Dobrý den prosím o kontrolu, stále mi vyskakuje okno "přihlaste se pomocí účtu google", při spuštění programu Thunderbird ,CHrome i jiných.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2022 01
Ran by Petr (administrator) on PETR (HP HP Pavilion Gaming Desktop TG01-1xxx) (14-04-2022 07:06:41)
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Platform: Microsoft Windows 11 Home Version 21H2 22000.613 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\56.0.11.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (My.Com B.V. -> ) C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe <4>
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GameCenter] => C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe [11413256 2022-04-05] (My.Com B.V. -> )
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledování výstrah kazety - HP Smart Tank 510 series.lnk [2022-04-14]
ShortcutAndArgument: Sledování výstrah kazety - HP Smart Tank 510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Smart Tank 510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN14G440GV;CONNECTION=USB;MONITOR=1;
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {10151963-BE95-4337-8CEE-85562735DEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2B39A18A-4466-4239-A58A-9EA8FECC3551} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {364F5A20-4D48-4EE2-BF11-E6D166A366B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {38463ED2-5B0A-41B9-ADE1-D9D3FF72511F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {4B75AF71-A6A7-42E8-8B72-EB9E9B529621} - System32\Tasks\GoogleUpdateTaskMachineCore{7AE1C9F1-9540-418C-921D-FD4FDE5E1410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {4D33C652-2C7C-4B8A-84B8-40EAF1EBFD31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6C353243-8DF9-420D-8450-E8D9C632262D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6CC18422-BAE7-4D28-AAAC-B8BBBC8A4CE9} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {80A120DA-29C6-4F45-9599-6A520F2C007B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {956C0A3F-0F09-4C50-BE25-E3E18A046B9C} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A491907D-D74D-4B82-95B1-AD59C912F71E} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C04E5708-FE69-48FC-93F6-0881FAC8ECE5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4CB05B8-C2FE-41E2-82B7-E3B00A830AAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {D36CAA0A-4052-4E2E-A75B-7FAEEAFCB9AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. -> HP Inc.)
Task: {D6289842-C650-49EA-A997-EBDAA99BA741} - System32\Tasks\GoogleUpdateTaskMachineUA{20B3175A-8648-4988-A471-F17AD8C33B26} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {D6EDDE36-EC6B-40EE-8224-F8665F53331A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
Task: {EAB9192F-4332-4405-9ADF-98BC88B5DBD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6937863e-c9ac-48bb-9f25-4c37672829ce}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd2bec96-b3e5-4cbd-bd2d-45992acf282d}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-05]
Edge HomePage: Default -> hxxp://www.google.cz/
Edge StartupUrls: Default -> "hxxps://www.google.cz/"
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2022-02-07] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default [2022-04-14]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-07]
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2022-02-07]
CHR Extension: (Dokumenty) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-07]
CHR Extension: (Disk Google) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-07]
CHR Extension: (YouTube) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-07]
CHR Extension: (uBlock Origin) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-22]
CHR Extension: (Tabulky) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-07]
CHR Extension: (Gmail) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-07]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]
CHR HKU\S-1-5-21-518073881-1826240890-1261379532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe [762888 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe [760312 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe [758280 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe [698760 2022-02-14] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe [761376 2022-02-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-22] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [24538344 2022-04-06] (My.Com B.V. -> My.com B.V.)
R2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [234064 2020-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-06] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl3bc1c927; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F1CC5776-17EE-4DCA-B75A-07F8F6EB85EF}\MpKslDrv.sys [139536 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [23774760 2022-04-06] (My.Com B.V. -> My.com B.V.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
R3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2022-04-13] (Bitdefender SRL -> Bitdefender)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-14 07:06 - 2022-04-14 07:06 - 000000000 ____D C:\FRST
2022-04-13 19:13 - 2022-04-13 19:22 - 000000054 _____ C:\WINDOWS\Lic.xxx
2022-04-13 19:13 - 2022-04-13 19:13 - 000000000 ____D C:\PUB
2022-04-13 19:13 - 2022-04-13 19:12 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2022-04-13 19:12 - 2022-04-13 19:12 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2022-04-13 19:12 - 2022-04-13 19:12 - 000000000 ____D C:\ProgramData\MicroWorld
2022-04-13 18:59 - 2022-04-13 18:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-13 18:59 - 2022-04-13 18:58 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-13 18:59 - 2022-04-13 18:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-13 11:02 - 2022-04-13 11:02 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 11:01 - 2022-04-13 11:01 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-13 11:00 - 2022-04-13 11:00 - 000000000 ___HD C:\$WinREAgent
2022-04-13 07:03 - 2022-04-13 14:36 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-04-03 09:20 - 2022-04-03 09:20 - 000000000 ____D C:\Users\fugat\OneDrive\Dokumenty\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\Users\fugat\AppData\Local\GUI
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\ProgramData\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\ProgramData\SecuritySuite
2022-03-31 16:39 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-14 07:00 - 2022-02-07 13:07 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\Mozilla
2022-04-14 06:59 - 2022-02-07 13:07 - 000000000 ____D C:\ProgramData\Mozilla
2022-04-14 06:45 - 2022-02-07 11:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-14 06:44 - 2022-02-07 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-14 06:42 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Local\GameCenter
2022-04-14 06:42 - 2022-02-07 10:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-13 19:20 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-13 19:13 - 2019-12-07 11:14 - 000000652 _____ C:\WINDOWS\win.ini
2022-04-13 18:59 - 2022-02-07 10:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-13 17:38 - 2022-02-07 10:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-13 14:43 - 2022-02-07 11:00 - 001715074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-13 14:43 - 2022-02-07 10:43 - 000724594 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-13 14:43 - 2022-02-07 10:43 - 000150556 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-13 14:43 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\INF
2022-04-13 14:37 - 2022-02-07 10:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000624032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000012288 ___SH C:\DumpStack.log.tmp
2022-04-13 14:37 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-13 14:36 - 2022-02-07 13:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 14:36 - 2022-02-07 10:38 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-13 11:24 - 2022-02-09 10:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 11:23 - 2022-02-09 10:33 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 11:23 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-13 11:04 - 2022-02-07 10:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 11:01 - 2022-02-07 10:52 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-13 07:03 - 2022-02-07 11:41 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-12 06:14 - 2022-02-07 10:50 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-04-10 11:41 - 2022-02-07 11:27 - 000000000 ____D C:\Users\fugat\AppData\Local\D3DSCache
2022-04-08 07:37 - 2022-02-07 11:44 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-08 07:04 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 06:14 - 2022-02-07 19:06 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-07 17:02 - 2022-02-07 11:29 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000002384 _____ C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-07 08:01 - 2022-02-09 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 19:20 - 2022-02-07 11:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-06 18:07 - 2022-02-07 15:00 - 024538344 _____ (My.com B.V.) C:\WINDOWS\system32\mracsvc.exe
2022-04-06 18:07 - 2022-02-07 15:00 - 023774760 _____ (My.com B.V.) C:\WINDOWS\system32\Drivers\mracdrv1.sys
2022-04-06 06:32 - 2022-02-07 10:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:32 - 2022-02-07 10:50 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 09:25 - 2022-02-08 18:51 - 000000000 ____D C:\Users\fugat\AppData\Local\CrashDumps
2022-04-03 09:05 - 2022-02-07 12:04 - 000000000 ____D C:\Program Files\Common Files\AV
2022-04-03 09:05 - 2022-02-07 12:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-03 09:05 - 2022-02-07 10:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-28 06:53 - 2022-02-08 07:19 - 000000000 ____D C:\Users\fugat\AppData\Local\HP_Inc
2022-03-23 20:56 - 2022-02-09 10:33 - 000509296 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:56 - 2022-02-09 10:33 - 000492912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-22 15:15 - 2022-02-07 20:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 15:13 - 2022-02-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-20 20:30 - 2022-02-07 11:19 - 000000000 ____D C:\Users\fugat
==================== Files in the root of some directories ========
2022-02-07 18:12 - 2022-02-07 18:12 - 000058111 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-07 16:11 - 2022-02-07 16:11 - 000000410 _____ () C:\Users\fugat\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2022 01
Ran by Petr (14-04-2022 07:08:14)
Running from C:\Users\fugat\OneDrive\Plocha
Microsoft Windows 11 Home Version 21H2 22000.613 (X64) (2022-02-07 08:57:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-518073881-1826240890-1261379532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-518073881-1826240890-1261379532-503 - Limited - Disabled)
Guest (S-1-5-21-518073881-1826240890-1261379532-501 - Limited - Disabled)
Petr (S-1-5-21-518073881-1826240890-1261379532-1001 - Administrator - Enabled) => C:\Users\fugat
WDAGUtilityAccount (S-1-5-21-518073881-1826240890-1261379532-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CMS (HKLM-x32\...\CMS) (Version: - )
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.11.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.88 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.8.0 (x64 cs)) (Version: 91.8.0 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\GameCenter) (Version: 4.1659 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.93 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Warface My.Com (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Warface My.Com) (Version: 1.229 - MY.GAMES)
Základní software zařízení HP Smart Tank 510 series (HKLM\...\{798379C9-F589-45AA-9E80-633506245FD1}) (Version: 48.6.4634.2224 - HP Inc.)
Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2022-03-08] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-02-07] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.4.0_x64__xbfy0k16fey96 [2022-02-07] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2022-04-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.9180.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.15.66.0_x64__v10z8vjag6ke6 [2022-04-06] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-02-11] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-07] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6 [2022-03-28] (HP Inc.) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-02-07] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-19] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\nvshext.dll [2022-01-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
==================== Loaded Modules (Whitelisted) =============
2021-10-16 09:31 - 2021-10-16 09:31 - 000009216 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\ImagePipelineNative.dll
2022-03-30 13:06 - 2022-03-30 13:06 - 147344896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libcef.dll
2022-03-29 21:01 - 2022-03-29 21:01 - 000345088 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libegl.dll
2022-03-29 20:59 - 2022-03-29 20:59 - 005478400 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libglesv2.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 003425792 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vk_swiftshader.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 000702976 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vulkan-1.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000144896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\zlib1.dll
2022-02-10 11:30 - 2022-02-10 11:30 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f90e72b12d0aa935d781e317202c1f9b\Interop.IWshRuntimeLibrary.ni.dll
2022-02-10 10:32 - 2022-02-10 10:33 - 000107008 _____ (Facebook, Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\yoga.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 000139776 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\07cc04e050bf3a2b713a6738ca1e8d65\Hardcodet.Wpf.TaskbarNotification.ni.dll
2022-01-19 20:05 - 2022-01-19 20:05 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2021-10-16 09:31 - 2021-10-16 09:31 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\NativeRpcClient.dll
2022-03-27 10:39 - 2022-03-27 10:39 - 008441344 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp_UWP.dll
2021-05-24 11:11 - 2021-05-24 11:11 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\NativeRpcClient.DLL
2022-02-07 12:39 - 2022-02-24 11:21 - 000163840 _____ (Igor Pavlov) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\7zxa.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 001716736 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\343277c8ff5a08dd62ebb4ad5af2f83a\NAudio.ni.dll
2019-12-07 11:07 - 2019-12-07 11:52 - 000285184 ____N (Microsoft Corporation) [File not signed] c:\windows\system32\drivers\umdf\wpdfs.dll
2022-02-15 11:08 - 2022-02-15 11:08 - 000137168 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 003087360 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ec86693079e180f87ce3d207adb00ef8\Newtonsoft.Json.ni.dll
2022-02-10 10:32 - 2022-02-10 10:32 - 001662976 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\SQLite.Interop.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000694272 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\libcurl.dll
2022-03-29 21:52 - 2022-03-29 21:52 - 000985600 _____ (The Chromium Authors) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-518073881-1826240890-1261379532-1001 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2022-04-03 09:41 - 000001024 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Travní\SAM_0203.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{4DC86DAD-AC33-4F36-8503-FEFFA8FB79D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D906161A-D92F-443F-9AD3-FF488C5E43F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A911F33-32BE-4EE2-865A-9C7E47903571}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7ACFB8BE-00A8-4C05-8CE6-F6A1A698CDB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A2AA857-3393-4590-A2BA-DD72A4660FE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E8DE388-50AB-4CBE-B7AF-8616B07CFD97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DC463D39-ADC3-4149-8239-7D6359FB587A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F1B2B05-DEDB-40BE-A214-170A39CF165E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84D7C2D1-576F-47BB-AD3E-A7CB412F6AE8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{897668EC-48BD-43E3-8B06-D7A4A4CB8D3E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AB855F71-A716-4170-B080-53A17D1AE906}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{0BC0E3C0-48FC-4289-ABEB-0DEFE029084C}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [{9CF2EDEC-DBB0-4136-B1A0-114938E3F956}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D3A6033-BF6B-4A06-BC7B-AEAD4AA8D783}] => (Allow) LPort=5357
FirewallRules: [{D577065D-E862-4D34-ACC4-02A33C41AC86}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{B0895AEE-2E7B-49B9-B437-D8E41F311DD5}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9BCF3230-0361-4FE4-A13A-E41B7E43E9B2}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{844B9B28-1E44-40F3-B885-B908D82A92D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3631F8A4-341D-45F1-96B5-D1C204FFEB5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E6CE3DC-F2EF-40E0-B21C-96D11528D48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F15769B6-B1E9-4E88-B97F-41E27CB5CCC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93980BE1-9E91-43D4-8BB5-32217BF8B6A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86C2ACBD-E7C5-4053-982D-A704D2898F0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BA1E742-FEED-4084-8AB9-34841749A8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D01A360-069C-437E-B887-3E497BF5BBD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EF0735C-F61B-4676-9E53-90573B2083AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BBBB29-241A-476B-9254-1FE1E5BECD40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEAE313F-CD64-416E-8BAC-2F90CBFCE9BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34A4E71C-CA50-47EF-A217-22D360EDE655}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94366A55-8246-4C68-80C7-057E295E2DBB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{35AB9466-6480-449D-AD82-E96B771A9916}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{32AE380D-196A-4EF2-9562-EAE1E58C1159}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{57BF1688-38DE-4E35-8CBD-F528F2E71059}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3C7A2A73-30D1-4CF3-8E85-69F97E7BF1A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{956727E3-7076-4D5E-AC0D-1736BAD1D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5C1A709B-DAFD-440D-8320-C87A23385C79}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{38671937-DC87-4218-B2EB-0386549805B8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{894AABB7-5933-4CF8-A156-822D817F94CA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5D00E702-B8F1-441D-96D5-E5CE52170410}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5334F5A4-84A2-4876-B602-FC12C95B861F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{02C5509C-D445-40DF-9649-1DFED68729F6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{071F42C8-C5CC-4CBF-96D0-A100155999C6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5B0CA116-8A4E-4803-B398-2EFD98EEAC39}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D9C58F8-3C75-4D76-9545-0BEC0F19E23C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8D1410FF-1E5A-4F36-A2A2-C4176E36C53B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{5F8E448C-4526-4705-BE9B-C6CC7F171621}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{483A7862-B8EC-462A-9A9B-D22DE80F3722}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{C01CC65D-EAC3-4DE0-8DFF-B942897A49D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{944C1370-D62D-477C-95FD-42FB44B4BCE0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02C42165-0DCE-4A79-9C8D-D06A3CB46B49}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5184FAAF-1B23-4CEE-8E21-D90678D3B515}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
03-04-2022 09:00:55 Removed Kaspersky Password Manager
11-04-2022 07:49:46 Naplánovaný kontrolní bod
13-04-2022 10:59:36 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/14/2022 06:52:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 06:59:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 02:43:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/13/2022 09:14:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/10/2022 07:36:17 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/09/2022 06:36:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (04/14/2022 06:42:30 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/13/2022 07:02:08 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{FD2BEC96-B3E5-4CBD-BD2D-45992ACF282D}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/13/2022 07:02:07 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/12/2022 02:25:41 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/12/2022 06:14:04 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/11/2022 06:42:19 PM) (Source: DCOM) (EventID: 10010) (User: Petr)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.22000.1_neutral_neutral_cw5n1h2txyewy!App.AppXyvyv4mghdjas8j88defq0w1hc410kvzt.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/11/2022 05:36:17 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/11/2022 05:58:21 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{FD2BEC96-B3E5-4CBD-BD2D-45992ACF282D}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Windows Defender:
================
Date: 2022-04-13 08:15:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6150783-DEAC-479C-9D5D-26FA2D7C036C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-12 07:16:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FDF5DA38-214B-46DE-89F1-7D3041E19915}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-11 07:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1CBE6393-6111-48B0-A992-5EB7AA8C8535}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-10 10:52:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {101F0B8A-DEA4-4969-93CE-F97F5F349159}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-07 09:58:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {189E886C-DD73-4D03-9376-740EC845B6CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2022-02-09 07:57:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.357.332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===============
Date: 2022-04-09 08:55:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-06 12:28:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-03 09:19:55
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\protected_elam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-04-03 09:05:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.40 07/29/2021
Motherboard: HP 8767
Processor: Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
Percentage of memory in use: 34%
Total physical RAM: 16249.75 MB
Available physical RAM: 10600.13 MB
Total Virtual: 18681.75 MB
Available Virtual: 10827.55 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:358.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:760.91 GB) NTFS
Drive e: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:171.2 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:5.69 GB) FAT32
\\?\Volume{75a0fa6b-d1f9-4b47-ab8e-75e621a387d3}\ () (Fixed) (Total:0.54 GB) (Free:0.05 GB) NTFS
\\?\Volume{578c12f2-64de-443e-9267-de2bbf3feb75}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5FD808C6)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 69EA6628)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D8A924DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Posílám log
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-14-2022
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 9
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\SecuritySuite
Deleted C:\ProgramData\TotalAV
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\SSProtect
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\Software\Classes\totalav
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4018 octets] - [14/04/2022 12:39:05]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-14-2022
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 9
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\SecuritySuite
Deleted C:\ProgramData\TotalAV
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\SSProtect
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\Software\Classes\totalav
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4018 octets] - [14/04/2022 12:39:05]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2022 01
Ran by Petr (14-04-2022 13:18:54)
Running from C:\Users\fugat\OneDrive\Plocha
Microsoft Windows 11 Home Version 21H2 22000.613 (X64) (2022-02-07 08:57:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-518073881-1826240890-1261379532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-518073881-1826240890-1261379532-503 - Limited - Disabled)
Guest (S-1-5-21-518073881-1826240890-1261379532-501 - Limited - Disabled)
Petr (S-1-5-21-518073881-1826240890-1261379532-1001 - Administrator - Enabled) => C:\Users\fugat
WDAGUtilityAccount (S-1-5-21-518073881-1826240890-1261379532-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CMS (HKLM-x32\...\CMS) (Version: - )
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.11.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.88 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.8.0 (x64 cs)) (Version: 91.8.0 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\GameCenter) (Version: 4.1659 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.93 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Warface My.Com (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Warface My.Com) (Version: 1.229 - MY.GAMES)
Základní software zařízení HP Smart Tank 510 series (HKLM\...\{798379C9-F589-45AA-9E80-633506245FD1}) (Version: 48.6.4634.2224 - HP Inc.)
Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2022-03-08] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-02-07] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.4.0_x64__xbfy0k16fey96 [2022-02-07] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2022-04-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.9180.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.15.66.0_x64__v10z8vjag6ke6 [2022-04-06] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-02-11] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-07] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6 [2022-03-28] (HP Inc.) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-02-07] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-19] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\nvshext.dll [2022-01-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
==================== Loaded Modules (Whitelisted) =============
2015-03-17 02:34 - 2015-03-17 02:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-12-07 11:07 - 2019-12-07 11:52 - 000285184 ____N (Microsoft Corporation) [File not signed] c:\windows\system32\drivers\umdf\wpdfs.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 003087360 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ec86693079e180f87ce3d207adb00ef8\Newtonsoft.Json.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-518073881-1826240890-1261379532-1001 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2022-04-03 09:41 - 000001024 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Travní\SAM_0203.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{4DC86DAD-AC33-4F36-8503-FEFFA8FB79D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D906161A-D92F-443F-9AD3-FF488C5E43F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A911F33-32BE-4EE2-865A-9C7E47903571}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7ACFB8BE-00A8-4C05-8CE6-F6A1A698CDB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A2AA857-3393-4590-A2BA-DD72A4660FE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E8DE388-50AB-4CBE-B7AF-8616B07CFD97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DC463D39-ADC3-4149-8239-7D6359FB587A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F1B2B05-DEDB-40BE-A214-170A39CF165E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84D7C2D1-576F-47BB-AD3E-A7CB412F6AE8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{897668EC-48BD-43E3-8B06-D7A4A4CB8D3E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AB855F71-A716-4170-B080-53A17D1AE906}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{0BC0E3C0-48FC-4289-ABEB-0DEFE029084C}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [{9CF2EDEC-DBB0-4136-B1A0-114938E3F956}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D3A6033-BF6B-4A06-BC7B-AEAD4AA8D783}] => (Allow) LPort=5357
FirewallRules: [{D577065D-E862-4D34-ACC4-02A33C41AC86}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{B0895AEE-2E7B-49B9-B437-D8E41F311DD5}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9BCF3230-0361-4FE4-A13A-E41B7E43E9B2}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{844B9B28-1E44-40F3-B885-B908D82A92D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3631F8A4-341D-45F1-96B5-D1C204FFEB5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E6CE3DC-F2EF-40E0-B21C-96D11528D48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F15769B6-B1E9-4E88-B97F-41E27CB5CCC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93980BE1-9E91-43D4-8BB5-32217BF8B6A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86C2ACBD-E7C5-4053-982D-A704D2898F0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BA1E742-FEED-4084-8AB9-34841749A8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D01A360-069C-437E-B887-3E497BF5BBD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EF0735C-F61B-4676-9E53-90573B2083AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BBBB29-241A-476B-9254-1FE1E5BECD40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEAE313F-CD64-416E-8BAC-2F90CBFCE9BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34A4E71C-CA50-47EF-A217-22D360EDE655}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94366A55-8246-4C68-80C7-057E295E2DBB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{35AB9466-6480-449D-AD82-E96B771A9916}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{32AE380D-196A-4EF2-9562-EAE1E58C1159}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{57BF1688-38DE-4E35-8CBD-F528F2E71059}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3C7A2A73-30D1-4CF3-8E85-69F97E7BF1A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{956727E3-7076-4D5E-AC0D-1736BAD1D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5C1A709B-DAFD-440D-8320-C87A23385C79}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{38671937-DC87-4218-B2EB-0386549805B8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{894AABB7-5933-4CF8-A156-822D817F94CA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5D00E702-B8F1-441D-96D5-E5CE52170410}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5334F5A4-84A2-4876-B602-FC12C95B861F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{02C5509C-D445-40DF-9649-1DFED68729F6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{071F42C8-C5CC-4CBF-96D0-A100155999C6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5B0CA116-8A4E-4803-B398-2EFD98EEAC39}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D9C58F8-3C75-4D76-9545-0BEC0F19E23C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8D1410FF-1E5A-4F36-A2A2-C4176E36C53B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{5F8E448C-4526-4705-BE9B-C6CC7F171621}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{483A7862-B8EC-462A-9A9B-D22DE80F3722}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{C01CC65D-EAC3-4DE0-8DFF-B942897A49D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{944C1370-D62D-477C-95FD-42FB44B4BCE0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02C42165-0DCE-4A79-9C8D-D06A3CB46B49}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5184FAAF-1B23-4CEE-8E21-D90678D3B515}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
03-04-2022 09:00:55 Removed Kaspersky Password Manager
11-04-2022 07:49:46 Naplánovaný kontrolní bod
13-04-2022 10:59:36 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/14/2022 06:52:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 06:59:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 02:43:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/13/2022 09:14:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/10/2022 07:36:17 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/09/2022 06:36:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Analytics service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP App Helper HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Comm Recovery byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sound Research SECOMN Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-04-13 08:15:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6150783-DEAC-479C-9D5D-26FA2D7C036C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-12 07:16:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FDF5DA38-214B-46DE-89F1-7D3041E19915}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-11 07:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1CBE6393-6111-48B0-A992-5EB7AA8C8535}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-10 10:52:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {101F0B8A-DEA4-4969-93CE-F97F5F349159}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-07 09:58:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {189E886C-DD73-4D03-9376-740EC845B6CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2022-02-09 07:57:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.357.332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===============
Date: 2022-04-14 08:05:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-06 12:28:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-03 09:19:55
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\protected_elam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-04-03 09:05:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.40 07/29/2021
Motherboard: HP 8767
Processor: Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
Percentage of memory in use: 24%
Total physical RAM: 16249.75 MB
Available physical RAM: 12221.82 MB
Total Virtual: 18681.75 MB
Available Virtual: 13433.51 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:357.16 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:760.91 GB) NTFS
Drive e: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:171.2 GB) NTFS
\\?\Volume{75a0fa6b-d1f9-4b47-ab8e-75e621a387d3}\ () (Fixed) (Total:0.54 GB) (Free:0.05 GB) NTFS
\\?\Volume{578c12f2-64de-443e-9267-de2bbf3feb75}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5FD808C6)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 69EA6628)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D8A924DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2022 01
Ran by Petr (administrator) on PETR (HP HP Pavilion Gaming Desktop TG01-1xxx) (14-04-2022 13:18:08)
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Platform: Microsoft Windows 11 Home Version 21H2 22000.613 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GameCenter] => C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe [11413256 2022-04-05] (My.Com B.V. -> )
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledování výstrah kazety - HP Smart Tank 510 series.lnk [2022-04-14]
ShortcutAndArgument: Sledování výstrah kazety - HP Smart Tank 510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Smart Tank 510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN14G440GV;CONNECTION=USB;MONITOR=1;
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {10151963-BE95-4337-8CEE-85562735DEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2B39A18A-4466-4239-A58A-9EA8FECC3551} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {364F5A20-4D48-4EE2-BF11-E6D166A366B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {38463ED2-5B0A-41B9-ADE1-D9D3FF72511F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {4B75AF71-A6A7-42E8-8B72-EB9E9B529621} - System32\Tasks\GoogleUpdateTaskMachineCore{7AE1C9F1-9540-418C-921D-FD4FDE5E1410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {4D33C652-2C7C-4B8A-84B8-40EAF1EBFD31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6C353243-8DF9-420D-8450-E8D9C632262D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6CC18422-BAE7-4D28-AAAC-B8BBBC8A4CE9} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {80A120DA-29C6-4F45-9599-6A520F2C007B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {956C0A3F-0F09-4C50-BE25-E3E18A046B9C} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A491907D-D74D-4B82-95B1-AD59C912F71E} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C04E5708-FE69-48FC-93F6-0881FAC8ECE5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4CB05B8-C2FE-41E2-82B7-E3B00A830AAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {D36CAA0A-4052-4E2E-A75B-7FAEEAFCB9AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. -> HP Inc.)
Task: {D6289842-C650-49EA-A997-EBDAA99BA741} - System32\Tasks\GoogleUpdateTaskMachineUA{20B3175A-8648-4988-A471-F17AD8C33B26} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {D6EDDE36-EC6B-40EE-8224-F8665F53331A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
Task: {EAB9192F-4332-4405-9ADF-98BC88B5DBD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6937863e-c9ac-48bb-9f25-4c37672829ce}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd2bec96-b3e5-4cbd-bd2d-45992acf282d}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-05]
Edge HomePage: Default -> hxxp://www.google.cz/
Edge StartupUrls: Default -> "hxxps://www.google.cz/"
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2022-02-07] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default [2022-04-14]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-07]
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2022-02-07]
CHR Extension: (Dokumenty) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-07]
CHR Extension: (Disk Google) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-07]
CHR Extension: (YouTube) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-07]
CHR Extension: (uBlock Origin) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-22]
CHR Extension: (Tabulky) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-07]
CHR Extension: (Gmail) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-07]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]
CHR HKU\S-1-5-21-518073881-1826240890-1261379532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
S2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe [762888 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe [760312 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe [758280 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe [698760 2022-02-14] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe [761376 2022-02-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-22] (HP Inc. -> HP Inc.)
S2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [24538344 2022-04-06] (My.Com B.V. -> My.com B.V.)
S2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [234064 2020-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-06] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsld0a022a0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3846AE5D-383E-4CCA-B7AC-3850CE2FD58B}\MpKslDrv.sys [139536 2022-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [23774760 2022-04-06] (My.Com B.V. -> My.com B.V.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
R3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2022-04-13] (Bitdefender SRL -> Bitdefender)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-14 12:36 - 2022-04-14 12:42 - 000000000 ____D C:\AdwCleaner
2022-04-14 07:06 - 2022-04-14 13:18 - 000000000 ____D C:\FRST
2022-04-13 19:13 - 2022-04-13 19:22 - 000000054 _____ C:\WINDOWS\Lic.xxx
2022-04-13 19:13 - 2022-04-13 19:13 - 000000000 ____D C:\PUB
2022-04-13 19:13 - 2022-04-13 19:12 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2022-04-13 19:12 - 2022-04-13 19:12 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2022-04-13 19:12 - 2022-04-13 19:12 - 000000000 ____D C:\ProgramData\MicroWorld
2022-04-13 18:59 - 2022-04-13 18:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-13 18:59 - 2022-04-13 18:58 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-13 18:59 - 2022-04-13 18:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-13 11:02 - 2022-04-13 11:02 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 11:01 - 2022-04-13 11:01 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-13 11:00 - 2022-04-13 11:00 - 000000000 ___HD C:\$WinREAgent
2022-04-13 07:03 - 2022-04-13 14:36 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-04-03 09:20 - 2022-04-03 09:20 - 000000000 ____D C:\Users\fugat\OneDrive\Dokumenty\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\Users\fugat\AppData\Local\GUI
2022-03-31 16:39 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-14 12:53 - 2022-02-07 13:07 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\Mozilla
2022-04-14 12:53 - 2022-02-07 13:07 - 000000000 ____D C:\ProgramData\Mozilla
2022-04-14 12:48 - 2022-02-07 10:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-14 12:45 - 2022-02-07 11:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-14 12:42 - 2022-02-07 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-14 12:24 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Local\GameCenter
2022-04-14 08:06 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-13 19:13 - 2019-12-07 11:14 - 000000652 _____ C:\WINDOWS\win.ini
2022-04-13 18:59 - 2022-02-07 10:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-13 17:38 - 2022-02-07 10:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-13 14:43 - 2022-02-07 11:00 - 001715074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-13 14:43 - 2022-02-07 10:43 - 000724594 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-13 14:43 - 2022-02-07 10:43 - 000150556 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-13 14:43 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\INF
2022-04-13 14:37 - 2022-02-07 10:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000624032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000012288 ___SH C:\DumpStack.log.tmp
2022-04-13 14:37 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-13 14:36 - 2022-02-07 13:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 14:36 - 2022-02-07 10:38 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-13 11:24 - 2022-02-09 10:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 11:23 - 2022-02-09 10:33 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 11:23 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-13 11:04 - 2022-02-07 10:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 11:01 - 2022-02-07 10:52 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-13 07:03 - 2022-02-07 11:41 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-12 06:14 - 2022-02-07 10:50 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-04-10 11:41 - 2022-02-07 11:27 - 000000000 ____D C:\Users\fugat\AppData\Local\D3DSCache
2022-04-08 07:37 - 2022-02-07 11:44 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-08 07:04 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 06:14 - 2022-02-07 19:06 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-07 17:02 - 2022-02-07 11:29 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000002384 _____ C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-07 08:01 - 2022-02-09 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 19:20 - 2022-02-07 11:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-06 18:07 - 2022-02-07 15:00 - 024538344 _____ (My.com B.V.) C:\WINDOWS\system32\mracsvc.exe
2022-04-06 18:07 - 2022-02-07 15:00 - 023774760 _____ (My.com B.V.) C:\WINDOWS\system32\Drivers\mracdrv1.sys
2022-04-06 06:32 - 2022-02-07 10:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:32 - 2022-02-07 10:50 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 09:25 - 2022-02-08 18:51 - 000000000 ____D C:\Users\fugat\AppData\Local\CrashDumps
2022-04-03 09:05 - 2022-02-07 12:04 - 000000000 ____D C:\Program Files\Common Files\AV
2022-04-03 09:05 - 2022-02-07 12:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-03 09:05 - 2022-02-07 10:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-28 06:53 - 2022-02-08 07:19 - 000000000 ____D C:\Users\fugat\AppData\Local\HP_Inc
2022-03-23 20:56 - 2022-02-09 10:33 - 000509296 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:56 - 2022-02-09 10:33 - 000492912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-22 15:15 - 2022-02-07 20:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 15:13 - 2022-02-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-20 20:30 - 2022-02-07 11:19 - 000000000 ____D C:\Users\fugat
==================== Files in the root of some directories ========
2022-02-07 18:12 - 2022-02-07 18:12 - 000058111 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-07 16:11 - 2022-02-07 16:11 - 000000410 _____ () C:\Users\fugat\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by Petr (14-04-2022 13:18:54)
Running from C:\Users\fugat\OneDrive\Plocha
Microsoft Windows 11 Home Version 21H2 22000.613 (X64) (2022-02-07 08:57:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-518073881-1826240890-1261379532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-518073881-1826240890-1261379532-503 - Limited - Disabled)
Guest (S-1-5-21-518073881-1826240890-1261379532-501 - Limited - Disabled)
Petr (S-1-5-21-518073881-1826240890-1261379532-1001 - Administrator - Enabled) => C:\Users\fugat
WDAGUtilityAccount (S-1-5-21-518073881-1826240890-1261379532-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CMS (HKLM-x32\...\CMS) (Version: - )
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.11.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.88 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.8.0 (x64 cs)) (Version: 91.8.0 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\GameCenter) (Version: 4.1659 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.93 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Warface My.Com (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Warface My.Com) (Version: 1.229 - MY.GAMES)
Základní software zařízení HP Smart Tank 510 series (HKLM\...\{798379C9-F589-45AA-9E80-633506245FD1}) (Version: 48.6.4634.2224 - HP Inc.)
Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2022-03-08] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-02-07] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.4.0_x64__xbfy0k16fey96 [2022-02-07] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2022-04-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.9180.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.15.66.0_x64__v10z8vjag6ke6 [2022-04-06] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-02-11] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-07] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6 [2022-03-28] (HP Inc.) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-02-07] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-19] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\nvshext.dll [2022-01-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
==================== Loaded Modules (Whitelisted) =============
2015-03-17 02:34 - 2015-03-17 02:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-12-07 11:07 - 2019-12-07 11:52 - 000285184 ____N (Microsoft Corporation) [File not signed] c:\windows\system32\drivers\umdf\wpdfs.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 003087360 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ec86693079e180f87ce3d207adb00ef8\Newtonsoft.Json.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-518073881-1826240890-1261379532-1001 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2022-04-03 09:41 - 000001024 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Travní\SAM_0203.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{4DC86DAD-AC33-4F36-8503-FEFFA8FB79D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D906161A-D92F-443F-9AD3-FF488C5E43F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A911F33-32BE-4EE2-865A-9C7E47903571}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7ACFB8BE-00A8-4C05-8CE6-F6A1A698CDB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A2AA857-3393-4590-A2BA-DD72A4660FE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E8DE388-50AB-4CBE-B7AF-8616B07CFD97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DC463D39-ADC3-4149-8239-7D6359FB587A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F1B2B05-DEDB-40BE-A214-170A39CF165E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84D7C2D1-576F-47BB-AD3E-A7CB412F6AE8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{897668EC-48BD-43E3-8B06-D7A4A4CB8D3E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AB855F71-A716-4170-B080-53A17D1AE906}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{0BC0E3C0-48FC-4289-ABEB-0DEFE029084C}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [{9CF2EDEC-DBB0-4136-B1A0-114938E3F956}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D3A6033-BF6B-4A06-BC7B-AEAD4AA8D783}] => (Allow) LPort=5357
FirewallRules: [{D577065D-E862-4D34-ACC4-02A33C41AC86}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{B0895AEE-2E7B-49B9-B437-D8E41F311DD5}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9BCF3230-0361-4FE4-A13A-E41B7E43E9B2}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{844B9B28-1E44-40F3-B885-B908D82A92D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3631F8A4-341D-45F1-96B5-D1C204FFEB5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E6CE3DC-F2EF-40E0-B21C-96D11528D48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F15769B6-B1E9-4E88-B97F-41E27CB5CCC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93980BE1-9E91-43D4-8BB5-32217BF8B6A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86C2ACBD-E7C5-4053-982D-A704D2898F0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BA1E742-FEED-4084-8AB9-34841749A8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D01A360-069C-437E-B887-3E497BF5BBD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EF0735C-F61B-4676-9E53-90573B2083AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BBBB29-241A-476B-9254-1FE1E5BECD40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEAE313F-CD64-416E-8BAC-2F90CBFCE9BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34A4E71C-CA50-47EF-A217-22D360EDE655}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94366A55-8246-4C68-80C7-057E295E2DBB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{35AB9466-6480-449D-AD82-E96B771A9916}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{32AE380D-196A-4EF2-9562-EAE1E58C1159}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{57BF1688-38DE-4E35-8CBD-F528F2E71059}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3C7A2A73-30D1-4CF3-8E85-69F97E7BF1A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{956727E3-7076-4D5E-AC0D-1736BAD1D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5C1A709B-DAFD-440D-8320-C87A23385C79}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{38671937-DC87-4218-B2EB-0386549805B8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{894AABB7-5933-4CF8-A156-822D817F94CA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5D00E702-B8F1-441D-96D5-E5CE52170410}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5334F5A4-84A2-4876-B602-FC12C95B861F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{02C5509C-D445-40DF-9649-1DFED68729F6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{071F42C8-C5CC-4CBF-96D0-A100155999C6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5B0CA116-8A4E-4803-B398-2EFD98EEAC39}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D9C58F8-3C75-4D76-9545-0BEC0F19E23C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8D1410FF-1E5A-4F36-A2A2-C4176E36C53B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{5F8E448C-4526-4705-BE9B-C6CC7F171621}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{483A7862-B8EC-462A-9A9B-D22DE80F3722}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{C01CC65D-EAC3-4DE0-8DFF-B942897A49D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{944C1370-D62D-477C-95FD-42FB44B4BCE0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02C42165-0DCE-4A79-9C8D-D06A3CB46B49}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5184FAAF-1B23-4CEE-8E21-D90678D3B515}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
03-04-2022 09:00:55 Removed Kaspersky Password Manager
11-04-2022 07:49:46 Naplánovaný kontrolní bod
13-04-2022 10:59:36 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/14/2022 06:52:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 06:59:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 02:43:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/13/2022 09:14:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/10/2022 07:36:17 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/09/2022 06:36:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Analytics service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP App Helper HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Comm Recovery byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sound Research SECOMN Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-04-13 08:15:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6150783-DEAC-479C-9D5D-26FA2D7C036C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-12 07:16:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FDF5DA38-214B-46DE-89F1-7D3041E19915}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-11 07:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1CBE6393-6111-48B0-A992-5EB7AA8C8535}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-10 10:52:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {101F0B8A-DEA4-4969-93CE-F97F5F349159}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-07 09:58:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {189E886C-DD73-4D03-9376-740EC845B6CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2022-02-09 07:57:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.357.332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===============
Date: 2022-04-14 08:05:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-06 12:28:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-03 09:19:55
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\protected_elam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-04-03 09:05:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.40 07/29/2021
Motherboard: HP 8767
Processor: Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
Percentage of memory in use: 24%
Total physical RAM: 16249.75 MB
Available physical RAM: 12221.82 MB
Total Virtual: 18681.75 MB
Available Virtual: 13433.51 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:357.16 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:760.91 GB) NTFS
Drive e: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:171.2 GB) NTFS
\\?\Volume{75a0fa6b-d1f9-4b47-ab8e-75e621a387d3}\ () (Fixed) (Total:0.54 GB) (Free:0.05 GB) NTFS
\\?\Volume{578c12f2-64de-443e-9267-de2bbf3feb75}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5FD808C6)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 69EA6628)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D8A924DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2022 01
Ran by Petr (administrator) on PETR (HP HP Pavilion Gaming Desktop TG01-1xxx) (14-04-2022 13:18:08)
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Platform: Microsoft Windows 11 Home Version 21H2 22000.613 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GameCenter] => C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe [11413256 2022-04-05] (My.Com B.V. -> )
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledování výstrah kazety - HP Smart Tank 510 series.lnk [2022-04-14]
ShortcutAndArgument: Sledování výstrah kazety - HP Smart Tank 510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Smart Tank 510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN14G440GV;CONNECTION=USB;MONITOR=1;
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {10151963-BE95-4337-8CEE-85562735DEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2B39A18A-4466-4239-A58A-9EA8FECC3551} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {364F5A20-4D48-4EE2-BF11-E6D166A366B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {38463ED2-5B0A-41B9-ADE1-D9D3FF72511F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {4B75AF71-A6A7-42E8-8B72-EB9E9B529621} - System32\Tasks\GoogleUpdateTaskMachineCore{7AE1C9F1-9540-418C-921D-FD4FDE5E1410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {4D33C652-2C7C-4B8A-84B8-40EAF1EBFD31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6C353243-8DF9-420D-8450-E8D9C632262D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6CC18422-BAE7-4D28-AAAC-B8BBBC8A4CE9} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {80A120DA-29C6-4F45-9599-6A520F2C007B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {956C0A3F-0F09-4C50-BE25-E3E18A046B9C} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A491907D-D74D-4B82-95B1-AD59C912F71E} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C04E5708-FE69-48FC-93F6-0881FAC8ECE5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4CB05B8-C2FE-41E2-82B7-E3B00A830AAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {D36CAA0A-4052-4E2E-A75B-7FAEEAFCB9AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. -> HP Inc.)
Task: {D6289842-C650-49EA-A997-EBDAA99BA741} - System32\Tasks\GoogleUpdateTaskMachineUA{20B3175A-8648-4988-A471-F17AD8C33B26} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {D6EDDE36-EC6B-40EE-8224-F8665F53331A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
Task: {EAB9192F-4332-4405-9ADF-98BC88B5DBD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6937863e-c9ac-48bb-9f25-4c37672829ce}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd2bec96-b3e5-4cbd-bd2d-45992acf282d}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-05]
Edge HomePage: Default -> hxxp://www.google.cz/
Edge StartupUrls: Default -> "hxxps://www.google.cz/"
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2022-02-07] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default [2022-04-14]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-07]
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2022-02-07]
CHR Extension: (Dokumenty) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-07]
CHR Extension: (Disk Google) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-07]
CHR Extension: (YouTube) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-07]
CHR Extension: (uBlock Origin) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-22]
CHR Extension: (Tabulky) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-07]
CHR Extension: (Gmail) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-07]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]
CHR HKU\S-1-5-21-518073881-1826240890-1261379532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
S2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe [762888 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe [760312 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe [758280 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe [698760 2022-02-14] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe [761376 2022-02-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-22] (HP Inc. -> HP Inc.)
S2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [24538344 2022-04-06] (My.Com B.V. -> My.com B.V.)
S2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [234064 2020-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-06] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsld0a022a0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3846AE5D-383E-4CCA-B7AC-3850CE2FD58B}\MpKslDrv.sys [139536 2022-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [23774760 2022-04-06] (My.Com B.V. -> My.com B.V.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
R3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2022-04-13] (Bitdefender SRL -> Bitdefender)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-14 12:36 - 2022-04-14 12:42 - 000000000 ____D C:\AdwCleaner
2022-04-14 07:06 - 2022-04-14 13:18 - 000000000 ____D C:\FRST
2022-04-13 19:13 - 2022-04-13 19:22 - 000000054 _____ C:\WINDOWS\Lic.xxx
2022-04-13 19:13 - 2022-04-13 19:13 - 000000000 ____D C:\PUB
2022-04-13 19:13 - 2022-04-13 19:12 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2022-04-13 19:12 - 2022-04-13 19:12 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2022-04-13 19:12 - 2022-04-13 19:12 - 000000000 ____D C:\ProgramData\MicroWorld
2022-04-13 18:59 - 2022-04-13 18:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-13 18:59 - 2022-04-13 18:58 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-13 18:59 - 2022-04-13 18:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-13 11:02 - 2022-04-13 11:02 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 11:01 - 2022-04-13 11:01 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-13 11:00 - 2022-04-13 11:00 - 000000000 ___HD C:\$WinREAgent
2022-04-13 07:03 - 2022-04-13 14:36 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-04-03 09:20 - 2022-04-03 09:20 - 000000000 ____D C:\Users\fugat\OneDrive\Dokumenty\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\Users\fugat\AppData\Local\GUI
2022-03-31 16:39 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-14 12:53 - 2022-02-07 13:07 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\Mozilla
2022-04-14 12:53 - 2022-02-07 13:07 - 000000000 ____D C:\ProgramData\Mozilla
2022-04-14 12:48 - 2022-02-07 10:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-14 12:45 - 2022-02-07 11:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-14 12:42 - 2022-02-07 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-14 12:24 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Local\GameCenter
2022-04-14 08:06 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-13 19:13 - 2019-12-07 11:14 - 000000652 _____ C:\WINDOWS\win.ini
2022-04-13 18:59 - 2022-02-07 10:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-13 17:38 - 2022-02-07 10:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-13 14:43 - 2022-02-07 11:00 - 001715074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-13 14:43 - 2022-02-07 10:43 - 000724594 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-13 14:43 - 2022-02-07 10:43 - 000150556 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-13 14:43 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\INF
2022-04-13 14:37 - 2022-02-07 10:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000624032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000012288 ___SH C:\DumpStack.log.tmp
2022-04-13 14:37 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-13 14:36 - 2022-02-07 13:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 14:36 - 2022-02-07 10:38 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-13 11:24 - 2022-02-09 10:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 11:23 - 2022-02-09 10:33 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 11:23 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-13 11:04 - 2022-02-07 10:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 11:01 - 2022-02-07 10:52 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-13 07:03 - 2022-02-07 11:41 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-12 06:14 - 2022-02-07 10:50 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-04-10 11:41 - 2022-02-07 11:27 - 000000000 ____D C:\Users\fugat\AppData\Local\D3DSCache
2022-04-08 07:37 - 2022-02-07 11:44 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-08 07:04 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 06:14 - 2022-02-07 19:06 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-07 17:02 - 2022-02-07 11:29 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000002384 _____ C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-07 08:01 - 2022-02-09 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 19:20 - 2022-02-07 11:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-06 18:07 - 2022-02-07 15:00 - 024538344 _____ (My.com B.V.) C:\WINDOWS\system32\mracsvc.exe
2022-04-06 18:07 - 2022-02-07 15:00 - 023774760 _____ (My.com B.V.) C:\WINDOWS\system32\Drivers\mracdrv1.sys
2022-04-06 06:32 - 2022-02-07 10:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:32 - 2022-02-07 10:50 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 09:25 - 2022-02-08 18:51 - 000000000 ____D C:\Users\fugat\AppData\Local\CrashDumps
2022-04-03 09:05 - 2022-02-07 12:04 - 000000000 ____D C:\Program Files\Common Files\AV
2022-04-03 09:05 - 2022-02-07 12:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-03 09:05 - 2022-02-07 10:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-28 06:53 - 2022-02-08 07:19 - 000000000 ____D C:\Users\fugat\AppData\Local\HP_Inc
2022-03-23 20:56 - 2022-02-09 10:33 - 000509296 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:56 - 2022-02-09 10:33 - 000492912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-22 15:15 - 2022-02-07 20:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 15:13 - 2022-02-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-20 20:30 - 2022-02-07 11:19 - 000000000 ____D C:\Users\fugat
==================== Files in the root of some directories ========
2022-02-07 18:12 - 2022-02-07 18:12 - 000058111 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-07 16:11 - 2022-02-07 16:11 - 000000410 _____ () C:\Users\fugat\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\fugat\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
ask: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
U3 aspnet_state; no ImagePath
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 13-04-2022 01
Ran by Petr (14-04-2022 14:52:30) Run:1
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
ask: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
U3 aspnet_state; no ImagePath
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E297E5E-DE55-4183-AD2E-66CBCE749264}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8FD8035D-4BEB-4198-B167-4C8F28BBA373}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7821FE05-2A8A-411C-88A0-2174A84AB3E0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52F7F5D3-E779-4A2B-A85F-AA07348102FF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{190D567E-6283-40C4-9D5A-99AFC821F647}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F096256-71A5-4597-81A7-AA454CA53F65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A71F5CA9-B890-4782-8C2F-F9C6C172571E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5638441E-590A-4F48-9E01-6A22612A5145}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC945135-FBF5-48C5-8B4A-7179A3B8F851}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F40D925-4B23-4DBA-9112-BBB30853193B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE377442-314A-4695-9A42-6787DE2199B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D475C93-D466-487E-BDFF-1462FE15FD0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C6EF4CF2-DC49-430A-B757-7179898E3648}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
ask: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12DF3F8A-9612-48CA-AE38-2818FA70CA73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12DF3F8A-9612-48CA-AE38-2818FA70CA73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\HelloFace\FODCleanupTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B916C1A-59FD-4974-BE42-7F6B0C6D8D19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B916C1A-59FD-4974-BE42-7F6B0C6D8D19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EC52D6A-2D8B-431E-8C80-138F2522B008}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC52D6A-2D8B-431E-8C80-138F2522B008}" => removed successfully
C:\WINDOWS\System32\Tasks\McAfeeTsk\OOBEUpgrader => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfeeTsk\OOBEUpgrader" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22A6730C-0DF9-486A-ABB4-1194C0715A47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22A6730C-0DF9-486A-ABB4-1194C0715A47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{382C7E0C-B502-45F6-A07E-6B6055B869B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{382C7E0C-B502-45F6-A07E-6B6055B869B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{526B2F57-B0FE-4A92-86BE-E9FD053DBEC8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{526B2F57-B0FE-4A92-86BE-E9FD053DBEC8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{686C1045-5107-4099-9DD2-3FE7226A3C3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{686C1045-5107-4099-9DD2-3FE7226A3C3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6CBEF361-EE00-46F9-B3B8-D803788F07C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CBEF361-EE00-46F9-B3B8-D803788F07C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\PostResetBoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E718D044-8F6E-48E7-953D-85D8F0FF19E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E718D044-8F6E-48E7-953D-85D8F0FF19E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500" => removed successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32065566 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 152503601 B
Edge => 0 B
Chrome => 382273487 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 171578 B
NetworkService => 117149864 B
fugat => 878938239 B
RecycleBin => 171472 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:52:52 ====
Ran by Petr (14-04-2022 14:52:30) Run:1
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
ask: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
U3 aspnet_state; no ImagePath
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E297E5E-DE55-4183-AD2E-66CBCE749264}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8FD8035D-4BEB-4198-B167-4C8F28BBA373}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7821FE05-2A8A-411C-88A0-2174A84AB3E0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52F7F5D3-E779-4A2B-A85F-AA07348102FF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{190D567E-6283-40C4-9D5A-99AFC821F647}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F096256-71A5-4597-81A7-AA454CA53F65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A71F5CA9-B890-4782-8C2F-F9C6C172571E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5638441E-590A-4F48-9E01-6A22612A5145}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC945135-FBF5-48C5-8B4A-7179A3B8F851}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F40D925-4B23-4DBA-9112-BBB30853193B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE377442-314A-4695-9A42-6787DE2199B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D475C93-D466-487E-BDFF-1462FE15FD0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C6EF4CF2-DC49-430A-B757-7179898E3648}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
ask: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12DF3F8A-9612-48CA-AE38-2818FA70CA73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12DF3F8A-9612-48CA-AE38-2818FA70CA73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\HelloFace\FODCleanupTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B916C1A-59FD-4974-BE42-7F6B0C6D8D19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B916C1A-59FD-4974-BE42-7F6B0C6D8D19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EC52D6A-2D8B-431E-8C80-138F2522B008}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC52D6A-2D8B-431E-8C80-138F2522B008}" => removed successfully
C:\WINDOWS\System32\Tasks\McAfeeTsk\OOBEUpgrader => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfeeTsk\OOBEUpgrader" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22A6730C-0DF9-486A-ABB4-1194C0715A47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22A6730C-0DF9-486A-ABB4-1194C0715A47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{382C7E0C-B502-45F6-A07E-6B6055B869B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{382C7E0C-B502-45F6-A07E-6B6055B869B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{526B2F57-B0FE-4A92-86BE-E9FD053DBEC8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{526B2F57-B0FE-4A92-86BE-E9FD053DBEC8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{686C1045-5107-4099-9DD2-3FE7226A3C3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{686C1045-5107-4099-9DD2-3FE7226A3C3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6CBEF361-EE00-46F9-B3B8-D803788F07C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CBEF361-EE00-46F9-B3B8-D803788F07C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\PostResetBoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E718D044-8F6E-48E7-953D-85D8F0FF19E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E718D044-8F6E-48E7-953D-85D8F0FF19E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500" => removed successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32065566 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 152503601 B
Edge => 0 B
Chrome => 382273487 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 171578 B
NetworkService => 117149864 B
fugat => 878938239 B
RecycleBin => 171472 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:52:52 ====
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Dobrý den,
nic se nezměnilo, stále vyskakuje okno někdy i na ploše, když není nic spuštěno. V příloze posílám snímek.
nic se nezměnilo, stále vyskakuje okno někdy i na ploše, když není nic spuštěno. V příloze posílám snímek.
