae2b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae2c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae2c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae2da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae2eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae2ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae37c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ddc-2728-1ae38e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-14ff1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-14ff2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-14ff50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-14ff61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-14ff82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-14ffd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-150023.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-150063.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-150075.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-150086.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-150088.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-15009a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-15009c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-1500bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-1500cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-1500e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-1500e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-1500f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-218c-150106.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad4ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad501.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad512.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad514.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad516.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad528.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad52a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad52c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad53e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-f8c-7c-dad540.tmp deleted
"C:\DumpStack.log.tmp" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Komp\AppData\Roaming\Mozilla\Firefox\Profiles\567nxm6j.default-release-1613520298906
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Chrome Media Router - Komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Outlook - Komp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb
Word - Komp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi
Excel - Komp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm
PowerPoint - Komp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf

==== Chromium Startpages ======================

C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Preferences
ons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/#settings","permissions":["notifications"],"update_url":"https://clients2.google.com/service/upd ... ons":{"api":["alarms","cast","desktopCapture","gcm","identity","identity.email","management","mediaRouterPrivate","metricsPrivate","mdns","networkingPrivate","settingsPrivate","storage","tabs","tabCapture","webview","system.cpu"],"explicit_host":["http://*/*","https://*.google.com/*","https://hangouts.google.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":137,"events":["identity.onSignInChanged","runtime.onStartup","runtime.onSuspend","settingsPrivate.onPrefsChanged"],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["alarms","cast","desktopCapture","gcm","identity","identity.email","management","mediaRouterPrivate","metricsPrivate","mdns","networkingPrivate","settingsPrivate","storage","tabs","tabCapture","webview","system.cpu"],"explicit_host":["http://*/*","https://*.google.com/*","https://hangouts.google.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13256324177525259","lastpingday":"13254048001048668","location":10,"manifest":{"background":{"persistent":false,"scripts":["common.js","mirroring_common.js","background_script.js"]},"content_security_policy":"default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' https://apis.google.com https://feedback.googleusercontent.com https://www.google.com https://www.gstatic.com; child-src https://accounts.google.com https://content.googleapis.com https://www.google.com; connect-src 'self' http://*:* https://*:*; font-src https://fonts.gstatic.com; object-src 'self';","current_locale":"cs","default_locale":"en","description":"Provider for discovery and services for mirroring of Chrome Media