- Přílohy
-
- Snímek obrazovky 2022-04-15 070035.png (90.88 KiB) Zobrazeno 1008 x
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe , https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe , https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Petr on 15.04.2022 at 11:55:19,59.
Microsoft Windows 11 Home 10.0.22000 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\fugat\OneDrive\Plocha\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15.04.2022 11:57:22 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Windows Multimedia Platform deleted successfully
C:\PROGRA~2\Windows Portable Devices deleted successfully
C:\PROGRA~2\COMMON~1\MicroWorld deleted successfully
C:\PROGRA~2\COMMON~1\Services deleted successfully
C:\Program Files\Windows Multimedia Platform deleted successfully
C:\Program Files\Windows Portable Devices deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\Program Files\Common Files\Services deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\fugat\AppData\Local\CrashDumps deleted successfully
C:\Users\fugat\AppData\Local\GHISLER deleted successfully
C:\Users\fugat\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-518073881-1826240890-1261379532-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7F1D1264-302B-4934-9B46-54974BA74E53} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{7F1D1264-302B-4934-9B46-54974BA74E53} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F1D1264-302B-4934-9B46-54974BA74E53} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release\prefs.js:
Added to C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~3\Package Cache deleted
C:\Users\fugat\AppData\Local\oobelibMkey.log deleted
C:\Users\fugat\AppData\Local\CrashRpt deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM21FF5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tpm-12ac-305c-63cc67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63900.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63902.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63904.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63906.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63908.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c6390a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c6391c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c6391e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63920.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbda.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbf1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbf3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc46.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db921.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db923.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db925.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db927.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db939.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db94b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db94d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db94f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db951.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db953.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db974.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db976.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db978.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db97a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db98c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db98e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299526.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299578.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299589.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2995ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2995dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29961c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29963d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29967e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29969f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2996d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299701.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299712.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299753.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299765.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299795.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2997b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2997c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2997da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29980b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29981c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29983e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368eed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368feb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368ffd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-36900f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-369020.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251f8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251faf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fde.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251ffa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251ffc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251ffe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-252000.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-252002.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-252004.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f964.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f987.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f989.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f99b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f99d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f99f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37402a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37402c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37403d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37403f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374041.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374043.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374045.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374057.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374059.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37405b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37405d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37406f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374071.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374073.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374084.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374086.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374088.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37408a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37409c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37409e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374133.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e9a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ec9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ecb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ecd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ecf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ed1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ed3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eea04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eebae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eebcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eebf1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec14.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec3d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12823a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12825d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12825f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128271.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128273.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128275.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128277.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128279.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12827b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12828c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12828e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128290.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12831f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dccf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dcf2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dcf4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd23.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd3d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd9b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dda1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddbb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dde6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dde8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6a79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ac8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6adb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-273368.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-27338b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-27338d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-27338f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-273391.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc928.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc95a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc96c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc97e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc980.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc991.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4083.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c40d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c40e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4108.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c410a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c414b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c415c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c418d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c41fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c426c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c426e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c428f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c42c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4301.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c439f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c43d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c43e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4403.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4443.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c44c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4512.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85099.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8510d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8511e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85120.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85124.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85126.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85128.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8513a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8513c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8513e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85140.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddee9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf12.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf2c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf45.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-96075.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-9610c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efdb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efdd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efdf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efe1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efe3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18eff5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18eff7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18eff9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18effb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18effd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f010.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f012.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f014.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f016.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f018.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f01a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f02c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f02e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f030.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f034.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f036.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f048.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f04a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f04c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f04e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f050.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f052.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f054.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f065.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f067.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f069.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f06b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f06d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f06f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f081.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f0b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f0b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4ba5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4ba7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4ba9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4bab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1768dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176912.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176933.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176955.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176976.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176978.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6200.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6212.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6214.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6216.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6218.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c621a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c622b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c622d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c622f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6231.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6233.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6245.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6247.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6249.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c624b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c624d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c624f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6260.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6272.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6274.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6276.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6278.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c627a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c627c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c627e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6290.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6294.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6296.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6298.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c629a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c62ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c62ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c62bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c643a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c644c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c644e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6450.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6452.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6454.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6456.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6467.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6469.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c646b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c646d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c646f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6471.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6483.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6485.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6487.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6489.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c648b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c648d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c649e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ea7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ecb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35edc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ede.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ee0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ee2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ef4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ef6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ef8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f39.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a065.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a0e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a153.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a1b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a1e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a1f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a236.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a247.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a269.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a27a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a29b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a2cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a2fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a30f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a320.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a332.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a344.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a346.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a348.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a359.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-165ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1660e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1661f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16621.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16623.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16625.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16627.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16629.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1663b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1663d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1663f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16641.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16643.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16645.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16657.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16659.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1665b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1665d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1665f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16661.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16672.tmp deleted
"C:\ProgramData\UpdateLock-D78BF5DD33499EC2" deleted
"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn" [07.02.2022 17:13]
==== Firefox Extensions ======================
ProfilePath: C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release
- Undetermined - %ProfilePath%\extensions\cloud@johannes-endres.de.xpi
- Undetermined - %ProfilePath%\extensions\dav-cloudfile@darktrojan.net.xpi
==== Firefox Plugins ======================
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
ihcjicgdanjaechkgeegckofjjedodee - No path found[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
Podepisovací komponenta Signer - fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni
uBlock₀ - fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
Malwarebytes Browser Guard - fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee
==== Chromium Startpages ======================
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Preferences
022DF274C8DBC7269220C6A7CB","aohghmighlieiainnegkcijnfilokake":"3B16D80CAC856FEF01695472E7E23CC7827C24451E9133AD789A4E31A4ACD257","apdfllckaahabafndbhieahigkjlhalf":"AD679CD54183FF568197B85B7BF9486586C25CB3711BC749A3FC84B44E4C7FAF","blpcfgokakmgnkcojhhkbfbldkacnbeo":"386E26D91724EF8928AB1C7926BE61F2207CDED5A51249E01EB1509A0245FE4C","cjpalhdlnbpafiamejdnhcphjbkeiagm":"E285FAC404600FD1044D20438E3FA9CB2234CA3166E298A7C4A46348D748D493","efaidnbmnnnibpcajpcglclefindmkaj":"39E8337EB03738FC1001D740F83859194423BE624233675E58D7F4C586CF6722","ejbdobdndcjhdmljipngpeoekdinlohe":"8C3855EE3DE2E4E6E85FD340AE6ABC946B3E01DC67E357998B1CCC40598F1AC0","felcaaldnbdncclmgdcncolpebgiejap":"F7586D7865B7DD72AED91FE5F69A24215AF10EEDBB5A2336AE036C71156C6A02","gfdkimpbcpahaombhbimeihdjnejgicl":"D48BB5904C2C5BBA2DD59753AC21241BFF675E5DBA13F9CCBF97065A60A1F937","ghbmnnjooekpmoecnnnilnnbdlolhkhi":"071959CC6AA4ABE42186357295258F1A000968322C0D850F308962F989DAF9FF","ihcjicgdanjaechkgeegckofjjedodee":"558425F9E309833ED607F26DE561FC9B8CDA74BD4354154597F821CC85AA58BB","iikflkcanblccfahdhdonehdalibjnif":"5419C1212CB35D23908B83D46DA26B258D1DB45FDD081255347CD16F1C22B95F","kmendfapggjehodndflmmgagdbamhnfd":"618B92FE112F277BED0A63519371476D97221DCEA479D3AEF1E6B017D3E1F600","lmjegmlicamnimmfhcmpkclmigmmcbeh":"F122E1CCC33FB20388E3D380754C94D1B3B04962A4DAFB864201E5EBB3B7556D","mgndgikekgjfcpckkfioiadnlibdjbkf":"03A181E0A6F44C439F7E2BEB719EF6A7CDA461A51008A3F50330924A7878312B","mhjfbmdgcfjbbpaeojofohoefgiehjai":"18DC0C03374A176B81945052A4EEDA2426A446885414937DFA08704267061C9F","neajdppkdcdipfabeoofebfddakdcjhd":"09877D91C57556E6EF2357ED480E01319C2B1AEC4DD7A3F25CCA85F4CCEB4921","nkeimhogjdpnpccoofpliimaahmaaome":"B9715320975BB6CFA705C30C40BC771B550771371B98E22647C8473329387D94","nmgcfemagnogdodbambjhdcmfcpicngl":"E795ED1D9739A8857CA05753E5EFF1CECFEC4D6E6E99B48142EB634477E64FE4","nmmhkkegccagdldgiimedpiccmgmieda":"BE1F8308554810D8B9CA99483A91939848B44DFF51A5BF824DE0585E5A0CD2A3","pjkljhegncpnkpknbcohdijeoejaedia":"AF95A06E80B4EC1B25AED6DA41DFC2AF5FA44CBD219FB526861601216F8CF89E"}},"google":{"services":{"account_id":"604BD850F3628709A4D5842C3CDFD535AF9F881ADAC77D9925462AE2FD0A2C03","last_account_id":"4F8A7208372321E40059D2ADE79025086B3F0AE67FA95A4E45C84386663BA285","last_username":"55A9567315BEF62C20A1CCD65A31F37E9AAF7AD45331361DBB5087A1F4358E95"}},"homepage":"828FFD637AE3B82746BE1219430FD29D537DF550167FEA310214EEDEAEF0B67F","homepage_is_newtabpage":"70832BC1B7F90192E4100629754BCDE716756FFC80C5CDF55C8783BAC9E6BBB8","media":{"cdm":{"origin_data":"01BCC63FCC690F1F75E7818F93BAB65DDB9754DCD98B655D84FFF94E8CF910E1"},"storage_id_salt":"71F9C6C0E17D1CE568EE0C0A0EEFACB3E78ADC97D29F4AA409309731202EB595"},"module_blocklist_cache_md5_digest":"B17F32085B0C4243981397CF81105E1691D27592D706DE92197F33220A451CE6","pinned_tabs":"1A827502BD7CE8F660D5B497AFA3550F82A7DB3FEB8B5E00992AF122F3D8C840","prefs":{"preference_reset_time":"0E142E5BCF8A67F4E6B6CC1EA4F96BD103809E7A931876AB41B504470A93A769"},"safebrowsing":{"incidents_sent":"829160E777C64DDE43503F43CC1A12384DB7725BC0714312871B9610D5EC96D0"},"search_provider_overrides":"58325FB729E8DB432643D4A5DB666019C0BBA7A7251E97066A05036334ECFE39","session":{"restore_on_startup":"F177007CFD8B50BA5FC660F18BDF21720D8125C6EA08D3DC69B24D2275EE400D","startup_urls":"68477D352D029E21D1ECAF70678842041DC4F067AEB87A66F98DBE6A09A1A7D2"},"settings_reset_prompt":{"last_triggered_for_default_search":"02D1F2F3DC1A345BF9DF0A322422C20BA5D5323BF5937DC96B990B2C37AD87F4","last_triggered_for_homepage":"381DC6CB8DA955E94A809048AE72A5DD48F758905E82B2B6F37AC6B0C651FB87","last_triggered_for_startup_urls":"C0F6BB63CEAC1F653CFFC0FFBD68D28601735A9A67B1A8F7517453DD83A46C26","prompt_wave":"D36EF1A3671882DFCF2974AC989D63A134AE9824C85F5B739909134A92724D20"},"software_reporter":{"prompt_seed":"3073B86D44821E9F30DDE6C01CDD08E78CB9F5053CE03AE8A0D04D45F2C1D1F7","prompt_version":"132CA34074903F1673F98192660FB170C996F2FD00A80CAB133267360B21B7F9","reporting":"81A4FB9B643B40EF8EBB9D4AED801C03C255BF9D001C0D1104DF1D6718EB4600"}},"super_mac":"DFAB551AECE6A8FB0312CFD509F4044D24E4EBF951B402BE498CE42385B3EA20"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.cz/"]}}
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
aPlaybacks":0,"visits":2}},"https://ntp.msn.com:443,*":{"expiration":"0","last_modified":"13293473404440805","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":3}},"https://www.bing.com:443,*":{"expiration":"0","last_modified":"13288861076095604","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":2}},"https://www.google.com:443,*":{"expiration":"0","last_modified":"13288700481918515","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":1}},"https://www.msn.com:443,*":{"expiration":"0","last_modified":"13293635299550785","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":1}}},"media_stream_camera":{},"media_stream_mic":{},"midi_sysex":{},"mixed_script":{},"nfc_devices":{},"notifications":{},"password_protection":{},"payment_handler":{},"permission_autoblocking_data":{},"permission_autorevocation_data":{},"popups":{},"ppapi_broker":{},"protected_media_identifier":{},"protocol_handler":{},"safe_browsing_url_check_data":{},"sensors":{},"serial_chooser_data":{},"serial_guard":{},"site_engagement":{"https://account.adobe.com:443,*":{"expiration":"0","last_modified":"13293635279107064","model":0,"setting":{"decayModifiedScore":3.0,"lastEngagementTime":1.3293518015146508e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":3.0}},"https://microsoftedge.microsoft.com:443,*":{"expiration":"0","last_modified":"13293635279107159","model":0,"setting":{"decayModifiedScore":3.6,"lastEngagementTime":1.3293519974864092e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.6,"rawScore":3.6}},"https://microsoftedgewelcome.microsoft.com:443,*":{"expiration":"0","last_modified":"13293635279107170","model":0,"setting":{"decayModifiedScore":5.767558099894272,"lastEngagementTime":1.3293577595995716e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":5.81000451730112}},"https://ntp.msn.com:443,*":{"expiration":"0","last_modified":"13293635279107181","model":0,"setting":{"decayModifiedScore":7.7698744293167845,"lastEngagementTime":1.3293606479107032e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":7.872606337294193}},"https://www.bing.com:443,*":{"expiration":"0","last_modified":"13293635279107135","model":0,"setting":{"decayModifiedScore":9.409536,"lastEngagementTime":1.3293548794740644e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.6,"rawScore":9.445013999999999}},"https://www.google.com:443,*":{"expiration":"0","last_modified":"13293635279107148","model":0,"setting":{"decayModifiedScore":2.1,"lastEngagementTime":1.3293496767570264e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":2.1,"rawScore":2.1}},"https://www.google.cz:443,*":{"expiration":"0","last_modified":"13293635279107191","model":0,"setting":{"decayModifiedScore":3.0,"lastEngagementTime":1.329360639631202e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":3.0}},"https://www.msn.com:443,*":{"expiration":"0","last_modified":"13293635279440004","model":0,"setting":{"decayModifiedScore":3.0,"lastEngagementTime":1.3293635279439994e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":3.0}}},"sleeping_tabs":{},"sound":{},"ssl_cert_decisions":{},"storage_access":{},"subresource_filter":{},"subresource_filter_data":{},"token_binding":{},"trackers":{},"trackers_data":{"https://play.google.com:443,*":{"expiration":"0","last_modified":"13293635279851732","model":0,"setting":{"count":1}},"https://www.google-analytics.com:443,*":{"expiration":"0","last_modified":"13288700406022697","model":0,"setting":{"allowed_tracker_count":2}}},"tracking_org_exceptions":{},"tracking_org_relationships":{"https://microsoft.test:443,*":{"expiration":"0","last_modified":"13291967971798248","model":0,"setting":{"https://microsoftedgewelcome|microsoft|com/":true,"https://ntp|msn|com/":true,"https://www|bing|com/":true}}},"usb_chooser_data":{},"usb_guard":{},"vr":{},"webid_active_session":{},"webid_request":{},"webid_share":{},"window_placement":{}},"pref_version":1},"created_by_version":"98.0.1108.43","creation_time":"13288699673027908","default_content_setting_values":{"cookies":4},"edge_profile_id":"e62207c3-9798-4ba4-9482-d4fb6f217a7b","exit_type":"Normal","has_seen_signin_fre":true,"icon_version":15,"is_notice_bubble_shown":true,"last_engagement_time":"13293635279439994","last_time_obsolete_http_credentials_removed":1644226782.321711,"last_time_password_store_metrics_reported":1648999658.13248,"managed_user_id":"","name":"Osoba 1","observed_session_time":{"feedback_rating_in_product_help_observed_session_time_key_100.0.1185.29":91.0,"feedback_rating_in_product_help_observed_session_time_key_98.0.1108.43":274.0,"feedback_rating_in_product_help_observed_session_time_key_99.0.1150.39":6.0},"were_old_google_logins_removed":true},"protocol_handler":{"allowed_origin_protocol_pairs":{"https://support.hp.com":{"hpdevicecheck":true,"hpwebproductsdetection2":true,"hpwebproductsdetection3":true}}},"reset_prepopulated_engines":false,"safebrowsing":{"advanced_protection_last_refresh":"13293635279147623","event_timestamps":{},"metrics_last_log_time":"13293635279"},"session":{"restore_on_startup_urls_add_enabled":false},"sessions":{"event_log":[{"crashed":false,"time":"13288861033595512","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13288861076089730","type":2,"window_count":1},{"crashed":false,"time":"13291921422379859","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13291921426143878","type":2,"window_count":1},{"crashed":false,"time":"13291967970465636","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":2,"time":"13291967975208778","type":2,"window_count":1},{"crashed":false,"time":"13293473228129482","type":0},{"crashed":true,"time":"13293473311006547","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13293473404437905","type":2,"window_count":1},{"crashed":false,"time":"13293635279055123","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13293635299547735","type":2,"window_count":1}],"session_data_status":3},"signin":{"allowed":true},"spellcheck":{"dictionaries":["cs"],"dictionary":""},"sync":{"autofill":true,"bag_of_chips":"CgMxMDY=","birthday":"ProductionEnvironmentDefinition","bookmarks":true,"cache_guid":"rFa77mn+emqboBkfGjzTTA==","collections":true,"collections_edge_re_evaluated":true,"collections_edge_supported":true,"edge_account_type":1,"edge_promoted_types":["sync.extensions","sync.typed_urls"],"extensions":true,"extensions_edge_supported":true,"gaia_id":"0003BFFD3A0791EF","has_setup_completed":true,"history_edge_supported":true,"keep_everything_synced":true,"keystore_encryption_key_state":"eyJleHBpcmF0aW9uX3RpbWUiOjE2NDkyNDgwODAuODM4MzQxfQ==","last_poll_time":"13293473233852709","last_synced_time":"13293635283138051","local_device_guids_with_timestamp":[{"cache_guid":"rFa77mn+emqboBkfGjzTTA==","timestamp":153861}],"passwords":true,"preferences":true,"requested":true,"short_poll_interval":"28800000000","tabs":true,"tabs_edge_supported":true,"typed_urls":true},"sync_consent_recorded":true,"translate_site_blacklist":[],"translate_site_blacklist_with_time":{},"unified_consent":{"migration_state":10},"updateclientdata":{"apps":{"ahkjpbeeocnddjkakilopmfdlnjdpcdm":{"cohort":"rrf@0.30","cohortname":"","dlrc":5553,"pf":"b6939e0d-211b-4334-a26a-b6223c8a58f3"}}},"user_experience_metrics":{"personalization_data_consent_enabled_last_known_value":false,"reporting_personalization_enabled":true},"variations":{"state_reset_on_profile_load":{"timestamp":"13288700322317137"}},"web_apps":{"did_migrate_default_chrome_apps":[],"last_preinstall_synchronize_version":"100","system_web_app_failure_count":0,"system_web_app_last_attempted_language":"cs","system_web_app_last_attempted_update":"100.0.1185.29","system_web_app_last_installed_language":"cs","system_web_app_last_update":"100.0.1185.29"}}
oken","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mhjfbmdgcfjbbpaeojofohoefgiehjai":{"active_permissions":{"api":["contentSettings","fileSystem","fileSystem.write","metricsPrivate","tabs","resourcesPrivate","fileSystem.readFullPath","errorReporting","edgeLearningToolsPrivate","fileSystem.getCurrentEntry"],"explicit_host":["edge://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13288699673058361","location":5,"manifest":{"content_security_policy":"script-src 'self' 'wasm-eval' blob: filesystem: chrome://resources; object-src * blob: externalfile: file: filesystem: data:","description":"","incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN6hM0rsDYGbzQPQfOygqlRtQgKUXMfnSjhIBL7LnReAVBEd7ZmKtyN2qmSasMl4HZpMhVe2rPWVVwBDl6iyNE/Kok6E6v6V3vCLGsOpQAuuNVye/3QxzIldzG/jQAdWZiyXReRVapOhZtLjGfywCvlWq7Sl/e3sbc0vWybSDI2QIDAQAB","manifest_version":2,"mime_types":["application/pdf"],"mime_types_handler":"edge_pdf/index.html","name":"Microsoft Edge PDF Viewer","offline_enabled":true,"permissions":["errorReporting","chrome://resources/","contentSettings","metricsPrivate","edgeLearningToolsPrivate","resourcesPrivate","tabs",{"fileSystem":["write","readFullPath","getCurrentEntry"]}],"version":"1"},"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\98.0.1108.43\\resources\\edge_pdf","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"ncbjelpjchkpbikbpkcchkhkblodoama":{"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13288699673060654","location":5,"manifest":{"background":{"persistent":false,"scripts":["background.js"]},"externally_connectable":{"matches":["https://*.teams.microsoft.com/*","https://*.skype.com/*","https://*.teams.live.com/*"]},"incognito":"split","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAdFAR3ckd5c7G8VSzUj4Ltt/QRInUOD00StG95LweksGcLBlFlYL46cHFVgHHj1gmzcpBtgsURdcrAC3V8yiE7GY4wtpOP+9l+adUGR+cyOG0mw9fLjyH+2Il0QqktsNXzkNiE1ogW4l0h4+PJc262j0vtm4hBzMvR0QScFWcAIcAErlUiWTt4jefXCAYqubV99ed5MvVMWBxe97wOa9hYwAhbCminOepA4RRTg9eyi0TiuHpq/bNI8C5qZgKIQNBAjgiFBaIx9hiMBFlK4NHUbFdgY6Qp/hSCMNurctwz1jpsXEnT4eHg1YWXfquoH8s4swIjkFCMBF6Ejc3cUkQIDAQAB","manifest_version":2,"name":"WebRTC Internals Extension","permissions":["webrtcInternalsPrivate"],"version":"2.0.2"},"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\98.0.1108.43\\resources\\webrtc_internals","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nkeimhogjdpnpccoofpliimaahmaaome":{"active_permissions":{"api":["desktopCapture","processes","webrtcAudioPrivate","webrtcDesktopCapturePrivate","webrtcLoggingPrivate","system.cpu","enterprise.hardwarePlatform"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal"],"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13293473228138862","location":5,"manifest":{"background":{"page":"background.html","persistent":false},"externally_connectable":{"matches":["https://*.google.com/*","https://*.microsoft.com/*","https://*.skype.com/*"]},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAQt2ZDdPfoSe/JI6ID5bgLHRCnCu9T36aYczmhw/tnv6QZB2I6WnOCMZXJZlRdqWc7w9jo4BWhYS50Vb4weMfh/I0On7VcRwJUgfAxW2cHB+EkmtI1v4v/OU24OqIa1Nmv9uRVeX0GjhQukdLNhAE6ACWooaf5kqKlCeK+1GOkQIDAQAB","manifest_version":2,"name":"Google Hangouts","permissions":["desktopCapture","enterprise.hardwarePlatform","processes","system.cpu","webrtcAudioPrivate","webrtcDesktopCapturePrivate","webrtcLoggingPrivate"],"version":"1.3.18"},"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\100.0.1185.29\\resources\\hangout_services","preferences":{},"regular_only_preferences":{},"service_worker_registration_info":{"version":"1.3.17"},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"homepage":"http://www.google.cz/","homepage_is_new ... artup_urls":["https://www.google.cz/"]}}
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=HCTE"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=HCTE"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... TR&pc=HCTE"
==== Reset Google Chrome ======================
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\fugat\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\fugat\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=48 folders=697 490560166 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\fugat\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not found
"C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
==== EOF on 15.04.2022 at 12:07:03,58 ======================
Tool run by Petr on 15.04.2022 at 11:55:19,59.
Microsoft Windows 11 Home 10.0.22000 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\fugat\OneDrive\Plocha\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15.04.2022 11:57:22 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Windows Multimedia Platform deleted successfully
C:\PROGRA~2\Windows Portable Devices deleted successfully
C:\PROGRA~2\COMMON~1\MicroWorld deleted successfully
C:\PROGRA~2\COMMON~1\Services deleted successfully
C:\Program Files\Windows Multimedia Platform deleted successfully
C:\Program Files\Windows Portable Devices deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\Program Files\Common Files\Services deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\fugat\AppData\Local\CrashDumps deleted successfully
C:\Users\fugat\AppData\Local\GHISLER deleted successfully
C:\Users\fugat\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-518073881-1826240890-1261379532-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7F1D1264-302B-4934-9B46-54974BA74E53} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{7F1D1264-302B-4934-9B46-54974BA74E53} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F1D1264-302B-4934-9B46-54974BA74E53} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release\prefs.js:
Added to C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~3\Package Cache deleted
C:\Users\fugat\AppData\Local\oobelibMkey.log deleted
C:\Users\fugat\AppData\Local\CrashRpt deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM21FF5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tpm-12ac-305c-63cc67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63900.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63902.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63904.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63906.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63908.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c6390a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c6391c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c6391e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63920.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbda.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbf1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbf3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc46.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db921.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db923.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db925.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db927.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db939.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db94b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db94d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db94f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db951.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db953.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db974.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db976.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db978.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db97a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db98c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db98e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299526.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299578.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299589.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2995ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2995dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29961c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29963d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29967e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29969f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2996d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299701.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299712.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299753.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299765.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299795.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2997b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2997c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2997da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29980b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29981c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29983e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368eed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368feb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368ffd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-36900f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-369020.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251f8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251faf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fde.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251ffa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251ffc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251ffe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-252000.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-252002.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-252004.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f964.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f987.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f989.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f99b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f99d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f99f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37402a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37402c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37403d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37403f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374041.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374043.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374045.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374057.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374059.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37405b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37405d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37406f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374071.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374073.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374084.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374086.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374088.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37408a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37409c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37409e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374133.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e9a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ec9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ecb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ecd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ecf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ed1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ed3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eea04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eebae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eebcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eebf1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec14.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec3d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12823a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12825d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12825f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128271.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128273.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128275.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128277.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128279.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12827b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12828c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12828e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128290.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12831f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dccf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dcf2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dcf4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd23.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd3d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd9b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dda1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddbb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dde6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dde8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6a79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ac8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6adb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-273368.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-27338b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-27338d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-27338f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-273391.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc928.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc95a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc96c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc97e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc980.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc991.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4083.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c40d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c40e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4108.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c410a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c414b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c415c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c418d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c41fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c426c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c426e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c428f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c42c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4301.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c439f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c43d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c43e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4403.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4443.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c44c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4512.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85099.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8510d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8511e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85120.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85124.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85126.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85128.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8513a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8513c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8513e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85140.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddee9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf12.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf2c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf45.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-96075.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-9610c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efdb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efdd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efdf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efe1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efe3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18eff5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18eff7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18eff9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18effb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18effd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f010.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f012.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f014.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f016.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f018.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f01a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f02c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f02e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f030.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f034.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f036.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f048.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f04a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f04c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f04e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f050.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f052.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f054.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f065.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f067.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f069.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f06b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f06d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f06f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f081.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f0b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f0b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4ba5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4ba7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4ba9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4bab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1768dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176912.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176933.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176955.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176976.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176978.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6200.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6212.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6214.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6216.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6218.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c621a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c622b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c622d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c622f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6231.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6233.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6245.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6247.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6249.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c624b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c624d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c624f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6260.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6272.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6274.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6276.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6278.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c627a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c627c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c627e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6290.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6294.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6296.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6298.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c629a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c62ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c62ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c62bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c643a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c644c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c644e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6450.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6452.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6454.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6456.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6467.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6469.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c646b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c646d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c646f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6471.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6483.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6485.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6487.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6489.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c648b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c648d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c649e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ea7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ecb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35edc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ede.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ee0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ee2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ef4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ef6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ef8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f39.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a065.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a0e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a153.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a1b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a1e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a1f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a236.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a247.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a269.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a27a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a29b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a2cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a2fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a30f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a320.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a332.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a344.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a346.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a348.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a359.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-165ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1660e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1661f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16621.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16623.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16625.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16627.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16629.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1663b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1663d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1663f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16641.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16643.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16645.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16657.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16659.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1665b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1665d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1665f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16661.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16672.tmp deleted
"C:\ProgramData\UpdateLock-D78BF5DD33499EC2" deleted
"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn" [07.02.2022 17:13]
==== Firefox Extensions ======================
ProfilePath: C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release
- Undetermined - %ProfilePath%\extensions\cloud@johannes-endres.de.xpi
- Undetermined - %ProfilePath%\extensions\dav-cloudfile@darktrojan.net.xpi
==== Firefox Plugins ======================
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
ihcjicgdanjaechkgeegckofjjedodee - No path found[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
Podepisovací komponenta Signer - fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni
uBlock₀ - fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
Malwarebytes Browser Guard - fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee
==== Chromium Startpages ======================
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Preferences
022DF274C8DBC7269220C6A7CB","aohghmighlieiainnegkcijnfilokake":"3B16D80CAC856FEF01695472E7E23CC7827C24451E9133AD789A4E31A4ACD257","apdfllckaahabafndbhieahigkjlhalf":"AD679CD54183FF568197B85B7BF9486586C25CB3711BC749A3FC84B44E4C7FAF","blpcfgokakmgnkcojhhkbfbldkacnbeo":"386E26D91724EF8928AB1C7926BE61F2207CDED5A51249E01EB1509A0245FE4C","cjpalhdlnbpafiamejdnhcphjbkeiagm":"E285FAC404600FD1044D20438E3FA9CB2234CA3166E298A7C4A46348D748D493","efaidnbmnnnibpcajpcglclefindmkaj":"39E8337EB03738FC1001D740F83859194423BE624233675E58D7F4C586CF6722","ejbdobdndcjhdmljipngpeoekdinlohe":"8C3855EE3DE2E4E6E85FD340AE6ABC946B3E01DC67E357998B1CCC40598F1AC0","felcaaldnbdncclmgdcncolpebgiejap":"F7586D7865B7DD72AED91FE5F69A24215AF10EEDBB5A2336AE036C71156C6A02","gfdkimpbcpahaombhbimeihdjnejgicl":"D48BB5904C2C5BBA2DD59753AC21241BFF675E5DBA13F9CCBF97065A60A1F937","ghbmnnjooekpmoecnnnilnnbdlolhkhi":"071959CC6AA4ABE42186357295258F1A000968322C0D850F308962F989DAF9FF","ihcjicgdanjaechkgeegckofjjedodee":"558425F9E309833ED607F26DE561FC9B8CDA74BD4354154597F821CC85AA58BB","iikflkcanblccfahdhdonehdalibjnif":"5419C1212CB35D23908B83D46DA26B258D1DB45FDD081255347CD16F1C22B95F","kmendfapggjehodndflmmgagdbamhnfd":"618B92FE112F277BED0A63519371476D97221DCEA479D3AEF1E6B017D3E1F600","lmjegmlicamnimmfhcmpkclmigmmcbeh":"F122E1CCC33FB20388E3D380754C94D1B3B04962A4DAFB864201E5EBB3B7556D","mgndgikekgjfcpckkfioiadnlibdjbkf":"03A181E0A6F44C439F7E2BEB719EF6A7CDA461A51008A3F50330924A7878312B","mhjfbmdgcfjbbpaeojofohoefgiehjai":"18DC0C03374A176B81945052A4EEDA2426A446885414937DFA08704267061C9F","neajdppkdcdipfabeoofebfddakdcjhd":"09877D91C57556E6EF2357ED480E01319C2B1AEC4DD7A3F25CCA85F4CCEB4921","nkeimhogjdpnpccoofpliimaahmaaome":"B9715320975BB6CFA705C30C40BC771B550771371B98E22647C8473329387D94","nmgcfemagnogdodbambjhdcmfcpicngl":"E795ED1D9739A8857CA05753E5EFF1CECFEC4D6E6E99B48142EB634477E64FE4","nmmhkkegccagdldgiimedpiccmgmieda":"BE1F8308554810D8B9CA99483A91939848B44DFF51A5BF824DE0585E5A0CD2A3","pjkljhegncpnkpknbcohdijeoejaedia":"AF95A06E80B4EC1B25AED6DA41DFC2AF5FA44CBD219FB526861601216F8CF89E"}},"google":{"services":{"account_id":"604BD850F3628709A4D5842C3CDFD535AF9F881ADAC77D9925462AE2FD0A2C03","last_account_id":"4F8A7208372321E40059D2ADE79025086B3F0AE67FA95A4E45C84386663BA285","last_username":"55A9567315BEF62C20A1CCD65A31F37E9AAF7AD45331361DBB5087A1F4358E95"}},"homepage":"828FFD637AE3B82746BE1219430FD29D537DF550167FEA310214EEDEAEF0B67F","homepage_is_newtabpage":"70832BC1B7F90192E4100629754BCDE716756FFC80C5CDF55C8783BAC9E6BBB8","media":{"cdm":{"origin_data":"01BCC63FCC690F1F75E7818F93BAB65DDB9754DCD98B655D84FFF94E8CF910E1"},"storage_id_salt":"71F9C6C0E17D1CE568EE0C0A0EEFACB3E78ADC97D29F4AA409309731202EB595"},"module_blocklist_cache_md5_digest":"B17F32085B0C4243981397CF81105E1691D27592D706DE92197F33220A451CE6","pinned_tabs":"1A827502BD7CE8F660D5B497AFA3550F82A7DB3FEB8B5E00992AF122F3D8C840","prefs":{"preference_reset_time":"0E142E5BCF8A67F4E6B6CC1EA4F96BD103809E7A931876AB41B504470A93A769"},"safebrowsing":{"incidents_sent":"829160E777C64DDE43503F43CC1A12384DB7725BC0714312871B9610D5EC96D0"},"search_provider_overrides":"58325FB729E8DB432643D4A5DB666019C0BBA7A7251E97066A05036334ECFE39","session":{"restore_on_startup":"F177007CFD8B50BA5FC660F18BDF21720D8125C6EA08D3DC69B24D2275EE400D","startup_urls":"68477D352D029E21D1ECAF70678842041DC4F067AEB87A66F98DBE6A09A1A7D2"},"settings_reset_prompt":{"last_triggered_for_default_search":"02D1F2F3DC1A345BF9DF0A322422C20BA5D5323BF5937DC96B990B2C37AD87F4","last_triggered_for_homepage":"381DC6CB8DA955E94A809048AE72A5DD48F758905E82B2B6F37AC6B0C651FB87","last_triggered_for_startup_urls":"C0F6BB63CEAC1F653CFFC0FFBD68D28601735A9A67B1A8F7517453DD83A46C26","prompt_wave":"D36EF1A3671882DFCF2974AC989D63A134AE9824C85F5B739909134A92724D20"},"software_reporter":{"prompt_seed":"3073B86D44821E9F30DDE6C01CDD08E78CB9F5053CE03AE8A0D04D45F2C1D1F7","prompt_version":"132CA34074903F1673F98192660FB170C996F2FD00A80CAB133267360B21B7F9","reporting":"81A4FB9B643B40EF8EBB9D4AED801C03C255BF9D001C0D1104DF1D6718EB4600"}},"super_mac":"DFAB551AECE6A8FB0312CFD509F4044D24E4EBF951B402BE498CE42385B3EA20"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.cz/"]}}
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
aPlaybacks":0,"visits":2}},"https://ntp.msn.com:443,*":{"expiration":"0","last_modified":"13293473404440805","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":3}},"https://www.bing.com:443,*":{"expiration":"0","last_modified":"13288861076095604","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":2}},"https://www.google.com:443,*":{"expiration":"0","last_modified":"13288700481918515","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":1}},"https://www.msn.com:443,*":{"expiration":"0","last_modified":"13293635299550785","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":1}}},"media_stream_camera":{},"media_stream_mic":{},"midi_sysex":{},"mixed_script":{},"nfc_devices":{},"notifications":{},"password_protection":{},"payment_handler":{},"permission_autoblocking_data":{},"permission_autorevocation_data":{},"popups":{},"ppapi_broker":{},"protected_media_identifier":{},"protocol_handler":{},"safe_browsing_url_check_data":{},"sensors":{},"serial_chooser_data":{},"serial_guard":{},"site_engagement":{"https://account.adobe.com:443,*":{"expiration":"0","last_modified":"13293635279107064","model":0,"setting":{"decayModifiedScore":3.0,"lastEngagementTime":1.3293518015146508e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":3.0}},"https://microsoftedge.microsoft.com:443,*":{"expiration":"0","last_modified":"13293635279107159","model":0,"setting":{"decayModifiedScore":3.6,"lastEngagementTime":1.3293519974864092e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.6,"rawScore":3.6}},"https://microsoftedgewelcome.microsoft.com:443,*":{"expiration":"0","last_modified":"13293635279107170","model":0,"setting":{"decayModifiedScore":5.767558099894272,"lastEngagementTime":1.3293577595995716e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":5.81000451730112}},"https://ntp.msn.com:443,*":{"expiration":"0","last_modified":"13293635279107181","model":0,"setting":{"decayModifiedScore":7.7698744293167845,"lastEngagementTime":1.3293606479107032e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":7.872606337294193}},"https://www.bing.com:443,*":{"expiration":"0","last_modified":"13293635279107135","model":0,"setting":{"decayModifiedScore":9.409536,"lastEngagementTime":1.3293548794740644e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.6,"rawScore":9.445013999999999}},"https://www.google.com:443,*":{"expiration":"0","last_modified":"13293635279107148","model":0,"setting":{"decayModifiedScore":2.1,"lastEngagementTime":1.3293496767570264e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":2.1,"rawScore":2.1}},"https://www.google.cz:443,*":{"expiration":"0","last_modified":"13293635279107191","model":0,"setting":{"decayModifiedScore":3.0,"lastEngagementTime":1.329360639631202e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":3.0}},"https://www.msn.com:443,*":{"expiration":"0","last_modified":"13293635279440004","model":0,"setting":{"decayModifiedScore":3.0,"lastEngagementTime":1.3293635279439994e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":3.0}}},"sleeping_tabs":{},"sound":{},"ssl_cert_decisions":{},"storage_access":{},"subresource_filter":{},"subresource_filter_data":{},"token_binding":{},"trackers":{},"trackers_data":{"https://play.google.com:443,*":{"expiration":"0","last_modified":"13293635279851732","model":0,"setting":{"count":1}},"https://www.google-analytics.com:443,*":{"expiration":"0","last_modified":"13288700406022697","model":0,"setting":{"allowed_tracker_count":2}}},"tracking_org_exceptions":{},"tracking_org_relationships":{"https://microsoft.test:443,*":{"expiration":"0","last_modified":"13291967971798248","model":0,"setting":{"https://microsoftedgewelcome|microsoft|com/":true,"https://ntp|msn|com/":true,"https://www|bing|com/":true}}},"usb_chooser_data":{},"usb_guard":{},"vr":{},"webid_active_session":{},"webid_request":{},"webid_share":{},"window_placement":{}},"pref_version":1},"created_by_version":"98.0.1108.43","creation_time":"13288699673027908","default_content_setting_values":{"cookies":4},"edge_profile_id":"e62207c3-9798-4ba4-9482-d4fb6f217a7b","exit_type":"Normal","has_seen_signin_fre":true,"icon_version":15,"is_notice_bubble_shown":true,"last_engagement_time":"13293635279439994","last_time_obsolete_http_credentials_removed":1644226782.321711,"last_time_password_store_metrics_reported":1648999658.13248,"managed_user_id":"","name":"Osoba 1","observed_session_time":{"feedback_rating_in_product_help_observed_session_time_key_100.0.1185.29":91.0,"feedback_rating_in_product_help_observed_session_time_key_98.0.1108.43":274.0,"feedback_rating_in_product_help_observed_session_time_key_99.0.1150.39":6.0},"were_old_google_logins_removed":true},"protocol_handler":{"allowed_origin_protocol_pairs":{"https://support.hp.com":{"hpdevicecheck":true,"hpwebproductsdetection2":true,"hpwebproductsdetection3":true}}},"reset_prepopulated_engines":false,"safebrowsing":{"advanced_protection_last_refresh":"13293635279147623","event_timestamps":{},"metrics_last_log_time":"13293635279"},"session":{"restore_on_startup_urls_add_enabled":false},"sessions":{"event_log":[{"crashed":false,"time":"13288861033595512","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13288861076089730","type":2,"window_count":1},{"crashed":false,"time":"13291921422379859","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13291921426143878","type":2,"window_count":1},{"crashed":false,"time":"13291967970465636","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":2,"time":"13291967975208778","type":2,"window_count":1},{"crashed":false,"time":"13293473228129482","type":0},{"crashed":true,"time":"13293473311006547","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13293473404437905","type":2,"window_count":1},{"crashed":false,"time":"13293635279055123","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13293635299547735","type":2,"window_count":1}],"session_data_status":3},"signin":{"allowed":true},"spellcheck":{"dictionaries":["cs"],"dictionary":""},"sync":{"autofill":true,"bag_of_chips":"CgMxMDY=","birthday":"ProductionEnvironmentDefinition","bookmarks":true,"cache_guid":"rFa77mn+emqboBkfGjzTTA==","collections":true,"collections_edge_re_evaluated":true,"collections_edge_supported":true,"edge_account_type":1,"edge_promoted_types":["sync.extensions","sync.typed_urls"],"extensions":true,"extensions_edge_supported":true,"gaia_id":"0003BFFD3A0791EF","has_setup_completed":true,"history_edge_supported":true,"keep_everything_synced":true,"keystore_encryption_key_state":"eyJleHBpcmF0aW9uX3RpbWUiOjE2NDkyNDgwODAuODM4MzQxfQ==","last_poll_time":"13293473233852709","last_synced_time":"13293635283138051","local_device_guids_with_timestamp":[{"cache_guid":"rFa77mn+emqboBkfGjzTTA==","timestamp":153861}],"passwords":true,"preferences":true,"requested":true,"short_poll_interval":"28800000000","tabs":true,"tabs_edge_supported":true,"typed_urls":true},"sync_consent_recorded":true,"translate_site_blacklist":[],"translate_site_blacklist_with_time":{},"unified_consent":{"migration_state":10},"updateclientdata":{"apps":{"ahkjpbeeocnddjkakilopmfdlnjdpcdm":{"cohort":"rrf@0.30","cohortname":"","dlrc":5553,"pf":"b6939e0d-211b-4334-a26a-b6223c8a58f3"}}},"user_experience_metrics":{"personalization_data_consent_enabled_last_known_value":false,"reporting_personalization_enabled":true},"variations":{"state_reset_on_profile_load":{"timestamp":"13288700322317137"}},"web_apps":{"did_migrate_default_chrome_apps":[],"last_preinstall_synchronize_version":"100","system_web_app_failure_count":0,"system_web_app_last_attempted_language":"cs","system_web_app_last_attempted_update":"100.0.1185.29","system_web_app_last_installed_language":"cs","system_web_app_last_update":"100.0.1185.29"}}
oken","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mhjfbmdgcfjbbpaeojofohoefgiehjai":{"active_permissions":{"api":["contentSettings","fileSystem","fileSystem.write","metricsPrivate","tabs","resourcesPrivate","fileSystem.readFullPath","errorReporting","edgeLearningToolsPrivate","fileSystem.getCurrentEntry"],"explicit_host":["edge://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13288699673058361","location":5,"manifest":{"content_security_policy":"script-src 'self' 'wasm-eval' blob: filesystem: chrome://resources; object-src * blob: externalfile: file: filesystem: data:","description":"","incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN6hM0rsDYGbzQPQfOygqlRtQgKUXMfnSjhIBL7LnReAVBEd7ZmKtyN2qmSasMl4HZpMhVe2rPWVVwBDl6iyNE/Kok6E6v6V3vCLGsOpQAuuNVye/3QxzIldzG/jQAdWZiyXReRVapOhZtLjGfywCvlWq7Sl/e3sbc0vWybSDI2QIDAQAB","manifest_version":2,"mime_types":["application/pdf"],"mime_types_handler":"edge_pdf/index.html","name":"Microsoft Edge PDF Viewer","offline_enabled":true,"permissions":["errorReporting","chrome://resources/","contentSettings","metricsPrivate","edgeLearningToolsPrivate","resourcesPrivate","tabs",{"fileSystem":["write","readFullPath","getCurrentEntry"]}],"version":"1"},"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\98.0.1108.43\\resources\\edge_pdf","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"ncbjelpjchkpbikbpkcchkhkblodoama":{"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13288699673060654","location":5,"manifest":{"background":{"persistent":false,"scripts":["background.js"]},"externally_connectable":{"matches":["https://*.teams.microsoft.com/*","https://*.skype.com/*","https://*.teams.live.com/*"]},"incognito":"split","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAdFAR3ckd5c7G8VSzUj4Ltt/QRInUOD00StG95LweksGcLBlFlYL46cHFVgHHj1gmzcpBtgsURdcrAC3V8yiE7GY4wtpOP+9l+adUGR+cyOG0mw9fLjyH+2Il0QqktsNXzkNiE1ogW4l0h4+PJc262j0vtm4hBzMvR0QScFWcAIcAErlUiWTt4jefXCAYqubV99ed5MvVMWBxe97wOa9hYwAhbCminOepA4RRTg9eyi0TiuHpq/bNI8C5qZgKIQNBAjgiFBaIx9hiMBFlK4NHUbFdgY6Qp/hSCMNurctwz1jpsXEnT4eHg1YWXfquoH8s4swIjkFCMBF6Ejc3cUkQIDAQAB","manifest_version":2,"name":"WebRTC Internals Extension","permissions":["webrtcInternalsPrivate"],"version":"2.0.2"},"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\98.0.1108.43\\resources\\webrtc_internals","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nkeimhogjdpnpccoofpliimaahmaaome":{"active_permissions":{"api":["desktopCapture","processes","webrtcAudioPrivate","webrtcDesktopCapturePrivate","webrtcLoggingPrivate","system.cpu","enterprise.hardwarePlatform"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal"],"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13293473228138862","location":5,"manifest":{"background":{"page":"background.html","persistent":false},"externally_connectable":{"matches":["https://*.google.com/*","https://*.microsoft.com/*","https://*.skype.com/*"]},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAQt2ZDdPfoSe/JI6ID5bgLHRCnCu9T36aYczmhw/tnv6QZB2I6WnOCMZXJZlRdqWc7w9jo4BWhYS50Vb4weMfh/I0On7VcRwJUgfAxW2cHB+EkmtI1v4v/OU24OqIa1Nmv9uRVeX0GjhQukdLNhAE6ACWooaf5kqKlCeK+1GOkQIDAQAB","manifest_version":2,"name":"Google Hangouts","permissions":["desktopCapture","enterprise.hardwarePlatform","processes","system.cpu","webrtcAudioPrivate","webrtcDesktopCapturePrivate","webrtcLoggingPrivate"],"version":"1.3.18"},"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\100.0.1185.29\\resources\\hangout_services","preferences":{},"regular_only_preferences":{},"service_worker_registration_info":{"version":"1.3.17"},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"homepage":"http://www.google.cz/","homepage_is_new ... artup_urls":["https://www.google.cz/"]}}
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=HCTE"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=HCTE"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... TR&pc=HCTE"
==== Reset Google Chrome ======================
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\fugat\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\fugat\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=48 folders=697 490560166 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\fugat\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not found
"C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
==== EOF on 15.04.2022 at 12:07:03,58 ======================
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zoek OK. A Junkware?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
nic se nezměnilo
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Petr (Administrator) on 15.04.2022 at 12:17:24,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.04.2022 at 12:18:25,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Petr (Administrator) on 15.04.2022 at 12:17:24,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.04.2022 at 12:18:25,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
To je divné. Dejte ještě jeden log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2022
Ran by Petr (15-04-2022 19:24:03)
Running from C:\Users\fugat\OneDrive\Plocha
Microsoft Windows 11 Home Version 21H2 22000.613 (X64) (2022-02-07 08:57:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-518073881-1826240890-1261379532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-518073881-1826240890-1261379532-503 - Limited - Disabled)
Guest (S-1-5-21-518073881-1826240890-1261379532-501 - Limited - Disabled)
Petr (S-1-5-21-518073881-1826240890-1261379532-1001 - Administrator - Enabled) => C:\Users\fugat
WDAGUtilityAccount (S-1-5-21-518073881-1826240890-1261379532-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CMS (HKLM-x32\...\CMS) (Version: - )
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
GameCenter (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\GameCenter) (Version: 4.1669 - MY.COM B.V.)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.11.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.8.0 (x64 cs)) (Version: 91.8.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.93 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Warface My.Com (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Warface My.Com) (Version: 1.229 - MY.GAMES)
Základní software zařízení HP Smart Tank 510 series (HKLM\...\{798379C9-F589-45AA-9E80-633506245FD1}) (Version: 48.6.4634.2224 - HP Inc.)
Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2022-03-08] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-02-07] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.4.0_x64__xbfy0k16fey96 [2022-02-07] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2022-04-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.9180.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.15.66.0_x64__v10z8vjag6ke6 [2022-04-06] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-02-11] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-07] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6 [2022-03-28] (HP Inc.) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-02-07] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-19] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\nvshext.dll [2022-01-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
==================== Loaded Modules (Whitelisted) =============
2021-10-16 09:31 - 2021-10-16 09:31 - 000009216 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\ImagePipelineNative.dll
2022-03-30 13:06 - 2022-03-30 13:06 - 147344896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libcef.dll
2022-03-29 21:01 - 2022-03-29 21:01 - 000345088 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libegl.dll
2022-03-29 20:59 - 2022-03-29 20:59 - 005478400 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libglesv2.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 003425792 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vk_swiftshader.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 000702976 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vulkan-1.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000144896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\zlib1.dll
2022-02-10 11:30 - 2022-02-10 11:30 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f90e72b12d0aa935d781e317202c1f9b\Interop.IWshRuntimeLibrary.ni.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2022-02-10 10:32 - 2022-02-10 10:33 - 000107008 _____ (Facebook, Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\yoga.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 000139776 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\07cc04e050bf3a2b713a6738ca1e8d65\Hardcodet.Wpf.TaskbarNotification.ni.dll
2022-01-19 20:05 - 2022-01-19 20:05 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2021-10-16 09:31 - 2021-10-16 09:31 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\NativeRpcClient.dll
2022-03-27 10:39 - 2022-03-27 10:39 - 008441344 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp_UWP.dll
2021-05-24 11:11 - 2021-05-24 11:11 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\NativeRpcClient.DLL
2022-02-07 12:39 - 2022-02-24 11:21 - 000163840 _____ (Igor Pavlov) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\7zxa.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 001716736 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\343277c8ff5a08dd62ebb4ad5af2f83a\NAudio.ni.dll
2019-12-07 11:07 - 2019-12-07 11:52 - 000285184 ____N (Microsoft Corporation) [File not signed] c:\windows\system32\drivers\umdf\wpdfs.dll
2022-02-15 11:08 - 2022-02-15 11:08 - 000137168 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 003087360 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ec86693079e180f87ce3d207adb00ef8\Newtonsoft.Json.ni.dll
2022-02-10 10:32 - 2022-02-10 10:32 - 001662976 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\SQLite.Interop.dll
2022-04-15 08:38 - 2022-04-15 08:38 - 000780288 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\e778c533c97b157a48ab38caf5383865\log4net.ni.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000694272 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\libcurl.dll
2022-03-29 21:52 - 2022-03-29 21:52 - 000985600 _____ (The Chromium Authors) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2022-04-15 11:57 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Travní\SAM_0203.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4DC86DAD-AC33-4F36-8503-FEFFA8FB79D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D906161A-D92F-443F-9AD3-FF488C5E43F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A911F33-32BE-4EE2-865A-9C7E47903571}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7ACFB8BE-00A8-4C05-8CE6-F6A1A698CDB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A2AA857-3393-4590-A2BA-DD72A4660FE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E8DE388-50AB-4CBE-B7AF-8616B07CFD97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DC463D39-ADC3-4149-8239-7D6359FB587A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F1B2B05-DEDB-40BE-A214-170A39CF165E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84D7C2D1-576F-47BB-AD3E-A7CB412F6AE8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{897668EC-48BD-43E3-8B06-D7A4A4CB8D3E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AB855F71-A716-4170-B080-53A17D1AE906}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{0BC0E3C0-48FC-4289-ABEB-0DEFE029084C}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [{9CF2EDEC-DBB0-4136-B1A0-114938E3F956}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D3A6033-BF6B-4A06-BC7B-AEAD4AA8D783}] => (Allow) LPort=5357
FirewallRules: [{D577065D-E862-4D34-ACC4-02A33C41AC86}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{B0895AEE-2E7B-49B9-B437-D8E41F311DD5}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9BCF3230-0361-4FE4-A13A-E41B7E43E9B2}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{844B9B28-1E44-40F3-B885-B908D82A92D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3631F8A4-341D-45F1-96B5-D1C204FFEB5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E6CE3DC-F2EF-40E0-B21C-96D11528D48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F15769B6-B1E9-4E88-B97F-41E27CB5CCC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93980BE1-9E91-43D4-8BB5-32217BF8B6A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86C2ACBD-E7C5-4053-982D-A704D2898F0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BA1E742-FEED-4084-8AB9-34841749A8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D01A360-069C-437E-B887-3E497BF5BBD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EF0735C-F61B-4676-9E53-90573B2083AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BBBB29-241A-476B-9254-1FE1E5BECD40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEAE313F-CD64-416E-8BAC-2F90CBFCE9BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34A4E71C-CA50-47EF-A217-22D360EDE655}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94366A55-8246-4C68-80C7-057E295E2DBB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{35AB9466-6480-449D-AD82-E96B771A9916}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{32AE380D-196A-4EF2-9562-EAE1E58C1159}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{57BF1688-38DE-4E35-8CBD-F528F2E71059}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3C7A2A73-30D1-4CF3-8E85-69F97E7BF1A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{956727E3-7076-4D5E-AC0D-1736BAD1D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5C1A709B-DAFD-440D-8320-C87A23385C79}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{38671937-DC87-4218-B2EB-0386549805B8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{894AABB7-5933-4CF8-A156-822D817F94CA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5D00E702-B8F1-441D-96D5-E5CE52170410}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5334F5A4-84A2-4876-B602-FC12C95B861F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{02C5509C-D445-40DF-9649-1DFED68729F6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{071F42C8-C5CC-4CBF-96D0-A100155999C6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5B0CA116-8A4E-4803-B398-2EFD98EEAC39}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D9C58F8-3C75-4D76-9545-0BEC0F19E23C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8D1410FF-1E5A-4F36-A2A2-C4176E36C53B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{5F8E448C-4526-4705-BE9B-C6CC7F171621}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{483A7862-B8EC-462A-9A9B-D22DE80F3722}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{C01CC65D-EAC3-4DE0-8DFF-B942897A49D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{944C1370-D62D-477C-95FD-42FB44B4BCE0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5184FAAF-1B23-4CEE-8E21-D90678D3B515}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75EF1B27-C17E-41FF-91EB-C1D8819AA66B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
11-04-2022 07:49:46 Naplánovaný kontrolní bod
13-04-2022 10:59:36 Instalační služba modulů systému Windows
15-04-2022 11:57:15 zoek.exe restore point
15-04-2022 12:17:24 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/15/2022 12:14:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/15/2022 06:53:00 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/14/2022 02:53:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/14/2022 06:52:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 06:59:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 02:43:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (04/15/2022 06:07:36 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/15/2022 02:18:15 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/15/2022 12:17:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (04/15/2022 12:17:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (04/15/2022 12:04:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/15/2022 12:04:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/15/2022 12:04:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/15/2022 12:04:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Windows Defender:
================
Date: 2022-04-13 08:15:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6150783-DEAC-479C-9D5D-26FA2D7C036C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-12 07:16:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FDF5DA38-214B-46DE-89F1-7D3041E19915}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-11 07:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1CBE6393-6111-48B0-A992-5EB7AA8C8535}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-10 10:52:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {101F0B8A-DEA4-4969-93CE-F97F5F349159}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-07 09:58:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {189E886C-DD73-4D03-9376-740EC845B6CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2022-02-09 07:57:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.357.332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===============
Date: 2022-04-15 08:38:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-14 14:55:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-04-06 12:28:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-03 09:19:55
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\protected_elam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: AMI F.40 07/29/2021
Motherboard: HP 8767
Processor: Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
Percentage of memory in use: 27%
Total physical RAM: 16249.75 MB
Available physical RAM: 11830.62 MB
Total Virtual: 18681.75 MB
Available Virtual: 11828.21 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:360 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:760.91 GB) NTFS
Drive e: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:171.2 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:5.68 GB) FAT32
\\?\Volume{75a0fa6b-d1f9-4b47-ab8e-75e621a387d3}\ () (Fixed) (Total:0.54 GB) (Free:0.05 GB) NTFS
\\?\Volume{578c12f2-64de-443e-9267-de2bbf3feb75}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5FD808C6)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 69EA6628)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D8A924DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2022
Ran by Petr (administrator) on PETR (HP HP Pavilion Gaming Desktop TG01-1xxx) (15-04-2022 19:23:15)
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Platform: Microsoft Windows 11 Home Version 21H2 22000.613 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe <6>
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\56.0.11.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (My.Com B.V. -> ) C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe <6>
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GameCenter] => C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe [11402504 2022-04-14] (My.Com B.V. -> )
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-15] (Google LLC -> Google LLC)
Startup: C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledování výstrah kazety - HP Smart Tank 510 series.lnk [2022-04-15]
ShortcutAndArgument: Sledování výstrah kazety - HP Smart Tank 510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Smart Tank 510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN14G440GV;CONNECTION=USB;MONITOR=1;
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {10151963-BE95-4337-8CEE-85562735DEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B39A18A-4466-4239-A58A-9EA8FECC3551} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {364F5A20-4D48-4EE2-BF11-E6D166A366B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38463ED2-5B0A-41B9-ADE1-D9D3FF72511F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B75AF71-A6A7-42E8-8B72-EB9E9B529621} - System32\Tasks\GoogleUpdateTaskMachineCore{7AE1C9F1-9540-418C-921D-FD4FDE5E1410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {4D33C652-2C7C-4B8A-84B8-40EAF1EBFD31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C353243-8DF9-420D-8450-E8D9C632262D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CC18422-BAE7-4D28-AAAC-B8BBBC8A4CE9} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {80A120DA-29C6-4F45-9599-6A520F2C007B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {956C0A3F-0F09-4C50-BE25-E3E18A046B9C} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A491907D-D74D-4B82-95B1-AD59C912F71E} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C04E5708-FE69-48FC-93F6-0881FAC8ECE5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4CB05B8-C2FE-41E2-82B7-E3B00A830AAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {D36CAA0A-4052-4E2E-A75B-7FAEEAFCB9AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. -> HP Inc.)
Task: {D6289842-C650-49EA-A997-EBDAA99BA741} - System32\Tasks\GoogleUpdateTaskMachineUA{20B3175A-8648-4988-A471-F17AD8C33B26} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {D6EDDE36-EC6B-40EE-8224-F8665F53331A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAB9192F-4332-4405-9ADF-98BC88B5DBD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6937863e-c9ac-48bb-9f25-4c37672829ce}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd2bec96-b3e5-4cbd-bd2d-45992acf282d}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2022-02-07] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default [2022-04-15]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2022-04-15]
CHR Extension: (uBlock Origin) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-15]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-15]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-15]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]
CHR HKU\S-1-5-21-518073881-1826240890-1261379532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe [762888 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe [760312 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe [758280 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe [698760 2022-02-14] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe [761376 2022-02-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-22] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [24538344 2022-04-06] (My.Com B.V. -> My.com B.V.)
R2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [234064 2020-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-06] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl7bd51cd9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D833FDE9-6558-4CB4-9610-03F41B094A47}\MpKslDrv.sys [139536 2022-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [23774760 2022-04-06] (My.Com B.V. -> My.com B.V.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2022-04-13] (Bitdefender SRL -> Bitdefender)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-15 18:24 - 2022-04-15 18:24 - 000000000 ____D C:\Users\fugat\AppData\Local\CrashRpt
2022-04-15 12:08 - 2022-04-15 12:08 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2022-04-15 12:07 - 2022-04-15 12:07 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-15 12:07 - 2022-04-15 12:07 - 000000000 ____D C:\Users\fugat\AppData\Local\VirtualStore
2022-04-15 12:06 - 2022-04-15 11:55 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2022-04-15 11:55 - 2022-04-15 12:04 - 000000000 ____D C:\zoek_backup
2022-04-14 12:36 - 2022-04-14 12:42 - 000000000 ____D C:\AdwCleaner
2022-04-14 07:06 - 2022-04-15 19:23 - 000000000 ____D C:\FRST
2022-04-13 19:13 - 2022-04-13 19:22 - 000000054 _____ C:\WINDOWS\Lic.xxx
2022-04-13 19:13 - 2022-04-13 19:13 - 000000000 ____D C:\PUB
2022-04-13 19:13 - 2022-04-13 19:12 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2022-04-13 19:12 - 2022-04-13 19:12 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2022-04-13 19:12 - 2022-04-13 19:12 - 000000000 ____D C:\ProgramData\MicroWorld
2022-04-13 18:59 - 2022-04-13 18:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-13 18:59 - 2022-04-13 18:58 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-13 18:59 - 2022-04-13 18:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-13 11:02 - 2022-04-13 11:02 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 11:01 - 2022-04-13 11:01 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-13 11:00 - 2022-04-13 11:00 - 000000000 ___HD C:\$WinREAgent
2022-04-13 07:03 - 2022-04-13 14:36 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-04-03 09:20 - 2022-04-03 09:20 - 000000000 ____D C:\Users\fugat\OneDrive\Dokumenty\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\Users\fugat\AppData\Local\GUI
2022-03-31 16:39 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-15 19:21 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Local\GameCenter
2022-04-15 19:17 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-15 18:45 - 2022-02-07 11:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-15 18:24 - 2022-02-07 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-15 18:24 - 2022-02-07 10:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-15 18:08 - 2022-02-07 13:07 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\Mozilla
2022-04-15 18:08 - 2022-02-07 13:07 - 000000000 ____D C:\ProgramData\Mozilla
2022-04-15 12:13 - 2022-02-07 11:00 - 001715074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-15 12:13 - 2022-02-07 10:43 - 000724594 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-15 12:13 - 2022-02-07 10:43 - 000150556 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-15 12:13 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\INF
2022-04-15 12:11 - 2022-02-07 11:27 - 000000000 ____D C:\Users\fugat\AppData\Local\D3DSCache
2022-04-15 12:07 - 2022-02-07 10:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-15 12:07 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-15 12:06 - 2022-02-07 10:49 - 000012288 ___SH C:\DumpStack.log.tmp
2022-04-15 12:06 - 2022-02-07 10:38 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-15 11:45 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-15 08:38 - 2022-02-07 10:41 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-15 08:38 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-15 06:48 - 2022-02-07 11:41 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-14 18:24 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameCenter
2022-04-14 14:52 - 2022-02-07 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfeeTsk
2022-04-13 19:13 - 2019-12-07 11:14 - 000000652 _____ C:\WINDOWS\win.ini
2022-04-13 18:59 - 2022-02-07 10:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-13 17:38 - 2022-02-07 10:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-13 14:37 - 2022-02-07 10:49 - 000624032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 14:36 - 2022-02-07 13:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 11:24 - 2022-02-09 10:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 11:23 - 2022-02-09 10:33 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 11:04 - 2022-02-07 10:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 11:01 - 2022-02-07 10:52 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-12 06:14 - 2022-02-07 10:50 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-04-08 07:37 - 2022-02-07 11:44 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-08 07:04 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 06:14 - 2022-02-07 19:06 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-07 17:02 - 2022-02-07 11:29 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000002384 _____ C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-07 08:01 - 2022-02-09 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 19:20 - 2022-02-07 11:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-06 18:07 - 2022-02-07 15:00 - 024538344 _____ (My.com B.V.) C:\WINDOWS\system32\mracsvc.exe
2022-04-06 18:07 - 2022-02-07 15:00 - 023774760 _____ (My.com B.V.) C:\WINDOWS\system32\Drivers\mracdrv1.sys
2022-04-06 06:32 - 2022-02-07 10:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:32 - 2022-02-07 10:50 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 09:05 - 2022-02-07 12:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-03 09:05 - 2022-02-07 10:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-28 06:53 - 2022-02-08 07:19 - 000000000 ____D C:\Users\fugat\AppData\Local\HP_Inc
2022-03-23 20:56 - 2022-02-09 10:33 - 000509296 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:56 - 2022-02-09 10:33 - 000492912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-22 15:15 - 2022-02-07 20:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 15:13 - 2022-02-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-20 20:30 - 2022-02-07 11:19 - 000000000 ____D C:\Users\fugat
==================== Files in the root of some directories ========
2022-02-07 18:12 - 2022-02-07 18:12 - 000058111 _____ () C:\Program Files (x86)\CMS Setup Log.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by Petr (15-04-2022 19:24:03)
Running from C:\Users\fugat\OneDrive\Plocha
Microsoft Windows 11 Home Version 21H2 22000.613 (X64) (2022-02-07 08:57:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-518073881-1826240890-1261379532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-518073881-1826240890-1261379532-503 - Limited - Disabled)
Guest (S-1-5-21-518073881-1826240890-1261379532-501 - Limited - Disabled)
Petr (S-1-5-21-518073881-1826240890-1261379532-1001 - Administrator - Enabled) => C:\Users\fugat
WDAGUtilityAccount (S-1-5-21-518073881-1826240890-1261379532-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CMS (HKLM-x32\...\CMS) (Version: - )
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
GameCenter (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\GameCenter) (Version: 4.1669 - MY.COM B.V.)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.11.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.8.0 (x64 cs)) (Version: 91.8.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.93 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Warface My.Com (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Warface My.Com) (Version: 1.229 - MY.GAMES)
Základní software zařízení HP Smart Tank 510 series (HKLM\...\{798379C9-F589-45AA-9E80-633506245FD1}) (Version: 48.6.4634.2224 - HP Inc.)
Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2022-03-08] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-02-07] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.4.0_x64__xbfy0k16fey96 [2022-02-07] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2022-04-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.9180.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.15.66.0_x64__v10z8vjag6ke6 [2022-04-06] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-02-11] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-07] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6 [2022-03-28] (HP Inc.) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-02-07] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-19] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\nvshext.dll [2022-01-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
==================== Loaded Modules (Whitelisted) =============
2021-10-16 09:31 - 2021-10-16 09:31 - 000009216 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\ImagePipelineNative.dll
2022-03-30 13:06 - 2022-03-30 13:06 - 147344896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libcef.dll
2022-03-29 21:01 - 2022-03-29 21:01 - 000345088 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libegl.dll
2022-03-29 20:59 - 2022-03-29 20:59 - 005478400 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libglesv2.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 003425792 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vk_swiftshader.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 000702976 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vulkan-1.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000144896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\zlib1.dll
2022-02-10 11:30 - 2022-02-10 11:30 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f90e72b12d0aa935d781e317202c1f9b\Interop.IWshRuntimeLibrary.ni.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2022-02-10 10:32 - 2022-02-10 10:33 - 000107008 _____ (Facebook, Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\yoga.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 000139776 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\07cc04e050bf3a2b713a6738ca1e8d65\Hardcodet.Wpf.TaskbarNotification.ni.dll
2022-01-19 20:05 - 2022-01-19 20:05 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2021-10-16 09:31 - 2021-10-16 09:31 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\NativeRpcClient.dll
2022-03-27 10:39 - 2022-03-27 10:39 - 008441344 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp_UWP.dll
2021-05-24 11:11 - 2021-05-24 11:11 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\NativeRpcClient.DLL
2022-02-07 12:39 - 2022-02-24 11:21 - 000163840 _____ (Igor Pavlov) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\7zxa.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 001716736 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\343277c8ff5a08dd62ebb4ad5af2f83a\NAudio.ni.dll
2019-12-07 11:07 - 2019-12-07 11:52 - 000285184 ____N (Microsoft Corporation) [File not signed] c:\windows\system32\drivers\umdf\wpdfs.dll
2022-02-15 11:08 - 2022-02-15 11:08 - 000137168 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 003087360 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ec86693079e180f87ce3d207adb00ef8\Newtonsoft.Json.ni.dll
2022-02-10 10:32 - 2022-02-10 10:32 - 001662976 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\SQLite.Interop.dll
2022-04-15 08:38 - 2022-04-15 08:38 - 000780288 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\e778c533c97b157a48ab38caf5383865\log4net.ni.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000694272 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\libcurl.dll
2022-03-29 21:52 - 2022-03-29 21:52 - 000985600 _____ (The Chromium Authors) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2022-04-15 11:57 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Travní\SAM_0203.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4DC86DAD-AC33-4F36-8503-FEFFA8FB79D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D906161A-D92F-443F-9AD3-FF488C5E43F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A911F33-32BE-4EE2-865A-9C7E47903571}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7ACFB8BE-00A8-4C05-8CE6-F6A1A698CDB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A2AA857-3393-4590-A2BA-DD72A4660FE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E8DE388-50AB-4CBE-B7AF-8616B07CFD97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DC463D39-ADC3-4149-8239-7D6359FB587A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F1B2B05-DEDB-40BE-A214-170A39CF165E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84D7C2D1-576F-47BB-AD3E-A7CB412F6AE8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{897668EC-48BD-43E3-8B06-D7A4A4CB8D3E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AB855F71-A716-4170-B080-53A17D1AE906}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{0BC0E3C0-48FC-4289-ABEB-0DEFE029084C}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [{9CF2EDEC-DBB0-4136-B1A0-114938E3F956}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D3A6033-BF6B-4A06-BC7B-AEAD4AA8D783}] => (Allow) LPort=5357
FirewallRules: [{D577065D-E862-4D34-ACC4-02A33C41AC86}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{B0895AEE-2E7B-49B9-B437-D8E41F311DD5}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9BCF3230-0361-4FE4-A13A-E41B7E43E9B2}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{844B9B28-1E44-40F3-B885-B908D82A92D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3631F8A4-341D-45F1-96B5-D1C204FFEB5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E6CE3DC-F2EF-40E0-B21C-96D11528D48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F15769B6-B1E9-4E88-B97F-41E27CB5CCC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93980BE1-9E91-43D4-8BB5-32217BF8B6A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86C2ACBD-E7C5-4053-982D-A704D2898F0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BA1E742-FEED-4084-8AB9-34841749A8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D01A360-069C-437E-B887-3E497BF5BBD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EF0735C-F61B-4676-9E53-90573B2083AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BBBB29-241A-476B-9254-1FE1E5BECD40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEAE313F-CD64-416E-8BAC-2F90CBFCE9BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34A4E71C-CA50-47EF-A217-22D360EDE655}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94366A55-8246-4C68-80C7-057E295E2DBB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{35AB9466-6480-449D-AD82-E96B771A9916}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{32AE380D-196A-4EF2-9562-EAE1E58C1159}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{57BF1688-38DE-4E35-8CBD-F528F2E71059}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3C7A2A73-30D1-4CF3-8E85-69F97E7BF1A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{956727E3-7076-4D5E-AC0D-1736BAD1D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5C1A709B-DAFD-440D-8320-C87A23385C79}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{38671937-DC87-4218-B2EB-0386549805B8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{894AABB7-5933-4CF8-A156-822D817F94CA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5D00E702-B8F1-441D-96D5-E5CE52170410}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5334F5A4-84A2-4876-B602-FC12C95B861F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{02C5509C-D445-40DF-9649-1DFED68729F6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{071F42C8-C5CC-4CBF-96D0-A100155999C6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5B0CA116-8A4E-4803-B398-2EFD98EEAC39}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D9C58F8-3C75-4D76-9545-0BEC0F19E23C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8D1410FF-1E5A-4F36-A2A2-C4176E36C53B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{5F8E448C-4526-4705-BE9B-C6CC7F171621}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{483A7862-B8EC-462A-9A9B-D22DE80F3722}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{C01CC65D-EAC3-4DE0-8DFF-B942897A49D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{944C1370-D62D-477C-95FD-42FB44B4BCE0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5184FAAF-1B23-4CEE-8E21-D90678D3B515}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75EF1B27-C17E-41FF-91EB-C1D8819AA66B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
11-04-2022 07:49:46 Naplánovaný kontrolní bod
13-04-2022 10:59:36 Instalační služba modulů systému Windows
15-04-2022 11:57:15 zoek.exe restore point
15-04-2022 12:17:24 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/15/2022 12:14:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/15/2022 06:53:00 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/14/2022 02:53:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/14/2022 06:52:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 06:59:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.
Error: (04/13/2022 02:43:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (04/15/2022 06:07:36 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/15/2022 02:18:15 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/15/2022 12:17:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (04/15/2022 12:17:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (04/15/2022 12:04:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/15/2022 12:04:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/15/2022 12:04:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/15/2022 12:04:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Windows Defender:
================
Date: 2022-04-13 08:15:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6150783-DEAC-479C-9D5D-26FA2D7C036C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-12 07:16:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FDF5DA38-214B-46DE-89F1-7D3041E19915}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-11 07:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1CBE6393-6111-48B0-A992-5EB7AA8C8535}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-10 10:52:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {101F0B8A-DEA4-4969-93CE-F97F5F349159}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-07 09:58:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {189E886C-DD73-4D03-9376-740EC845B6CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2022-02-09 07:57:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.357.332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===============
Date: 2022-04-15 08:38:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-14 14:55:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-04-06 12:28:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-03 09:19:55
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\protected_elam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: AMI F.40 07/29/2021
Motherboard: HP 8767
Processor: Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
Percentage of memory in use: 27%
Total physical RAM: 16249.75 MB
Available physical RAM: 11830.62 MB
Total Virtual: 18681.75 MB
Available Virtual: 11828.21 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:360 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:760.91 GB) NTFS
Drive e: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:171.2 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:5.68 GB) FAT32
\\?\Volume{75a0fa6b-d1f9-4b47-ab8e-75e621a387d3}\ () (Fixed) (Total:0.54 GB) (Free:0.05 GB) NTFS
\\?\Volume{578c12f2-64de-443e-9267-de2bbf3feb75}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5FD808C6)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 69EA6628)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D8A924DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2022
Ran by Petr (administrator) on PETR (HP HP Pavilion Gaming Desktop TG01-1xxx) (15-04-2022 19:23:15)
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Platform: Microsoft Windows 11 Home Version 21H2 22000.613 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe <6>
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\56.0.11.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (My.Com B.V. -> ) C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe <6>
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GameCenter] => C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe [11402504 2022-04-14] (My.Com B.V. -> )
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-15] (Google LLC -> Google LLC)
Startup: C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledování výstrah kazety - HP Smart Tank 510 series.lnk [2022-04-15]
ShortcutAndArgument: Sledování výstrah kazety - HP Smart Tank 510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Smart Tank 510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN14G440GV;CONNECTION=USB;MONITOR=1;
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {10151963-BE95-4337-8CEE-85562735DEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B39A18A-4466-4239-A58A-9EA8FECC3551} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {364F5A20-4D48-4EE2-BF11-E6D166A366B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38463ED2-5B0A-41B9-ADE1-D9D3FF72511F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B75AF71-A6A7-42E8-8B72-EB9E9B529621} - System32\Tasks\GoogleUpdateTaskMachineCore{7AE1C9F1-9540-418C-921D-FD4FDE5E1410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {4D33C652-2C7C-4B8A-84B8-40EAF1EBFD31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C353243-8DF9-420D-8450-E8D9C632262D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CC18422-BAE7-4D28-AAAC-B8BBBC8A4CE9} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {80A120DA-29C6-4F45-9599-6A520F2C007B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {956C0A3F-0F09-4C50-BE25-E3E18A046B9C} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A491907D-D74D-4B82-95B1-AD59C912F71E} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C04E5708-FE69-48FC-93F6-0881FAC8ECE5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4CB05B8-C2FE-41E2-82B7-E3B00A830AAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {D36CAA0A-4052-4E2E-A75B-7FAEEAFCB9AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. -> HP Inc.)
Task: {D6289842-C650-49EA-A997-EBDAA99BA741} - System32\Tasks\GoogleUpdateTaskMachineUA{20B3175A-8648-4988-A471-F17AD8C33B26} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {D6EDDE36-EC6B-40EE-8224-F8665F53331A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAB9192F-4332-4405-9ADF-98BC88B5DBD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6937863e-c9ac-48bb-9f25-4c37672829ce}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd2bec96-b3e5-4cbd-bd2d-45992acf282d}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2022-02-07] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default [2022-04-15]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2022-04-15]
CHR Extension: (uBlock Origin) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-15]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-15]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-15]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]
CHR HKU\S-1-5-21-518073881-1826240890-1261379532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe [762888 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe [760312 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe [758280 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe [698760 2022-02-14] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe [761376 2022-02-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-22] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [24538344 2022-04-06] (My.Com B.V. -> My.com B.V.)
R2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [234064 2020-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-06] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl7bd51cd9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D833FDE9-6558-4CB4-9610-03F41B094A47}\MpKslDrv.sys [139536 2022-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [23774760 2022-04-06] (My.Com B.V. -> My.com B.V.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2022-04-13] (Bitdefender SRL -> Bitdefender)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-15 18:24 - 2022-04-15 18:24 - 000000000 ____D C:\Users\fugat\AppData\Local\CrashRpt
2022-04-15 12:08 - 2022-04-15 12:08 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2022-04-15 12:07 - 2022-04-15 12:07 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-15 12:07 - 2022-04-15 12:07 - 000000000 ____D C:\Users\fugat\AppData\Local\VirtualStore
2022-04-15 12:06 - 2022-04-15 11:55 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2022-04-15 11:55 - 2022-04-15 12:04 - 000000000 ____D C:\zoek_backup
2022-04-14 12:36 - 2022-04-14 12:42 - 000000000 ____D C:\AdwCleaner
2022-04-14 07:06 - 2022-04-15 19:23 - 000000000 ____D C:\FRST
2022-04-13 19:13 - 2022-04-13 19:22 - 000000054 _____ C:\WINDOWS\Lic.xxx
2022-04-13 19:13 - 2022-04-13 19:13 - 000000000 ____D C:\PUB
2022-04-13 19:13 - 2022-04-13 19:12 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2022-04-13 19:12 - 2022-04-13 19:12 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2022-04-13 19:12 - 2022-04-13 19:12 - 000000000 ____D C:\ProgramData\MicroWorld
2022-04-13 18:59 - 2022-04-13 18:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-13 18:59 - 2022-04-13 18:58 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-13 18:59 - 2022-04-13 18:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-13 11:02 - 2022-04-13 11:02 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 11:01 - 2022-04-13 11:01 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-13 11:00 - 2022-04-13 11:00 - 000000000 ___HD C:\$WinREAgent
2022-04-13 07:03 - 2022-04-13 14:36 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-04-03 09:20 - 2022-04-03 09:20 - 000000000 ____D C:\Users\fugat\OneDrive\Dokumenty\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\Users\fugat\AppData\Local\GUI
2022-03-31 16:39 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-15 19:21 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Local\GameCenter
2022-04-15 19:17 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-15 18:45 - 2022-02-07 11:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-15 18:24 - 2022-02-07 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-15 18:24 - 2022-02-07 10:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-15 18:08 - 2022-02-07 13:07 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\Mozilla
2022-04-15 18:08 - 2022-02-07 13:07 - 000000000 ____D C:\ProgramData\Mozilla
2022-04-15 12:13 - 2022-02-07 11:00 - 001715074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-15 12:13 - 2022-02-07 10:43 - 000724594 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-15 12:13 - 2022-02-07 10:43 - 000150556 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-15 12:13 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\INF
2022-04-15 12:11 - 2022-02-07 11:27 - 000000000 ____D C:\Users\fugat\AppData\Local\D3DSCache
2022-04-15 12:07 - 2022-02-07 10:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-15 12:07 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-15 12:06 - 2022-02-07 10:49 - 000012288 ___SH C:\DumpStack.log.tmp
2022-04-15 12:06 - 2022-02-07 10:38 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-15 11:45 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-15 08:38 - 2022-02-07 10:41 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-15 08:38 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-15 06:48 - 2022-02-07 11:41 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-14 18:24 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameCenter
2022-04-14 14:52 - 2022-02-07 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfeeTsk
2022-04-13 19:13 - 2019-12-07 11:14 - 000000652 _____ C:\WINDOWS\win.ini
2022-04-13 18:59 - 2022-02-07 10:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-13 17:38 - 2022-02-07 10:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-13 14:37 - 2022-02-07 10:49 - 000624032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 14:36 - 2022-02-07 13:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 11:24 - 2022-02-09 10:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 11:23 - 2022-02-09 10:33 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 11:04 - 2022-02-07 10:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 11:01 - 2022-02-07 10:52 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-12 06:14 - 2022-02-07 10:50 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-04-08 07:37 - 2022-02-07 11:44 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-08 07:04 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 06:14 - 2022-02-07 19:06 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-07 17:02 - 2022-02-07 11:29 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000002384 _____ C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-07 08:01 - 2022-02-09 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 19:20 - 2022-02-07 11:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-06 18:07 - 2022-02-07 15:00 - 024538344 _____ (My.com B.V.) C:\WINDOWS\system32\mracsvc.exe
2022-04-06 18:07 - 2022-02-07 15:00 - 023774760 _____ (My.com B.V.) C:\WINDOWS\system32\Drivers\mracdrv1.sys
2022-04-06 06:32 - 2022-02-07 10:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:32 - 2022-02-07 10:50 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 09:05 - 2022-02-07 12:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-03 09:05 - 2022-02-07 10:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-28 06:53 - 2022-02-08 07:19 - 000000000 ____D C:\Users\fugat\AppData\Local\HP_Inc
2022-03-23 20:56 - 2022-02-09 10:33 - 000509296 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:56 - 2022-02-09 10:33 - 000492912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-22 15:15 - 2022-02-07 20:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 15:13 - 2022-02-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-20 20:30 - 2022-02-07 11:19 - 000000000 ____D C:\Users\fugat
==================== Files in the root of some directories ========
2022-02-07 18:12 - 2022-02-07 18:12 - 000058111 _____ () C:\Program Files (x86)\CMS Setup Log.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Přispějete na provoz fóra?