Router","differential_fingerprint":"1.8fdcd9381791669caafc8142957dc288ab410a05010331f0f0b037322b531f44","externally_connectable":{"ids":["idmofbkcelhplfjnmmdolenpigiiiecc","ggedfkijiiammpnbdadhllnehapomdge","njjegkblellcjnakomndbaloifhcoccg"]},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNTWJoPZ9bT32yKxuuVa9LSEYobjPoXCLX3dgsZ9djDrWKNikTECjdRe3/AFXb+v8jkmmtYQPnOgSYn06J/QodDlCIG6l470+gkOoobUM7fOs1AVOse23qYUV4jbuRW3+YZlCvaWCFeczCNbGIUgKEi5B2fyQazy60AL1sLW3utQIDAQAB","manifest_version":2,"minimum_chrome_version":"37","name":"Chrome Media Router","oauth2":{"client_id":"919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/calenda ... info.email"]},"permissions":["alarms","cast","declarativeWebRequest","desktopCapture","gcm","http://*/*","identity","identity.email","management","mdns","mediaRouterPrivate","metricsPrivate","networkingPrivate","processes","storage","system.cpu","settingsPrivate","tabCapture","tabs","webview","https://hangouts.google.com/*","https://*.google.com/cast/chromecast/home/gsse"],"update_url":"https://clients2.google.com/service/upd ... _resources":["cast_sender.js"]},"path":"pkedcjkdefgpdelpbcmbmeomcjbeemfm\\8820.1109.0.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"account_id":"105180502438630138733"}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"99D4351A25CA6E1BADDAD765B9B44A8E47E5BD0EECE5351BF09B2D3D69984A25"},"default_search_provider_data":{"template_url_data":"B88295ECEC7AE1D89A051002274B786DAF9305EAE7DFCA77B448A5343147FE33"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"FE5689FFCB22C00AB9B630A65AD5E0FAB29C3E87E12CDCE03B1C93E5370311DE","ahfgeienlihckogmohjhadlkjgocpleb":"89EE202D70DFA2927D9C841070CCD8E663FA1D5C1E75B7BCBA209844FF01B870","aohghmighlieiainnegkcijnfilokake":"B4C944A850FE760BD5E5A8887D754D86FFAEDD6DED9F1BFB0F56E8DA5D4F878D","apdfllckaahabafndbhieahigkjlhalf":"06F44B47E4F53FF6F4658F2F42C2E43D35306EB2583EADCAFD7A60E48358B056","blpcfgokakmgnkcojhhkbfbldkacnbeo":"E1B7DF2C1CA7EE98075541E0F4BD2346119A713C46FBA747613ACB05BA2D92D7","felcaaldnbdncclmgdcncolpebgiejap":"A2ADA63191A8E2D07F0E9992DFB985EEA2118477436CAAF72AA2AFC1EACACE49","gfdkimpbcpahaombhbimeihdjnejgicl":"4EDB1D4C24FDD5622F840772E9C8A4BE1172DBB962CCB63E4A062FBD52FBEAF8","ghbmnnjooekpmoecnnnilnnbdlolhkhi":"15E53AAAABAC3DAC4AC259517EA5B8DCC3E1F692069167E0D301CCA3D078D1E6","kmendfapggjehodndflmmgagdbamhnfd":"B799ECB3008509FE6770C0EE93CA46576F12F7DC88EE5D1792D83E7B4D122573","mfehgcgbbipciphmccgaenjidiccnmng":"DEFC19018E1503818DB851F7D659BFCBE57990221129989AAD24B8CE6EDFB876","mhjfbmdgcfjbbpaeojofohoefgiehjai":"FA54817269F3CAFC16B396F269ECCEE4BDEBC2D007ED84225BAED83C72C57C4B","neajdppkdcdipfabeoofebfddakdcjhd":"18B4710425B8552EFA68A1BEB47362EDD266B97BC185101D8C4B1967DBEF965C","nkeimhogjdpnpccoofpliimaahmaaome":"D2FBDBDFE91646700D013E5F3B02616A747BDA0528CE0613957F309C009A4AB9","nmmhkkegccagdldgiimedpiccmgmieda":"0F9145438178827C2FC1262B02149FF98C26726EDFCA9A3B1FDC5E107DC16713","pjkljhegncpnkpknbcohdijeoejaedia":"041A4FFF23805D6C5409CA292F72FFF441DA254CDE8B1204C0AA937288BF7E6F","pkedcjkdefgpdelpbcmbmeomcjbeemfm":"655636F2606EE2F1CD8017C4EEDC41EDD86B861D634A92A590A65A1EE3F84709"}},"google":{"services":{"account_id":"E439FA622AA88DD9087561F48D178E6B5CB68D41B7F77BCF0B745072EF59DF63","last_account_id":"09C595D2A80F026B00D5149E7480F0E432D0B4264BC399CE8E84AED48B6F6FAF","last_username":"4633235965B403D3864486C78B106DD81216329421F44B59CCADC88F88931E36"}},"homepage":"B6A240A6EA4C14EE3C99C9E5E7D1348926705F8A189212ECD0A4B1C0E2EA49A4","homepage_is_newtabpage":"B180B3D2A7E74D0B6C8C5E1ECB6A4CC32870094A99D023F7B8FAD5F7AD7EC927","media":{"storage_id_salt":"D0280003B9663EFE3895BE8538FD8A23F65813E42DD9414B5F56CB8FD2D149FF"},"module_blacklist_cache_md5_digest":"753BE4F6574D170F7340FD61248068D9C9DBEED265B1F1FB51D35339687D1A80","pinned_tabs":"D2A46E7D03DC83D37C55B778AD277337BEDB1CD8472AAAD6099FB38057A0976C","prefs":{"preference_reset_time":"B37DD934E332B3B4CDFC5E5A756F765B54EE25FCF9A083D314415C8069EFA002"},"safebrowsing":{"incidents_sent":"A336445752DC4EFAA7EBA40FFF6895483AC4A221C8CDDB9A14338DF4C86C4775"},"search_provider_overrides":"295BD8999BC7986A318490786A262A7935277616EDC2AD710AE016860DB893F7","session":{"restore_on_startup":"CFBB8E41ADCB3862BAA9EEFBAF4F360E0FBF5C84C0812B96C8447200AD68AFAA","startup_urls":"F31BE11E64E8EA2C25FA08406E668714E8C9392F93E040588121BAA85E2AD1C9"},"settings_reset_prompt":{"last_triggered_for_default_search":"675F63800395F6F98B548BBB9D717468B6CBB011604C93D5F36D85C19B6E343E","last_triggered_for_homepage":"9C146E47446CE926A46E0288C16FB8F5E220019C41996542BF95AB9E8AE2FC4E","last_triggered_for_startup_urls":"CBD3E798D0AFFEA2279F8839CFDF6AC0CCE29341B6DF47561CB5135B95BA8625","prompt_wave":"B9CD49AB9FF31BCC0BAD2E851E225B67161B27CE037EBEA9F168B1B7128377F9"},"software_reporter":{"prompt_seed":"2F25A23613F8C289673CDBED775CDF9AE883E81839402318CC682705A9F01ACD","prompt_version":"CC922EC41BE7901EF76C2FC0561C3ECB82C517EACE01A450B5C36013E87C6D45","reporting":"4CBF919D601741DD44FBFB44C13FBFD717E940B3E1EB39B325F13D51435ACF4D"}},"super_mac":"6524D112A8480118C794B98EBB1A87C5CF352D7FA271E988D176F8FC90AC70E3"}}

C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
ivated_since_loaded":true,"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\87.0.664.66\\resources\\webrtc_internals","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nkeimhogjdpnpccoofpliimaahmaaome":{"active_permissions":{"api":["desktopCapture","processes","webrtcAudioPrivate","webrtcDesktopCapturePrivate","webrtcLoggingPrivate","system.cpu","enterprise.hardwarePlatform"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13253973598499882","location":5,"manifest":{"background":{"page":"background.html","persistent":false},"externally_connectable":{"matches":["https://*.google.com/*","https://*.microsoft.com/*","https://*.skype.com/*","*://localhost/*"]},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAQt2ZDdPfoSe/JI6ID5bgLHRCnCu9T36aYczmhw/tnv6QZB2I6WnOCMZXJZlRdqWc7w9jo4BWhYS50Vb4weMfh/I0On7VcRwJUgfAxW2cHB+EkmtI1v4v/OU24OqIa1Nmv9uRVeX0GjhQukdLNhAE6ACWooaf5kqKlCeK+1GOkQIDAQAB","manifest_version":2,"name":"Google Hangouts","permissions":["desktopCapture","enterprise.hardwarePlatform","processes","system.cpu","webrtcAudioPrivate","webrtcDesktopCapturePrivate","webrtcLoggingPrivate"],"version":"1.3.15"},"never_activated_since_loaded":true,"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\81.0.416.88\\resources\\hangout_services","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"opfacbhaojodjaojgocnibmklknchehf":{"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":17,"events":[],"from_bookmark":true,"from_webstore":false,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13254006536641539","location":1,"manifest":{"app":{"display_mode":"browser","launch":{"web_url":"https://powerpoint.office.com/"},"linke ... E19604CF39"}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Komp\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Komp\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Komp\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Komp\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Komp\AppData\Local\Mozilla\Firefox\Profiles\567nxm6j.default-release-1613520298906\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Komp\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Komp\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=277 folders=397 1349194347 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Komp\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted

==== EOF on 17.02.2021 at 22:47:31,50 ======================













---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------



2) Junkware removal tool:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Komp (Administrator) on 17.02.2021 at 23:19:46,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.02.2021 at 23:22:10,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu - velmi zvláštní chování PC

#6 Příspěvek od JaRon »

vycistene, ak problem FF pretrvava, skus https://support.mozilla.org/bm/questions/973277
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Pla(hta
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 05 úno 2006 11:57
Kontaktovat uživatele:

Re: Prosím o kontrolu logu - velmi zvláštní chování PC

#7 Příspěvek od Pla(hta »

Ahoj,

problém přetrvává. Postupoval jsem podle návodu "https://support.mozilla.org/bm/questions/973277".

Odstranil jsem i oba profily. Stále je Firefox nefunkční.

Už opravdu nevím co s tím ... asi přejít na Chrome.

Každopádně děkuji moc za všechny rady a kontrolu případných virů.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu - velmi zvláštní chování PC

#8 Příspěvek od JaRon »

ahoj,
mas v podstate dve moznosti:
1. skusit to opravit s radami FF for - obtiazne, zdlhave a uspech neisty
2. prejst na Chrome alebo Edge
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět